Privacy Notice

We at Autofleet ("Autofleet" – as more fully detailed below, "us", "we", or "our") recognize

and respect the importance of maintaining your privacy. This Privacy Notice describes the

types of information we collect from you when you use any of the services offered by Autofleet

(collectively, the "Services") as follows:

- If you are a representative of one of our customers ("Fleet Operator" and "Customer",

respectively) using our vehicle and fleet management web platform ("Platform") or

Autofleet Apps (as defined below) including by means of accessing the Autofleet

Control Center, related web interfaces, or APIs to manage the Customer's fleet. For

the avoidance of doubt, certain Customers may have entered into agreements with

our authorized integration partners/distributors;

- If you are a driver or field agent ("Driver") using our Driver App ("Driver App") in

connection with a Customer's fleet;

- If you are a passenger ("Passenger") using our Passenger App ("Passenger App" and

together with the Driver App, the "Autofleet Apps") to order and pay for rides offered

by one of our Customers.

This Privacy Notice also explains how we process, transfer, store and disclose the information

collected, as well as your ability to control certain uses of the collected information. "You"

means any adult who is a Fleet Operator, Driver, or Passenger or person whose data is included

in the Control Center Data (as defined below).

The applicable Customer is the data controller (or database controller) with respect to the

processing of your Personal Data, (defined below), including without limitation the Control

Center Data. Autofleet serves as a data processor of your Personal Data on behalf of the

applicable Customer. Depending on the Autofleet entity that the Customer contracts with,

Autofleet can be Autofleet Systems Ltd., with registered office is Hamelacha 3, Tel Aviv-Yafo,

Israel and our registration number is 515754224, EFN (Netherlands) 4 B.V., Autofleet Inc. or

Jidofleet PTE. Support services, if provided, are provided by the Autofleet entity the Customer

has contracted with together with Autofleet Systems Ltd.

If you are an individual located in the European Union ("EU Individual"), some additional terms

and rights may apply to you, as detailed herein.

If you have specific requests under European or UK law, you can also contact us, by way of our

representative in the European Union (EU) at: Prighter EU Rep GmbH; Schellinggasse 3/10,

1010 Vienna, Austria and in the UK at Prighter Ltd 20 Mortlake Mortlake High Street, London,

SW14 8JN, United Kingdom. Both may be contacted at:

https://app.prighter.com/dsr/13062433603

"Personal Data" means any information that refers, is related to, or is associated with an

identified or identifiable individual or as otherwise may be defined by applicable law.

Privacy Notice Key Points

The key points listed below are presented in further detail throughout this Privacy Notice. You

can click on the headers in this section in order to find out more information about any topic.

These key points do not substitute the full Privacy Notice.

1. Personal Data We Collect and How We Use It.

2. Use for Analytics.

3. Sharing the Personal Data We Collect.

4. International Transfer.

5. Security.

6. Your Rights - How to Access and Limit Use of Certain Personal Data.

7. Data Retention.

8. Cookies and Similar Technologies.

9. Third-Party Applications and Services.

10. Communications.

11. Children.

12. Changes to the Privacy Notice.

13. Comments and Questions.

***

1. Personal Data We Collect and How We Use It. When we collect and use your Personal Data,

except as detailed below, we do so solely for the purpose of providing services to the

applicable Customer. As such, our processing activities are solely at the applicable

Customer's instructions and under its control. You have no legal obligation to provide us

with Personal Data, but if you refuse to provide such Personal Data we may not be able to

1.1. Fleet Operators. If you are using the Platform as a Fleet Operator or Partner on behalf

of a Customer, we will collect your name, phone number, (work) email address,

access history). We use this Personal Data in order to identify you, authenticate

your account, provide you with access to the Platform and Services available

thereon, maintain system security, and provide audit logs to the Customer.

