Shokz App Privacy Policy

Date published: September 2025

Effective date: September 2025

Last modified: September 2025

INTRODUCTION

We, referred to as “Shokz”, “our” or “us”, recognize the importance of maintaining the privacy of the viewer/visitor/user (“you” or “your”) for visiting or using our App products and services and value your privacy and appreciate your trust in us. This Privacy Policy (“Policy”) explains what we intend to do with your personal information and how we intend to reach out to you with regard to the same.

When this Policy refers to the expressions “Shokz”, “we”, “our”, or “us”, it means entities/entity within the Shokz family which are/is responsible for your information as set forth below.

Countries and/or Regions<	Shokz Entities<	Contact Address
The United States	Shokz Technology INC and its affiliates	3200 Gracie Kiltz Lane, Suite 300 Austin, TX 78758 USA
All countries and/or regions except the United States	Shenzhen Shokz Co., Ltd.	1st to 4th Floor, Building 26, Shancheng Industrial Zone, Langxin Community, Shiyan Street, Bao’an District Shenzhen China

In this Policy, “affiliates” refers to the entities within the Shokz family that are under the same control as the aforementioned entity.

We remind you that this Policy is dedicated to applying for our App products and services.

This Policy sets out how we collect, use, disclose, store, process and protect any information that you give us, or that we collect when you use our App products and services. For our website services, a separate privacy policy applies. If we ask you to provide certain information by which you can be identified when using Shokz App products and services, it will only be used in accordance with the applicable laws and regulations, this Policy, and/or the Shokz App User Agreement.

It is important that you have a comprehensive understanding of our personal information collection and usage practices, as well as full confidence that ultimately, you have control of any personal information provided to Shokz. Therefore, please read this Policy carefully before using our App products (or services) to understand our Policy to protect your privacy. By using our App products and services or other acts permitted by the applicable laws, you are deemed to have read and acknowledged all the provisions stated in this Policy, including any change we may make from time to time.

In this Policy, “personal information” means information that can be used to directly or indirectly identify an individual, as defined by the applicable laws in the region where you are based.

We are committed to protecting the privacy, confidentiality and security of your personal information by complying with applicable laws, and we are equally committed to ensuring that all our employees and agents uphold these obligations.

This Privacy Policy Contains the Following Sections:

• The Information We Collect and How We Use It
• Direct Marketing
• Cookie and Similar Technologies
• How We Share and Disclose Your Information
• How We Protect Your Information
• Retention of Your Information
• How You Can Manage Your Personal Information
• Transfer of Personal Information Outside of Your Jurisdiction
• How We Process Minors’ information
• EU / UK Residents’ Rights
• California Residents’ Rights
• Updates to the Privacy Policy
• Contact Us

The Information We Collect and How We Use It

We collect personal information in order to operate more efficiently and provide you with the best possible experience. We collect personal information from: (1) information you provide directly to us; (2) information we obtain in the course of your use of our App products and services; and/or (3) information about you from third parties.

We will only collect the information that is necessary for its specified, explicit and legitimate purposes and will not further process it in a manner that is incompatible with those purposes.

The information we collect depends on the products (or services) you actually use, the context in which you interact with us, the choices you make, including your privacy settings, and the products and functions you use. Our products and functions include basic and additional functions. If you refuse to provide relevant information for basic functions, we may not be able to provide you with relevant products or services, or solve your problems. For additional functions, you may choose whether or not to agree to our collection of information. If you disagree, the relevant additional functions may not be available, but it will not affect your use of our core business functions.

1. The Information We Collect

The following categories of information may be collected when you are interacting with Shokz:

(1) Information you provide to us or upload:

• Account Registration and Profile Information: When you create a Shokz account, we collect your email address and the password you set. When you complete your profile, you may provide your name, email address, region, you may optionally provide your gender (we offer options such as "Male," "Female," and "Non-binary"), date of birth, mobile phone number. When you register a product, you need to provide your serial number. If you only need to browse or use basic functions (such as headphone interconnection, App language switching), you do not need to register an account or provide the above information except for your region.
• Marketing Activity Information: If you choose to participate in our marketing activities (including filling out online questionnaires), we may collect information you provide during the activity, such as your name, age, region, contact information, and product feedback.
• User Communication and Feedback Information: When you contact us through the "Feedback" feature, we collect any images you choose to upload, your application diagnostic logs (if provided), and the content of your feedback, the associated device and contact information to help us diagnose the issue.

