1. About this Policy 

This Policy applies to the processing of your personal data by Phenix Jet International, LLC, Phenix Jet Hong Kong, Ltd, Phenix Jet Cayman SEZC, and ACP Jet Charters, Inc (the “Phenix Jet Group,” “we,” “our,” or “us”) for providing business jet charter services, marketing services, and other services relevant thereto.

2. Definitions

This Policy applies to the processing of your personal data by Phenix Jet Group this Policy:

• (a) “Affiliates” means our subsidiaries, parent companies, or sister companies;
• (b) “Personal Data” means any information relating to an identified or identifiable natural person;
• (c) “Process/Processing” means any activity or operation that is carried out in regard to Personal Data, such as the collection, storage, use, transfer, or deletion thereof; and
• (d) “You” or “your” means an identified or identifiable natural person through Personal Data, including our or our subsidiary’s customers, employees, cooperating companies, or people in charge thereof, shareholders, and investors.

3. How We Collect Your Personal Data

We may collect information that you provide to us, whether by means of a form on our website, by email, in a letter, or otherwise, or that our Affiliates provide to us, such as your personal details (e.g., name, date of birth, and gender), contact details (e.g., phone or mobile number, email address, and postal address), passport information (e.g., photo, name, gender, nationality, permanent address, date of birth, passport number, and signature), visa information, Esta related information, race or ethnicity, religion, health-related information (e.g., medical history and reports on medical diagnoses, injuries and treatment), physical feature (e.g., height, weight), customer preference, educational details (e.g., educational history, qualifications, certifications, and skills), citizenship or immigration information, professional experience, the name and location of the company for which you work, insurance policy number, and financial information (e.g., bank account number, credit card number, and debit card number), in-flight aircraft movement data, and any other information you may choose to provide us in your dealings with us, if you are a user of our business jet charter services.

We also may collect information that brokers provide to us, either directly from brokers or through our Affiliates, such as your name and email address, and the name, address, and telephone number of the company for which you work, if you are an employee of a broker.

Please note that we may be required by law, or as a consequence of any contractual relationship that we may have with you, to collect certain Personal Data from you. In such a case, your failure to provide such Personal Data may prevent or delay the fulfilment of our obligations under such law or contractual relationship.

Furthermore, we also may collect information, such as your personal details (e.g., name and date of birth), contact details (e.g., phone or mobile number, email address, and postal address), background check-related information, publicly available professional profiles on websites or social media platforms, and information about your creditability or reputation from any other sources.

4. Purposes of Processing Personal Data

We use the Personal Data that we hold about you for the purposes set forth below. We will use your Personal Data only to the extent that it is necessary to fulfill the following purposes:

• (a) to provide and personalise business jet charter services;
• (b) to contact you for marketing purposes and to provide offers related to business jet charter services, as well as to personalize more relevant and interesting personalised marketing messages, unless you have opted out of marketing, or we are otherwise prevented by law from doing so;
• (c) to respond to your enquiries and requests;
• (d) to comply with any laws and regulations applicable to us;
• (e) to cooperate with relevant governmental authorities and agencies, including competent data protection authorities and those that are engaged in administrative or criminal investigations; and
• (f) to establish, exercise, or defend against legal claims.

We will not Process your Personal Data for a new purpose, unless it is permitted by laws and regulations applicable to us.

5. Disclosure of Personal Data to Recipients

We may share your Personal Data with the following categories of recipients:

• (a) Affiliates: We may disclose your Personal Data to our Affiliates, particularly for marketing and/or anti-corruption compliance purposes.
• (b) Employees: We may disclose your Persona Data to our employees who have the authority and for whom it is necessary to access your Personal Data.
• (c) Service providers and business partners: We may disclose your Personal Data to service providers and business partners that perform marketing services and other business operations for us. For example, we may work with other companies to process secure payments, fulfil orders, optimize our services, send newsletters, marketing emails, and support emails, provide messaging services, and to analyse information.
• (d) Ground handling companies: We may disclose your Personal Data to ground handling companies at departure/arrival airports. Ground handling companies provide a wide range of services, including facilitation of an aircraft’s flight, ground repositioning, as well as of preparation and conclusion of a flight, and may provide your passport information to airport and tax authorities for the purpose of obtaining permission for take-off and landing and completing necessary customs procedures and documentation.
• (e) Business successors: We may disclose your Personal Data to persons who succeed to our business due to an organizational restructuring, business transfer, etc. Should such a succession occur, we will use reasonable efforts to try to ensure that the successor Processes your Personal Data in a manner that is consistent with this Policy.

