Donax Ltd Privacy Policy

Welcome to the Donax Privacy Policy. Donax (“Donax”, “we”, “us”, or “our”) provides the website (the “Site”) as a service (the “Services”) to its customers. Please read this Privacy Policy, as well
as our Terms and our Ethical Guidelines as they govern how you use the Site. By using the Site, you confirm that you accept this Privacy Policy, our Terms and our Ethical Guidelines, and
that you agree to comply with them. In fact, it might be a good idea to print a copy of these documents. If you do not agree to this Privacy Policy, as well as our Terms and our Ethical Guidelines, you must not use the Site. If you do decide to stop using the Site because of something in any of these documents, please tell us in case it is something we can work on. We really want the Site to work for people who want to use it.

The first thing to say is thank you for visiting Donax. We think it’s important to keep our users informed about how we use the information we gather from you through the use of our Site. Our
commitment to you is to empower you with a means for finding more or sharing more information about products for sale on the Internet or in the real world. As part of this commitment to you, we have created this Privacy Policy to inform you about how we collect, use and share your personal information. In addition, we explain the steps we take to secure your personal information.

What Information Does Donax Collect and Use?

We collect information in order to provide our valued visitors with an easy, empowering, and curated online experience. In order to do this well, our Site collects the following types of information:

  • Cookies
  • Non Personally Identifiable Information
  • Personally Identifiable Information You Provide Us.

We have provided more information on each type of information below:

Cookies

Cookies are small text files that can be used by websites to make a user’s experience more efficient.

We use cookies and similar technologies on our site in order to improve your experience.

Cookies let our systems find information about your browser as well as monitor the navigational patterns while you are browsing the site. Site users have the option to accept or disable cookies
through their browsers, as well as being notified when a cookie should be activated.

This site uses different types of cookies. Some cookies are session cookies and are deleted when you close your browser; others are persistent and last until you delete them or until they expire. Some cookies come directly from us and others are placed by third party services that appear on our pages. To find out more, visit All About Cookies.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.

This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.

Your consent applies to the following domains: www.donax.io

Some cookies are associated with your account and personal information in order to remember that you are logged in. Other cookies are not tied to your account but are unique and allow us to
carry out analytics and customization, among other similar things.

Cookies can be used to recognize you when you visit the site, remember your preferences, and give you a personalized experience that’s consistent with your settings. Cookies also make your
interactions faster and more secure.

  • Necessary: Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Preferences: Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Statistics: Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Marketing: Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

In addition, our site may utilize “web beacons, “pixel tags” or other tracking technologies to study the actions of our users through non-personally identifiable information. Web beacons or
pixel tags and similar technologies are small bits of code, which are embedded in web pages, ads, and e-mail, that communicate with third parties.This data is aggregated and monitored to
help us improve our services and the overall experience of the site. We may use web beacons, for example, to count the number of users who have visited a particular web page, to deliver or
communicate with cookies, and to understand usage patterns. We also may include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.

How to manage and reject Google Analytics site tracking:

You can opt out of all Google Analytics site tracking, including any other sites that use Google Analytics via this link . You can learn more about Google Analytics and how your data is
safeguarded via this link .

Non Personally Identifiable Information

This is information that does not identify a specific individual by itself or in combination with other information. We may gather certain demographic information about you such as age, date
of birth, gender, as well as consumer purchasing and preference information based upon how you shop on and navigate the Site.

This information may be compiled and analysed on both a personal and an aggregated basis.

This information may include the Site’s Uniform Resource Locator (“URL”) that you just came from, which URL you next go to, what browser you are using, and your anonymised Internet
Protocol (“IP”) address.

We may use Non Personally Identifiable Information to analyse request usage patterns, and other customer behaviour so that we may enhance our Site, products and services, and for our
marketing purposes. We reserve the right to use and disclose Non Personally Identifiable Information to any third party in our discretion.

Personally Identifiable Information you provide us:

This is information that tells us who you are and lets us identify, contact or locate you. We will ask for your Personally Identifiable Information when you register with us, order a product or
service, participate in our surveys, correspond with us or otherwise volunteer information.

Personally Identifiable Information might include your name, telephone number, email address and credit card number.

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, sign-up for or make purchases through the Site. For
example, you provide your contact information and, in some cases, billing information when you register for the Site. You also have the option of adding a profile photo, bio, and other details to
your profile information to be displayed on our Site.

Content you provide through our websites: The services also include our websites. We collect other content that you submit to these websites, which include social media or social
networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions,
sweepstakes, activities or events.

Information you provide through our support channel: The services also include customer support, where you may choose to submit information regarding a problem you are experiencing
with a Service. You will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be
helpful in resolving the issue.

Payment Information: We collect certain payment and billing information when you register for certain paid Services. For example, we ask the account holder’s name and contact information,
upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.

Personally Identifiable Information we collect from other sources:

From time to time we also obtain personal data from other sources as follows:

We receive information about you from other Service users, from third party services and from our business partners.

Other users of the Services: Other users of our Services may provide information about you when they submit content through the Services. For example, a user that does business with
you may provide your contact information for the purpose of inviting you to create an account.

Other services you link to your account: We receive information about you when you link a third-party service with our Services, for example, when you add social media profile links to
your profile or email signature. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our
Services.

How we use your information

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for
which we use the information we collect about you.