(2) Information We Automatically Collect During Your Use of the Services

• Device Connection and Interaction Information: To enable the connection and control between your mobile phone and headphones, we collect your headphones' model, Bluetooth address, and product firmware version number.
• Device and Network Information: To ensure the stable operation and security of our services, we may collect your device information, such as IP address, system language, device model, operating system version, and application crash logs.
• MultiPoint Pairing Device Information: When you use the "MultiPoint Pairing" feature to connect your headphones to two devices simultaneously, the Bluetooth name of the second device may be transmitted to your primary device and displayed in the App to help you manage the connections.

(3) Usage Information:

We may collect information about how you use our products and services through technical means, such as the number of visits to a specific page, the duration of your stay, the status of buttons, and the number of clicks on a particular button. This type of information, when used alone, generally cannot identify you personally.

2. Device Access Permission for Our App

To provide you with our services, we need to request certain permissions from your device. The permissions we request vary depending on your operating system (iOS or Android). You can manage these permissions at any time in your device's “Settings.”

(1) For iOS Users:

• Bluetooth: This permission is essential for the App’s core functionality. We use it to discover, connect, and communicate with your Shokz headphones to enable features like switching EQ modes, managing MultiPoint Pairing, and performing firmware upgrades. If you deny this permission, the App cannot connect to your headphones.
• Photo Album: We only request this permission when you choose to use a feature that requires it, such as uploading a screenshot in the “Feedback” section or setting a profile picture. The App will only access the files you actively select.

(2) For Android Users:

• Nearby Devices (Bluetooth): This permission is essential for the App’s core functionality. On modern versions of Android (Android 12 and higher), the “Nearby Devices” permission allows us to scan for and connect to your Shokz headphones without needing to request the broader Location permission. We use it to discover, connect, and communicate with your headphones to enable all control features. If you deny this permission, the App cannot connect to your headphones.

3. How is Your Information Used

We adhere to the principles of Lawfulness, Fairness, and Data Minimization to collect and use your personal information for the following purposes:

(1) Providing and managing our services:

We use your personal information to deliver the essential features of our App and ensure a seamless experience with your Shokz products. This includes:

• Account Creation and Management: Your email address and password are used to set up and secure your Shokz account. Optional details, such as your name, gender, or birthday, allow us to personalize your profile.
• Headphone Connection and Control: We use your headphone’s Bluetooth address and serial number to establish and maintain a connection with the App. This supports features like switching EQ modes, managing MultiPoint Pairing, performing firmware upgrades, and adjusting call or prompt settings.
• Localized Services: Your selected region and device’s system language help us display the App in your preferred language and provide region-specific customer support.

(2) Enhancing our products and services:

We strive to improve your experience with Shokz products by:

• Analyzing Usage Data: We study aggregated data (e.g., which features you use most) and technical details (e.g., device models and OS versions) to optimize the App’s performance and develop new features.
• Monitoring Stability: Crash logs and diagnostic data, collected via tools like Bugly and Firebase Crashlytics, help us identify and resolve software issues, ensuring the App runs reliably.
• Collecting User Feedback: If you participate in surveys or activities like our “Reward Survey”, your input guides our product development and service improvements.

(3) Communicating with you:

Your feedback matters to us. When you use the “Feedback” feature, we use the information you provide to:

• Understand and resolve your concerns or questions.
• Respond to you about the resolution process.
• Enhance our products and services based on your suggestions.

(4) Marketing and promotions:

With your explicit consent, we may use your email address to send you updates about Shokz products, services, and special offers. You can opt out at any time by:

• Clicking the unsubscribe link in any marketing email.
• Contacting us directly via privacy@shokz.com.

(5) Ensuring security and legal compliance:

We prioritize the security of your data and compliance with legal standards by:

• Meeting Legal Obligations: We process your information as required by applicable laws, regulations, or legal requests.

Direct Marketing

If you provide your email address, we may use the email address to provide marketing materials to you relating to the products and services of Shokz.

