Privacy Policy

This Privacy Policy explains how the Company collects, uses, stores, transfers, and protects personal data in connection with the digital commerce service operated at uptop.gg, which provides game top-ups, gift cards, mobile recharge, PIN codes, digital vouchers, and other electronically delivered digital products (the "Service").

The data controller applicable to the Service may vary depending on the country or region where the Service is offered, as specified in the applicable country addendum.

Unless otherwise specified in an applicable country addendum, the data controller shall be:

• Company Name: OVERTAKE LABS PTE. LTD. • Singapore UEN: 202422326G • Jurisdiction: Singapore

The data controller for users in countries with a specific addendum is identified in that addendum.

The Company processes personal data for the following purposes:

• User identification and account management • Provision of services and performance of contractual obligations • Order processing, fulfillment, delivery, and support • Payment processing and settlement • Fraud prevention and security enhancement • Customer support and dispute resolution • Compliance with legal obligations • Marketing communications, events, and promotions where consent has been given

Personal data shall be deleted without delay upon membership termination, except where retention is required by applicable local laws or necessary for legitimate business purposes such as fraud prevention, dispute resolution, accounting, security, or legal compliance.

Specific statutory retention periods applicable to users in particular jurisdictions are set out in the relevant country addendum.

For the purpose of preventing fraudulent or abusive activities, certain minimum identifying information may be retained for a limited period after account termination.

Marketing consent records shall be retained until consent is withdrawn or for the period required by applicable law.

The Company may transfer personal data overseas where necessary to operate the Service, process payments, fulfill orders, provide customer support, maintain security, perform analytics, or measure advertising performance.

International transfers will be handled in accordance with applicable data protection laws and any applicable country-specific addendum.

The Company may outsource certain processing activities, including but not limited to:

• System operation and technical support • Electronic payment processing • SMS message delivery • Identity verification services • Digital product fulfillment through third-party suppliers, distributors, and service providers • Customer support tools and communication systems • Analytics and advertising performance measurement

The Company shall enter into written agreements with service providers and supervise them in accordance with applicable data protection laws.

The Company may collect and use cookie-based behavioral information for service improvement, security, fraud prevention, analytics, and advertising performance measurement.

Data collected may include visit history, device environment, purchase status, and purchase amount.

Users may refuse the storage of cookies by adjusting their browser settings. Some features may not function properly if cookies are disabled.

Users may exercise the following rights with respect to their personal data, subject to applicable law:

• Request access • Request correction • Request deletion • Request suspension of processing • Withdraw consent where processing is based on consent

Such requests may be submitted through the Customer Service channel at support@uptop.gg.

Marketing SMS messages, emails, or other marketing communications shall be sent only where permitted by applicable law and, where required, with prior consent.

Users may withdraw consent at any time.

Each marketing message shall include instructions on how to opt out where required by applicable law.

The Company implements appropriate technical and organizational measures to help protect personal data, including:

• Access control and authorization management • Encryption measures where appropriate • Incident response procedures • Monitoring and logging • Supervision of outsourced processors

The Service may contain products, links, integrations, or fulfillment processes involving third-party suppliers, distributors, payment processors, publishers, carriers, platforms, and service providers.

The privacy practices of third parties may be governed by their own privacy policies. Users should review the applicable third-party policies where relevant.

For users located in the Republic of Korea, the data controller shall be:

• Company Name: IMI Co., Ltd. • Representative Director: Soojong Park • Business Registration No.: 402-81-50705 • E-commerce Registration No.: No. 2002-Jeonju Deokjin-0015 • Address: 56 Garinae-ro, Deokjin-gu, Jeonju-si, Jeonbuk State, Republic of Korea

The Company has designated a Data Protection Officer (DPO). Inquiries regarding personal data may be directed to the DPO through the Customer Service channel at support@uptop.gg.

In addition to the categories set out in Article 3 of the main Privacy Policy, the following personal data may be collected from users in the Republic of Korea:

• Mobile phone number — where additional identity or transaction verification is required • Mobile phone number — where marketing consent is provided (optional)

The Company does not knowingly collect personal data from children under fourteen (14) years of age.

If such data is identified, it shall be deleted without delay.