Privacy Policy

PRIVACY

POLICY

Effective date: 1 July, 2023

We, at Ankor Software Pty Ltd (“Ankor”, “we”, “us”, “our”) operate and provide software applications (the “Applications”) and content (the “Content”) for the yachting industry, in conjunction with our website https://ankor.io (the “Website”). The Applications, Content and Website together are referred to as the “Digital Media”. Our Applications allow you to input, upload, or store text, images, and other data you choose, which we refer to as “User Content”.

We believe it is important to protect the privacy of personal information and for you to know what type of information we collect and how we treat information we may receive from you. In this Privacy Policy, we detail what we do with your personal information. We also set out how we collect personal information about you when you use our services or communicate with us, including when you download or interact with our Digital Media, or where your personal information has been provided to us via third party users of the Digital Media.

Where we process your data as a data processor on behalf of third party agents, information about the handling of your personal information will be set out in their privacy policies.

This Privacy Policy should be read in conjunction with the Applications Terms of Use.

How we collect your personal information

We may collect and store the following types of personal information about you in the following ways:

- When you use our Digital Media;
- When you communicate with us (for example, by e-mail or phone);
- When you use our social media functions (for example, Instagram, LinkedIn, etc);
- Through automatic collection through cookies, server logs, analytics tools and other similar technologies; or
- Where third parties provide your data to us (for example, by agents acting on your behalf).

The types of information we collect

We may process the following types of information about you:

- "Contact Information" means your first and last name, your billing address, your phone number and your email address.
- "Basic Subscriber Information" means your username/email, password, image and other registration information used on our Digital Media.
- “Communication Information" means information in connection with communications you send us, for example, to report a problem or submit queries and might include voice recordings of telephone calls.
- "Data and Usage Information" means data about how you use our Digital Media, including details of the functions and services you use on our Digital Media, your visits to our Applications and Website, traffic data, location data and weblogs."Technical Information" means information about the type of internet browser and operating system you use, your device's IMEI number, the MAC address of the device's wireless network interface, mobile network information and the time zone setting.
- "Cookie and Tracker Information" means information we collect through cookies and similar technologies, which may include Data and Usage Information and Technical Information.

Our reasons for processing your personal information

We shall only process your personal information where we have a legitimate or legal basis for doing so. These include:
- "Contractual obligation" which means our processing of your personal information is necessary for performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts.
- "Legitimate interests" which means our processing is necessary for the purposes of legitimate interests pursued by us. Primarily our legitimate interests are to provide our services to you or our other customers. Other legitimate interests may include that we are conducting the processing to make sure: (i) the Digital Media is safe, efficient and customised; (ii) you receive updated information on Ankor's business activities; (iii) to provide the services you have requested; (iv) to ensure that the content on our Digital Media is presented in the most effective manner for you and your device; (v) to allow you to participate in any features on our Applications when you choose to do so; and (vi) for our own marketing and research.
- "Legal obligation" which means our processing is necessary for us to comply with the law or a court order.
- "Consent" which means you have provided your explicit consent to our processing and, in the context of this Privacy Policy, shall only relate personal data we collect and process through cookies and similar tracking technologies. For more information on cookies, please refer to our Cookie Notice.

Our purposes for processing your personal information

We have specific rules for how and when we use the information we collect. We are committed to protecting the privacy of your information. We use the information we collect to:

Sharing your personal information

Except as expressly set out in this Privacy Policy or our Terms of Use, we do not share, sell, or lease your personal information to any third parties. We also will never share your personal information with any third parties for the purposes of direct marketing.

We may disclose your personal information to provide our services, respond to legal requirements, enforce our policies and protect our rights and property. The personal information you provide to us may also be shared with affiliated companies if this is necessary to provide you with our services, respond to your inquiries or for any other related purposes.

We may also share your personal information with:

- Our affiliates.
- Other companies we have instructed to provide services for us, including payment collection or service providers and other third parties for those purposes that may be reasonably ascertained from the circumstances in which the information was submitted. We will only provide those companies the information they need to deliver the service and they are prohibited from using that information for any other purpose;
- Law enforcement agencies, other governmental agencies or third parties if we are required by law to do so, or in other limited circumstances. For example, we may share your personal information if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud or cyber-crime or to protect our Digital Media, our technology assets or the rights, property or personal safety of any person.
- Other business entities should we plan to merge with or be acquired by that business entity, or if we undergo a re-organisation with that entity.

Information for Data Subjects in the EEA or UK

If you are a data subject based in the European Economic Area ("EEA") or the United Kingdom ("UK"), we may transfer your personal information outside of the EEA or UK to a jurisdiction that does not provide protection of personal information that is essentially equivalent to that which is provided under the applicable law of EEA or UK.

We will only do so, however, for the purposes which we have described in this Privacy Policy. In particular, your personal information may be transferred to, may be processed by staff operating in Australia who work for us, or for one of our service providers. When we, or our permitted third parties, transfer your information outside the EEA or UK (either to Australia or elsewhere), we or they will impose contractual obligations on the recipients of that data to protect your information to the standard required in the UK or EEA. We or they may also require the recipient to subscribe to international frameworks intended to enable secure data sharing. In the case of transfers by us, we will only transfer your information outside of the EEA or UK where: (i) the transfer is to a country deemed by the UK government or European Commission to provide adequate protection of your information; (ii) where you have consented to the transfer; or (iii) where such transfer is otherwise permissible under Data Protection Legislation (for example where we are required to provide such information by law or where relevant contractual arrangements have been entered into between the parties (as described above)).