We will only use your personal information after we obtain your prior explicit consent and involve a clear affirmative action or indication of no objection in accordance with local data protection laws, which may require separate explicit consent. You have the right to opt out of our proposed use of your personal information for direct marketing by contacting us at privacy@shokz.com. If you no longer wish to receive any or certain types of email communications, you may opt out by following the unsubscribe link located at the bottom of each communication. We will not transfer your personal information to our business partners for use by our business partners in direct marketing.

Cookie and Similar Technologies

In order to make your access easier, we may collect and store data related to your access to this App service through the use of various technologies. When you access this App again, we can know who you are and provide you with better services through the analyzing of your past data, including the use of your mobile phone number or email address you use to log into your App account and small data files to identify you, which is to understand your using habits thus you do not need to enter the account information repeatedly, or to help determine the security status of your account. These data files may be Cookie, flash Cookie, or other local storage provided by your browser or associated applications (referred to as “Cookie”).

Please understand that some of our services can only be achieved by using Cookie. If your browser or the additional services of your browser allow, you can modify the acceptance of Cookie or reject the Cookie of this App, but you may not be able to use the services of this App that rely on Cookie in some cases.

How We Share and Disclose Your Information

1. Information Sharing and Disclosing

We promise that we do not share your information with any company, organization, and individual other than Shokz, unless:

(1) Sharing as required by law:

We may share your personal information with external parties when it is necessary to comply with laws and regulations, resolve disputes or litigation, or respond to requests from administrative or judicial authorities.

(2) Sharing with explicit consent:

After obtaining your explicit consent, we may share your personal information with other parties.

(3) When you choose to share:

When you issue a products or services related claim, we will share the necessary information related to your order with the provider of related products or services according to your choice to effectuate your purpose.

(4) Sharing with affiliates:

We may share personal information about you with our affiliates, which is critical to enhancing our services and your customer experience.

(5) Sharing with authorized partners:

In order to conduct business operations smoothly and provide you with the full capabilities of our products and services, we may disclose your personal information from time to time to our third-party service providers, which are our delivery service providers, including:

•  Third-party service providers and business partners

To deliver our services effectively and enhance your experience with our App, we collaborate with carefully selected third-party service providers. These trusted partners assist us in various aspects of our operations and may process your personal information on our behalf. We are committed to safeguarding your privacy and ensuring that any data sharing is conducted with care and only for specific, legitimate purposes. We promise to share information to provide services only for legitimate, legal, necessary, specific and clear purposes.

Our service providers fall into the following categories:

• Cloud Storage and Hosting Providers: These providers offer the secure infrastructure needed to store and process your data, such as your account information and product registration details.
• Application Performance and Crash Reporting Services: To ensure our App is stable and reliable, we use services that help us identify, diagnose, and fix software bugs and performance issues.
• Firmware Update (OTA) Providers: We partner with technology providers to securely deliver over-the-air firmware updates to your headphones, ensuring they have the latest features and security enhancements.
• Customer Communication and Support Platforms: When you provide feedback or contact us for support, we may use third-party platforms to manage and respond to your inquiries efficiently.
• Professional Advisors: We may share information with our lawyers, auditors, accountants, and other professional advisors as necessary to obtain professional advice and manage our business operations.

We take the following measures to protect your personal information when working with third-party service providers:

• Necessity and Purpose Limitation: We only share the minimum information required for the provider to perform their designated functions and strictly limit their use of your data to the purposes we specify.
• Contractual Safeguards: All service providers are bound by robust data processing agreements that enforce strict confidentiality, security standards, and compliance with this Privacy Policy and applicable data protection laws in your jurisdiction.
• Due Diligence: We conduct thorough vetting of all service providers to ensure they meet our high standards for data protection and security.
• Transparency: For a comprehensive list of the third-party SDKs integrated into our App, including the data they collect and their purposes, please refer to the “Third-Party SDKs and Other Similar Applications” section below.

