1. Overview

Thank you for using Monarc Global. Your privacy is important to us and we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act), which includes the Australian Privacy Principles (APPs) and any related privacy codes. This Policy outlines how we collect, use, disclose and store your personal information and lets you know how you can access that information. This Policy applies to our obligations when handling information in Australia about Australian individuals. Please read this Policy carefully and contact us using the details below if you have questions.

2. Consent

By providing personal information, you consent to us collecting, using, storing and disclosing your personal information in accordance with this Policy or as required or permitted by law. If you continue using our services, then we will treat your use as your consent to us handling your personal information in accordance with this Policy.

3. What kinds of personal information do we collect and hold?

The type of personal information we collect will depend on the circumstances of its collection and the nature of your dealings with us. This information may include, but is not limited to:

(a) your name, address, contact details and date of birth;

(b) passport details, including your passport number, issue and cancellation date and nationality;

(c) payment and transactional information;

(d) your preferences and opinion about types of products and/or services;

(e) your device ID, device type and information, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, Internet Protocol (IP) address and standard web log information;

(f) information contained in any communications between you and us; and

(g) any information about you that you provide through our services, including information you provide if you participate in a survey, promotion or competition.

If you choose not to provide information as requested, it may not be practicable for us to service your needs. For example, it will not be possible for us to allow you to book aircraft services if you want to remain anonymous or use a pseudonym. We sometimes receive unsolicited personal information. In circumstances where we receive unsolicited personal information we will usually destroy or de-identify the information as soon as practicable if it is lawful and reasonable to do so unless the unsolicited personal information is reasonably necessary for, or directly related to, our functions or activities.

4. Why do we collect your personal information?

We collect your personal information primarily to allow individuals to book chartered aircraft through a widget placed on aircraft owner or operators (Operators) site. Collecting your © Law Squared 2019 1 personal information allows us to give you information about or provide you with our products and services. Some ways we use your personal information are:

(a) to identify you;

(b) to interact with you;

(c) for the purpose for which the personal information was originally collected;

(d) to develop consumer insights so we can better understand your preferences and interests, personalise your experience and enhance the services you receive;

(e) to perform administrative and operational functions;

(f) to comply with any legal requirements, including any purpose authorised or required by an Australian law, court or tribunal; and

(g) for any other purpose for which you give your consent.

In relation to the personal information of prospective staff members and contractors, we collect personal information for purposes including to:

(a) enable us to carry out our recruitment functions;

(b) correspond with you, provide training and professional development;

(c) fulfil the terms of any contractual relationship; and

(d) ensure that you can perform your duties.

5. How we collect your personal information?

You give it to us

We collect personal information directly from you when you:

(a) use our services;

(b) set up an account with us;

(c) interact or share personal information with us via our website, app and social media;

(d) interact or share personal information with us via our widget on Operators websites;

(e) communicate with us;

(f) participate in one of our surveys, promotions or competitions;

(g) make a booking to use one of our third-parties products or services.

We collect it

We may also collect your personal information from third parties including:

(a) Operators;

(b) service providers;

(h) credit reporting bodies;

(i) marketing companies;

(j) referrals who may have referred you to us; and

(k) organisations with whom we have an agreement to share information for marketing purposes.

We will generally obtain consent from the owner of personal information to collect their personal information. Consent will usually be provided in writing; however, sometimes it may be provided orally or may be implied through a person’s conduct. We will endeavour to only ask for your personal information if it is reasonably necessary for the activities that you are seeking to be involved in.

6. Disclosing your personal information

We may disclose your personal information to the following third parties:

(a) Operators;

(b) to our business or commercial partners, including the owners or operators of any app or platform for which you have subscribed through us or in connection with us;

(c) to our professional advisers, dealers and agents;

(d) third parties and contractors who provide services to us, including customer enquiries and support services, debt-recovery functions, information technology service providers, marketing and advertising;

(e) payment processing service providers; and

(f) any third parties authorised by you to receive information held by us.

We may also disclose your personal information if we are required, authorised or permitted by law. We may send information to third parties that are located overseas. These third parties are located in Canada, United States, United Kingdom, Europe, UAE, although this list may change from time to time. Disclosure is made to the extent that it is necessary to perform our functions or activities.

