Update date: March 24, 2026

Effective date: March 24, 2026

FAIRLAND IGARDEN LIMITED and its affiliates (collectively the “iGarden”, “us”, “our” or “we”) act as the data controller for the purposes of the General Data Protection Regulation (“GDPR”).understand the importance of your privacy to you and will respect your privacy.

The IGarden Privacy Policy ("this Policy") describes how we might collect, store, use, and/or share personal information when you interact with us.

This Policy applies to the website that we provide, and the extensions thereof. By referring to both websites collectively as "Platforms," we aim to provide a unified and clear framework for you to understand our data processing practices across different service scenarios. This unified terminology simplifies the complexity of the policy, ensuring that you receive consistent privacy protection information regardless of which of our websites you use.

If a separate privacy policy or user service agreement exists for a specific product or service, the privacy policy or user service agreement for that product or service will prevail. If the privacy policy or user service log for the product or service is not covered, this Policy shall prevail. If one of our affiliated companies uses the products or services provided by us in their products or services but does not set up a separate privacy policy, this Policy shall also apply to such products or services.

Unless otherwise agreed, the terms used in this Policy shall have the same meaning as those defined in the User Service Agreement.

Please note that this Policy does not apply to information collected through other means, such as offline channels or any other website operated by the company or any third party. Additionally, any third-party application or content (including advertisements) that may link to or be accessible from this website is not covered by this Policy.

This policy is not intended to override the terms of any contract you have with us, nor any rights you may have under other applicable data privacy laws.

Please take a moment to familiarize yourself with our privacy protection practices. If you have any questions or concerns, please contact us at Support@igarden.ai.

Data Controller

For the purposes of the GDPR, the data controller is:

FAIRLAND IGARDEN LIMITED

19H Maxgrand Plaza, No. 3 Tai Yau Street, San Po Kong, Hong Kong

Email: Support@igarden.ai

Where required under Article 27 GDPR, we may appoint a representative in the European Union.

I. How We Collect and Use Your Information

Personal information is all kinds of information relating to an identified or identifiable natural person, recorded electronically or by other means, excluding information that has been anonymized. Please note that the definition of "personal information" (or "personal data" and other similar expressions) may vary from country to country or region to region, so please refer to the laws and regulations related to the protection of personal information in your region.

Information We Collect From You

1.1 Contact and Inquiry Submission

When you fill out our online form to contact us or request information about our products, you may provide details such as your name or nickname, email address, phone number, and country or region. You may also include a message describing your needs, indicate which products you are interested in, and specify your intended product preferences. We collect this information so that we can respond to your inquiries, connect you with an appropriate sales representative, and provide tailored product or service information based on your expressed interests.

1.2 Account Creation and Management

When you create an account on our e-commerce platform (store.igarden.ai), we need to collect your personal information to complete the registration process. This includes your name, email address, and password. Your password will be stored in an encrypted (hashed) format to ensure its security. We use this information to create and secure your account, manage your profile, facilitate future logins, and process your password reset requests. Providing accurate account information is fundamental to ensuring we can provide you with continuous and secure service.

1.3 Order Processing and Fulfillment

To process and fulfill your orders on our e-commerce platform, we need to collect specific information related to the transaction. This includes:

·Contact Information: Your name, email address, and phone number for order confirmation and communication.

· Shipping and Billing Information: Physical addresses for product delivery and invoicing. You can add or modify these addresses in your account management page.

· Order Details: The products you purchased, order value, transaction history, and items in your shopping cart.

We use this data to process payments, arrange for shipping and delivery, communicate order status updates to you (such as shipment notifications), and handle returns or customer service issues related to the purchase.

1.4 Payment Information

We take the security of your financial information very seriously. Therefore, we do not directly collect or store sensitive financial information, such as full credit card numbers. When you make a payment, you will be directed to the page of our third-party payment processor, which complies with industry security standards (such as PCI DSS). We will only receive limited information from the payment processor related to your transaction, such as a transaction ID, payment status, and the last four digits of your card number for verification purposes. This information will be used to confirm your order, for record-keeping, and to process refunds. Clearly stating that we do not store full payment details is not only to enhance user trust but is also a key risk management measure that can effectively reduce our compliance burden and the risk of data breaches.

1.5 Customer Support Communications

When you contact us through the customer service chat function on our platform, whether you are a logged-in user or a visitor, we will collect the information you submit to initiate the conversation, including your name and email address. We will also collect all information you provide during the communication, including the chat history and any files or photos you choose to upload. This information will be used to investigate and respond to your inquiries, resolve any issues you encounter, and to improve the quality of our customer service.

