OceanMingle Pty Ltd (ACN 689 562 909) (we, us or our), understands that protecting your personal information isimportant. This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, orcollected by us, when interacting with you.

This Privacy Policy takes into account the requirements of the Privacy Act 1988 (Cth). In addition to the Australian laws,individuals located in the European Union or European Economic Area (EU) may also have rights under the General DataProtection Regulation 2016/679 and individuals located in the United Kingdom (UK) may have rights under the GeneralData Protection Regulation (EU) 2016/679) (UK GDPR) and the Data Protection Act 2018 (DPA 2018) (together, the GDPR).Appendix 1 outlines the details of the additional rights of individuals located in the EU and UK as well as information onhow we process the personal information of individuals located in the EU and UK.

The information we collect

Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not,about an individual who is identified or reasonably identifiable.

The types of personal information we may collect about you include:

• Identity Data including your name, age, and where applicable, your date of birth and your identificationdocument.
• Contact Data including your telephone number, address and email.
• Financial Data including bank account and payment card details (through Google Play Store or App Store (inapp purchase options), who stores such information and we do not have access to that information).
• Transaction Data including details about payments to you from us and from you to us and other details ofproducts and services you have purchased from us or we have purchased from you.
• Technical and Usage Data when you access any of our websites, platforms or emails, details about yourinternet protocol (IP) address, login data, browser session and geo-location data, statistics on page views andsessions, device and network information, acquisition sources, search queries and/or browsing behaviour,access and use of our website (including through the use of Internet cookies or tracking pixels), andcommunications with our website.
• Profile Data including your username and password for OceanMingle, profile picture, content you post, sendreceive and share through our platform, and support requests you have made.
• Interaction Data including information you provide to us when you participate in any interactive features,including surveys, contests, promotions, activities or events.
• Marketing and Communications Data including your preferences in receiving marketing from us and our thirdparties and your communication preferences.
• Professional data including where you are a worker of ours or applying for a role with us, your professionalhistory such as your previous positions and professional experience, or whether you hold requiredauthorisations or licences.
• Sensitive information is a sub-set of personal information that is given a higher level of protection. Sensitiveinformation means information relating to your racial or ethnic origin, political opinions, religion, trade unionor other professional associations or memberships, philosophical beliefs, sexual orientation or practices,criminal records, health information or biometric information. The types of sensitive information we collectinclude:

1. where you apply for a role with us:
   - results of criminal records checks; and
   - your professional registrations and associations (where applicable); and
2. where you use OceanMingle app, your sexual orientation or practices.

How we collect personal information

We collect personal information in a variety of ways, including:

• when you provide it directly to us, including face-to-face, over the phone, over email, or online;
• when you complete a form, such as registering for any events or newsletters, or responding to surveys;
• when you use any website we operate (including from any analytics and cookie providers or marketingproviders. See the “Cookies” section below for more detail on the use of cookies); and
• from publicly available sources.

Why we collect, hold, use and disclose personal information

We have set out below, in a table format, a description of the purposes for which we plan to collect, hold, use and discloseyour personal information.

Our disclosures of personal information to third parties

Personal information: We will only disclose personal information (excluding sensitive information) to third parties where itis necessary as part of our business, where we have your consent, or where permitted by law. This means that we maydisclose personal information (excluding sensitive information) to:

• our employees, contractors and/or related entities;
• IT service providers, data storage, web-hosting and server providers;
• marketing or advertising providers;
• professional advisors, bankers, auditors, our insurers and insurance brokers;
• payment systems operators or processors;
• our existing or potential agents or business partners;
• sponsors or promoters of any promotions or competition we run;
• if we merge with, or are acquired by, another company, or sell all or a portion of our assets, your personalinformation may be disclosed to our advisers and any prospective purchaser’s advisers and may be among theassets transferred;
• courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have providedto you;
• courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, inconnection with any actual or prospective legal proceedings, or in order to establish, exercise or defend ourlegal rights;
• third parties to collect and process data, such as analytics providers and cookies; and
• any other third parties as required or permitted by law, such as where we receive a subpoena.

Sensitive information: We will only disclose sensitive information with your consent or where permitted by law. Thismeans that we may disclose sensitive information to:

• our employees, contractors and/or related entities;
• IT service providers, data storage, web-hosting and server providers;
• professional advisors;
• if we merge with, or are acquired by, another company, or sell all or a portion of our assets, your personalinformation may be disclosed to our advisers and any prospective purchaser’s advisers and may be among theassets transferred;
• courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, inconnection with any actual or prospective legal proceedings, or in order to establish, exercise or defend ourlegal rights;
• third parties to collect and process data, such as analytics providers and cookies; and
• any other third parties as required or permitted by law, such as where we receive a subpoena.

Overseas disclosure

We store your personal information in Australia. Where we disclose your personal information to third parties, those thirdparties may store, transfer or access personal information outside of Australia. We will only disclose your personalinformation overseas in accordance with the Australian Privacy Principles.