7. Using your personal information for direct marketing 

From time to time, and in support of our future development and growth, we or our business partners may use your personal information to contact you to promote and market our products and services. You can opt-out from being contacted for direct marketing purposes by contacting us at privacy@monarcglobal.com or by using the unsubscribe facility included in each direct marketing communication we send. Once we receive a request to opt out from receiving marketing information, we will stop sending such information within a reasonable amount of time.

8. Security 

We take all reasonable steps to protect personal information under our control from misuse, interference and loss and from unauthorised access, modification or disclosure. We hold your personal information in electronic form, in secure databases operated by our third-party service providers. We protect the personal information we hold through [list security measures e.g. encryption / firewalls and login password protocols / secure and access-controlled premises / monitoring staff access / auditing / network segregation for sensitive information store electronically]. While we take reasonable steps to ensure your personal information is protected from loss, misuse and unauthorised access, modification or disclosure, security measures over the internet can never be guaranteed.

9. Accessing or correcting your personal information 

Accessing your personal information If you would like to access your personal information, please contact us using the details below. In certain circumstances, we may not be able to give you access to your personal information. In these circumstances, we will write to you to explain why we cannot comply with your request. While we try to give you access to your personal information free of charge, we may charge you a reasonable fee if necessary. Correcting your personal information We try to ensure any personal information we hold about you is accurate, up-to-date, complete and relevant. If you believe the personal information we hold about you should be updated, please contact us using the details below and we will take reasonable steps to ensure it is corrected if appropriate.

10. Destroying or de-identifying personal information 

We destroy personal information when we no longer need it, unless we are otherwise required or authorised by law to retain the information.

11. Making a complaint 

If you believe your privacy has been breached or you have a complaint about our handling of your personal information, please contact us using the details below. We take privacy complaints seriously. If you make a complaint, we will respond within 14 days to acknowledge your complaint. We will try to resolve your complaint within 30 days. When this is not reasonably possible, we will contact you within that time to let you know how long we will take to resolve your complaint. We will investigate your complaint and, where necessary, consult with third parties about your complaint. We will decide how to address your complaint and write to you to explain our decision as soon as practicable. If you are not satisfied with our decision, you can refer your complaint to the Office of the Australian Privacy Commissioner and/or other enforcement bodies like the Office of the Victorian Information Commissioner.

12. Changes 

We may, from time to time, amend this Policy, in whole or part, in our sole discretion. Any changes to this Policy will be effective immediately upon the posting of the revised Policy on our website. By continuing to use the services following any changes, you will be deemed to have agreed to such changes.

13. Contact us 

All questions or queries about this Policy and complaints should be directed to: Privacy Officer Phone: 1 300 466 6272 Email: info@monarcglobal.com

This Policy was last updated in October 2019.

GDPR Privacy Policy

Monarc Global

1. Overview Monarc 

Global (collectively, Monarc, we, us, our) is committed to protecting your privacy. We have prepared this Privacy Policy to describe to you our practices regarding personal information we collect from users of our services, including our website at monarcglobal.com and widget on third-party websites, and all other services provided by Monarc (Services). Our primary privacy obligations are derived from Australian law. Our Privacy Policy, available on our website, sets out how we comply with these obligations. Sometimes, we also handle the information of EU citizens or share data with other organisations which do so or provide services to individuals located in the EU. To the extent that we do so, this GDPR Privacy Policy for EU General Data Protection Regulation applies. The processing of Personal Information will always be in line with the Australian Privacy Principles contained in the Privacy Act 1998 (Cth) (Privacy Act), the General Data Protection Regulation (GDPR), and in accordance with country-specific data protection regulations applicable to Monarc. We have implemented a number of technical and organisational measures to ensure the most complete protection of Personal Information processed through the Services.

2. User Consent 

Where we rely on your consent as the lawful basis to process your data under the GDPR we will always ask for you to positively affirm your acceptance. By clicking to accept this Privacy Policy, you acknowledge and agree to be bound by this Privacy Policy. We note that all contact or other data forms where consent is required to be given by you include no pre-checked checkboxes so that you are able to freely, affirmatively opt-in. We will also provide you with notice on the Services specifically detailing what it is that you are consenting to in clear and plain language as well ensuring that each matter that requires consent is clearly distinguishable. For all areas of the Services where consent is given it is just as easily able to be withdrawn through the appropriate account settings on the Services. If you believe that consent has not been given freely or in breach of the terms of this Privacy Policy, please contact us.