1.6 Product Reviews and Other User-Generated Content

We provide you with the functionality to post reviews and comments on product pages. When you submit a product review or other user-generated content, we collect the information you provide, which may include your username, the content of your review, and any related images or media you submit. Please be aware that the information you submit may be publicly posted on our platform and will be visible to other users. Therefore, please exercise caution when submitting any information you do not wish to be made public.

1.7 Direct Marketing and Promotions

On our platform, you have the opportunity to subscribe to our marketing emails to receive information about new products, promotions, and special offers. For this purpose, we will collect your email address. In accordance with applicable laws, we will only send you such marketing communications with your explicit consent. You have the right to unsubscribe at any time. You can easily withdraw your consent by using the "unsubscribe" link provided in every marketing email or by contacting us.

1.8 Device information when necessary

Device information includes information about your device, browser, or network connection, your IP address, and other unique identifiers. We may also collect data in relation to your own iGarden IoT devices, including exact model, device’s serial number, device log, usage history, device's location and device status.

1.9 Essential information prior to any installation service

we may collect necessary photos or videos with your consent or where necessary for the performance of a contract. These may include on-site photos and videos taken by authorized installers (or builders) to record the installation of equipment. We do not intend to collect photos or videos containing your (or any other family members’) facial information, and we will require authorized installers (or builders) to avoid taking photos or videos that include the facial information. However, despite these measures, it may still be unavoidable for some photos or videos to contain your image. If we found any such materials, we will delete them as soon as possible.

Information Automatically Generated and Collected

2.1 Website Usage and Search Activity

When you visit our Platforms, certain information is collected automatically by our systems. This may include technical details such as your IP address, browser type, operating system, the pages you visit, the time and date of your access, and the website that referred you to us. On our e-commerce platform, we also collect information about the products you have viewed, items you have added to your cart (even if the purchase is not completed), and the search query terms you enter in the site's search box.

This information helps us operate, maintain, and improve the functionality and performance of our Platforms, understand how visitors engage with our content, personalize your shopping experience (for example, by providing relevant product recommendations), and ensure the security and reliability of our services.

2.2 Cookies and Similar Technologies

We use cookies or similar tracking technology, such as web beacons, clear gifs, pixel tags, and single-pixel gifs, to enhance your experience when visiting our platforms. A cookie is a small file containing small blocks of data which are placed on the hard drive of your computer. They are then sent back to the website on each subsequent visit. Cookies serve useful functions because they enable web servers to recognize a user’s device or to track a user's browsing activity.

iGarden uses cookies primarily to enhance your experience when visiting our Platform or using our Platform Services, to provide you with customized display options, to provide statistical reports on web activity, or to secure software and website security requirements. We also use cookies to preload relevant content. These cookies do not capture personal email addresses or any personal information.

You can manage the cookie setting and disable non-essential cookies at any time on our platforms. For more information regarding how we use cookies, please refer to our Cookie Policy.

Information From Third Parties

In some cases, we may receive information about you from third-party sources, such as our business partners or service providers who assist us in processing your inquiries. We may also use publicly available sources to verify or supplement the information you have provided. This helps us confirm the accuracy of your contact details, improve the quality of our responses, and provide you with more relevant product or service information.

II. How We Share Your Information

Third-Party Service Providers

We may disclose or share your information with third-party service providers that support the provision of our products and services. These providers may include third-party professional service providers, cloud hosting providers, customer service providers who process your personal information on our behalf, and partners essential for e-commerce operations. Specifically, to support the operation of the e-commerce platform, we share information with the following categories of service providers:

· Payment Processors: To securely process your payments, we share transaction information with third-party payment gateways.

· Logistics and Delivery Partners: To deliver the products you have ordered, we share your name, shipping address, and contact information with our courier and shipping partners.

· Customer Support Platform Providers: Our customer service chat function may be supported by a third-party provider, with whom we share your contact details and communication history to provide you with support.

· Authorized Service Providers: We may employ third-party companies or individuals, such as installers, builders, repair service providers (collectively "Service Providers"), to facilitate our Service, to provide the Service on our behalf, to perform other services related to the Service, or assist us in understanding how our Service is conducted. For example, we may employ installers (or builders) to assist with the installation, activation, maintenance and technical support; we may employ repair service providers to debug to identify and repair errors that impair the device's intended functionality, and to rectify errors that have occurred in any Services (including but not limited to online service platforms or features). Thus, some of our Services will be provided by Service Providers for the purposes stated in this Privacy Policy. We may share some of your personal information with them to provide excellent service and user experience as needed. We will only share your personal information for legal, legitimate, necessary, specific and explicit purposes, and only share personal information necessary to provide services as specified in this Privacy Policy. Please note that the Service Providers are not authorized to disclose or use the shared personal information for any other purposes without iGarden's permission. Some of your personal information may be collected directly by them when necessary, with your consent and iGraden's approval.

