This Privacy Policy governs access to and use of the Sandcastle, Inc. (“Mio,” “Company,” “we,” “our,” or “us”) services, including the Mio website, Chrome extension and downloadable application (together, the “Service”) which is provided by Mio. It explains how we collect, use, disclose, and protect information in connection with the Service, and your choices about the collection and use of Customer (“you” or “your”) information. At Mio, we are committed to protecting your privacy. This privacy policy describes our policies and procedures on the collection, use and disclosure of your information when you use the service and tells you about your privacy rights and how the law protects you. We use your personal data to provide and improve the service. By using the service, You agree to the collection and use of information in accordance with this Privacy Policy. By using the Service, you agree to this Privacy Policy. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE THE SERVICE. This Privacy Policy applies only to information collection on or through the Service. It does not apply to information we collect by other means (including offline) or from other sources other than through the Service. Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Service.

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

• Account means a unique account created for You to access our Service or parts of our Service. • Application means the software program provided by the Company downloaded by You on any electronic device. • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Sandcastle, Inc. • Device means any device that can access the Service such as a computer, a cell phone or a digital tablet. • Personal Data is any information that relates to an identified or identifiable individual. Service refers to the Application • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit). • You mean the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

While using Our Service, We may ask you to provide Us with certain personally identifiable information that can be used to contact or identify you.

Collected automatically when using the Service. Usage Data may include information such as your browser type, operating system, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data. Additionally, when you use certain functions of our Service, such as adding urls, generating itineraries, and other features, we may also collect the URLs involved in these activities to better understand how you interact with our Service and to improve functionality.

Information you provide us directly. We collect a variety of information that you provide directly to us, including:

• Account Information • Your User Content: When you use the Service to capture workflows, we collect your clicks, keystrokes, and the content that appears on your screen.

• Analytics information. • Cookies information. • Do Not Track Signals and Similar Mechanisms. • Log file information.

• Respond to your requests for information; • Provide you with more effective and efficient customer service; • Contact you regarding our products, services, and other information that we think may be of interest to you; • Customize the content on the Services; • Improve the Services and other products and services we may offer; • Engage in analysis, marketing research, and reports regarding use of our Services; • Operate, maintain, and provide to you and others the features and functionality of the Service; • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service; • Provide security and monitoring, and address technical issues and bugs; and • Enforce legal agreements, including our Terms of Service and this Privacy Policy

We may use the information we collect or receive to communicate directly and indirectly with you. We may send you emails containing newsletters, promotions and special offers related to the Service. If you do not want to receive such email messages, you will be given the option to opt out or change your preferences.

• Service Providers. We may share your information with contractors and third party service providers, as needed to help us operate our business, where we have a legitimate interest to do so. Service providers who are classified as sub-processors are held to standards of data protection no less rigorous than applicable data protection laws require. • Protection of Company and Others. We will disclose your information where it is required to do so by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our Terms of Service or to protect the security or integrity of our Service; and/or ( c) to exercise or protect the rights, property, or personal safety of us, our Users or others. • Business Transfers. We may buy or sell/divest/transfer the company (including any shares in the company), or any combination of its products, services, assets and/or businesses. This may include assets such as databases. In the event of a transfer of data due to a business transfer, data subjects would be notified promptly and without undue delay of an impending change of controller. • Aggregate/De-Identified Information. We may share Aggregate/De-Identified Information about use of the Services, such as by publishing a report on usage trends. This Policy places no limitations on our use or sharing of Aggregate/De-Identified Information. • Consent. We may also disclose your information to third parties with legal basis other than consent.

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You. Our Service may give You the ability to delete certain information about You from within the Service. You may contact Us to request access to, correct, or delete any personal information that You have provided to Us. Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.

If you choose to save your itineraries on Mio, your itineraries will be saved on Mio servers. Your registration data will also be saved on Mio servers. Your browser version may be saved and used to diagnose problems you experienced. If you choose to upload and save files, such as HTML and PDF files on Mio, those data will be saved on Mio servers on Amazon US. We may use tools like Google analytics to collect usage data.

Data is transferred to servers through HTTPS. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information. We may use third party services like Google Analytics to collect some usage data. We will not sell your data to any third party. You can choose to delete your account and remove all data stored in our servers.

The data is stored in Amazon servers based in the US. We use a backup system in Amazon to back up the data. We utilize security services, such as firewalls, to safeguard your data.

We may use some third party services, such as Google analytics to collect some usage data, so some usage data is shared to those services. You can choose to share your itineraries to other users. If you choose to share through our tools or services, you agree to share those data with AIs and the organization behind those AIs.

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

The Service and its content are not intended for children under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. In the event that we learn that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible.

The Service may contain links to third-party websites and services. We are not responsible for the practices employed by these websites or services, including the information or content contained therein. If you choose to use these sites or features, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by us, we are not responsible for the content or practices of those websites or services. Please remember that when you use a link to go from the Service to another website, our Privacy Policy does not apply to those websites or services. Your browsing and interaction on any third-party website or service, including those that have a link or advertisement on our website, are subject to that third party’s own rules and policies.

We may update Our Privacy Policy from time to time to reflect the changes in our business and practices. We will notify You of any changes by posting the new Privacy Policy on this page and updating the ‘last modified’ date at the top of this page. You are advised to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy, You can contact us by email: hi@askmio.co.