PRIVACY POLICY

Effective Date: March 9, 2026

ARTICLE I: INTRODUCTION AND SCOPE

1.1 Purpose of Policy

This Privacy Policy (the “Policy”) describes how EGAC GROUP LLC (“Company,” “We,” “Us,” or “Our”), operator of the Lynx mobile application (the “App”), collects, processes, stores, protects, and discloses personal data.

The App functions as a marketplace platform connecting Service Providers and Service Consumers, facilitating transactions, events, and peer-to-peer services. This Policy is intended to:

• Explain what types of personal data are collected.
• Describe how data is processed and used.
• Outline User rights and options regarding personal data.
• Ensure transparency in compliance with applicable privacy laws including U.S. state privacy laws (e.g., CCPA/CPRA), GDPR, and Apple App Store / Google Play requirements.

1.2 Applicability

This Policy applies to all Users of the App, including Service Providers, Service Consumers, and any other individuals interacting with the Services. By accessing or using the App, you consent to the collection, use, and sharing of your personal data as described in this Policy.

1.3 Definitions

• User: Any individual accessing or using the App.
• Service Provider: A User offering services through the App such as tutoring, photography, event planning, or IT support.
• Service Consumer: A User requesting or booking services through the App.
• Personal Data: Information that identifies or can reasonably identify a User directly or indirectly.
• Third-Party Services: External providers such as payment processors, analytics tools, cloud storage, and integrated SDKs.
• Processing: Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.

ARTICLE II: TYPES OF PERSONAL DATA COLLECTED

We collect several categories of personal data necessary to operate the marketplace and provide the App’s services.

2.1 Identity and Contact Information

• Full Name, Email Address, Physical Address: Used for verification, billing, and legal compliance.
• Phone Number: Used for authentication, confirmations, and secure communication.
• Account Credentials: Includes User ID and password for secure platform access.

2.2 Financial and Transaction Data

• Payment Information: Payment processing is performed by secure third-party providers such as Stripe. Full card details are generally not stored by the Company.
• Transaction Records: Payments made, services booked, platform fees, and related timestamps.

2.3 Profile and User-Generated Data

• Profile information including skills, academic or professional information, interests, and availability.
• Service Provider details such as pricing, qualifications, and service availability.
• Booking preferences and instructions submitted by Service Consumers.
• User-generated content such as reviews, ratings, messages, and uploaded photos.

2.4 Technical, Usage, and Location Data

• IP address, device identifiers, operating system, and browser type.
• Usage analytics including feature interaction and crash reports.
• Approximate or precise location (if permitted) to connect nearby service providers and consumers.

ARTICLE III: LAWFUL BASES & PURPOSES OF DATA PROCESSING

• Performance of Contract: Required to deliver platform services and transactions.
• Legitimate Interests: Improve platform performance, maintain security, and prevent fraud.
• Consent: Required for marketing communications or precise location tracking.
• Legal Obligation: Compliance with regulatory requirements and court orders.

ARTICLE IV: DATA SHARING & DISCLOSURE

Personal data is shared only when necessary for marketplace functionality, legal compliance, or service providers assisting the Company.

• Sharing between Service Providers and Service Consumers.
• Third-party services such as Stripe, Firebase, and analytics tools.
• Legal authorities when required by law.
• Business transfers such as mergers or acquisitions.

ARTICLE V: DATA STORAGE, PROTECTION & RETENTION

• Industry-standard encryption and security measures.
• Restricted access to authorized personnel.
• Account data retained while active and up to 90 days after deletion.
• Financial records retained for up to 7 years for legal compliance.

ARTICLE VI: USER RIGHTS & CHOICES

• Access and correction of personal data.
• Right to deletion or “right to be forgotten”.
• Opt-out of marketing communications.
• Data portability where legally applicable.

ARTICLE VII: INTERNATIONAL DATA TRANSFERS & GOVERNING LAW

Personal data may be processed or stored in countries outside your home jurisdiction including the United States. Safeguards such as contractual clauses and processor agreements are implemented to protect such transfers.

This Policy is governed by the laws of the State of Delaware, USA.

ARTICLE VIII: CHILDREN’S PRIVACY

• The App is not intended for children under 13.
• We do not knowingly collect personal data from children.
• Parents may contact us to request deletion of a child’s data.

ARTICLE IX: COOKIES & TRACKING TECHNOLOGIES

Cookies, pixels, and tracking technologies are used to maintain sessions, analyze usage, and improve platform performance. Users can control tracking permissions through device or browser settings.

ARTICLE X: CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. Updates will be posted in the App and reflected with a revised “Effective Date.” Continued use of the App after changes constitutes acceptance of the updated Policy.

ARTICLE XI: CONTACT INFORMATION

If you have questions or concerns regarding this Privacy Policy, you may contact us:

Business Name: EGAC GROUP LLC

• Email: info@lynxuni.com
• Address: 8 THE Green STE B Dover, DE 19901