•  Third-party SDKs and other similar applications

In order to enable you to use the above services and features, our application may embed SDKs or other similar applications from licensed partners:

Name of the Third Party SDKs or other similar applications<	Company<	Type of personal information collected<	Purpose of use<	Official website link
NetEase Yidun	Hangzhou NetEase Zhiqi Technology Co., Ltd.	Operating system version, CPU architecture, operating system setting information, current application package name, current application signature	Application reinforcement	https://dun.163.com/clause/privacy
AndroidX Webkit (chromium)	Google Ireland Limited, if you’re located in the European Economic Area (EU countries plus Iceland, Liechtenstein, and Norway) or Switzerland. Google LLC, based in the United States, for the rest of the world	SSID, BSSID, MAC address, WIFI information, sensor, application list information, clipboard	Use chromium as a built-in browser to access the browse webview page within the App, Open-source development tools to assist in enhancing the basic capabilities of the application.	https://policies.google.com/privacy
jl_ota	Zhuhai JIELI Technology Co., Ltd.	Bluetooth, MAC address, firmware files	firmware OTA upgrade to the connected headset	https://cam.jieliapp.com/app/JL_OTA_SDK_PrivacyPolicy.html
Bugly SDK (ios)	Shenzhen Tencent Computer Systems Co., Ltd.	device model, operating system version, operating system internal version number, wifi status, CPU attributes, remaining memory space, disk space/remaining disk space, running phone status (memory occupied by process, virtual memory, etc.), idfv, whether to jailbreak, region code	report bugs	https://privacy.qq.com/document/preview/fc748b3d96224fdb825ea79e132c1a56
Firebase Analytics (Android)	Google Ireland Limited, if you’re located in the European Economic Area (EU countries plus Iceland, Liechtenstein, and Norway) or Switzerland. Google LLC, based in the United States, for the rest of the world	AD_ID, android ID	Provide data analysis on the usage of the application.	https://policies.google.cn/privacy
Firebase Crashlytics (Android)	Google Ireland Limited, if you’re located in the European Economic Area (EU countries plus Iceland, Liechtenstein, and Norway) or Switzerland. Google LLC, based in the United States, for the rest of the world	Device model, operating system version, operating system build number, Wi-Fi status, CPU attributes, available memory, disk space/available disk space, runtime phone status (memory usage by processes, virtual memory, etc.), IDFV, jailbroken status, region code.	Application Crash Monitoring	https://policies.google.cn/privacy

We will conduct strict security checks on the Application Programming Interface (API) and Software Development Kit (SDK) from which our authorized partners obtain relevant information, and agree on strict data protection measures with our authorized partners so that they handle personal information in accordance with our commissioning purposes, service descriptions, this privacy policy, and any other relevant confidentiality and security measures.

If you no longer wish us to share the relevant information, please contact us via privacy@shokz.com.

•  Others

According to the requirements of laws and regulations, legal procedures, litigation and/or requirements of public institutions and government departments in accordance with the law, Shokz may need to disclose your personal information. If we determine that disclosure is necessary or appropriate for national security, law enforcement, or other matters of public importance, we may also disclose information about you.

If we determine that in order to enforce our terms or to protect our operations, rights, assets or products, or to protect the legitimate interests of users, or to achieve the following purposes (detection, prevention and resolution of fraud, unauthorized use of products, violation of our terms or policies, or other harmful or illegal activities) disclosure is reasonably necessary, and we may also disclose information about you. (For the avoidance of doubt, Shokz will collect, use or disclose your personal information without your consent only within the scope clearly permitted by local data protection laws) This may include providing information to public or government agencies; exchange information about the reliability of your account with third-party partners to prevent fraud, violations and other harmful cases.

In addition, we may share your personal information with:

• Our accountants, auditors, lawyers or consultants, when we ask them to provide professional advice;
• Any third party authorized by you.

We will not transfer your personal information to any company, organization or individual, unless:

(1) Transfer with explicit consent:

After obtaining your explicit consent, we will transfer your personal information to other parties;

(2) In the case of merger, acquisition, bankruptcy or liquidation of Shokz, or other situations involving merger, acquisition bankruptcy or liquidation, in line with applicable data protection principles.

If the transfer of personal information is involved, we will require new companies or organizations that hold your personal information to continue to be restricted by this Policy, otherwise we will require the companies, organizations or individuals to seek authorization and consent from you again.

We will not disclose your personal information unless we obtain your explicit consent or based on your choice.

2. Exceptions for obtaining prior consent when sharing, transferring, and publicly disclosing personal information

In the following situations, sharing, transferring, and disclosing your personal information may not require your prior consent in line with applicable principles of data protection law.