· Marketing and Analytics Providers: With your consent, we may share contact information with marketing platforms to manage our email newsletters and share website usage data with analytics partners to understand user behavior.

We will only share personal information that is necessary for the provision of products and services. We will also enter into strict confidentiality agreements with the companies, organizations and individuals with whom we share personal information, requiring them to process personal information in accordance with our instructions, this Policy and any other relevant confidentiality and security measures. Where the sharing of your data is based on consent, you have the right to refuse to consent to the sharing of your personal information with third parties. Please note that if you refuse to consent to the sharing of information with third parties, you may not be able to use the specific corresponding features. By explicitly listing these categories of partners, we aim to increase transparency while maintaining operational flexibility, which is a recognized industry best practice that meets regulatory requirements and avoids the problem of frequent policy invalidation due to frequent supplier changes.

Business Transfers

We may transfer your data to a buyer or other successor in the event of a merger, acquisition, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of iGarden's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us may be among the assets transferred.

Compliance

We may share your personal information in certain circumstances, including:

· To law enforcement authorities, government or public agencies or officials, regulators, and/or any other person or entity with appropriate legal authority or justification for receipt of such information, if required or permitted to do so by law or legal process;

· When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity;

· When the information is required for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, or for the enforcement of civil law claims.

III. Notice for Data Subjects in the EU/EEA Region

This section applies to individuals located in the European Union (EU) and European Economic Area (EEA).

Data Controller

For the purposes of applicable data protection laws, including the GDPR, the data controller is:

FAIRLAND IGARDEN LIMITED

19H Maxgrand Plaza, No. 3 Tai Yau Street, San Po Kong, Hong Kong

Email: Support@igarden.ai

Where required under Article 27 GDPR, we may appoint a representative within the EU.

Legal Bases for Processing

We process your personal data only where we have a valid legal basis under Article 6 GDPR. Depending on the specific processing activity, these legal bases include:

• Performance of a contract (Art. 6(1)(b))
  
  Processing necessary to provide our products and services, including account management, order fulfillment, and customer support.
  
• Consent (Art. 6(1)(a))
  
  For example, sending marketing communications or placing non-essential cookies. You may withdraw your consent at any time.
  
• Legitimate interests (Art. 6(1)(f))
  
  For improving our services, preventing fraud, ensuring platform security, and managing customer relationships, provided such interests are not overridden by your fundamental rights.
  
• Legal obligations (Art. 6(1)(c))
  
  Processing necessary to comply with applicable laws and regulatory requirements.
  

International Data Transfers

As a global business, your personal data may be transferred to countries outside the EEA, including the United States.

Where such transfers occur, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
  
• Appropriate technical and organizational security measures
  
• Additional safeguards where required under applicable law
  

You may request a copy of these safeguards by contacting us.

Your Rights Under GDPR

Under the GDPR, you have the following rights:

• Right of Access
  
  You have the right to obtain confirmation as to whether we process your personal data and access to that data.
  
• Right to Rectification
  
  You have the right to request correction of inaccurate or incomplete personal data.
  
• Right to Erasure (“Right to be Forgotten”)
  
  You may request deletion of your personal data under certain circumstances.
  
• Right to Restriction of Processing
  
  You may request restriction of processing where:
  
  
  You contest the accuracy of the data
  
  
  Processing is unlawful
  
  
  We no longer need the data but you require it for legal claims
  
  
  
• Right to Data Portability
  
  You may receive your personal data in a structured, commonly used, machine-readable format and request transfer to another controller.
  
• Right to Object
  
  You may object to processing based on legitimate interests, including profiling.
  
  You have an absolute right to object to direct marketing.
  
• Right to Withdraw Consent
  
  Where processing is based on consent, you may withdraw it at any time.
  
• Right Not to Be Subject to Automated Decision-Making
  
  You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
  
  We do not currently engage in such processing.
  

Exercising Your Rights

You may exercise your rights at any time by contacting:

Email: Support@igarden.ai

We will respond to your request in accordance with applicable data protection laws. We may need to verify your identity before processing your request.

Right to Lodge a Complaint

If you believe that your personal data has been processed in violation of applicable law, you have the right to lodge a complaint with a supervisory authority in your country of residence or place of work.

For more information about EU supervisory authorities, please visit:

https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

We encourage you to contact us first so we can address your concerns.