3. What Personal Information we collect 

We will only collect Personal Information from you if it is reasonably necessary for one or more of our functions or activities. Personal Information means any information that allows someone to identify you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.

3.1 Information you provide to us (a) Account and User Content You need to create an account with us to use some of our Services. During your account registration and use of the Services, you may enter your details on the different forms or provide us with additional content. We may collect this Personal Information from you, such as your name, e-mail, phone number, identification number and mailing addresses, phone number, password, passport details and other relevant details when you register to use the Services. This data is used to enable us to identify and verify you and provide you with support, services, mailings, sales and marketing actions, and billings. Certain functionality of the Monarc Services requires your Personal Information to function properly. When you create or share content, or upload content such as photos, videos, comments, meta data (geographic tags) we may also collect this data. The legal basis for this processing is based on: − your consent through your voluntary submission of the form and agreeing to these terms; − the Personal Information being necessary for the performance of a contract to which you are a party; − for carrying out pre-contractual measures; and/or − any other legitimate interests as detailed below. (b) Payment Data When you make a purchase, we (or our third-party service provider) will collect all information necessary to complete the transaction, including your name, credit card information, debit card information, billing information and/or PayPal information. The Personal Information we collect will be the data that you input in any payment area on the Services. The legal basis for this processing is based on: − your consent through your voluntary submission of the form and agreeing to these terms; − the Personal Information being necessary for the performance of a contract to which you are a party including the payment of goods or services; and/or − any other legitimate interests as detailed below. This Personal Information is needed to enable us to process your payment for the goods or services. (c) Contact and Messaging Data If you provide us feedback or contact us via e-mail, or other means including by phone call or by contracting with us, we will collect your name and e-mail address, as well as any other content included in the e-mail or conversation, in order to send you a reply. If you contact or message another user through our website or widget, we will also collect this data. We will store and process your communications and information as needed. We may also collect contact information if you choose to upload, sync or import it from a device. The legal basis for this processing is based on: − either through your consent through your voluntary submission of the form and agreeing to these terms or by your voluntary submission of data to us in other means; − the Personal Information being necessary for the performance of a contract to which you are a party; − for carrying out pre-contractual measures; and/or − any other legitimate interests as detailed below. By submitting a form or contacting us such Personal Information is transmitted on a voluntary basis and you consent to its collection. (d) Subscription Data When you use the Services, you may have the ability to subscribe to various newsletters or other forms. We may collect the data when you input your details for subscription purposes. The Personal Information is processed for the purpose of informing you regularly by means of a newsletter or other offer form. The personal information collected during the subscription will only be used for marketing materials or for reasons made known on the form. The legal basis for this processing is based on: − your consent through your voluntary submission of the form and agreeing to these terms; and/or − any other legitimate interests as detailed below. By submitting the form and voluntarily providing us with your data, you are providing consent to the use of such data by us. For the purpose of revocation of consent there is a corresponding unsubscribe link found in each subscription email. Please review the consent section above in this Privacy Policy for how we deal with consent. Where we use your data for direct marketing, we will ensure that it is in compliance with relevant laws. Where you are a customer of ours, we may be required to send you emails for legitimate reasons including but not limited to billing, reminders and account verification. We retain information on your behalf, such as domain names, URLs, time zone preferences, Service invoices, transactional history, messages and any other information that you store using your Account. We may also collect Personal Information at other points on our Services that state that Personal Information is being collected. In some circumstances, Personal Information is provided to us by third parties such as our related entities, service providers or other organisations conducting activities on your behalf. With your expressed consent, your Personal Information may be used and disclosed to us this way. The purposes as outlined above may include the processing of such Personal Information to the extent necessary for us to comply with a law, regulation or legal request or to protect the safety of any person or to prevent fraud. In certain jurisdictions, we may ask for a government issued ID in limited circumstances including when making an international booking, managing reservations, or as required by law. 3.2 Information we collect as you use our services (a) Meta Data including Location Data Some of our Services (including the App) may allow you to add or may have metadata added to your content including hashtags (to mark keywords), geotags (to mark your location), comments or other data. This helps our Services and your content to be more searchable. We use location data to help target and tailor the Services to your particular location and jurisdiction. With your consent we may also collect information about your precise location using methods including GPS, wireless networks, cell towers, Wi-Fi access points and other sensors. (b) Log Data To make our Services more useful to you, our servers (which may be hosted by a third-party service provider) gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data. We use this information to understand and analyse trends, to administer the Services, to learn about user behaviour regarding the Services, to improve our product and services, and to gather demographic information about our user base as a whole. Monarc may use this information in our marketing and advertising services. In some of our email messages, we use a “click-through URL” linked to content on our Services. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on our website. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages. (c) Analytics We use third party analytics tools to collect information anonymously and report website trends without identifying individual visitors. These tools collect information sent by your device or our Services, including the web pages you visit, add-ons, and other information that assists us in improving the Services.