1. Related to national security and national defense security;
2. Related to public safety, public health, and major public interests;
3. Related to judicial or administrative law enforcement such as criminal investigation, prosecution, trial, and sentence execution;
4. In order to protect your or other individuals’ life, property and other major legal rights, but it is difficult to obtain the consent;
5. Your personal information disclosed to the public by yourself;
6. Collect personal information from legally and publicly disclosed information, such as legal news reports, government information disclosure and other channels.

3. Links to Third-Party Websites and Services

Our App may contain links to third-party websites, products, and services, such as our official website, social media pages, or partner sites. Please be aware that any information you provide when accessing these third-party services is governed by their own privacy policies, not this one. We are not responsible for the data processing practices of any third party. We encourage you to carefully read and understand their privacy practices before providing any personal information to them.

How We Protect Your Information

1. Technical security protection

We are committed to ensuring that your personal information is secure. In order to prevent unauthorized access, disclosure or other similar risks, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect on Shokz’s App. We will use all reasonable efforts to safeguard your personal information.

All your personal information is stored on secure servers that are protected in controlled facilities. We classify your data based on importance and sensitivity and ensure that your personal information has the appropriate security level. We have special access controls for cloud-based data storage as well. We regularly review our information collection, storage and processing practices, including physical security measures, to guard against any unauthorized access and use.

We will conduct due diligence on third-party service providers and business partners to ensure that they are capable of protecting your personal information. We will also check whether third parties have adopted appropriate security standards by implementing appropriate contractual restrictions and conducting audits and evaluations when necessary. In addition, we promise to access this information to help employees and third-party service providers and business partners who provide you with products or services to comply with strict contractual confidentiality obligations.

2. Personnel management

We will organize security and privacy protection training and tests to strengthen our employees’ awareness of personal information security. We will take all feasible and legally required measures to protect your personal information. However, you should be aware that the use of the Internet is not always secure. Therefore, we cannot guarantee the security or integrity of any personal information when it is transmitted in both directions via the Internet.

We will deal with the leakage of personal information in accordance with the requirements of applicable data protection laws and regulations, and when necessary, promptly notify the relevant regulatory authorities and data subjects of related data leakage incidents.

3. Account and password protection reminder

The Internet is not an absolutely secure environment. Shokz is not responsible for the security omissions caused by third parties accessing your personal information due to your failure to maintain the privacy of your information. Notwithstanding the above provisions, if any other Internet users use your account without authorization or any other security breaches, you should notify us immediately via privacy@shokz.com. Your assistance will help us protect the privacy of your personal information.

4. Incident notification

After a personal information security incident occurs, we will inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, and suggestions that you can independently prevent and reduce risks within the time limit specified by applicable laws, etc. We will inform you about the incident by email, letter, telephone, push notification, etc. If it is difficult to inform the subject of personal information one by one, we will take a reasonable and effective way to issue an announcement. At the same time, we will also report the handling of personal information security incidents in accordance with the requirements of the regulatory authorities.

Retention of Your Information

We will take appropriate and feasible measures to avoid collecting and processing irrelevant personal information. Personal information will be held for as long as it is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws. We shall delete personal information, or anonymise it, as soon as it is reasonable to assume that the purpose for which that personal information was collected is no longer being served by retention of the personal information.

How You Can Manage Your Personal Information

You can access and manage your information in the following ways:

1. Access, update, correct, erase, and restrict your information

You have the right to access, update, correct, erase, and restrict your information. You can do it yourself in the following ways:

1. Log in to the App, enter “Information”, click on “Information-Register your product-Log In/Register-Personal Information-Edit Profile”, and then access, correct and supplement related information;
2. Send an email to privacy@shokz.com to get in touch with us and ask for help to access, correct or supplement your information.

2. Delete your information

You can delete (part of) your information through the method listed in “1. Access, update, correct, erase, and restrict your information”.

If we decide to delete your personal information in response to your deletion request, we will also notify the subject who obtained your personal information from us as much as possible at the same time, and require it to be deleted in time (unless laws and regulations provide otherwise, or these entities have independently obtained your authorization).

3. Withdraw of consent

You may withdraw your consent for the collection, use and/or disclosure of your personal information in our possession or control by submitting a request to us and/or changing your mobile phone settings. You can change the privacy settings yourself under “Phone Settings-Shokz-Manage Permissions” or contact us at privacy@shokz.com.