We may otherwise disclose your Personal Data to any third party other than those set forth above, including public authorities, such as airport authorities, tax authorities, and competent courts of law, if such disclosure is required to achieve the purposes for which you provided Personal Data to us, to the extent necessary to comply with any laws and regulations applicable to us, to cooperate with relevant public authorities, or to establish, exercise, or defend against legal claims.

6. Storage Period for Personal Data

We will keep your Personal Data for as long as we have a relationship with you. Once our relationship with you comes to an end, we will retain your Personal Data only for a period of time that, in our opinion, will enable us:

• to maintain business records for analysis and/or audit purposes;
• to comply with record retention requirements under applicable laws and regulations or record retention policies;
• to establish, exercise, or defend against any existing or potential legal claims; and
• to deal with any complaints regarding the services, to the extent that it is reasonably possible for us to do so.

We will delete your Personal Data when it is no longer required for such purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of your Personal Data.

7. Your Rights

You have a variety of legal rights in relation to the Personal Data that we hold about you. These rights may vary depending on where you are located and which data protection laws apply to the relationship between you and us, but typically will include the following rights:

• (a) to obtain information regarding our Processing of your Personal Data and to access the Personal Data that we hold about you;
• (b) to request that we rectify your Personal Data if it is inaccurate or incomplete;
• (c) to request that we erase your Personal Data in certain circumstances;
• (d) to request that we restrict our Processing of your Personal Data in certain circumstances;
• (e) to object to our Processing of your Personal Data;
• (f) to receive your Personal Data in a structured, commonly used, and machine-readable format and/or to request that we directly transmit such Personal Data to a recipient (where doing so is technically feasible); and
• (g) to withdraw your consent to our Processing of your Personal Data at any time.

You may exercise any of your rights by contacting us using the information about us provided in Section 9 below. You also may file a complaint with the relevant data protection authority if you believe that any of your rights have been infringed by us.

8. Security Control Measures

We take necessary and appropriate measures to prevent any leakage, loss of, or damage to your Personal Data to be Processed (including personal information which has been collected or will be collected and are intended to be Processed as Personal Data) and to otherwise maintain the security of personal information, such as establishing rules for the Processing of Personal Data, regular monitoring of the Processing of Personal Data, regular training of employees in the Processing of Personal Data, prevention of theft or loss of equipment used to Process Personal Data, and implementation of access controls. We also exercise appropriate supervision over our contractors and employees who Process Personal Data, and if we handle personal information outside Japan, we will grasp the country’s legislation to protect personal information and implement appropriate security control measures.

9. Contact Details

If you have any questions about this Policy, your rights, or any other matter relating to the protection of personal information, please contact us at the following address:

(Phenix Jet International, LLC)(a) Address of head office: 222 E. Chalan Santo Papa, Suite 201 Hagatna, Guam 96910

(b) Name of representative: Sakurai Yohei

(c) Name and Position of the contact person: Elsie Quenga, General Manager

(d) Email address: charter@phenixjet.com

(Phenix Jet Hong Kong, Ltd)

• Address of head office: Room 701, The Phoenix 23 Luard Road, Wan Chai, Hong Kong
• Name of representative: Andrew Svoboda
• Name and Position of the contact person: Andrew Svoboda, Chief Executive Officer
• Email address: charter@phenixjet.com

(Phenix Jet Cayman SEZC)

• Address of head office: Signal House, Block 21B, Off Fairbanks Road, George Town, Grand Cayman, Cayman Islands KY1-9012
• Name of representative: Andrew Svoboda
• Name and Position of the contact person: Andrew Svoboda, Chief Executive Officer
• Email address: charter@phenixjet.com

(ACP Jet Charters, Inc)

• Address of head office: 222 E. Chalan Santo Papa, Suite 201 Hagatna, Guam 96910
• Name of representative: Paul Schembari
• Name and Position of the contact person: Paul Schembari, Chief Executive Officer
• Email address: charter@phenixjet.com

APPI Addendum (Japan)

This Addendum applies when the Processing of Personal Data by the Phenix Jet Group is subject to the Act on the Protection of Personal Information of Japan (the “APPI”). This Addendum supplements our Privacy Policy (the “Policy”) and prevails over any conflicting provisions in the Policy.

