PRIVACY POLICY – EZYCHARGE AUSTRALIA PTY LTD T/A CHARGE SPOT AUSTRALIA

Effective Date: 28th May 2026

Last Amended: 28th May 2026

1. Application

[EZYCHARGE AUSTRALIA PTY LTD T/A CHARGE SPOT AUSTRALIA] and its affiliates (collectively, “INFORICH”, “we”, “us”, or “our”) are committed to protecting the privacy and confidentiality of Personal Information we collect and handle in the course of providing our Services.  This Privacy Policy explains how we collect, use, disclose, store and protect Personal Information in accordance with the Privacy Act and the Australian Privacy Principles.

We are an APP Entity for the purposes of the Privacy Act and are required to comply with the Australian Privacy Principles.

By providing us with your Personal Information, you acknowledge and agree that we may collect, use and disclose that information in accordance with this Privacy Policy and applicable laws.

If you have any questions regarding this Privacy Policy or the way we handle Personal Information, please contact us using the details set out in this Privacy Policy below.

1. Defined Terms

In this Privacy Policy, defined terms have the following meanings:

APP Entity means Australian Privacy Principles Entity, which is defined under the Privacy Act, and describes an organisation that is bound by the Australian Privacy Principles;

Australian Privacy Principles are as set out in Schedule 2 of the Privacy Act;

Notifiable Data Breaches Scheme means the mandatory data breach notification regime established under Part IIIC of the Privacy Act, which requires organisations subject to the scheme to notify affected individuals and the Office of the Australian Information Commissioner where an eligible data breach is likely to result in serious harm to affected individuals;

Personal Information has the meaning given in the Privacy Act and includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not and whether recorded in a material form or otherwise;

Privacy Act or Act means the Privacy Act 1988 (Cth) including the Australian Privacy Principles;

Sensitive Information has the same meaning given to the term in the Privacy Act; and

Services means the products, services, platforms and operations we provide, including our battery-sharing services “ChargeSPOT”, mobile applications, websites, charging infrastructure, customer support services and related commercial activities.

1. Notification of Collection

When we collect your Personal Information, we take reasonable steps to notify you of matters required under the Privacy Act.

This Privacy Policy generally explains:

1. the types of Personal Information we collect and hold;
2. the purposes for which we collect, use and disclose Personal Information;
3. the third parties to whom we may disclose Personal Information;
4. whether Personal Information may be disclosed overseas;
5. any legal requirements relating to collection; and
6. the consequences if Personal Information is not provided.

Depending on the circumstances of collection, additional notices or consents may apply.

Where you provide us with Personal Information relating to another individual, we understand that you are authorised to do so and that the individual has been informed of this Privacy Policy.

1. Types of Information We Collect and Hold

The types of Personal Information we collect depend on the nature of your interaction with us and the Services you use. Generally speaking, we collect Personal Information in order to provide our Services.

Information You Provide Directly

We may collect:

1. your name, email address, telephone number;
2. your residential or billing address;
3. your account credentials and passwords;
4. information pertaining to your customer support enquiries and communications (if any);
5. payment and transaction details;
6. your social media account details where linked to the Services;
7. any identity verification information where required;
8. your marketing preferences;
9. your survey responses and feedback; and
10. other information voluntarily provided by you.

Information Collected Automatically

When you use the Services, we may automatically collect:

1. IP address;
2. device identifiers;
3. mobile advertising identifiers;
4. device type and operating system;
5. application usage information;
6. session duration and activity;
7. app launch and interaction data;
8. battery rental and return activity;
9. charging station interaction data;
10. browser and network information;
11. diagnostics and crash logs;
12. analytics and performance information; and
13. information collected through cookies, SDKs, pixels and similar technologies.

Location Information

Subject to your device permissions and applicable law, we may collect approximate or precise geolocation information.

Location information may be used to:

1. identify nearby charging stations;
2. facilitate battery rentals and returns;
3. improve operational efficiency;
4. prevent fraud or misuse;
5. provide customer support; and
6. personalise user experiences.

You may disable location permissions through your device settings, however certain functionality may become unavailable.

Camera Access

Where enabled by you, the ChargeSPOT application may access your device camera to scan QR codes, facilitate account verification or support functionality relating to battery rentals and returns. We do not record or continuously monitor camera footage unless expressly disclosed and authorised.