After you withdraw your consent, we will no longer process the corresponding personal information. Please note that depending on the extent of your withdrawal of consent for us to process your personal information, it may mean that you will not be able to enjoy all app functions. However, your decision to withdraw your consent will not affect the previous processing of personal information based on your previous consent.

4. Acquisition of a personal information copy

You have the right to duplicate and export your information copy. You can do it yourself in the following ways:

1. Log in to the App, enter “Information”, click on “Information-Register your product-Log In/Register-Personal Information”, and then you may acquire part of the related information herein;
2. Send an email to privacy@shokz.com to get in touch with us and ask for help to acquire your personal information copy.

5. Delete your account

If you would like to delete your entire User Account, you can apply to delete your account in the following ways:

1. Log into the App and submit an account deletion application through “Information-Register your product-Log In/Register-Personal Information-Edit Profile-Delete Account”;
2. Send an email to privacy@shokz.com to get in touch with us to help and assist you in applying to delete your account.

After you delete your account, we will stop providing you with products or services, delete your personal information or anonymize it in accordance with the requirements of applicable laws.

6. Responding to your above request

To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request.

We will respond within the time limit specified by applicable laws. For your reasonable request, we do not charge a fee in principle, but for repeated requests that exceed a reasonable limit, we will charge a fee as appropriate. We may refuse to respond to your requests for information that is not directly related to your identity, unreasonable duplication of information, or excessive technical means (including but not limited to, the condition that we need to develop a new system or fundamentally change the current practice), bring risks to the legitimate rights and interests of others, or unrealistic requests.

In the following situations, we will not be able to respond to your request in accordance with laws and regulations:

1. Related to national security and national defense security;
2. Related to public security, public health, and major public interests;
3. Related to criminal investigation, prosecution, trial and execution of judgments;
4. There is sufficient evidence to show that the subject of personal information has subjective malice or abuse of rights;
5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
6. Involving business secrets.

Transfer of Personal Information Outside of Your Jurisdiction

Shokz is a global company. To offer our services, we may need to transfer your personal information to locations outside of the jurisdiction in which you reside.

As a global company, personal information we collect from you may be primarily transferred to, stored, and processed outside of your country of residence. In addition, your information may be processed in other countries where our affiliated entities or third-party service providers have operations.

These countries may have data protection laws that are different from, and potentially less protective than, the laws of your country of residence. When we transfer your personal information to other countries, we will protect that information as described in this Privacy Policy and in accordance with applicable law, implementing appropriate safeguards to protect your information.

If you would like more information about our international data transfer practices and the safeguards we have in place, please contact us using the details in the 'Contact Us' section below.

How We Process Minors’ Information

Our product and service do not target minors (including children), do not directly provide products or services to minors, and do not use minors’ personal information for marketing purposes. We attach great importance to protecting the privacy of minors (the age of minors is determined by the laws of each country and region). We consider it the responsibility of parents to monitor their minors’ use of our products and services.

If you are a parent or guardian, and you believe that a minor has submitted personal information to us, please send an email to privacy@shokz.com to ensure that such personal information is deleted immediately and to ensure that the minor unsubscribes from any applicable service.

EU / UK Residents’ Rights

1. Description of data processing and legal basis

Personal Data Categories<	Purpose of processing<	Legal basis
Bluetooth address of headphones, serial numbers, product firmware version numbers; Device or SIM-related information (only for specific services/functionalities): information related to your device. For example, IP address, IMEI number. ("Product Data")	Providing the Shokz Products and Services; to implement the interaction between mobile phone device and headphones.	Necessary to perform our obligations under a contract with you
Any information you choose to directly provide to Shokz in connection with your use of the services. ("User Communication Data")	User Communication	Necessary to perform our obligations under a contract with you
Information, such as name, gender (optional), birthday (optional), phone number, email address, region (optional), and serial number. ("Registration User Data")	User Account Creation	Necessary to perform our obligations under a contract with you
Name, gender, age, region, email address, phone number, serial numbers (mobile phones/computers/tablets/watches), product feedback, any other information you choose to directly provide to Shokz ("Questionaire Data")	Marketing Activities	To fulfil our legitimate business interests in providing you with marketing, with your explicit consent
Behavior information about you, including the number of times you visit a particular page, the length of time you stay on a page, and the number of times you click on a particular button, may be reasonably necessary to achieve analysis and improve the quality of our products and services. *Such information does not contain information that personally identifies you. If we combine such non-personal information with other information to identify a particular user personally or use it in combination with personal information, such non-personal information will be treated as personal information for the duration of the combination. ("User Behavior Data")	Statistics and Analytics	To fulfil our legitimate business interests in providing the products or services, to conduct data analytics to improve our products or services or with your explicit consent

2. Complaint to an EU/UK data protection authority

You have the right to lodge a complaint with the local EU/UK data protection authority that is competent where you live.