1. Transfer of Personal Data Outside Japan

Your Personal Data may be provided to third parties outside Japan, such as our Affiliates, service providers, business partners, and ground handling companies located outside Japan.

We cannot provide you with the names of the countries in which ground handling companies outside Japan are located or information on the measures they have taken to protect your Personal Data, because it is not possible for us to identify in advance such ground handling companies at departure/arrival airports or the countries in which they are located.

Please note that our Affiliates, and many of our service providers and business partners have established systems which meet the standards provided by the Enforcement Rules for the Act on the Protection of Personal Information.

2. Joint Use of Personal Data

We may utilize the joint use framework under the APPI to share your Personal Data indicated in Section 3 of the Policy, for the purposes indicated in Section 4 of the Policy, among the companies of the Phenix Group and with Sojitz Corporation., Sojitz Jet Corporation.

In such cases, Phenix Jet International, LLC will be the party responsible for the management of your Personal Data. Please refer to Section 9 of the Policy for its address and the name of our representative.

GDPR Addendum (EEA/UK)

This Addendum applies when the Processing of Personal Data is subject to the General Data Protection Regulation (EU Regulation 2016/679) and the United Kingdom General Data Protection Regulation, as it forms a part of the laws of England, Wales, Scotland, and Northern Ireland by virtue of Section 3 of the European Union (Withdrawal) Act 2018 (collectively the “GDPR”). This Addendum supplements our “Privacy Policy” (the “Policy”) and prevails over any conflicting provisions in the Policy.

1. Legal Basis

(a) Contract. Where the Processing of your Personal Data is necessary to perform a contract we enter into with you. For example, where it is necessary to provide the services to ensure that invoices are paid appropriately, and to ensure that you are able to access our premises when required based on a contract that we enter into with you.

(b) Legitimate interests. Where the Processing of your Personal Data is necessary for legitimate interests pursued by us or a third party, such as to perform a background check for anti-corruption purposes, to understand how you use our services or products, and to enable us to derive knowledge that will facilitate our development of new services or products. When we Process your Personal Data for legitimate interests, we put in place robust safeguards to ensure that your privacy is protected, as well as to ensure that the legitimate interests are not overridden by your interests or fundamental rights and freedoms. You may obtain further details about legitimate interests by contacting us using the information about us provided in Section 9 of the Policy.

(c) Consent. Where you have given your consent to us to Process your Personal Data. The withdrawal of your consent shall not affect the lawfulness of any Processing performed based on the consent provided before such withdrawal.

(d) Legal obligation. Where the Processing of your Personal Data is required by laws and regulations applicable to us. For example, where we are required to obtain proof of your identity to enable us to meet our anti-money laundering obligations, to comply with health and safety obligations while you are on our premises, or to provide your Personal Data to third parties such as tax authorities.

(e) Vital Interests. Where the Processing of your Personal Data is necessary to protect your or another person’s vital interests, for example providing your health information to a doctor in a medical emergency.

2. Transfer of Personal Data Outside the EEA or the UK

Your Personal Data may be transferred to, and stored by, a third party outside the European Economic Area (the “EEA”) or the UK. Where we transfer your Personal Data to a third party outside the EEA or the UK, we will ensure that:

• (a) the recipient destination has been determined by the European Commission or has been designated by the government of the UK as ensuring an adequate level of protection for the rights and freedoms that you possess with respect to your Personal Data;
• (b) the recipient enters into with us standard data protection clauses that have been approved by the European Commission, or other contracts for the transfer of Personal Data as required by data protection laws; or
• (c) it is permitted to transfer Personal Data under Article 49 of the GDPR, such as when it is necessary for the performance of a contract between you and us.

You can obtain further details of the protection given to your Personal Data when it is transferred outside the EEA or the UK by contacting us using the information about us provided in Section 9 of the Policy.

3. Use of Personal Data in Direct Marketing

We may use your Personal Data for direct marketing, including without limitation sending you marketing and promotional materials relating to our services and products. We may also provide your Personal Data to our Affiliates for use in direct marketing, in particular marketing business jet charter services. The types of personal data we intend to use and/or provide for direct marketing purposes include those specified in Section 3 of the Policy. You can object to or withdraw your consent for direct marketing by contacting us using the information about us provided in Section 9 of the Policy.