Sensitive Information

We do not generally collect Sensitive Information (e.g. such as information about racial or ethnic origin, criminal history, religious beliefs or health information), unless:

1. reasonably necessary in the course of us providing the Services;
2. required or authorised by law; or
3. you consent to the collection.

Where we collect Sensitive Information, we will at all times handle it in accordance with applicable laws.

1. Purpose for Which We Collect, Hold, Use and Disclose Personal Information

Generally, we collect, use and disclose Personal Information in order to operate, maintain and improve the Services.

Depending on the circumstances, we may use Personal Information to:

1. provide and administer the Services;
2. facilitate battery rental and return transactions;
3. process payments and manage billing;
4. verify identity and account ownership;
5. communicate with users and respond to enquiries;
6. provide customer support;
7. monitor and improve the performance of the Services;
8. conduct analytics, product development and market research;
9. personalise user experiences;
10. send operational notifications and service communications;
11. provide marketing and promotional communications;
12. detect, prevent and investigate fraud, misuse or unlawful activity;
13. maintain platform integrity and security;
14. enforce our legal rights and contractual arrangements;
15. comply with legal, regulatory, insurance and governance obligations;
16. facilitate mergers, acquisitions, restructures or financing transactions; and
17. otherwise carry on and improve our business.

We may also de-identify or aggregate information for lawful business, operational and analytical purposes.

1. Legal Requirements for Collection

In some circumstances, laws, regulations, court orders or regulatory obligations may require or authorise us to collect Personal Information. Where reasonably practicable, we will notify you of such requirements.

1. Consequences of Failure to Provide Personal Information

If you do not provide requested Personal Information, or if the information provided is inaccurate or incomplete, we may be unable to:

1. provide the Services;
2. process transactions;
3. verify your identity;
4. provide customer support; or
5. otherwise facilitate your use of the Services.

You may have the option of interacting with us anonymously or using a pseudonym where lawful and practicable. However, due to the nature of the Services, this may not always be possible.

1. How We Collect Personal Information

We aim to collect Personal Information directly from you wherever practicable. We may collect Personal Information:

1. when you register or use the Services;
2. through the ChargeSPOT application or websites;
3. during customer support interactions;
4. through communications including email, telephone and social media;
5. through cookies, SDKs and tracking technologies;
6. from payment processors and financial institutions;
7. from analytics and advertising providers;
8. from commercial partners, distributors or affiliates;
9. from publicly available sources;
10. from fraud prevention and identity verification providers; and
11. where otherwise permitted or required by law.

Marketing

From time to time, we may use Personal Information to provide:

1. marketing communications;
2. updates about our Services;
3. promotional offers;
4. surveys;
5. newsletters; and
6. invitations to events or campaigns.

Please note that we do not use Sensitive Information (if any), for direct marketing purposes.

You may opt out of marketing communications at any time by:

1. using the unsubscribe functionality in communications;
2. adjusting your account settings; or
3. contacting us using the details below.

Opting out of marketing communications will not affect operational or service-related communications.

1. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as web beacons, pixels, and device identifiers) to collect and use personal information about your interactions with the Services. These technologies may be used for analytics and, where applicable, marketing or advertising purposes.

Where required by applicable laws, we will provide additional notice or obtain consent in relation to the use of certain tracking technologies. Please refer to our Cookie Policy for further information.

1. Disclosure of Personal Information

We may disclose Personal Information for the purposes described in this Privacy Policy or as otherwise permitted by applicable laws, including the Privacy Act. Examples of recipients of Personal Information may include:

1. related bodies corporate and affiliates;
2. payment processors and financial institutions;
3. cloud hosting and infrastructure providers;
4. IT, cybersecurity and software providers;
5. analytics, advertising and attribution partners;
6. logistics and operational service providers;
7. customer support providers;
8. professional advisers including lawyers, accountants and auditors;
9. insurers;
10. commercial partners and franchisees;
11. regulators, law enforcement agencies, courts and tribunals; and
12. prospective purchasers, investors or transaction counterparties.

We endeavour to ensure third-party recipients are subject to appropriate confidentiality, privacy and security obligations.

Disclosing Personal Information Overseas

Due to the global nature of our business, your Personal Information may be transferred to, stored in, and processed in jurisdictions outside of your state of residence, including outside of Australia.

In particular, we may transfer Personal Information to:

1. 1. countries where our affiliates or group companies operate; and
   2. jurisdictions where our service providers or partners maintain operations or infrastructure.