3. International Transfer of Personal Information Outside of Your Jurisdiction

To provide our global services, we may transfer or make accessible your personal information to our corporate group and to Third Party Service Providers located in countries outside the European Economic Area (EEA) around the world.

Whenever your data is transferred, we rely on one or more of the following safeguards to ensure that your data receives an adequate level of protection which is equivalent to that provided under the GDPR for personal information and for natural persons:

1. We prioritize transfers to countries that benefit from an adequacy decision by the European Commission, where your personal information automatically enjoys GDPR-equivalent protection.
2. Where no adequacy decision exists, we rely on appropriate safeguards under Article 46 of the GDPR—such as Standard Contractual Clauses and other approved mechanisms—and conduct a Transfer Impact Assessment (TIA) to verify that these safeguards provide an equivalent level of protection.
3. If our TIA indicates that those safeguards do not effectively ensure an equivalent level of protection, we implement additional contractual, technical, or organizational supplementary measures to address any identified risks and guarantee GDPR-equivalent protection.

California Residents’ Rights

This California Privacy Policy applies solely to visitors, users, and others who reside in the State of California. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act (CPRA). This notice should be read in conjunction with our Privacy Policy. To the extent any provision in this California Privacy Policy conflicts with a provision of the Privacy Policy, the California Privacy Policy shall govern with respect to visitors, users, and others who reside in the State of California.

The information reflects Shokz’s current practices and practices during the past 12 months. Certain terms used in this section have the meanings given to them in the California Consumer Privacy Act (“CCPA”).

1. Personal Information We Collect, Use, and Disclose

As required by CCPA, the following table summarizes the categories of personal information we collect and how we use and disclose it. More information about the information we collect, our purposes for collection, and the third parties to whom we disclose information is described in the preceding sections of this Privacy Policy.

CCPA Category of Personal Information<<	Examples of Personal Information We Collect<<	Sources of Personal Information<<	Business or Commercial Purpose for Collection/Use<<	Categories of Third Parties to Whom Information is Disclosed for a Business Purpose<<	Categories of Third Parties to Whom Information is "Shared" for Cross-Context Behavioral Advertising
Identifiers	name, email, phone number, IP address, product serial number, device ID	Directly from you; Automatically from your device	To create and maintain your account; provide core services; customer support; ensure security; marketing (with consent)	Affiliates; Service Providers (cloud hosting, customer support, security providers)	Advertising Partners
Personal Information (Cal. Customer Records statute)	name, phone number	Directly from you	To create and maintain your account; customer support; marketing (with consent)	Affiliates; Service Providers	None
Protected Classification Characteristics	age (from birthday), gender (including non-binary)	Directly from you	To personalize your profile	Affiliates; Service Providers (data hosting)	None
Commercial Information	registered products	Directly from you	Customer service, warranty, firmware updates	Affiliates; Service Providers	None
Internet or Electronic Network Activity	crash logs	Third-party partners (crash reporting)	App stability and security	Affiliates; Service Providers (crash reporting)	None
Geolocation Data	approximate location from IP or user selection	Automatically from your device; Directly from you	Localized services (language, regional support)	Affiliates; Service Providers	None
Audio, Electronic, Visual Data	photos uploaded in feedback	Directly from you	Diagnose and resolve support issues	Affiliates; Service Providers (support, hosting)	None
Sensitive Personal Information	account password	Directly from you	Account security and authentication	Affiliates; Service Providers (secure hosting)	None

2. Sale and Sharing of Personal Information

Shokz does not, and will not sell your personal information. However, the CCPA defines “sharing” broadly. Our use of online advertising and analytics tools may result in the disclosure of your information to our third-party partners, which may be considered “sharing” for the purpose of cross-context behavioral advertising under the CCPA.

