PRIVACY POLICY

Last updated: [08 August 2025]

Tawango Pty. Ltd. (business name: World of Discoveries), New South Wales, Australia, strictly complies with the principles of the Privacy Act, and the Australian Privacy Principles, introduced by the Office of the Australian Information Commissioner. We comply with Australian Privacy Act 1988 (Cth) and EU General Data Protection Regulation (GDPR). Our goal is to respect, appropriately handle, protect and secure your personal information by all available means and in everything we do.

WHAT DATA DO WE COLLECT FROM YOU AND WHAT FOR?

In conducting our business as a travel provider, we will require you to provide certain correct, reliable and accurate personal information, including passport details, which we need to process your booking and travel arrangements including (but not limited to) visas and flights. It will not be possible to arrange a tour, or issue correct travel documents if we do not have this information. We will not use any of your personal details for any other purpose apart from arranging your travels.

We may also request some medical information for adventure and extreme sport tours. We may collect: identification details (full name, date of birth, passport details), contact information (email address, phone number, postal address), booking details (flight, hotel, itinerary), payment details (credit/debit card information — processed securely by third-party payment providers), special requirements (dietary needs, accessibility requests, medical information provided voluntarily), communication records (emails, phone calls, enquiry forms), website usage data (IP address, browser type, cookies — see "Cookies" section)

HOW WE COLLECT YOUR DATA

We collect personal data:

• Directly from you (booking forms, emails, calls)
• Automatically through our website (cookies, analytics tools)

TO WHOM DO WE DISCLOSE YOUR PERSONAL INFORMATION?

As a company with a business that is conducted overseas, we will disclose necessary personal details and information to our travel partners that are necessary to process your bookings and travel arrangements. These details may include your passport and visa number, full name and date of birth, dates of travel and special requests. We will not provide your personal details to any other party not involved directly in your booking arrangements with us. We will never sell your personal information to any third party. We may share your data with:

• Airlines, hotels, transport companies, and tour operators
• Insurance providers if we arrange your insurance on your behalf
• Regulatory bodies if required by law

International Transfers: some partners are located outside the EEA. Where we transfer data internationally, we use: European Commission adequacy decisions, or Standard Contractual Clauses approved by the European Commission

HOW WE USE YOUR DATA

We use personal data to:

• Process bookings and payments
• Communicate with you about your trip
• Arrange flights, hotels, tours, insurance
• Meet legal and regulatory requirements
• Improve our services and website
• Send marketing (only with your consent)

WHERE DO WE KEEP YOUR INFORMATION AND FOR HOW LONG?

The personal information which you provide to us, including any additional information than that which we request from you, is kept in our reservation system. Our server is located in Australia and is equipped with appropriate systems, including encryption for online transactions, firewalls, and authentication to prevent unauthorized access. We retain your personal information for three months after your trip has finished, and thereafter, we delete it. Financial information (invoices, payments), however, are kept for ten years, for accounting and tax purposes.

WHAT ELSE IS YOUR ERSONAL INFORMATION USED FOR?

You may opt in to our newsletter, which we may send from time to time to let you know about our products and promotions, to the email that you provided during the newsletter signup process.

You may cancel your newsletter subscription at any time. To unsubscribe, reply to a newsletter email, typing "Unsubscribe" into the subject line or in the body text. You may also call or send an emailed unsubscribe request to info@wofdi.com.

IS YOUR ONLINE PAYMENT SECURED?

Payments made through our website are processed by an authorized payment system using a secured payment gateway. Tawango Pty. Ltd. does not have access to your credit card details; nor do we keep your credit card details. Your payment is processed by your bank and the payment system, it is secure and confidential. We do not collect, hold or process your credit card detail.

HOW THE CREDIT CARD PAYMENT IS HANDLED?

The payment gate you use is operated by the payment system and not by Tawango Pty Ltd. Once you're finalized your trip details with a manager, you will receive an individually generated payment link with the detailed invoice, terms & conditions of cancellation, inclusions. Upon paying this invoice, you will be bound by the Terms & Conditions of your booking. Your payment can be settled in any currency. Every trip has individual terms and conditions of cancellations. We can help to purchase travel insurance if you want to secure your trip.

The Internet payment service is carried out by international payment systems Visa, MasterCard on the principles of confidentiality and security of payment, for which the most modern methods of checking, encrypting and transmitting data through closed communication channels are used.

On the page for entering bank card data, you will need to enter bank card data: card number, cardholder name, card expiration date, three-digit security code. All necessary data are printed on the card. The three-digit security code is the three digits on the back of the card. Then you will be redirected to the page of your bank to enter the security code that will come to you in SMS. If you have not received a security code, you should contact the bank that issued you a card.

Your payment might be declined due to the following reasons:

• A credit card is not intended for making payments online, which can be found out by contacting your Bank;
• There is not enough money to pay on your credit card. You can find out more about the availability of funds on your credit card by contacting the bank that issued the credit card;
• Credit card information entered incorrectly;
• Your credit card has expired. The validity of the card is usually indicated on the front of the card (this is the month and year before which the card is valid). You can find out more about the validity of the card by contacting the bank that issued the bank card;

You can contact +61 2861 0596 for credit card and other questions related to the operation of the site. The personal information you provide (name, address, telephone, e-mail, credit card number) is confidential and is not subject to disclosure. Your credit card information is only encrypted and is not stored on our Web server.