To provide the Services and personalize your experience: We use information about you to provide the Services to you, including to process transactions with you, authenticate you when
you log in, provide customer support, and operate and maintain the Services. Where you use Donax services, we may combine information about you and your activities to provide an
integrated experience.

To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your
purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security
alerts, and administrative messages. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.

To market, promote, and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can control whether you receive these communications as described below under “Opt-out of communications.”

Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance and to repair and improve the Services.

For safety and security: We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service
policies.

To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured
customer stories to promote the Services, with your permission.

Legal bases for processing (for EEA users): If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal
bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

  • We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
  • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
  • You give us consent to do so for a specific purpose; or
  • We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already
taken place. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer
using the Services.

How we share information we collect

We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

  • Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us, including abiding by policies and procedures designed to protect your information.
  • Donax Partners: We work with third parties who provide consulting, sales, support and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections.
  • Links to Third-Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
  • Third-Party Widgets: Some of our Services contain widgets and social media features, such as the Twitter “tweet” button. These widgets and features collect your IP address, which page you are visiting on the Services, and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it.
  • With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.
  • Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) enforce our agreements, policies and terms of service, (b) protect the security or integrity of our products and services, (c) protect Donax, our customers or the public from harm or illegal activities.

How we store and secure information we collect

Security

We take appropriate measures to ensure that all personal data is kept secure including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way, for the duration of your use of our Services. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information
will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data
transmitted to the Website, therefore any transmission remains at your own risk. Once we have received your information, we will use strict procedures and security features in order to prevent
unauthorised access.

Keeping your personal data up to date

If your personal details change you may update them by accessing the relevant page of the Website, or by contacting Us using the Contact Us form.

We will endeavour to update your personal data within thirty (30) days of any new or updated personal data being provided to Us, in order to ensure that the personal data We hold about you
is as accurate and up to date as possible.

Where we store your personal data

The data that We collect from you and process as a result of your use of the Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may
also be processed by staff operating outside the EEA who work for Us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders, the
processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.

In particular, your data may be stored by Donax’s hosting service provider on servers in the USA as well as in the EU. The USA does not have the same data protection laws as the EEA. A
Data Processor Agreement has been signed between Donax and each of its data processors.

These Data Processor Agreements that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.

If you would like further information please Contact Us. We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies)
governed by public international law or which is set up under any agreement between two or more countries.

How long we keep your personal data

We will hold all the data for so long as we have an obligation to you to provide the Services, and thereafter until such time as we delete your account in accordance with our Terms.

Your personal information will be deleted on one of the following occurrences:

  • deletion of your personal information by you (or by another person engaged by the Service Customer); or
  • receipt of a written request by you (or another person engaged by the Service Customer) to us.

How to access and control your information

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • access to your personal data and to certain other supplementary information that this Policy is already designed to address
  • require Us to correct any mistakes in your information which We hold
  • require the erasure of personal data concerning you in certain situations
  • receive the personal data concerning you which you have provided to Us, in a
  • structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • object at any time to processing of personal data concerning you for direct marketing
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • object in certain other situations to our continued processing of your personal data
  • otherwise restrict our processing of your personal data in certain circumstances
  • claim compensation for damages caused by our breach of any data protection laws.

If you would like to exercise any of those rights, please:

  • contact us using the Contact Us form
  • let Us have enough information to identify you,
  • let Us have proof of your identity and address. Where you are a user of our Services you should email us from the email address that you used to register with Donax. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases we may request one or more identification documents, such as a copy of your driving licence or credit card bill; and
  • let Us know the information to which your request relates.

You can exercise some of the rights by logging into the Services and using settings available within the Services or your account.

Access and update your information: Our Services give you the ability to access and update certain information about you from within the Service. For example, you can update your profile
information within your profile settings and modify content that contains information about you using the editing tools associated with that content.

Deactivate account: To deactivate your account, simply contact us via the in-app chat tool within the Service and we will process this for you.

Delete your information: Our Services give you the ability to delete certain information about you from within the Service. For example, you can remove certain profile information within your
profile settings. Please note, however, you cannot delete your email without deactivating your account. Also we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

Opt out of communications: If you already receive emails from our mailing list and no longer wish to do so, just follow the “unsubscribe” instructions that appear in every email, or modify
your settings when you’re logged in under the “my account” tab on the Site. Once your request has been processed, we will no longer send you any promotional emails but we will continue to
send you operational emails, concerning, for example, a recent order or an important communication that we need to make to our users. If you miss receiving information about our products, services and offers, you can re-subscribe to our mailing list for promotional emails at any time.

Links to external sites are not covered by this Privacy Policy:

This Privacy Policy does not apply to websites which are owned and operated by someone else that are accessible through our Site. Other websites have their own privacy policies and data
collection, use and disclosure practices which we are not responsible for. You should read their policies carefully. Like with our Privacy Policy, it might be a good idea to print a copy of it so you
can refer to it in the future.

Children and privacy:

Donax does not direct or market any of our content specifically to children. Users of our Site are required to be at least 18 years old, and any user under 18 is not an authorised user. If we learn
that we have inadvertently gathered Personally Identifiable Information from children under 13, we shall erase such information from our records and terminate the applicable account(s) promptly.

Contact us:

To contact us, please submit our Contact Form.

We may amend this Privacy Policy from time to time to reflect changes made to our internal policies or legal or regulatory requirements.