Your rights and controlling your personal information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we willcollect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to providepersonal information to us, however, if you do not, it may affect our ability to work with you as a customer or supplier ofour business.

Information from third parties: If we receive personal information about you from a third party, we will protect it as setout in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent andwarrant that you have such person’s consent to provide the personal information to us.

Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out ofcommunications (including marketing communications), please contact us using the details below or opt-out using the optout facilities provided in the communication.

Access: You may request access to the personal information that we hold about you. An administrative fee may be payablefor the provision of such information. Please note, in some situations, we may be legally permitted to withhold access toyour personal information. If we cannot provide access to your information, we will advise you as soon as reasonablypossible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If wecan provide access to your information in another form that still meets your needs, then we will take reasonable steps togive you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant ormisleading, please contact us using the details below. We will take reasonable steps to promptly correct any informationfound to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may belegally permitted to not correct your personal information. If we cannot correct your information, we will advise you assoon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complainabout the refusal.

Complaints: If you wish to make a complaint, please contact us using the details below and provide us with full details ofthe complaint. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of ourinvestigation and the steps we will take in response to your complaint. If you are not satisfied with our response, you maycontact the Office of the Australian Information Commissioner.

Storage and security

We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised accessor disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and securepersonal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

While we are committed to security, we cannot guarantee the security of any information that is transmitted to or by usover the Internet. The transmission and exchange of information is carried out at your own risk.

User-Generated Content

We may enable you to post photos and other user-generated content. Any content you choose to submit will be accessibleby anyone, including third parties not associated with us. We have no control over how others may use or misuseinformation you make publicly available. We are not responsible for the privacy, security or accuracy of any user-generatedcontent you choose to post or for the use or misuse of that information by any third parties.

Cookies and Analytics

We may use cookies, tracking pixels and similar technologies on our website and in our emails from time to time. Cookiesare text files placed in your computer's browser to store your preferences. Tracking pixels are tiny, invisible images(typically the size of one pixel) embedded in web pages or emails. Cookies and tracking pixels, by themselves, do not tell usyour email address or other personally identifiable information. However, they do recognise you when you return to ouronline website and allow third parties to cause our advertisements to appear on your social media and online media feedsas part of our retargeting campaigns. If and when you choose to provide our online website with personal information, thisinformation may be linked to the data stored in the cookie or collected by tracking pixels. Unlike cookies, tracking pixels donot store any information on your device, but instead send information to our servers when the pixel is loaded.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies.

You can block tracking pixels by using ad-blocking or privacy-focused browser extensions. Some email providers allow youto block images by default, which can prevent tracking pixels in emails from loading.

However, if you use your browser settings to block all cookies (including essential cookies) and tracking pixels you may notbe able to access all or parts of our website and you may not receive personalised content.

Google Analytics: We may use Google Analytics Advertising Features. We and third-party vendors may use first-partycookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Googleadvertising cookies) or other third-party identifiers together. These cookies and identifiers may collect Technical and UsageData about you.

You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads PreferencesManager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can installtheir plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobiledevice: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS deviceswith iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visitthe settings menu on your device.

To find out how Google uses data when you use third party websites or applications, please see here.

Facebook/Meta Analytics: We may use tools provided by Meta, such as the Meta Pixel, advanced matching, andConversions API. These allow us to measure ad performance and deliver ads that may be relevant to you on Metaplatforms based on your activity on our website/app. You can control whether we can join data from third party partnerswith your Meta account for ads by adjusting your preferences within Meta's settings. You can disconnect this data fromyour Meta account by changing your settings for Off-Facebook activity. For more information, please see Meta's PrivacyPolicy here.

For more information about the cookies and tracking pixels we use, please see

Links to other websites

Our website may contain links to other party’s websites. We do not have any control over those websites and we are notresponsible for the protection and privacy of any personal information which you provide whilst visiting those websites.Those websites are not governed by this Privacy Policy.

Personal information from single sign-on accounts

If you connect your account with us using a single sign-on account, such as Apple, Facebook or Google, we will collect yourpersonal information from the single sign-on provider. We will do this in accordance with the privacy settings you havechosen with that provider.

The personal information that we may receive includes your name, ID, user name, handle, profile picture, gender, age,language, list of friends or follows and any other personal information you choose to share.

We use the personal information we receive from the single sign-on provider to create a profile for you on our platform.

Where we have accessed your personal information through your Facebook account, you have the right to request thedeletion of personal information that we have been provided by Facebook. To submit a request for the deletion ofpersonal information we acquired from Facebook, please send us an email at the address at the end of this Privacy Policyand specify in your request which personal information you would like deleted. If we deny your request for the deletion ofpersonal information, we will explain why.

Use of Artificial Intelligence (AI)

Overview: We may use artificial intelligence and machine learning technologies, including AI Technologies provided bythird parties (AI Technologies) in our business operations and the provision of our Services. We will only use AITechnologies when legally permitted and necessary for our business operations.