HOW DO YOU GET YOUR TRAVEL DOCUMENTS?

Once your travel documents are ready, you will receive them by email

WHAT IF YOU HAVE A PRIVACY COMPLAINT?

We're determined to satisfy your needs and exceed your expectations in every way, including the way we handle your privacy, and we hope that you would never have any reason to complain about us! However, should you need to, here are the steps to follow.

First, please put your privacy concerns in writing. You can send us an email, a letter by post or enter a comment in your client profile on our website. Please describe the situation and give as many details as you remember, trying to indicate the situation you were not happy with. Let us know the steps you have taken to try to have the issue addressed. Please allow us two working days to respond.

If, having received our response, you are still not satisfied, your second step is to complain, again in writing, to team@wofdi.com. Please mark you letter as "COMPLAINT" to allow us to prioritize your request accordingly. Your case will then be assigned to the Senior Manager.

If you are still not satisfied, you may address privacy concerns to the Office of the Australian Information Commissioner (OAIC). CONTACT details for our company can be found here.

YOUR RIGHTS UNDER GDPR

If you are in the EEA, you have the right to: access your personal data, correct inaccurate data, request deletion of your data ("right to be forgotten"), restrict or object to processing, data portability (receive your data in a machine-readable format), withdraw consent at any time (for marketing or optional services). To exercise your rights, contact: go@wofdi.com. You also have the right to complain to an EU supervisory authority if you believe we have breached GDPR.

Legal Basis for Processing (GDPR)

We only process your data when we have a legal reason:

• Contract — to fulfil your booking or travel arrangements
• Legal obligation — compliance with immigration, customs, or tax requirements
• Consent — for marketing communications (you can withdraw anytime)
• Legitimate interest — to improve our services, prevent fraud, ensure safety

Security

We use appropriate technical and organizational measures to protect your data:

• Encrypted storage and transmission
• Access limited to authorized staff
• Staff training on data protection
• Secure payment gateways

Cookies

We use cookies to:

• Enable website functionality
• Analyze website traffic
• Personalize your experience

Non-essential cookies are only used with your consent.

You can manage cookies via our cookie banner or your browser settings. See our Cookie Policy below for full details.

CHANGES TO THIS POLICY

We may update this policy from time to time. Any changes will be posted on this page with a new "last updated" date.

COOKIE POLICY

Last updated: [08 August 2025]

INTRODUCTION

This Cookie Policy explains how Tawango Pty Ltd ("we", "our", "us") uses cookies and similar technologies when you visit our website www.wofdi.com.

By using our website, you agree that cookies may be placed on your device in accordance with this policy.

WHAT ARE COOKIES?

Cookies are small text files stored on your device when you visit a website. They allow the site to recognize your device, remember your preferences, and improve your browsing experience. Cookies can also be used to deliver relevant advertising and analyze site performance.

WHY WE USE COOKIES?

We use cookies to:

• Ensure the website operates securely and functions properly.
• Remember your settings and preferences.
• Understand how visitors use our site so we can improve it.
• Deliver personalized advertising and measure marketing effectiveness.

TYPES OF COOKIES WE USE

• Essential Cookies — Required for the operation of our website (e.g., booking travel, account login, security).
• Performance Cookies — Collect anonymous statistics on site usage.
• Functional Cookies — Remember your preferences and enhance your experience.
• Advertising Cookies — Deliver targeted advertisements and track ad performance.

Some cookies are placed by third-party service providers such as analytics, advertising networks, and content providers (e.g., video players).

THIRD-PARTY COOKIES

Third parties may use cookies on our site for:

• Analytics and reporting (e.g., Google Analytics)
• Advertising and remarketing (e.g., Facebook Pixel, Google Ads)
• Embedded content (e.g., YouTube, Instagram)

We do not control these cookies. Please check the relevant third party’s privacy policy for details.

MANAGING COOKIES

Most web browsers automatically accept cookies.

You can change your browser settings at any time to block or delete cookies.

However, if you disable certain cookies, parts of our site may not function as intended.

For instructions, visit:

• Chrome: https://support.google.com/chrome/answer/95647
• Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
• Edge: https://support.microsoft.com/help/4027947

INTERNATIONAL COMPLIANCE

This Cookie Policy complies with:

• EU General Data Protection Regulation (GDPR) and UK GDPR
• Australian Privacy Act 1988 (Cth)
• United States privacy laws (including California CCPA/CPRA, Colorado, Virginia)
• Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)

CHANGES TO THIS POLICY

We may update this Cookie Policy from time to time. Any changes will be posted on this page with a new "last updated" date.

CONTACT US

If you have questions about this Cookie Policy or our use of cookies, contact us at:

• Email: go@wofdi.com
• Post: Tawango Pty Ltd, Address: 526/368 Sussex St, Sydney NSW 2000, Australia

If you want, I can now give you the matching full Privacy Policy for Tawango Pty Ltd that covers all customer data — bookings, payments, personal details, not just cookies — so your site has both required legal documents side-by-side. That would make you much more defensible if any GDPR or Privacy Act complaint is made.