Shokz has “Shared” the following categories of personal information with the categories of third parties listed below for the business purpose of providing advertising for our products that is more relevant to your interests:

• Categories of Personal Information Shared: Identifiers.
• Categories of Third Parties with Whom Information was Shared: Advertising Partners.

We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age.

3. Use and Disclosure of Sensitive Personal Information

As noted in the table above, we collect one category of sensitive personal information: your account login credentials. Specifically, we use your login credentials solely to provide the services you requested (i.e., to allow you to log in to your account), to ensure the security and integrity of your account. Shokz does not sell or share this information and Shokz does not use or disclose your sensitive personal information for purposes other than those specified in California Code of Regulations, title 11, section 7027(m).

4. Your California Privacy Rights

As a California resident, you have the following rights with respect to your personal information:

1. The Right to Know. You have the right to request that we disclose to you:
   • the categories and/or specific pieces of personal information we have collected about you;
   • the categories of sources for that personal information;
   • the purposes for which we use that information;
   • the categories of third parties with whom we disclose the information, and
   • the categories of information we sell or disclose to third parties.

   You can make a request to know up to twice a year, free of charge.

2. The Right to Delete. You have the right to request that we delete personal information we have collected and retained from or about you, and tell our service providers to do the same, subject to certain exceptions (such as if we are legally required to keep the information).
3. The Right to Correct. You have the right to request that we correct inaccurate personal information that we maintain about you.
4. The Right to Opt-Out of Sale / Sharing. You have the right to direct us not to sell or share your personal information (“opt-out”). We do not sell or share your personal information after we receive your opt-out request unless you later authorize us to do so again.
5. The Right Against Discrimination. We will not discriminate against you (for example, charge you different prices or rates for goods or services) for exercising any of your rights described in this section.
6. Right to Limit Use and Disclosure of Sensitive Personal Information. You can direct us to only use your sensitive personal information for limited purposes. Given that, we only use and disclose your sensitive personal information for permitted purposes under the CCPA.
7. Shine the Light Requests. California residents have the right to request information under the Shine the Light Act. And yet, we do not currently disclose your personal information to third parties for their own direct marketing purposes.

5. How to Exercise Your Rights

You may submit a request to exercise your rights to know, delete, or correct by:

1. Emailing us at privacy@shokz.com.
2. Calling us toll-free at 737-215-4011.

To opt out of the “sharing” of your personal information, please visit the "Do not sell/share my information" link at the footer of our websites and follow the instructions. You can also opt out by emailing us at privacy@shokz.com.

6. Verification Process

To protect your privacy, we will take steps to verify your identity before fulfilling your request. We will verify your request by asking you to provide information that matches the information we have on file for you. The information we ask you to provide to verify your identity will depend on your prior interactions with us and the sensitivity of the personal information at issue.

7. Authorized Agents

You may designate an authorized agent to make a request on your behalf. We will require the authorized agent to provide proof of your written permission to make the request, and we will also need to verify your own identity directly with us before processing the agent's request.

Updates to the Privacy Policy

We keep our Privacy Policy under regular review and may update it to reflect changes to our information practices. The updated Privacy Policy will obtain your prior explicit consent. You can check the “Effective date” at the beginning of the document to see if the Privacy Policy has changed since the last time you checked it. If we make a substantial change to this Policy, you will receive the corresponding notification required by applicable laws. If you continue to use this service, we confirm that you have read and understood the latest version of the Privacy Policy.

Contact Us

If you have any comments or questions about this Privacy Policy, please contact our Data Protection Officer (DPO) atprivacy@shokz.com. Our professional privacy protection team will handle your request and respond to you within the time limit under the laws. If you are not satisfied with the response you received, you can hand over the complaint to the relevant regulatory authority in your jurisdiction.

We have appointed a local representative in the EU and in the UK (Art. 27 GDPR) that can be reached as follows.

1. EU:

DATA BUSINESS SERVICES GmbH & CO KG

RA Robert Niedermeier

Noerdliche Muenchner Str 47

82031 Gruenwald/Munich

niedermeier@db5.io

Mobile: +49 171 2440099

Fax: 0049 89 66002036

2. UK:

DATA BUSINESS SERVICES GmbH & CO KG

RA Robert Niedermeier

Golden Cross House

8 Duncannon Street

Greater London WC2N4JF

London

niedermeier@db5.io

Mobile: +49 171 2440099

Fax: 0049 89 66002036