SANJI ELECTRONICS (PTY) LTD JOURNEY ORGANIZER (JO) PRIVACY POLICY In this policy the following words and expressions shall, in addition to their respective ordinary meanings, bear the following meanings assigned to each of them respectively: “the Act” means the Protection of Personal Information Act, 2013; “the Company” means SANJI ELECTRONICS (PTY) LTD, registration number 1991/002911/07; “JO” means the Journey Organizer device, being a portable GPS logging device that connects via Bluetooth to a mobile phone or a tablet and which logs user trips in a vehicle; “Device” any device used to receive data from a JO or to access the Service, including without limitation a desktop, laptop, mobile phone, tablet, or other consumer electronic device; “the Service” means the service provided by the Journey Organizer, being the logging of a user’s trip data from one or more vehicles that the Journey Organizer device is installed in. “App Permissions” are the permissions that users are required to accept in order to install the Journey Organizer App “the Website” means www.journeyorganizer.co.za and/or www.journeyorganizer.com. This Privacy Policy provides the Company’s policies and procedures of for collecting, using, processing and disclosing your information. Users can access the Service through an application that is downloadable from the Android and the iOS store, and on certain plans, the Service is also accessible on the Website. This Privacy Policy governs the access of the Service, regardless of how it is accessed, and by using the Services you consent to the collection, transfer, processing, storage, disclosure and other uses described in this Privacy Policy on these terms and conditions. All of the different forms of data, content, and information described below are collectively referred to as “information.” 1. Prominent Disclosure - The Information We Collect and Store Journey Organizer collects location data even when the app is closed or not in use while you are driving. This enables the generation of your trips and mileage travelled so that you can generate travel and tax logbook reports. We may collect and store the following information when running the Service: information pertaining to your registration, including your name, phone number, identity number, work and residential address, location information and mileage travelled, vehicle identification and particulars of your next of kin; information pertaining to your payment method; particulars relating to the movement of the JO device that may at any time be linked to your Device, including location information, business/private/uncategorized trips, mileage travelled, text reports, geofences set by you in the course of using the Service. Location / Background The Android JO app requires location services to operate in the background in order to communicate with the JO unit via Bluetooth Low Energy. The JO app does not read or use any location information from the phone at any time. Files We collect and store the files that you create, upload, download, or access with the Service (“Files”). If you add or create a file in the course of using the Service, that has been previously uploaded by you or another user, we may associate all or a portion of the previous file with your account rather than storing a duplicate. Log Data When you use the Service, we automatically record information from the JO, your Device, its software and your activity using the Services. This may include location information (generally reflected as an image of a trip in a vehicle), a Device’s Internet Protocol (“IP”) address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your files, and other interactions with the Service. Cookies We may also use “cookies” to collect information and improve our Services. A cookie is a small data file that we transfer to your Device. We may use “persistent cookies” to save your registration ID and login password for future logins to the Service. We may use “session ID cookies” to enable certain features of the Service, to better understand how you interact with the Service and to monitor aggregate usage and web traffic routing on the Service. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all aspects of the Service. 2. How We Use Personal Information Personal Information In the course of using the Service, we may collect personal information that can be used to contact or identify you (“Personal Information”). Personal Information is or may be used: (i) to provide and improve our Service, (ii) to administer your use of the Service, (iii) to better understand your needs and interests, (iv) to personalize and improve your experience, and (v) to provide or offer software updates and product announcements. We undertake not to use Personal Information for any purposes other than those listed above, and we will not disseminate (or sell) Personal Information to any third party. Users have the ability to manage the visibility of data and to restrict trip reports that are visible to only certain categories of trips (i.e. only business trips). Users are solely responsible for these settings and, in the event that a User does not restrict the visibility of trips, the Company is not liable for any resulting disclosure, dissemination or visibility of such data, including the disclosure of such information by a user of the JO Corporate Product. Customers that have signed up for the JO Corporate Product warrant that they have obtained all necessary consents from Users that are linked to their corporate account in order for the data emanating from a User’s Device to be shared with the Company. Analytics We also collect some information (ourselves or using third party services) using logging and cookies, such as IP address, which can sometimes be correlated with Personal Information. We use this information for the above purposes and to monitor and analyze use of the Service, for the Service’s technical administration, to increase our Service’s functionality and user- friendliness, and to verify users have the authorization needed for the Service to process their requests. 3. App Permissions The following permissions must be accepted by the user when installing the Journey Organizer (JO) App. If these permissions are not accepted then the Journey Organizer (JO) App will not be installed on the device. ACTIVITY_RECOGNITION Activity Recognition API automatically detects activities by periodically reading short bursts of sensor data and processing them using machine learning. The JO app uses the IN_VEHICLE flag to confirm that the user is in the vehicle to start the BLE (Bluetooth Low Energy) scan to sync the trips from the JO device. BLUETOOTH_SCAN and BLUETOOTH_CONNECT The JO app uses BLE (Bluetooth Low Energy) to connect to the JO device to sync the trips. The app requires Bluetooth and Bluetooth Connect functionality in order to function. POST_NOTIFICATIONS Sometimes the app requires to send important user notifications such as ‘no recent trips’ or ‘server login problems’ or ‘uncategorized stops’ etc WhiteListingOfBatteryOptimization Battery Optimization can switch off background services and the JO app needs to be excluded from the list of apps that can be optimized as its background service needs to run at all times for sync purposes. 4. Information Sharing and Disclosure Your Use We will display certain of your Personal Information on the Service, in particular when you are linked to a case that has other users. You can review and revise your information at any time. We do not sell your personal information to third parties. Service Providers, Business Partners and Others We may use certain trusted third party companies and individuals to help us provide, analyze, and improve the Service (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Service’s features). These third parties may have access to your information only for purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy. Compliance with Laws and Law Enforcement Requests; Protection of the Company’s Rights We may disclose to third parties files stored in your account and information about you that we collect when we have a good faith belief that disclosure is reasonably necessary in order to: in order to comply with a law, including the Act; in order protect the safety of any person from death or serious bodily injury; prevent fraud or abuse; or to protect the Company’s property rights. files that you have in common with other users. 5. Non-private or Non-Personal Information We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Service. 6. Changing or Deleting Your Information If you are a registered user, you may review, update, correct or delete the Personal Information provided in your registration or account profile by changing your “account settings.” If your personally identifiable information changes, or if you no longer desire our service, you may update or delete it by filling out the REQUEST DELETE USER DATA FORM - Link provided in the app menu or you can visit the page on our website - https://www.journeyorganizer.co.za/jo_android_privacy _policy_v1_0.htm. In some cases we may retain copies of your information if required by law. For questions about your Personal Information on our Service, please contact sales@sanji.co.za. 7. Data Retention We will retain your information for as long as your account is active. If you wish to cancel your account or request that we no longer use your information to provide you services, you may request that your account is deleted as covered in Point 6. We may retain and use your information and documents contained in your account as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Consistent with these requirements, we will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up versions might exist after deletion. In addition, we do not delete from our servers files that you have in common with other users. 8. Security The security of your information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, contact us at sales@sanji.co.za. 9. Contacting Us If you have any questions about this Privacy Policy, please contact us at: sales@sanji.co.za Kyalami Business Park, Kyalami, Gauteng, South Africa, P.O.Box 3909 Halfway House 1685. 10. Changes to our Privacy Policy This Privacy Policy may change from time to time. If we make a change to this privacy policy that we believe materially reduces your rights, we will provide you with notice (for example, by email). And we may provide notice of changes in other circumstances as well. By continuing to use the Service after those changes become effective, you agree to be bound by the revised Privacy Policy.