1.2. Drivers/Field Agents. If you are a Driver or Field Agent, whether or not you use the

Driver App, we collect basic Personal Data, such as your name, phone number, in

order to identify you and allow you to access the Driver App, along with a

photograph of you, which is included as part of your profile. We also collect

information about your usage of the Driver App, such as the times during which you

are driving (whether you are active or not). You may also choose to add your

address, which may help us provide you with better Services. In addition, we collect

your location data, which allows us to provide certain functionalities. Where exact

geo-location data is provided to Autofleet by or through the Customer or other

third parties (including through devices, systems, or applications not controlled by

Autofleet), the Customer is responsible for ensuring that all required notices and

consents (if any) have been provided or obtained under applicable law. Finally, we

automatically collect your device ID and data about your interaction with the Driver

App, such as buttons clicked and screens viewed, which we use on an aggregate

basis for analytics purposes.

1.3. Passengers. If you are a Passenger of one of our Customers, whether or not you use

the Passenger App, we will collect certain Personal Data about you, such as details

of your ride (pick-up and drop off locations, vehicle details, details of the relevant

Driver of your ride). If you use the Passenger App, you can create a profile and enter

your full name, email address, phone number, and a profile photo or image. Certain

profile information may be optional. We use this information in order to provide

you with Services through the Passenger App. To order a ride, you can input your

desired pick-up and drop off locations manually or may choose to allow us to collect

your exact geo-location, which we will only do with your consent through the

Passenger App. Where exact geo-location data is provided to Autofleet by or

through the Customer or other third parties (including through devices, systems, or

applications not controlled by Autofleet), the Customer is responsible for ensuring

that all required notices and consents (if any) have been provided or obtained

under applicable law. In order to pay for rides through the Passenger App, you may

be required to provide your credit card details, which will be handled by a third-

party payment processor. We will receive a reference to the card that includes the

expiration date and the last four digits of the card number as well as other

information, such as the outstanding balance and promo codes associated with

your account.

1.4 Additional Data Processed on Behalf of Customers. In providing our services to

Customers, Autofleet processes certain information relating to third parties who

are not direct users of our Platform, as well as data transmitted to or displayed

within the Platform (such as in the Control Center). This may include general notes,

package identifiers, delivery addresses, recipient names, delivery status

information, and data relating to vehicles and drivers (such as names, IDs, contact

details, shifts, delivery operations, vehicle identifiers, vehicle locations, and route

or stop point data) (together, "Control Center Data"). Control Center Data may be

provided by the Customer or its integration partners through secure interfaces or

APIs. Autofleet processes this data to enable the Customer to manage and monitor

its fleet operations, including route optimization, dispatch management, delivery

management, and performance reporting.

1.5 We may also use mapping and location services (such as Google Maps Platform

APIs) in connection with the Platform, Autofleet Apps, and Services to display maps,

geocode addresses, calculate routes and estimated times of arrival, and enable

other location-based features. Use of such services may involve the collection and

processing of information such as IP address, device and browser/application

information, queries, and location-related data (including precise geo-location

where enabled by the Customer), and may be subject to Google's then-current

terms and privacy policies (available at https://policies.google.com/privacy).

Where required under applicable law, the applicable Customer is responsible for

providing any required notices and obtaining any required consents for the

collection and sharing of location data with such mapping providers.

1.6 Notwithstanding the foregoing, Autofleet may also process certain Personal Data

to improve, develop, and optimize the Platform, the Autofleet Apps, and the

Services, including to troubleshoot, maintain, secure, and enhance performance

and user experience, and to develop new features and functionality. Where

required by applicable law, Autofleet will do so only in accordance with the

applicable Customer's instructions and/or on another valid legal basis, and with

appropriate safeguards (including, where feasible, aggregation, de-identification,

or anonymization).

2. Use for Analytics. We and/or our service providers use analytics tools, including "Google

Analytics" and other analytics providers to collect and analyze information about the use

of the Platform, Autofleet Apps, and Services. By analyzing the information we receive, we

may compile statistical information across a variety of platforms and users, which helps us

improve our Platform, Autofleet Apps, and Services, understand trends and customer

needs and consider new products and services, and tailor existing products and services

to customer desires. The information we collect is anonymous and aggregated and we will

not link it to any Personal Data. We may share such anonymous information with our

partners, without restriction, on commercial terms that we can determine in our sole

discretion. You can find more information about how Google collects information and how

you can control such use at https://policies.google.com/technologies/partner-sites.