3.3 Information we collect from others (a) Data and content other people upload We may also collect information and communications that other people provide when they use our Services. This can include information about you such as when others send messages, documents and information to you. We may also collect your information if you are invited to participate in our Services this may include information such as your name, mailing address, phone number, email address, contact preferences and is used for the purpose of enabling us to provide our Services to you. We will only collect information about you directly from you, except where it is unreasonable or impracticable to do so.

4. How we use your Personal Information

4.1 Use of personal information We will only use or disclose your personal information for the purposes for which we advised you we were collecting it for as noted in this Privacy Policy and including to: − maintain your account and contact details; − remember information so you don’t have to re-enter it during your visit or the next time you visit the Service; − provide personalised content and information to you and others; − send marketing communication to you; − conduct our business, generate content and provide customer support and payment options (including updates and improvements); − administer contracts including to negotiate, execute and/or manage a contract with you; − communicate with you; − provide you with access to protected areas of the website or other Services; − conduct surveys to determine use and satisfaction; − detect, investigate and prevent potentially unlawful acts or omissions or acts or omissions with the potential to breach our Terms and Conditions, this Privacy Policy or any other policy; − enforce our Terms and Conditions, this Privacy Policy or any other policy; − verify information for accuracy or completeness; − comply with our legal obligations; − monitor metrics; − combine or aggregate your personal information with information we collect from third parties and use it for the purposes set out in this Privacy Policy; − protect a person’s rights, property or safety; − process transactions to which you are a party; − resolve disputes and to identify, test and resolve problems; − improve our Services; and − any other purpose made known in this Privacy Policy or other policy. We agree to not use or disclose this information for a secondary purpose unless you consent to us doing so, or another exception applies under applicable laws. For the purposes of the law, some information we hold about you may be considered ‘sensitive’ and therefore subject to greater protection. In the event that we hold sensitive information about you, we will only disclose or use that information with your consent or if another exception applies under applicable laws. We will also use or disclose your personal information or sensitive information if we are required to do so by law or a court / tribunal order, or if we reasonably believe that the use or disclosure of the information is reasonably necessary for an enforcement related activity or on behalf of an enforcement body, in which case we will make a written note of the use or disclosure or another exception applies under relevant laws.

4.2 Creation of anonymous data We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. We may collect information regarding customer activities on our Services including the website. This information is aggregated and used to help us provide more useful information to our customers and to understand which parts of our website, products, and Services are of most interest. Aggregated data is considered non-personal information for the purposes of this Privacy Policy.

