PuenLen Privacy Policy

PuenLen, as the "Data Controller" for the application name, has established a Personal/Privacy Data Protection Policy. This policy explains the use and retention of personal data, especially the data of customers/users of the PuenLen system.

This document provides important information regarding:

• Scope of Personal Data
• Personal Data Collected by PuenLen
• Sources of Data Collected by PuenLen
• Purposes for which PuenLen uses Customer/User Data
• Processing of Personal Data
• Retention and Retention Period of Personal Data by PuenLen
• Use of Personal Data for Marketing
• Data Subject Rights
• Privacy Policy of Other Websites
• Changes to the Privacy Policy
• Contacting the PuenLen Data Controller

Scope of Personal Data

"Personal Data" means any information that directly or indirectly identifies the "Data Subject". It does not include data of deceased persons.

"Data Subject" means the individual to whom the personal data refers.

"Natural Person" means a living individual. It does not include a "Juridical Person" (e.g., a company, association, foundation, or any other organization established by law), nor does it include cases where the data creator or collector (not the data owner) is an individual.

Personal Data Collected by PuenLen

PuenLen collects only the necessary personal data to be able to contact and provide services to customers/users. This data includes:

• Full Name
• Date of Birth
• Phone Number
• Address
• Email
• System Usage Data: Any data describing user characteristics or behavioral characteristics of customers/users (e.g., favorite products, interests, or lifestyle) so that PuenLen can offer products and services that customers/users might be interested in.
• Payment Data: Any data that PuenLen needs to process an order or data that customers/users use to purchase goods (e.g., debit or credit card information like cardholder name, card number, expiry date, CVC, etc.) or other payment methods (if any). In all cases, PuenLen or its payment service provider will handle payment and financial data in a manner consistent with laws, regulations, and security standards.

Sources of Data Collected by PuenLen

PuenLen may receive personal data of customers/users from two channels:

1. Data directly received by PuenLen from Customers/Users, PuenLen collects personal data from customers/users during the following service steps:
   • The process of applying for service or registering with PuenLen, or the process of submitting various rights requests to PuenLen.
   • The process of ordering goods and services from PuenLen.
   • Voluntary participation in a Survey by the customer/user, or by replying to messages or emails to PuenLen, or through other communications between PuenLen and the customer/user.
   • Visiting PuenLen's website, where data is obtained through the customer/user's Cookies.
2. Data received by PuenLen from Third Parties (List of third parties providing data; Examples include Facebook, Line). PuenLen receives data through the following methods:
   • Received via Electronic File transmission.
   • Received via email.
   • Received via telephone notification.
   • Received as a physical document.

Purposes for which PuenLen uses Customer/User Data

PuenLen collects personal data of customers/users for the following purposes:

• To be able to contact and communicate with customers/users regarding services, customer care, and quality control of service provision.
• To be able to fulfill customer/user orders and manage the customer/user's service application/registration with PuenLen.
• To be able to manage and administer service provision to customers/users.
• To be able to send emails, Notifications, or news to users to inform them of services that they might be interested in.
• Research and development, and improving user experience.

Processing of Personal Data

Upon receiving customer/user personal data, PuenLen will process the data as follows:

• Collection: PuenLen stores data on Microsoft's cloud, called Microsoft Azure Cloud Computing Service (Azure). Azure is a standardized, highly secure, and generally accepted system, with Data Centers distributed globally. PuenLen uses the Data Center in Singapore as the Server Base and Hong Kong as the Backup Base.
• Use of Data: PuenLen's purposes for using customer/user data are for communication, service, and developing the quality of service for customers/users.
• Disclosure of Data: PuenLen will share data with individuals or entities to offer suitable products and services to customers/users. The individuals or entities receiving the data are: The PuenLen Brand, Buzzebees Co., Ltd. When PuenLen accepts a customer/user order, the data may be sent or used by the credit or debit card issuing company to prevent fraud.

Retention and Retention Period of Personal Data

PuenLen stores data on Microsoft's cloud, called Microsoft Azure Cloud Computing Service (Azure). Azure is a standardized, highly secure, and generally accepted system, with Data Centers distributed globally. PuenLen uses the Data Center in Singapore as the Server Base and Hong Kong as the Backup Base.

Data Retention Period: PuenLen will store personal data of customers/users until the customer/user stops using the system (Inactive User), according to the period set by relevant laws. Once the customer/user stops using the system, PuenLen will modify the customer/user's data so that they can no longer be identified.

Use of Personal Data for Marketing

During service provision, PuenLen and its partners will send information about products and services that customers/users are expected to be interested in. If the customer/user has accepted the offer of products and services, they have the right to cancel at any time. Customers/users have the right to contact PuenLen to cancel the offer of product and service information or the sharing of their data with other members within the PuenLen network at any time. If the customer/user cancels, PuenLen may no longer be able to provide services to them.

If the customer/user wishes to cancel, they can do so as follows:

1. Step 1: Go to the "Contact Us" page.
2. Step 2: Select and click the "Personal Data Request" button.
3. Step 3: Fill in the details on the required form.
4. Step 4: Send the form and supporting documents with certified true signature via Email Address: dpo@buzzebees.com. The customer/user must only use the Email Address registered for the service with PuenLen to submit the request.

Data Subject Rights

PuenLen wants customers/users to be aware of their data protection rights. All users have the following rights:

• Right to Withdraw Consent: Customers/users have the right to withdraw consent for processing, including the right to withdraw consent for the retention of personal data that they have given consent to PuenLen, for the entire period their personal data is held by PuenLen.
• Right to Access: Customers/users have the right to access their personal data by requesting PuenLen to provide a copy of their personal data. This also includes requesting PuenLen to disclose the source of their data that they did not consent to PuenLen.
• Right to Rectification: Customers/users have the right to request PuenLen to correct inaccurate or incomplete data.
• Right to Erasure: Customers/users have the right to request PuenLen to delete their personal data or make it unidentifiable. Note that deleting data may sometimes result in PuenLen no longer being able to provide services to the customer/user.
• Right to Restriction of Processing: Customers/users have the right to restrict the use of their personal data in specified cases.
• Right to Data Portability: Customers/users have the right to transfer their personal data that they provided to PuenLen to another Data Controller or to the customer/user themselves.
• Right to Object: Customers/users have the right to object to the processing of their personal data. If the customer/user cancels in the following cases: cases where personal data is collected under an exemption that does not require consent; cases where personal data is collected, used, or disclosed for the purpose of direct marketing.

Privacy Policy of Other Websites

PuenLen's products and services may contain links to other websites. This Privacy Policy covers only PuenLen's products and services. If a customer/user clicks a link to other products and services, they are advised to read the privacy policy of that website first.

Changes to the Privacy Policy

PuenLen's Privacy/Data Protection Policy will follow the laws and regulations announced to the public. This Privacy Policy was last updated on September 18, 2025.

Contacting PuenLen

If there are any questions regarding the Privacy/Data Protection Policy, the customer/user's data retained by PuenLen, or if the customer/user wishes to exercise their data protection rights, please contact us:

1. Step 1: Go to the "Contact Us" page.
2. Step 2: Select and click the "Personal Data Request" button.
3. Step 3: Fill in the details on the required form.
4. Step 4: Send the form and supporting documents with certified true signature via Email Address: dpo@buzzebees.com.

The customer/user must only use the Email Address registered for the service with PuenLen to submit the request.