Privacy Policy Globitrack Ltd.

This Privacy Policy (“Policy”) sets forth the terms under
which Globitrack Ltd (“Globitrack,” “Company,” “we,” “us,” or “our”) collects,
uses, discloses, retains, and safeguards information obtained from users
(“you,” “your,” or “User”) of its services, systems, applications, websites,
and infrastructure (collectively, the “Services”). By accessing or using the
Services, you acknowledge and consent to the collection and processing of your
personal data in accordance with this Policy.

1. Scope and Consent

1.1 This Policy applies to all Users of the Services,
including those who access the Services through any web-based, mobile, or
embedded interface.

1.2 By accessing or using the Services, you affirmatively
consent to the practices described in this Policy and agree to the lawful
processing of your personal data in accordance with the applicable laws of
Trinidad and Tobago and, where applicable, foreign jurisdictions.

2. Categories of Personal Data Collected

2.1 The Company may, directly or indirectly through its
systems, third-party integrations, or authorized agents, collect, receive,
process, store, analyze, and retain, whether manually or by automated means,
the following categories of personal data, which may include, but shall not be
limited to:

1. Personally Identifiable
   Information (“PII”) – including, but not limited to, full legal name,
   alias, username, date of birth, gender, residential or mailing address,
   email address, telephone number, emergency contact details, signature, and
   other identifiers that may reasonably be used to identify, contact, or
   locate an individual;
2. Government-Issued
   Identifiers – such as national identification numbers, tax registration
   numbers, driver’s license numbers, passport numbers, social security
   numbers, vehicle registration information, and other official
   government-issued credentials or documents;
3. Location and Telemetry
   Data – including geolocation coordinates, GPS data, travel history, time
   stamps, speed, altitude, route data, telemetry logs, and related movement
   or navigation information, whether obtained from devices, sensors, or
   integrated third-party services;
4. Device, Network, and Usage
   Data – including IP addresses, MAC addresses, browser fingerprints, user
   agent strings, session cookies, access times, hardware models, operating
   systems, unique device identifiers, referrer headers, error logs, crash
   reports, and browsing behavior within the Services;
5. Biometric and Sensory Data
   – such as facial imagery, voiceprints, and behavioral patterns that may be
   used for authentication, security, or analytic purposes, if and where such
   data is captured or processed;
6. Account and Authentication
   Data – including login credentials, password hashes, access history,
   multi-factor authentication tokens, and related metadata;
7. Financial and
   Transactional Data – including billing address, payment method,
   transaction history, invoice details, subscription preferences, and
   records of financial interactions within the Services;
8. Communications and
   Correspondence – encompassing the content, metadata, and attachments of
   communications sent to or from the Company via email, support forms, live
   chat, telephone, or other mediums, including records of interactions with
   customer support;
9. Behavioral, Analytical,
   and Preference Data – such as engagement metrics, feature usage
   statistics, user preferences, feedback, clickstream behavior, and inferred
   interests derived through machine learning or data analytics;
10. Any other category of data
    that may be reasonably necessary or incidental to the provision,
    maintenance, improvement, or protection of the Services, or required by
    law, regulation, or lawful order of a competent authority.

2.2 Such data may be obtained directly from the User,
from devices under the User’s control, through integration with third-party
platforms, or via cookies and other tracking technologies, and may be linked or
aggregated with other data sets as necessary to fulfill the lawful purposes for
which such data is processed.

3. Legal Bases for Processing

3.1 Personal data shall be processed pursuant to one or
more of the following legal bases: (a) consent provided by the User; (b)
necessity for the performance of a contract; (c) compliance with legal
obligations; (d) protection of vital interests; (e) performance of a task
carried out in the public interest; or (f) legitimate interests pursued by the
Company.

4. Purposes of Processing

4.1 The Company processes personal data for purposes
including, but not limited to: (a) provision and enhancement of Services; (b)
authentication and access control; (c) customer support and account management;
(d) analytics and product development; (e) legal and regulatory compliance; (f)
enforcement of contractual terms.

5. Data Retention

5.1 Personal data shall be retained for such duration as
is necessary to fulfill the purposes for which it was collected, or as required
by applicable legal, regulatory, or contractual obligations. Upon expiration of
the applicable retention period, data may be securely deleted, anonymized, or
archived in accordance with applicable data minimization standards.

6. Data Security

6.1 The Company employs administrative, technical, and
physical safeguards designed to preserve the confidentiality, integrity, and
availability of personal data and to prevent unauthorized access, disclosure,
alteration, or destruction thereof.

7. Data Sharing and Disclosure

7.1 The Company shall not sell or rent personal data to
unaffiliated third parties.

7.2 Personal data may be disclosed to the following
categories of recipients: (a) authorized employees, contractors, and agents of
the Company, bound by confidentiality obligations; (b) third-party service
providers engaged under contractual obligations consistent with this Policy;
(c) law enforcement or regulatory bodies pursuant to lawful request or judicial
mandate; (d) successor entities in the event of a merger, acquisition, or
corporate restructuring.

8. Cross-Border Data Storage and Processing

8.1 The User acknowledges and expressly consents to the
fact that certain personal data collected, processed, or otherwise handled by
the Company may be transmitted to, stored in, or accessed from data centers or
service infrastructure located outside the territorial jurisdiction of Trinidad
and Tobago, including but not limited to regions within the European Union, the
United States, or other countries with differing levels of data protection
regulation.

8.2 The Company undertakes commercially reasonable efforts
to ensure that all third-party service providers, cloud storage operators, and
processing entities handling such data on its behalf implement data protection
measures that are substantially equivalent to those required under applicable
data protection laws in Trinidad and Tobago, including the use of contractual
safeguards, encryption standards, and access control mechanisms.

8.3 By utilizing the Services, you hereby consent to the
cross-border transmission and remote storage of your personal data, and
acknowledge that such international processing is an essential component of the
Company’s technological and operational architecture.

9. User Rights

9.1 Subject to applicable law, Users may have the right
to: (a) access personal data held by the Company; (b) rectify inaccurate or
incomplete data; (c) request erasure of data no longer required; (d) object to
processing on legitimate grounds; (e) request restriction of processing; and
(f) withdraw consent at any time, where consent is the legal basis for
processing.

9.2 Requests to exercise data rights shall be submitted in
writing via the contact methods listed on the Company’s website. Verification
of identity may be required.

10. Changes to the Policy

10.1 The Company reserves the right to modify this Policy
at any time. Updates will be posted on the Company’s website and, where
appropriate, Users may be notified via email or in-service alerts.

10.2 Continued use of the Services following any
amendments shall constitute acceptance of the revised Policy.

This Policy shall be interpreted in accordance with the
laws of Trinidad and Tobago. In the event of a conflict with foreign laws, the
provisions herein shall prevail to the maximum extent permitted by law.