How we use AI Technologies: We may use AI Technologies for the following purposes:

• to conduct analysis and processing;
• to generate and modify content and coding;
• to improve and optimise our services and operations;
• to automate certain processes and communications, such as routine tasks;
• to provide you with general travel advice and tips;
• to provide you with travel booking assistance;
• to personalise your experience with our services;
• for quality assurance purposes; and
• to assist with customer support and queries.

Data Protection and Security: Where we use service providers who provide AI Technologies to us, we will take reasonablesteps to ensure that such service providers handle your personal information according to privacy law, including byensuring that we have contracts in place requiring the service provider to protect personal information.

We will not input your personal information into any platform provided by an AI Technology service provider which thentrains its model based on that information.

Your Rights and our Commitments: We will treat information generated or inferred by the AI Technologies aboutindividuals as personal information and you maintain all rights over your personal information as outlined in this PrivacyPolicy, regardless of whether AI Technologies are used in processing. When using AI Technologies with your personalinformation:

• Transparency and control: we will inform you when AI Technologies are being used to make decisions that maysignificantly affect you. We will implement processes to verify the accuracy of AI-generated outputs and we willtake reasonable steps to maintain human oversight and review of significant AI-generated decisions. Our staff aretrained to understand the limitations of AI systems and verify outputs before they are relied upon; and
• Security: we implement appropriate technical and organisational measures to ensure that our use of AITechnologies maintains the security and integrity of your personal information. This includes regular testing andmonitoring of AI outputs for accuracy and reliability; and
• Risk mitigation: we regularly assess and document the risks associated with our use of AI Technologies inprocessing personal information and implement appropriate mitigation measures. This includes ongoingmonitoring of AI Technologies and regular reviews of their performance and impact.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on ourwebsite. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact us at:

OceanMingle Pty Ltd (ACN 689 562 909)

Email: support@oceanmingle.com

© LegalVision ILP Pty Ltd

AmeAPPENDIX 1: ADDITIONAL RIGHTS AND INFORMATION FOR INDIVIDUALS LOCATED IN THEEU OR UKndments

Under the GDPR individuals located in the EU and the UK have extra rights which apply to their personal information.Personal information under the GDPR is often referred to as personal data and is defined as information relating to anidentified or identifiable natural person (individual). This Appendix 1 sets out the additional rights we give to individualslocated in the EU and UK, as well as information on how we process the personal information of individuals located in theEU and UK. Please read the Privacy Policy above and this Appendix carefully and contact us at the details at the end of thePrivacy Policy if you have any questions.

What personal information is relevant?

This Appendix applies to the personal information set out in the Privacy Policy above. This includes any SensitiveInformation also listed in the Privacy Policy above which is known as ‘special categories of data’ under the GDPR.

Purposes and legal bases for processing

We collect and process personal information about you only where we have legal bases for doing so under applicable laws.We have set out below, in a table format, a description of all the ways we plan to use your personal information, and whichof the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Notethat we may process your personal information for more than one lawful ground depending on the specific purpose forwhich we are using your data. Please reach out to us if you need further details about the specific legal ground, we arerelying on to process your personal information where more than one ground has been set out in the table below.

If you have consented to our use of data about you for a specific purpose, you have the right to change your mind at anytime, but this will not affect any processing that has already taken place. Where we are using your data because we or athird party have a legitimate interest to do so, you have the right to object to that use though, in some cases, this maymean no longer doing business with us. Further information about your rights is available below.

Data Transfers

The privacy protections available in the countries to which we send data for the purposes listed above may be lesscomprehensive than what is offered in the country in which you initially provided the information. Where we transfer yourpersonal information outside of the country where you are based, we will perform those transfers using appropriatesafeguards in accordance with the requirements of applicable data protection laws and we will protect the transferredpersonal information in accordance with this Privacy Policy and Appendix 1. This includes:

• only transferring your personal information to countries that have been deemed by applicable data protectionlaws to provide an adequate level of protection for personal information; or
• including standard contractual clauses in our agreements with third parties that are overseas.

Data retention

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for,including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retainyour personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect oflitigation in respect to our relationship with you.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity ofthe personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, thepurposes for which we process your personal information and whether we can achieve those purposes through othermeans, and the applicable legal, regulatory, tax, accounting or other requirements.

Extra rights for EU and UK individuals

You may request details of the personal information that we hold about you and how we are process it (commonly knownas a “data subject request”). You may also have a right in accordance with applicable data protection law to have yourpersonal information rectified or deleted, to restrict our processing of that information, to object to decisions being madebased on automated processing where the decision will produce a legal effect or a similarly significant effect on you, tostop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personalinformation relating to you transferred to you or another organisation.

If you are not happy with how we are processing your personal information, you have the right to make a complaint at anytime to the relevant Data Protection Authority based on where you live. We would, however, appreciate the chance to dealwith your concerns before you approach the Data Protection Authority, so please contact us in the first instance using thedetails set out above in our Privacy Policy above.