5. Disclosure of your Personal Information 

We may disclose your Personal Information to third parties for the purposes contained in this Privacy Policy, including without limitation to: (a) Service Providers We may share your Personal Information with services providers to: − provide you with the Services that we offer you including the website; − to conduct quality assurance testing; − to facilitate creation of accounts; − to provide technical support; − and/or to provide other services to Monarc. The service providers (and if necessary, data processors) include: − information technology service providers such as web host providers and analytical providers; − mailing houses; − advertising partners; − market research organisations to enable them to measure the effectiveness of our advertising; and − specialist consultants. These third party service providers are required not to use your Personal Information other than to provide the services requested by Monarc. (b) Affiliates and Acquisitions We may share some or all of your Personal Information with our parent company, subsidiaries, joint ventures, or other companies under a common control (Affiliates), in which case we will require our Affiliates to honour this Privacy Policy. In the event we are involved in a merger, acquisition or sale of assets we may disclose Personal Information collected by us to such entities that we propose to merge with or be acquired by and will assume the rights and obligations regarding your Personal Information as described in this Privacy Policy. This includes the disclosure of information to our clients where we act as a data processor. (c) Third parties including those you choose to share your data with We may disclose your Personal Information to third parties to whom you expressly ask to us to send the Personal Information to or to third parties you choose to send your Personal Information to. We may also, with your consent or at your direction, disclose your personal information to your authorised representatives. (d) Other disclosures Regardless of any choices you make regarding your Personal Information (as described below), Monarc may disclose Personal Information if it believes in good faith that such disclosure is necessary: (i) in connection with any legal investigation; (ii) to comply with relevant laws, regulations, enforceable governmental requests or to respond to subpoenas or warrants served on Monarc; (iii) to protect or defend the rights or property of Monarc or users of the Services; (iv) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our Terms and Conditions; (v) to protect the safety of any person or to protect the safety or integrity of our platform including for security reasons; (vi) detect, prevent or otherwise address fraud, security or technical issues. We may share your Personal Information with such third parties subject to obligations consistent with this Privacy Policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use your Personal Information only on our behalf and pursuant to our instructions. We will take reasonable steps to ensure that anyone to whom we disclose your personal information respects the confidentiality of the information and abides by the GDPR or equivalent privacy laws. We will not share, sell, rent or disclose your personal information in ways different from what is disclosed in this Privacy Policy. Where we act as a data processor the client may also provide us with instructions with regards to disclosure.

6. If we can’t collect your data 

If you do not provide us with the personal information described above, some or all of the following may happen: − we may not be able to provide the requested products or services to you, either to the same standard or at all; − we may not be able to run the competitions and promotions in a way that benefits you; − we may not be able to provide you with information about products and services that you may want; or − we may be unable to tailor the content of our Services to your preferences and your experience of our Services may not be as enjoyable or useful.

7. Cookies Policy

7.1 What are cookies? A cookie is a small piece of text sent to your browser by a website that you visit. It helps the website to remember information about your visit, like your preferred language and other settings. That can make your next visit easier and the site more useful to you. Cookies play an important role. Without them, using the web would be a much more frustrating experience.

7.2 Use of cookies Monarc’s Services including websites, online services, interactive applications, email messages, and advertisements may use “cookies” and other technologies such as pixel tags and web beacons. These technologies help us better understand user behaviour, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as non-personal information. However, to the extent that Internet Protocol addresses or similar identifiers are considered personal information by local law, we also treat these identifiers as personal information. Similarly, to the extent that non-personal information is combined with personal information, we treat the combined information as personal information for the purposes of this Privacy Policy. Monarc and our partners also use cookies and other technologies to remember personal information when you use our Services. Our goal in these cases is to make your experience with Monarc more convenient and personal. For example, knowing your first name lets us welcome you the next time you visit the Monarc platform. Knowing someone using your computer or device has shopped for a certain product or used a particular service helps us make our advertising and email communications more relevant to your interests. And knowing your contact information, hardware identifiers, and information about your computer or device helps us personalize your operating system and provide you with better customer service. Pixel tags enable us to send email messages in a format customers can read, and they tell us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.

7.3 How to manage cookies Some people prefer not to allow cookies, which is why most browsers give you the ability to manage cookies to suit you. If you want to disable cookies and you’re using the Safari web browser, go to Safari preferences and then to the privacy pane to manage your preferences. For other browsers, check with your provider to find out how to disable cookies. Please note that certain features of the Monarc Services may not be available once cookies are disabled.

8. Third party websites 

When you click on a link to any other website or location, you will leave our website and go to another site and another entity may collect Personal Information or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites.

