Administrator Privacy, Data Security and Responsibility Statement

This Administrator Privacy, Data Security and Responsibility Statement ("Statement") has been prepared by Aris888 Metaverse Company to regulate the data security, privacy, and responsibility obligations of users with administrator authority within all digital platforms, metaverse infrastructure, virtual office systems, corporate panels, administrator authorization systems and all related software services. This Statement is binding on all individuals and legal entities who have administrator account defined, have access to corporate panels, or are granted management authority in any way on the Aris888 system. A person granted administrator authority is deemed to have read, understood, and accepted all the consequences of this Statement by using the platform.

1. ADMINISTRATOR CONFIDENTIALITY AGREEMENT

The administrator accepts that all system information, user data, company information, technical infrastructure data, software components, and all information of a trade secret nature that they access within the scope of their duties and authority are confidential. In this context, the administrator undertakes not to share such information with third parties under any circumstances, not to disclose it, not to copy it, and not to use it in an unauthorized manner. The confidentiality obligation does not only apply during the term of office, but also continues indefinitely after the duties end. All legal and financial responsibility for violating this obligation rests with the administrator.

2. KVKK / DATA SECURITY COMPLIANCE COMMITMENT

The administrator accepts to act in accordance with Law No. 6698 on the Protection of Personal Data ("KVKK") and all related legislation. In this context, the administrator is obligated to:

• Ensure personal data is not processed unlawfully
• Ensure data is only used within the scope of authority
• Take necessary measures against data security violations
• Act in accordance with disclosure and explicit consent processes

The administrator cannot retain, copy, or process any personal data obtained outside their area of duty.

Aris888 reserves the right to monitor administrator operations, examine log records, and limit access when necessary to ensure data security.

3. ACCOUNT SECURITY AND CYBER RESPONSIBILITY

The administrator is directly responsible for the security of the accounts, access credentials, and authentication tools assigned to them. All damages resulting from password sharing, providing access to unauthorized persons, or causing security vulnerabilities belong to the administrator. The administrator absolutely accepts and undertakes not to engage in activities that would violate system security, not to perform unauthorized data access, not to misuse software vulnerabilities, and not to use bots, automation, or malicious software. Aris888 has the right to temporarily or permanently suspend administrator access when it deems necessary to protect system security.

4. RESPONSIBILITY AND SANCTIONS

The administrator accepts that all legal, administrative, and criminal responsibility arising from acting in violation of this Statement's provisions belongs to them. Aris888 reserves the right to: revoke access authorization, suspend the account, limit system access, notify legal authorities in cases of violation.

FINAL CLAUSE

This Administrator Privacy, Data Security and Responsibility Statement enters into force at the moment administrator authority is granted and is binding on the administrator. Aris888 reserves the right to make changes to this text; changes take effect from the moment they are published on the platform.