3. Sharing the Personal Data We Collect. We share your information, including Personal

Data, as follows:

3.1. Customers. We share information, including your Personal Data, with the relevant

Customer that acts as a controller (or database controller) of your Personal Data.

3.2. Service Providers, and Subcontractors. We disclose information, including Personal

Data we collect from and/or about you, to our trusted service providers and

subcontractors, who have agreed to confidentiality restrictions and who use such

information solely on our behalf in order to: (1) help us provide you with the

Platform and/or Services; and (2) aid in our understanding of how users are using

our Platform and/or Services.

Such service providers and subcontractors provide us with IT and system

administration services, cloud provides, data backup, security, and storage

services, payment processing services, data analytics services, and assist us in

authenticating users, including by sending messages via SMS or email. In certain

cases, Autofleet provides its services in collaboration with integration

partners/distributors, which support the deployment and maintenance of the

Autofleet Platform for the Customers. In such cases, Autofleet may share or provide

access to Personal Data to the integration partner/distributor solely as necessary

to operate the service, enable integration, technical support, or system

maintenance.

3.3. Law Enforcement Related Disclosure. We may share your Personal Data with third

parties: (i) if we believe in good faith that disclosure is appropriate to protect our

or a third party's rights, property or safety (including the enforcement of this

Privacy Notice); (ii) when required by law, regulation subpoena, court order or

other law enforcement related issues, agencies and/or authorities; or (iii) as is

necessary to comply with any legal and/or regulatory obligation.

3.4. Legal Uses. We may use your Personal Data as required or permitted by any

applicable law, for example, to comply with audit and other legal requirements.

4. International Transfer.

4.1. We use subcontractors and service providers who are located in countries other than

your own and send them information we receive (including Personal Data). We

conduct such international transfers for the purposes described above. We will

ensure that these third parties will be subject to written agreements ensuring the

same level of privacy and data protection as set forth in this Privacy Notice,

including appropriate remedies in the event of the violation of your data protection

rights in such third country.

4.2. Whenever we transfer your Personal Data to third parties based outside of the

European Economic Area ("EEA") and when required under applicable law, we

ensure a similar degree of protection is afforded to it by ensuring at least one of

the following safeguards is implemented:

4.2.1. We will only transfer your Personal Data to countries that have been deemed

to provide an adequate level of protection for Personal Data by the

European Commission.

4.2.2. Where we use certain service providers not located in countries with an

adequate level of protection as determined by the European Commission,

we may use specific contracts approved by the European Commission

which give Personal Data the same protection it has in the EEA.

4.3. Please contact us at hey@autofleet.io if you would like further information on the

specific mechanism used by us when transferring your Personal Data out of the

EEA.

5. Security. We have implemented and maintain appropriate technical and organization

security measures, policies and procedures designed to reduce the risk of accidental

destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate

to the nature of such data. The measures we take include:

5.1. Safeguards – The physical, electronic, and procedural safeguards we employ to

protect your Personal Data include secure servers, firewalls, antivirus, and SSL

encryption of data.

5.2. Access Control – We dedicate efforts for a proper management of system entries and

limit access only to authorized personnel on a need to know basis of least privilege

rules, review permissions quarterly, and revoke access immediately after employee

termination.

5.3. Internal Policies – We maintain and regularly review and update our privacy related

and information security policies.

5.4. Personnel – We require new employees to sign non-disclosure agreements according

to applicable law and industry customary practice.

5.5. Encryption – We encrypt the data in transit using secure TLS 1.2 protocols.

5.6. Database Backup – Our databases are backed up on a periodic basis for certain data

and are verified regularly. Backups are encrypted and stored within the production

environment to preserve their confidentiality and integrity, are tested regularly to

ensure availability, and are accessible only by authorized personnel.

