PRIVACY POLICY

Welcome to Neriva Global Corp and our website at www.neriva.us (our "website"). At Neriva Global Corp, we are committed to protecting and respecting your privacy. This Privacy Policy sets out the basis on which we will process any Personal Data that we may collect about you as a visitor to our website or our customers or potential customers, or other business partners, or in any other cases where we specifically state that this policy will apply. This policy further sets out how we protect your privacy and your rights in respect of our use of your Personal Data. WHAT IS PERSONAL DATA? Personal Data is information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, and email address, but also your IP address and online identifiers (cookies). Anonymous data exists if no personal reference to the user can be made. WHAT IS PROCESSING? "Processing" means and covers virtually any handling of data, including collection, storage, use, and deletion. WHAT LAW APPLIES? We will use your Personal Data in accordance with applicable United States federal laws and the laws of the State of Wyoming. For users in the UK and EEA: We also align our data practices with the General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations (PECR) where applicable to our interaction with you (for example, if we track your behaviour via cookies while you are in the UK/EEA). WHO IS THE DATA CONTROLLER? A "data controller" (or "business" under certain US laws) is a person or organisation who alone or jointly determines the purposes for which and the manner in which any personal data is, or is likely to be, processed. In this sense, Neriva Global Corp ("Neriva", "we", "us", "our") is the data controller. If you have any questions about this policy or about data protection at Neriva Global Corp in general, you can reach us by email using hello@neriva.us. WHAT ARE THE LEGAL BASES FOR PROCESSING PERSONAL DATA? We process your Personal Data based on one or more of the following legal grounds: - Consent: You have given us clear permission to process your data for a specific purpose (e.g., opting into non-essential cookies or marketing). - Contract: The data is necessary for the fulfilment of a contract or pre-contractual measures (e.g., providing Property Management services). - Legal Obligation: The data is necessary for compliance with a legal obligation to which we are subject. - Legitimate Interests: The data is necessary to protect our legitimate business interests, provided that your interests are not overridden. WHAT PERSONAL DATA DO WE COLLECT FROM YOU? We may collect and process the following Personal Data about you: a) Personal Data that you give us: This is information about you that you give to us and in context of our services, mainly when you correspond with us, when you fill in forms on our website, or when you register. When you contact us, the Personal Data we process typically includes, for example, your name, address, email address, and telephone number. This data is collected and processed exclusively for the purpose of contacting you and processing your request and then deleted again, provided that there is no legal obligation to retain it. We process your Personal Data that is required for providing our Property Management services, as well as the data that you also provide to us voluntarily. The processing of this Personal Data is necessary for the service provision process. By joining our platform, you are giving your consent to receiving platform internal communications, notifications, and messages. Those typically include administrative information about your account or property. b) Personal Data that our website and other systems collect about you: If you visit our website, it will automatically collect some information about you and your visit, including the Internet protocol (IP) address used to connect your device to the Internet and some other information, such as the pages on our site that you visit. This is used to monitor the performance of the website and improve the experience of visitors. The hosting services used by us for the purpose of operating our website is Hostpoint.ch. In doing so, Hostpoint.ch processes inventory data, contact data, content data, usage data, meta data and communication data of customers, interested parties, and visitors of our website and services, on the basis of our legitimate interests. c) Cookies: We use so-called cookies on our website. Cookies are pieces of information that are transmitted from our web server or third-party web servers to your web browser and stored there for later retrieval. GDPR/PECR Compliance: For users in the UK and EEA, we only place non-essential cookies (such as analytics or advertising cookies) on your device if you have given us your explicit Consent. Please refer to our Cookie Policy below for full details. OTHER USES OF YOUR PERSONAL DATA We may also collect, store, and use your Personal Data for the following purposes: - To operate, manage, develop, and promote our business and, in particular, our relationship with you; - To offer you our Property Management services; - To protect our business from fraud, money laundering, breach of confidence, and other financial or business crimes; - To comply with our legal and regulatory obligations, bring and defend legal claims and assert legal rights.

DATA SHARING a) Internal: If necessary, we transfer your Personal Data within Neriva Global Corp. Access to your Personal Data is only granted to authorised employees who need access to the data due to their job. b) External bodies: Personal Data is transferred to our service providers in the following instances: - In the context of fulfilling our contract with you; - To use marketing services and to advertise our services online; - To state authorities and institutions as far as this is required or necessary. c) International transfers: We are headquartered in the United States. If you are accessing our services from the UK or EEA, please note that your Personal Data will be transferred to, stored, and processed in the US. We take all reasonable technical and organisational measures to protect the Personal Data we transfer. HOW LONG DO WE KEEP YOUR PERSONAL DATA? We will delete your Personal Data when we no longer need such Personal Data, for instance, where it is no longer necessary to fulfil the purposes for which we had collected it. Sometimes, however, there are legal or regulatory requirements which may require us to retain your Personal Data for a specified period (e.g., tax or property records). DATA SECURITY Our website uses SSL or TLS encryption to ensure the security of data processing. We have also implemented numerous security measures ("technical and organisational measures") to ensure the protection of Personal Data processed through our website. YOUR RIGHTS AND PRIVILEGES Global Rights: Depending on your jurisdiction, you may have specific rights regarding your Personal Data, which may include the right to access, rectification, erasure, and to restrict processing. GDPR and UK Data Protection Rights (For UK/EEA Users): If you are visiting from the UK or EEA, you have specific rights under the GDPR: - Right to Access: You can request copies of your Personal Data. - Right to Rectification: You can request that we correct any information you believe is inaccurate. - Right to Erasure: You can request that we erase your Personal Data, under certain conditions. - Right to Withdraw Consent: Where we rely on your consent (e.g., for non-essential cookies), you have the right to withdraw that consent at any time. Wyoming Privacy Rights and Do Not Track: We do not track our customers over time and across third-party websites to provide targeted advertising and therefore do not respond to Do Not Track (DNT) signals. Update your information: If you believe that the information we hold about you is inaccurate, please contact us at hello@neriva.us. DATA BREACHES AND NOTIFICATION Databases or records containing Personal Data may be breached accidentally or through unlawful intrusion. As soon as we become aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised in compliance with applicable laws, including Wyoming Statute § 40-12-501 et seq. Notifications will be sent as soon as possible after the violation is discovered and substantiated. WHAT WE DO NOT DO - We do not request Personal Data from minors and children (under 13) without obtaining parental or legal guardian consent (in compliance with COPPA); - We do not sell your Personal Data; - We do not process Special Category Data without obtaining prior specific consent. DOES THIS POLICY CHANGE? We may update this policy from time to time. We recommend that you check here periodically for any changes. This policy was last updated on 18th of January 2026. WHO SHOULD I CONTACT FOR MORE INFORMATION? If you have any queries as regards the collection, processing, or use of your Personal Data, please contact us at hello@neriva.us.