9. Managing your Personal Information 

Subject to the Privacy Act and the GDPR you may request to access the personal information we hold about you by contacting us. All requests for access will be processed within a reasonable time. (a) Accessing or rectifying your Personal Information We may, if required, provide you with tools and account settings to access, correct, delete, or modify the Personal Information you provided to us. You can find out more about how to do this by contacting us. In the event that you are unable to access your Account to access or rectify your Personal Information, you may submit a request to us to correct, delete or modify your Personal Information and download the data for you. (b) Deletion We keep data for as long as it is needed for our operations. If you deactivate and delete your Account, your data will no longer be visible on your Account. Please keep in mind that third parties may still retain copies of information you have made public through our Services. If you wish to have us delete your data, please contact us. (c) Object, restrict or withdraw consent If you have an Account on the Services, including the website, you will be able to view and manage your privacy settings. Alternatively, if you do not have an Account, you may manually submit a request to us if you object to any Personal Information being stored, or if you wish to restrict or withdraw any consent given for the collection of your Personal Information. You may withdraw your consent to the processing of all your Personal Information at any time. If you wish to exercise this right, you may do so by contacting us. You may withdraw your consent or manage your opt-ins by either viewing your account on the Services or clicking the unsubscribe link at the bottom of any marketing materials we send you. (d) Portability We may, if required and possible, provide you with the means to download the information you have shared through our services. Please contact us for further information on how this can be arranged. In certain instances, we may not be required or able to provide you with access to your personal information. If this occurs, we will give you reasons for our decision not to provide you with such access to your personal information in accordance with the Privacy Act and the GDPR. There is no application fee for making a request to access your personal information. However, we may charge an administrative fee for the provision of information in certain circumstances such as if you make repeated requests for information or where the information is held by a third-party provider. Where we act as a data processor, we do so on behalf of our client and in accordance with their instructions. This means that should you wish to access, review, correct, transfer, modify or delete any Personal Information we process on behalf of a client you should contact the client with your request.

10. Direct marketing materials 

We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.

11. Storage and Security of Your Personal Information 

Monarc stores Personal Information in Amazon Web Services. Monarc takes the security of your personal information very seriously. We will take all steps reasonable under the circumstances to protect your personal information from misuse, interference, loss; and unauthorised access, modification or disclosure. We will process Personal Information securely and apply and maintain appropriate technical and organisational measure to protect Personal Information. The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.

12. International Transfer and Disclosure of Personal Information 

Where we are required to use suppliers outside of Australia, we ensure that all our suppliers are required to adhere to the Australian Privacy Principles. Where we transfer Personal Information from within to outside of the European Union or EFTA States, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws. We may disclose personal information to our related bodies corporate and third-party suppliers and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information. We may disclose your personal information to entities located outside of Australia, including the following: − our related bodies corporate; − our data hosting and other IT service providers, located in various countries; and − other third parties located in various foreign countries. We may disclose your personal information to entities within Australia who may store or process your data overseas.

13. Notifiable Data Breaches 

We take data breaches very seriously. We will endeavour to meet the 72-hour deadline as imposed by the GDPR, to report any data breach to the supervisory authority where a data breach occurs that will likely be a risk to you. Further, where there is likely to be a high risk to your rights, we will endeavour to contact you without undue delay. We will review every incident and take action to prevent future breaches.

14. Automated individual decision-making, including profiling 

If you reside in the European Union or EFTA States, you shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision is not necessary for entering into, or the performance of, a contract between us, or is not authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is not based on your explicit consent. If you wish to exercise your rights, please contact us.

15. Integrity and Retention of Data 

We take all reasonable steps to ensure that the personal information we collect about you is accurate, up to date and complete. Where we collect that information from you directly, we rely on you to supply accurate information. Monarc makes it easy for you to keep your personal information accurate, complete, and up to date. Where we use or disclose your personal information, we will also ensure that your personal information is relevant. We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. We may retain your information for fraud prevention or similar purposes.

Travech’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy , including the Limited Use requirements.

16. Contact Information 

Monarc welcomes your comments or questions regarding this Privacy Policy. If you have a question regarding this Privacy Policy or you would like to make a complaint, please contact us by email by using our contact details on the Services or below. If you reside in the European Union of EFTA States, the data controller that is responsible for your Personal Information is: Monarc Pty Ltd ACN 618 668 634 Level 2, 310 Edward St, Brisbane, 4000 QLD, Australia If you wish to raise a concern about our use of your information you have the right to do so with your local supervisory authority.

17. Changes to this Privacy Policy 

This Privacy Policy is subject to occasional revision and Monarc reserves the right, at its sole discretion, to modify or replace any part of this Agreement. It is your responsibility to check this Agreement periodically for changes. Continued use of our Services including the website shall indicate your acknowledgement of that it is your responsibility to review the Privacy Policy periodically and become aware of any modifications. We may amend this policy from time to time. Not all changes to our privacy policy will require your consent, for example where office security procedures are changed. We will notify you of any change to our information handling policy that requires your consent before being implemented.