ROKIT America, Inc., a Delaware corporation (“Company,” “we,” “us,” or “our”), respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information when you access or use our website located at https://rokitamerica.com (the “Website”).

This Privacy Policy applies solely to information collected through the Website. It does not apply to offline interactions, clinical study platforms, patient portals (if any), or third-party services that may have separate privacy notices.

By accessing or using the Website, you acknowledge and agree to the practices described in this Privacy Policy.

1. Information We Collect

① Information You Provide Voluntarily: We may collect the following categories of personal information.

- Name

- Email address

- Company or organizational affiliation

- Telephone number (if provided)

- Country or jurisdiction

- Content of inquiries submitted through contact forms or email

- Information submitted in connection with investor relations, media, business development, or compliance communications

② Information Collected Automatically: When you visit the Website, we may automatically collect:

- IP address

- Browser type and device information

- Pages visited and time spent

- Referring URLs

- Cookie identifiers

③ Sensitive Personal Information: We do not collect or request sensitive personal information, such as race, religion, sexual orientation, or specific health data.

We collect the above categories of personal information for the business purposes described in Section 3 below.

2. What This Website Is Not

① The Website is a corporate information platform. It does not provide medical services, diagnosis, treatment, or clinical advice.

② We do not operate a patient portal, and by excluding user file upload functionality, we do not knowingly collect Protected Health Information (PHI) as defined under HIPAA/

③ If you voluntarily submit health-related information, it will be used solely to respond to your inquiry and does not create a provider–patient relationship.

3. How We Use Personal Information

① We collect and use personal information for the following business and operational purposes:

- Respond to inquiries and communications

- Provide requested corporate or investor information

- Operate, maintain, and improve the Website

- Analyze Website usage and performance

- Protect against cybersecurity incidents, fraud, or unlawful activity

- Comply with legal, regulatory, and corporate governance obligations

- Review and address compliance or whistleblower reports

② We do not sell sell your personal information for monetary consideration nor share it for cross-context behavioral advertising, as those terms are defined under applicable U.S. privacy laws.

③ We do not use personal information for automated decision-making that produces legal or similarly significant effects.

4. Disclosure of Personal Information to Service Providers and Other Parties

① We may disclose personal information to:

- Service providers supporting Website hosting, analytics, IT, or security operations

- Professional advisors (legal, accounting, compliance)

- Regulatory authorities or governmental entities when required by law

- A successor entity in connection with a merger, acquisition, reorganization, or asset transfer

② Service providers are contractually required to process personal information only for authorized business purposes.

③ We do not sell personal information. We do not disclose personal information for monetary consideration.

5. Cookies and Analytics

① The Website uses cookies and similar technologies to:

- Enable core Website functionality

- Measure performance and usage trends

- Improve user experience

② We may use third-party analytics providers (such as Google Analytics) to evaluate Website traffic patterns in aggregated form.

③ You may manage cookies through your browser settings. Disabling cookies may affect Website functionality.

④ Where required by applicable law, a recognized Global Privacy Control (GPC) signal will be treated as a request to opt out of the sale or sharing of personal information.

6. Data Retention

① We retain personal information only as long as reasonably necessary to:

- Fulfill the purposes described in this Privacy Policy

- Comply with legal obligations

- Resolve disputes

- Enforce agreements

② Retention periods vary depending on the nature of the information and applicable regulatory requirements. We may retain information for longer periods where required for regulatory, audit, litigation hold, or corporate governance purposes.

7. International Data Transfers

① The Company is based in the United States. Personal information collected through the Website is primarily stored in the United States.

② In limited circumstances, information may be processed or accessed by service providers located in other jurisdictions where we operate.

③ Where required by law, we implement appropriate safeguards for international data transfers.

④ By using the Website, you acknowledge that your information may be transferred to and processed in the United States.

8. Data Security and Governance

① We maintain commercially reasonable safeguards subject to executive management oversight and periodic Board reporting to ensure data protection consistent with public company governance standards.

② However, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

9. Your Privacy Rights

① Depending on your jurisdiction of residence, you may have rights under applicable privacy laws, including:

- The right to request access

- The right to request deletion (subject to legal exceptions)

- The right to request correction

- The right to opt out of sale or sharing

② You may designate an authorized agent to submit a request on your behalf where permitted by law.

③ To submit a privacy request, please contact: privacy@rokitamerica.com Subject: “Privacy Rights Request”

④ We may take reasonable steps to verify your identity before processing your request to ensure data security.

⑤ We will not discriminate against you for exercising your privacy rights.

⑥ We may deny a request where permitted by applicable law and will inform you of the basis for such denial where required.

10. Compliance and Whistleblower Communications

① If the Website (or a linked reporting platform) permits submission of compliance, ethics, or whistleblower reports, we may collect information you voluntarily provide in connection with such reports.

② We use this information to receive, review, investigate, and address reports and to comply with legal and corporate governance obligations. Reports may be submitted anonymously where permitted by law.

③ Information related to such reports may be retained in accordance with legal and regulatory requirements.

11. Third-Party Websites

The Website may contain links to third-party websites. The Company is not responsible for the privacy practices or content of third-party websites.

12. Children’s Privacy

① The Website is not directed to children under 13 years of age. We do not knowingly collect personal information from children.

② If we become aware that we have collected such information without appropriate consent, we will take reasonable steps to delete it.

13. Changes to This Privacy Policy

① We may update this Privacy Policy from time to time to reflect changes in law, regulatory guidance, or business practices.

② Updates will be effective upon posting the revised version with an updated “Last Updated” date.

③ Continued use of the Website after the effective date of any update constitutes acceptance of the revised Privacy Policy.

14. Contact Information

For privacy-related inquiries or to exercise applicable rights, please contact: privacy@rokitamerica