5.7. However, no method of transmission over the Internet or method of electronic

storage is 100% secure. Therefore, while we strive to use commercially acceptable

means to protect your Personal Data, we cannot guarantee its absolute security.

5.8. As the security of information depends in part on the security of the computer you

use to communicate with us and the security you use to protect user IDs and

passwords, please take appropriate measures to protect this information.

6. Your Rights - How to Access and Limit Use of Certain Personal Data. Subject to applicable

law and certain exemptions, and in some cases dependent upon the processing activity we

are undertaking, you have certain rights in relation to the Personal Data that we hold about

you on behalf of the Customer, as detailed below. The applicable Customer, as the data

controller (or database controller), is responsible for compliance with your requests. For

any requests to exercise such rights, please contact the Customer directly. If you submit a

request to us, we will refer your request to the applicable Customer and may not answer

you directly.

6.1. Right of Access. You have a right to know what Personal Data we collect about you

and, in some cases, to have such Personal Data communicated to you. Subject to

applicable law, you may be charged with a fee.

6.2. Right to Data Portability. If the processing is based on your consent or performance

of a contract with you and processing is being carried out by automated means,

you may be entitled to receive a copy of the Personal Data you provided to us in a

structured, commonly-used, and machine-readable format.

6.3. Right to Correct Personal Data. Subject to the limitations in applicable law, you may

request that inaccurate, incomplete, or outdated Personal Data be updated,

completed, corrected, or deleted.

6.4. Deletion of Personal Data ("Right to Be Forgotten"). If you are an EU Individual, you

have a right to request that your Personal Data be deleted if either: (i) it is no longer

needed for the purpose for which it was collected, (ii) processing was based on your

consent and you have withdrawn your consent, (iii) you have successfully exercised

your Right to Object (see below), (iv) processing was unlawful, or (v) it is required

to be erased for compliance with a legal obligation. We cannot restore information

once it has been deleted. Please note that to ensure that we do not collect any

further Personal Data, you should also delete our Driver or Passenger App from

your mobile devices and clear our cookies from any device where you have used

our Platform. We may retain certain Personal Data (including following your

request to delete) for audit and record-keeping purposes, or as otherwise

permitted and/or required under applicable law.

6.5. Right to Restrict Processing. If you are an EU Individual, you can request that

processing of your Personal Data be deleted if either: (i) you have contested its

accuracy and wish to limit processing until this is verified; (ii) the processing is

unlawful, but you do not wish have the Personal Data erased; (iii) it is no longer

needed for the purposes for which it was collected, but we or the Customer still

need it to establish, exercise, or defend of a legal claim; (iv) you have exercised your

Right to Object (below) and the legitimate grounds for processing is being verified.

Processing may continue after a restriction request under certain circumstances.

6.6. Right to Object. If you are an EU Individual, you can object to any processing of your

Personal Data which has legitimate interests as its legal basis, if you believe your

fundamental rights and freedoms outweigh the legitimate interests. If you raise an

objection, the Customer will have an opportunity to demonstrate that it has a

compelling legitimate interest that overrides your rights and freedoms.

6.7. Withdrawal of Consent. You may withdraw your consent in connection with any

processing of your Personal Data based on a previously granted consent. This will

not affect the lawfulness of any processing prior to such withdrawal.

6.8. Right to Lodge a Complaint with Your Local Supervisory Authority. If you are an EU

Individual, you may have the right to submit a complaint to the relevant supervisory

data protection authority if you have any concerns about how your Personal Data

is being processed, though we ask that as a courtesy you please attempt to resolve

any issues with us or the applicable Customer first.

6.9 Your Rights Under Israeli Law. If you are subject to Israeli law, you may request to

access any personal data you have provided to us and request that such personal

data be corrected, updated, or deleted, including in accordance with Articles 13

through 14 of the Israeli Privacy Protection Law, 1981. You may exercise such rights

by emailing us at hey@autofleet.io. You may have the right to delete your personal

data subject to and in accordance with Article 3 of the Israeli Privacy Protection

Regulations (Provisions Regarding Information Transferred to Israel from the

European Economic Area), 2023.

