Global Privacy Policy

Fur IQ ("Fur IQ", "we", "us" or "our") provides software, marketplace, community, messaging, content, analytics, advertising, and related digital services for pet businesses, independent pet service providers, pet owners, and other users (together, the "Services"). This Global Privacy Policy explains how we collect, use, disclose, store, retain, transfer and otherwise process personal information when you use the Services, visit our websites, interact with our advertising, communicate with us, or otherwise engage with Fur IQ. This Policy is intended to operate as our principal global privacy notice. Additional regional notices, including our US State Privacy Notice and Cookie Notice, apply where relevant.

This Policy applies to pet businesses, sole traders, contractors, staff users, customers, pet owners, applicants, event attendees, website visitors, marketing recipients, and any person whose personal information we collect in connection with the Services.

For privacy questions, complaints, rights requests or concerns, contact Fur IQ at privacy@furiq.io or use the "Your Privacy Choices" and privacy request functions made available in our website footer and in-app settings. If you make a privacy complaint, we will acknowledge it within 5 business days where practicable, investigate it, and aim to provide a substantive response within 30 days. If we need more time, we will tell you why and what to expect next. If you are not satisfied, you may escalate the matter to the relevant privacy regulator in your jurisdiction, including the Office of the Australian Information Commissioner where applicable.

We collect information depending on how you use the Services, what features you use, and the choices you make. **Information you provide directly**, including names, usernames, business names, contact details, profile details, pet profile information, booking data, transaction information, tax and payout information, support requests, event information, messages, photographs, video, posts, reviews, and other user content. **Information collected automatically**, including device identifiers, browser and operating system details, IP address, approximate location, app and web usage data, diagnostics, crash logs, referral data, search activity, clicks, impressions, engagement metrics, and transaction events. **Information from other sources**, including other users, business customers, payment providers, security vendors, advertising and measurement partners, identity verification providers, connected third-party services, and public sources. **Sensitive or special-category information** only where reasonably necessary, legally permitted, and supported by an appropriate lawful basis or consent where required.

We collect personal information when you create an account, onboard a business, upload or sync customer or pet data, make or receive bookings, subscribe to a paid plan, participate in communities or events, use our content tools, interact with advertisements, contact support, or otherwise use the Services. We also collect information through cookies, SDKs, pixels and similar technologies as explained in our Cookie Notice.

We use personal information for the following purposes: - To provide and operate the Services, including account creation, authentication, bookings, payments, messaging, events, support, subscriptions, content hosting and customer relationship features. - To improve, personalise and develop the Services, including search ranking, recommendations, feed personalisation, product development, diagnostics, testing, fraud prevention, trust and safety, and service optimisation. - To create internal analytics, commercial intelligence and business tools, including trend analysis, demand forecasting, pricing information, elasticity modelling, product line suggestions, local area trends, benchmark reporting, cohort analysis, and automated operational recommendations. - To deliver, personalise, support and measure advertising, sponsored content, audience building, suppression, frequency capping, attribution, conversion reporting and campaign effectiveness. - To comply with law, enforce our Terms and policies, respond to legal requests, and protect users, animals, staff, property and the integrity of the platform.

Where practicable, the reports, benchmarks, suburb-level trend outputs, campaign reports and business insights that we provide externally are generated using aggregated, anonymised, de-identified or statistical information. We may use underlying identifiable information internally to design, train, test, validate, improve and operate those tools where permitted by law. We apply access controls, minimum-threshold reporting, and other safeguards designed to reduce re-identification risk. We do not represent that de-identification is mathematically irreversible in every circumstance. Instead, we apply technical, organisational and contractual measures designed to prevent re-identification and unauthorised use.

We may use personal information to personalise advertisements, sponsored content, recommendations, audience segments, campaign measurement and similar commercial activities. This may include using service activity, booking and purchase patterns, device and usage signals, inferred interests, likely engagement patterns, and audience information provided by approved partners where permitted by law. We also use automated processing and profiling to personalise feeds, sort search results, recommend services or content, detect fraud, generate business analytics, and produce operational recommendations. These tools do not ordinarily make decisions that have legal or similarly significant effects on an individual without human oversight. If we introduce a feature that does so, we will provide additional notice and any rights required by applicable law.

Where required by applicable law, we rely on one or more of the following lawful bases: contract; legitimate interests; consent; legal obligation; and any other lawful basis available under the relevant law. We generally rely on contract to provide requested services, legitimate interests for internal analytics, service improvement, security, product development and certain advertising or measurement activities, and consent where required for non-essential cookies, certain tracking activities, sensitive data uses, or other processing that legally requires consent.

- With other users or the public, where you choose to post, message, review, list, attend, or otherwise interact through public or semi-public features of the Services. - With businesses, providers, organisers and their authorised users where this is necessary to provide bookings, customer management, messaging, event administration, support, reporting and related services. - With processors and service providers that support hosting, support, billing, analytics, fraud prevention, communications, advertising, content delivery, infrastructure and security. - With advertising, attribution, analytics and measurement partners for the purposes described in this Policy and in the US State Privacy Notice, subject to applicable consent and opt-out rules. - With affiliates, investors, acquirers and counterparties in connection with a financing, restructure, merger, acquisition, sale or similar corporate event. - With regulators, law enforcement, courts and other parties where reasonably necessary for legal compliance, dispute resolution, safety, fraud prevention, or protection of rights and property.

We are headquartered in Australia and may process or disclose personal information in Australia, the United States and other countries where our approved service providers or counterparties operate. At the date of this Policy, likely overseas recipient locations include Australia, the United States and, depending on the service provider engaged, the United Kingdom and countries in the European Economic Area. We may also use globally distributed infrastructure or support providers that process information in other countries from time to time. When we disclose personal information overseas, we take reasonable steps designed to ensure the recipient handles the information consistently with applicable privacy requirements, including by using contractual, technical and organisational safeguards where required.

We retain personal information for as long as reasonably necessary for the purposes described in this Policy, including to provide the Services, maintain records, meet legal and tax obligations, resolve disputes, enforce agreements, support security and continuity, and prevent fraud and abuse. Retention periods vary by data type and use case. Where appropriate, we delete, aggregate or de-identify information when it is no longer reasonably needed.

Depending on where you live, you may have rights to access, correct, delete, port or restrict personal information; object to certain processing; withdraw consent; opt out of direct marketing; opt out of targeted advertising, sale or sharing; lodge a complaint; or appeal a denied request where that right is available. You may exercise relevant rights by contacting us at privacy@furiq.io or by using the privacy request or "Your Privacy Choices" pathways available through our website footer and app settings. We may need to verify your identity before actioning a request.

We may send you service-related communications and, where permitted by law, marketing communications about Fur IQ, partner offerings, events, features and promotions. You can opt out of marketing communications using the unsubscribe link, your account settings, or the privacy tools we make available.

Our websites and apps use cookies, SDKs, pixels, local storage, APIs and similar technologies. Strictly necessary technologies support core platform operation. Functional, analytics and advertising technologies are used as described in our Cookie Notice and are subject to consent or opt-out requirements where applicable.

Our Services are not directed to children who cannot lawfully use the Services or provide valid consent under applicable law, unless we expressly state otherwise for a specific feature or program. If we become aware that we have collected personal information unlawfully from a child, we will take appropriate steps to delete or otherwise handle that information as required.

We use technical, organisational and contractual safeguards designed to protect personal information. No method of transmission, storage or processing is completely secure, and we cannot guarantee absolute security.

We may update this Policy from time to time. We will post the updated version, revise the "Last Updated" date, and provide any additional notice or obtain any consent required by applicable law.