This Privacy Policy (“Policy”) the information that we gather on or through our services, how we use and disclose such information, and the steps we take to protect such information. By visiting our website you accept the privacy practices described in this Policy. This Policy is incorporated into, and is subject to, the JoJoSki Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the JoJoSki Terms of Service. Definitions “Customer” means a client of JoJoSki “Customer Data“ means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the company. “Personal Data” means any information relating to an identified or identifiable natural person. The Information We Collect on the Service: We collect different types of information from or through our services. The legal bases for JoJoSki processing of personal data are primarily that the processing is necessary for providing the Service in accordance with C JoJoSki Terms of Service and that the processing is carried out in JoJoSki legitimate interests, which are further explained in the section “How We Use the Information We Collect” of this Policy. We may also process data upon your consent, asking for it as appropriate. User-provided Information. When you use our services, you may provide, and we may collect Personal Data. Examples of Personal Data include name, email address, mailing address, mobile phone number, and billing information. Personal Data also includes other information, such as geographic area or preferences, when any such information is linked to information that identifies a specific individual. You may provide us with Personal Data in various ways. For example, when you register as a Customer electronically or by phone raise an enquiry for services, use our services, post Client Data, or send us customer service -related requests. “Automatically Collected” Information. When a Visitor uses our website, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology, including cookies.” This “automatically collected” information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content the User or Visitor views or interacts with on the Site, and the dates and times of the visit, access, or use of the Site. We also may use these technologies to collect information regarding a Visitor or User’s interaction with email messages, such as whether the Visitor or User opens, clicks on, or forwards a message. This information is gathered from all Users and Visitors. Information from Other Sources. We may obtain information, including Personal Data, from third parties and sources other than through our services, such as our partners, advertisers, credit rating agencies, and Integrated Services. If we combine or associate information from other sources with Personal Data that we collect, we will treat the combined information as Personal Data in accordance with this Policy. How We Use the Information We Collect. We use the information that we collect in a variety of ways in providing services and operating our business, including the following: Operations. We use the information – other than Customer Data – to operate, maintain, enhance and provide all features of our services, to provide the services and information that you request, to respond to comments and questions and to provide support to our customers. Improvements. We use the information to understand and analyse the usage trends and preferences of our Visitors and Users and Clients, to improve our services, and to develop new products, services, features, and functionality. Should this purpose require JoJoSki to process Client Data, then the data will only be used in anonymised or aggregated form. Communications. We may use a Visitor’s or User’s email address or other information – other than Customer Data – to contact that Visitor or User (i) for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to the Customer Data or Personal Data posted on the Service or (ii) with updates on promotions and events, relating to products and services offered by us. You have the ability to opt-out of receiving any promotional communications as described below under “Your Choices.” Cookies and Tracking. Technologies We use automatically collected information and other information collected on the Service through cookies and similar technologies to: (i) personalise our Service, such as remembering a User’s or Visitor’s information so that the User or Visitor will not have to re-enter it during a visit or on subsequent visits; (ii) provide customised advertisements, content, and information; (iii) monitor and analyse the effectiveness of Service and marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions, and status in any promotions or other activities on the Service. You can obtain more information about cookies by visiting http://www.allaboutcookies.org. Analytics. We use Google Analytics to measure and evaluate access to and traffic on the Public Area of the Site, and create user navigation reports for our Site administrators. Google operates independently from us and has its own privacy policy, which we strongly suggest you review. Google may use the information collected through Google Analytics to evaluate Users’ and Visitors’ activity on our Site. For more information, see Google Analytics Privacy and Data Sharing. We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the Site and identify visitor preferences; but in this case, the data will be in non- identifiable form. We do not use any of this information to identify Visitors or Users. To Whom We Disclose Information. Except as described in this Policy, we will not intentionally disclose the Personal Data or Customer Data that we collect or store to third parties without the consent of the applicable Visitor, User or Customer. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances: Unrestricted Information. Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content. Service Providers. We work with third party service providers who provide website, application development, hosting, maintenance, and other services for us.

These third parties may have access to, or process Personal Data or Customer Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information. Non Personally Identifiable Information. We may make certain automatically-collected, aggregated, or otherwise non-personally identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Customer’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service. Law Enforcement, Legal Process and Compliance. We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the our business or (v) protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others. Change of Ownership. Information about Clients, Users and Visitors, including Personal Data, may be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of the User or Visitor Data commits to a Privacy Policy that has terms substantially consistent with this Privacy Policy. Customer Data may be physically or electronically transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets, for the sole purpose of continuing the operation of the Service, and only if the recipient of the Client Data commits to a Privacy Policy that has terms substantially consistent with this Privacy Policy. Your Choices. Access, Correction, Deletion. We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us as set forth in the “Contact Us” section. At your request, we will have any reference to you deleted or blocked in our database. You may request JoJoSki to update, correct, or delete your Account information and preferences at any time. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of our services. At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact JoJoSki Data Protection Officer at jojo@jojoski.com. You also have a right to lodge a complaint with data protection authorities. Navigation Information. You may opt out from the collection of navigation information about your visit to the Site by Google Analytics by using the Google Analytics Opt-out feature. Opting out from Commercial Communications. If you receive emails from us, you may unsubscribe at any time by sending an email to the address provided in the “Contact Us” section. If the Client requests JoJoSki to remove their data, we will respond to its request within thirty (30) days. We will delete, amend or block access to any Personal Data that we are storing only if we receive a written request to do so from the Client who is responsible for such Personal Data, unless we have a legal right to retain such Personal Data. We reserve the right to retain a copy of such data for archiving purposes, or to defend our rights in litigation. Any such request regarding Client Data should be addressed as indicated in the “Contact Us” section, and include sufficient information for JoJoSki to identify the Client and the information to delete or amend. Third-Party Services The Service may contain features or links to web sites and services provided by third parties.

Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through our website. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through our site or posts. We encourage you to learn about third parties’ privacy and security policies before providing them with information. Privacy Shield. JoJoSki complies with the EU Privacy Shield Framework as set forth by the UK Government regarding the collection, use, and retention of personal information transferred from the European Union. JoJoSki has certified to the UK Government that it adheres to the GDPR Regulations. If there is any conflict between the terms in this privacy policy and the GDPR Regulations, the GDPR Regulation shall govern. In compliance with the GDPR, JoJoSki commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our GDPR should first contact our Data Protection Officer at jo@jojoski.com. JoJoSki has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved GDPR complaints concerning human resources data transferred from the EU in the context of the employment relationship. In any matters relating to the EU GDPR, we are subject to the investigatory and enforcement powers of the UK Government. Your UK Privacy Rights. We will not share any Personal Data with third-parties for their direct marketing purposes to the extent prohibited by the EU GDPR Law. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. Data Security. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorised alteration, unauthorised disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use SSL technology to encrypt data during transmission through public internet, and we also employ application-layer security features to further anonymise Personal Data. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store with us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us as set forth in the “Contact Us” section. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law. Data Retention. We only retain the Personal Data collected from a User for as long as the User’s account is active or otherwise for a limited period of time as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows: • the contents of closed accounts are deleted within 3 months of the date of closure; • billing information is retained for a period of 5 years • information on legal transactions between Client and jojo@jojoski.com is retained for a period of 10 years as of their provision to us in accordance with the general limitation period set. We cannot and do not guarantee that information you post on or transmit to the us will not be viewed by unauthorised persons. Data Controller and Processor. JoJo of JoJoSki is the data controller under the Regulation for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.