These jurisdictions may have data protection laws that differ from those in your place of residence. Where we transfer Personal Information across borders, we take reasonable steps to ensure that appropriate safeguards are in place to protect your Personal Information in accordance with applicable laws, and where required under the Privacy Act, we take reasonable steps to ensure overseas recipients do not breach the Australian Privacy Principles in relation to your Personal Information.

1. Online or Electronic Transmission of Personal Information

While we take reasonable steps to protect information transmitted electronically, transmission over the internet is not completely secure and we cannot guarantee the security of information transmitted electronically.

If you communicate with us electronically, the contents of those communications may be retained in accordance with our operational, legal and governance requirements.

If you access third-party websites, applications or services through our Services, your interactions will be governed by the privacy policies and terms applicable to those third parties.

1. How We Store, Retain and Protect Personal Information

We may hold Personal Information in electronic systems, cloud environments, physical records and operational databases.

We take reasonable technical and organisational measures to protect Personal Information from misuse, interference, loss and unauthorised access, modification or disclosure. These measures may include:

1. 1. encryption;
   2. access controls;
   3. password protection;
   4. multi-factor authentication;
   5. network monitoring;
   6. logging and audit controls;
   7. cybersecurity safeguards;
   8. vendor risk assessments;
   9. physical security controls; and
   10. staff confidentiality and privacy training.

We retain Personal Information only for as long as reasonably necessary for:

1. 1. the purposes described in this Privacy Policy;
   2. legal and regulatory compliance;
   3. dispute resolution;
   4. fraud prevention;
   5. insurance and governance obligations; and
   6. operational and archival purposes.

When Personal Information is no longer reasonably required, we will take reasonable steps to destroy or de-identify it pursuant to applicable laws.

1. Data Breach

If we suspect there has been unauthorised access to, disclosure of, or loss of Personal Information, we will promptly investigate the incident.

Where required under the Privacy Act and the Notifiable Data Breaches Scheme, we will notify affected individuals and the Office of the Australian Information Commissioner.

If you believe a data breach may have occurred, please contact us as soon as possible.

1. Automated Monitoring, Fraud Prevention and Platform Integrity

We may use automated systems, analytics and monitoring tools to:

1. 1. detect suspicious activity;
   2. prevent fraud or misuse;
   3. maintain platform integrity;
   4. enforce our terms;
   5. optimise operational performance; and
   6. improve user experiences.

We do not use solely automated decision-making that produces legal or similarly significant effects without appropriate safeguards where required by law.

1. Access and Correction

You may contact our Privacy Officer to request access to, or the correction of your Personal Information. 

We will respond to your request for access within a reasonable period after the request is made and may require you to comply with certain procedures before we allow access to or amendment of your Personal Information in order to ensure the integrity and security of the information that we hold. These processes are designed to protect you and other individuals from unauthorised access.

If access is granted, we will allow you to access the Personal Information in the manner you request if it is reasonable and practicable to do so. We may refuse to allow access or to amend your Personal Information if we are legally required or permitted to do so. In that case, we will provide you with written reasons for the refusal (unless it is unreasonable to do so) and information about how you may complain about the refusal.

We will take reasonable steps to ensure that the Personal Information we collect is accurate, up-to-date and complete, and the Personal Information we use and disclose is accurate, up-to-date, complete and relevant.  If we are satisfied that any Personal Information, we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will amend our records accordingly.

Please let us know if your Personal Information changes, so that we may ensure our records are kept up to date.

1. How to Make a Complaint

If you believe that we have breached our privacy obligations or your rights under the Australian Privacy Principles, please contact our Privacy Officer using the contact details set out below.

You may submit a complaint to our Privacy Officer, who will promptly review and address the matter. Your complaint may be escalated internally where appropriate, including where the matter is serious or requires further investigation or resolution.

Please allow us a reasonable period to respond to your complaint. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (“OAIC”) using the contact details set out below.

Office of the Australian Information Commissioner (OAIC)
Website: https://www.oaic.gov.au
Phone: 1300 363 992

1. Changes to this Privacy Policy

We may amend this Privacy Policy from time to time. Updated versions will be published through our Services with a revised effective date.

1. Contact Details

If you would like further information regarding this Privacy Policy or our handling of Personal Information, or have any concerns regarding our privacy practices, please contact our Privacy Officer at andrewo@chargespot.com.au.