7. Data Retention.

7.1. Subject to applicable law, we retain Personal Data (including Control Center Data) as

necessary for the purposes set forth above and in accordance with the instructions

of the applicable Customer. We may delete information from our systems without

notice to you once we deem it is no longer necessary for these purposes. Retention

by any of our processors may vary in accordance with the processor's retention

policy.

7.2. In some circumstances, we may store your Personal Data for longer periods of time,

for instance where we are required to do so in accordance with legal, regulatory,

tax, audit, accounting requirements and so that we have an accurate record of your

dealings with us in the event of any complaints or challenges, or if we reasonably

believe there is a prospect of litigation relating to your Personal Data or dealings.

In such case, our legal basis for processing your Personal Data will be our legitimate

interest.

7.3. Please contact us at hey@autofleet.io if you would like details regarding the

retention periods for different types of your Personal Data.

8. Cookies and Similar Technologies. We use cookies and similar technologies for a number of

reasons, including to help personalize your experience. When visiting this Platform, you

shall be notified of the use of and placement of cookies and other similar technologies on

your device as specified herein.

8.1. What are Cookies? A cookie is a small piece of text that is sent to a user's browser or

device. The browser provides this piece of text to the device of the originating user

when this user returns.

8.1.1. A "session cookie" is temporary and will remain on your device until you

leave the Platform.

8.1.2. A "persistent" cookie may be used to help save your settings and

customizations across visits. It will remain on your device until you delete

it.

8.1.3. First-party cookies are placed by us, while third-party cookies may be

placed by a third party. We use both first- and third-party cookies.

8.1.4. We may use the terms "cookies" to refer to all technologies that we may use

to store data in your browser or device or that collect information or help

us identify you in the manner described above, such as web beacons or

"pixel tags".

8.2. How We Use Cookies. We use cookies and similar technologies for a number of

reasons, as specified below.

The specific names and types of the cookies, web beacons, and other similar technologies we

use may change from time to time. However, the cookies we use generally fall into one of the

following categories:

Type of

Why We Use These Cookies

Security

These cookies can help us identify and prevent security risks. They may be

used to store your session information to prevent others from changing

your password without your login information.

Analytics

These cookies collect information regarding your activity on our Platform

and Autofleet Apps to help us learn more about which features are popular

with our users and how our Services can be improved.

8.3. How to Adjust Your Preferences. Most Web browsers or mobile devices are initially

configured to accept cookies, but you can change this setting so your browser

either refuses all cookies or informs you when a cookie is being sent. In addition,

you are free to delete any existing cookies at any time. Please note that some

features of the Services may not function properly when cookies are disabled or

removed. For example, if you delete cookies that store your account information

or preferences, you will be required to input these each time you visit.

9. Third-Party Applications and Services. All use of third-party applications or services is at

your own risk and subject to such third party's terms and privacy policies.

10. Communications. We reserve the right to send you service-related communications,

including service announcements and administrative messages as part of the Services we

provide, without offering you the opportunity to opt out of receiving them. Should you

not wish to receive such communications, you may terminate your use of the Services.

11. Children. We do not knowingly collect Personal Data from children under the age of sixteen

(16). In the event that you become aware that an individual under the age of sixteen (16)

has enrolled to use our Services without parental permission, please advise us

immediately.

12. Changes to the Privacy Notice. We may update this Privacy Notice from time to time to

keep it up to date with legal requirements and the way we operate our business, and we

will place any updates on this webpage. Please come back to this page every now and then

to make sure you are familiar with the latest version. If we make material changes to this

Privacy Notice, we will seek to inform you by notice through the Platform or via email.

13. Comments and Questions. If you have any comments or questions about this Privacy

Notice, please contact us at hey@autofleet.io.

Last updated: January 2026