Your rights

You have a number of rights concerning the way that we use your information. At any time, you have the right to:

- be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences).
- request access to or a copy of any personal data we hold about you.
- request the rectification of your personal data, if you consider that it is inaccurate.
- request the erasure of your personal data, if you consider that we do not have the right to hold it.
- object to your personal data being processed for a particular purpose or to request that we stop using your information.
- request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.
- ask us to transfer a copy of your personal data to you or to another service provider or third party where technically feasible.
- ask us to stop or start sending you marketing messages at any time by using the below contact details (see "Opt Out" below).

Security and storage of your information

When you use our Digital Media, some or all of your data may be stored locally on that device as well as on secure servers in multiple locations, owned by or operated for us by third-party providers. We will collect, store, and use your personal information in accordance with this Privacy Policy and applicable laws, wherever it is processed.

We maintain physical, electronic, and administrative safeguards to protect your personal information from unauthorised or inappropriate access, however the transmission of information via the internet is not completely secure and we cannot guarantee the security of your personal information transmitted to us or provided though our Digital Media. If we collect personal information about you through the use of our Digital Media we will only retain that information for as long as is reasonably necessary to fulfil the activity requested, or as may be required by law.

Where we use third party providers to enable us to provide our Digital Media, our policy is to strictly work with providers that are GDPR compliant and encrypt data in transit and at rest. To find out more about the third party providers we work with, please email us at info@ankor.io

‍Who can access your User Content

Your User Content is private unless you decide you want to share it. You may choose to share it externally or through any of the Applications features that allow you to share your User Content. These features are all optional. Any User Content that you share externally using the aforementioned features can be read, collected, stored and used by anyone. Ankor is not responsible for any publication or use of any User Content that you choose to share externally. The Applications may also enable you to use a variety of third-party services that interact with the Applications, and you should review the access rights you provide to those services, as you may enable them to access or extract your User Content through your agreements with those parties.

You have control over who sees your User Content, including Ankor’s employees. We limit the use of your User Content to make sure that no one at Ankor can view it unless you expressly give us permission, if you intentionally share it with us, or it’s necessary to comply with our legal obligations.

Specifically:·

- To help refine or improve the Digital Media, we may ask you for permission to review portions of your User Content. For example, we may give you an opportunity to provide us feedback on a new feature that relates to your User Content, so we can make sure this feature works effectively. Such access to your User Content is completely voluntary and done only with your express permission, and is subject to strict confidentiality rules and data access controls.·
- If you contact our Customer Success team for help with specific pieces of User Content in your account (for example, if you can’t find an Itinerary you believe should be in your account), we may ask for your temporary permission to look at your User Content. This permission terminates when the issue is resolved.·
- If we become aware of a potential violation of our Terms of Service or User Guidelines, we may suspend or close your account until the problematic material is removed. Under such a circumstance, we would only look at the User Content in your account if you give us consent or if necessary to comply with our legal obligations, including to protect the safety of you or any other person.

This policy is not intended to apply to our use of aggregated, de-identified, or anonymised data.

In the event of a merger, sale, or reorganisation of all or part of our business, information covered by this policy may be transferred in connection with that deal.

How can I manage my information stored by Ankor?

You can manage your information simply by logging into your account and editing it directly within the Applications. Alternatively, you can contact us at support@ankor.io to ask us to provide access to, correct, update, or delete your personal information.

How long we keep your informationIf we collect personal information about you through the use of our Digital Media we will only retain that information for as long as is reasonably necessary to fulfil the purpose for which the information was collected by us, or as may be required by law. We may retain recordings of telephone calls for up to 6 years in order to help resolve any potential disputes and improve the quality of our services.

We make the User Content you store in the Applications readily accessible to you, until you make the decision to delete it. If you delete your User Content and then sync, it will no longer be accessible to you. The Applications back-up systems may retain residual copies of your deleted User Content for up to one (1) year due to the nature of those systems’ operations.

For users who are inactive for extended periods of time, we may close your account to satisfy our obligations under applicable law, and in accordance with our data retention policy. If that happens, we will try to notify you before taking any action.

What if I want to delete my information?

You can delete your account and your User Content at any time. The ways to do this are detailed in our Terms of Use.

Opt-Out

If you provide us with personal information, you will be given a choice at the time to "opt out" of certain uses we may intend (such as sending you email newsletters, updated information about us, our services and offers) by checking or un-checking (as directed) the relevant box.

You also have the option of "unsubscribing" from our mailing list for newsletters, alerts and updates at any time, thereby disabling any further such e-mail communication from being sent to you. To unsubscribe just send an e-mail to support@ankor.io with the word 'remove' in the subject line and the email address that you wish to be removed within the email. In addition, each electronic mailing we send you will contain details of how you can unsubscribe.

Please note that it may take up to 28 days to action your request.

Contacting Us

If you have any questions about this Privacy Policy or a query or complaint about our use of your information, please contact us at:

- Email: info@ankor.io
- Address: Level 17, One International Towers, Watermans Quay, NSW 2000

We will endeavour to respond to you within 5 business days of you contacting us with a complaint and attempt to resolve the complaint as quickly as possible. If you are unsatisfied with our response, you also have the right to make a complaint to:·

- the Information Commissioner's Office, which regulates and supervises the use of personal data in the UK, via their helpline on 0303 123 1113; or ·
‍
- the Office of the Australian Information (OAIC), who is the regulator responsible for the Australian Privacy Principles which govern the use of the personal information in Australia, in writing via the OAIC’s secure online form, by email to enquiries@oaic.gov.au or by post to GPO Box 5218, Sydney NSW 2001.

Changes to this Policy

Although significant changes are rare, this Privacy Policy may be amended as new features, technology, or legal requirements arise, so please check back on our website (https://ankor.io) from time to time. We’ll notify you if we make a significant change and, where required, seek your consent. Amended terms will automatically take effect immediately on posting, or on a specified “Effective Date”, and if you do not accept the changes made to this Privacy Policy you should immediately stop using our Digital Media.