PIPL Addendum (China)

This Addendum applies when the Processing of Personal Data is subject to the Personal Information Protection Law of the People’s Republic of China (the “PIPL”). This Addendum supplements our “Privacy Policy” (the “Policy”) and prevails over any conflicting provisions in the Policy.

1. How We Process Your Personal Data

We shall engage in Processing such as collection, retention, use, processing, transmission, provision, disclosure, and deletion of Personal Data.

2. Processing of Sensitive Personal Data

In the case of Processing Sensitive Personal Data as defined in Article 28 of the PIPL, we shall implement measures required under the PIPL, such as notifying you of the necessity of Processing Sensitive Personal Data, and the effects on individuals’ rights and interests.

We shall Process your race or ethnicity, religion, and health-related information as Sensitive Personal Data. The necessity of Processing your Sensitive Personal Data, and the effects on individual rights and interests, are as follows:

Necessity of Processing

It is necessary for us to Process your Sensitive Personal Data in order to provide business jet charter services safely and to complete necessary entry procedures and documentation.

Effects on individuals’ rights and interests

Your Sensitive Personal Data are managed under appropriate security control measures, and the possibility of negative effects on individuals’ rights and interests due to a data breach is limited.

3. Provision of Personal Data

In the case where we provide your Personal Data to third parties other than the contractors to which we outsource the Processing of Personal Data, we shall implement measures required under the PIPL, such as notifying you of such third parties’ names, contact methods, purposes of Processing, methods of Processing, and categories of such Personal Data.

In the case where we provide your Personal Data to third parties outside China, we will implement measures required under the PIPL, such as notifying you of such third parties’ names, contact methods, methods of Processing, categories of such Personal Data, and the methods and procedures in which the rights provided under the PIPL will be exercised against such third parties.

We shall provide your Personal Data to the following third parties outside China.

Section 6 of the Policy lists the business or commercial purposes for which the categories of Personal Data were disclosed during the last twelve (12) months.

2. Your rights and requests

If you are a California consumer, you have certain choices regarding your Personal Data, as described below:

(a) Access. You have the right to request, twice in a 12-month period, that we disclose to you the following information we have collected, used, and disclosed about you during the twelve (12) months preceding your request:

• The categories of Personal Data we collected about you;
• The categories of sources from which we collected such Personal Data;
• The business or commercial purpose(s) for collecting such Personal Data about you;
• The categories of third parties to whom we disclosed such Personal Data; and
• The specific pieces of Personal Data we have collected about you.

(b) Deletion. You have the right to request that we delete certain Personal Data we collected from you.

(c) Correction. You have the right to request that we correct inaccurate Personal Data we maintain about you.

How to submit a request. To make an access, deletion, or correction request (described above), please contact us by any of the following means:

• (a) Calling at +1 888-864-4538
• (b) Submitting a webform via https://phenixjet.com/contact-us/#request-quote
• (c) Sending an e-mail to charter@phenixjet.com

Verifying requests. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your Personal Data or complying with your deletion or correction request.

If you have a password-protected account with us, we will verify your identity through our existing authentication practices for your account; however, we will require you to re-authenticate yourself before deleting, correcting, or disclosing your Personal Data. If you do not have or cannot access a password-protected account with us, upon receiving an access, deletion, or correction request from you, we will first verify your identity by requiring you to submit information necessary to verify your identity, such as your name and email address, and by matching the information you provide with what we already have on file.

If you use an authorized agent to make an access, deletion, or correction request on your behalf, we may require the authorized agent to provide proof that you gave the agent signed permission to make the request. Also, we may require you to either (1) verify your own identity directly with us (as described above), or (2) directly confirm with us that you provided the authorized agent permission to submit the request.

Additional Information. If you choose to exercise any of your rights under the CCPA, you have the right to not receive discriminatory treatment by us. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.

Because we do not sell or share Personal Data, we do not process opt-out preference signals from Global Privacy Control.

Please note, we do not use or disclose Sensitive Personal Information (as defined in CCPA) for any purposes not expressly permitted by the CCPA that require us to support the right to limit the use or disclosure of Sensitive Personal Information.

3. Changes to this Addendum

We review and may change this Addendum from time to time. The date of “Last Updated” at the top of this page states when this Addendum was last updated; any changes will become effective upon our posting the revised Addendum.

We request you to bookmark and periodically review this Addendum in order to ensure continuing familiarity with the most current version of this Addendum.

4. Contact us

If you have any questions or concerns regarding this Addendum or our privacy practices, please contact us at charter@phenixjet.com.