PUREFI TECH INC. — PRIVACY POLICY

1. Information We Collect

A. Information You Provide

We may collect the following information when you create an account, use our Services, or communicate with us:

• Account Information: Your name, email address, phone number, date of birth, and other identifying information required to create and maintain your PureFi account.
• Identity Verification (KYC): To comply with applicable laws and regulations, we may collect government-issued identification documents, photographs, proof of address, Social Security Number or equivalent tax identification number, and other information required for Know Your Customer (KYC) and Anti-Money Laundering (AML) verification.
• Financial Information: Bank account details, payment card information, transaction history, and other financial data necessary to facilitate deposits, withdrawals, transfers, and yield services.
• Wallet Information: Blockchain wallet addresses you connect to or use through the Services, including associated transaction data.
• Communications: When you contact us for support or other inquiries, we collect the content of those communications along with your contact details and any contextual information you share (such as transaction references, device type, or error descriptions).
• Preferences: Information about your account settings, notification preferences, and feature selections.

You may voluntarily provide other information to us that we have not solicited. In such cases, you are solely responsible for the information shared.

B. Information Collected Automatically

When you access or use our Services, we automatically collect certain information, including:

• Device Information: Device type, operating system, browser type and version, unique device identifiers, screen resolution, and language settings.
• Usage Information: Pages visited, features used, actions taken, time and duration of visits, referral URLs, and interaction patterns within the Services.
• Location Information: General geographic location derived from your IP address or, with your consent, more precise location data from your mobile device.
• Log Data: IP address, access times, server logs, and diagnostic data.

C. Information from Third Parties

We may receive information about you from third-party sources, including:

• Identity Verification Providers: Results of KYC/AML checks from our verification partners.
• Financial Partners: Information from banking partners, payment processors, on-ramp and off-ramp providers, and card issuance partners necessary to facilitate your transactions.
• Blockchain Data: Publicly available information from blockchain networks related to wallet addresses and transactions.
• Analytics Providers: Aggregated or de-identified information about usage patterns and user demographics.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Operate the Services: To create and manage your account, process transactions, facilitate cross-border transfers, generate yield on your holdings, issue and manage payment cards, and deliver the core functionality of PureFi.
• Compliance and Legal Obligations: To comply with applicable laws, regulations, and legal processes, including KYC/AML requirements, sanctions screening, tax reporting obligations, and responding to lawful requests from government authorities.
• Security and Fraud Prevention: To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity, protect the security and integrity of the Services, and enforce our Terms of Service.
• Communications: To send you service-related notices, transaction confirmations, security alerts, support responses, and, where permitted, promotional communications about our products and features.
• Improvement and Development: To analyze usage patterns, conduct research, debug and improve the Services, develop new features, and enhance user experience.
• Business Operations: To manage our business, including in connection with any merger, acquisition, reorganization, financing, or asset transfer.
• Consent: For any other purposes for which we have obtained your consent.

We may use information that does not identify you (including aggregated or de-identified data) for any purpose permitted by applicable law.

3. How We Share Your Information

We may share your information with the following categories of recipients:

• Service Providers: Third-party companies that perform services on our behalf, including identity verification providers, banking and payment partners, on-ramp and off-ramp providers (such as Bridge, MoonPay, or Zero Hash), card issuance partners, yield and investment partners, cloud hosting providers, analytics services, and customer support tools. These providers are contractually obligated to use your information only as directed by us and in accordance with this Policy.
• Financial Partners: Banks and financial institutions that facilitate the movement of funds, including partner banks in destination countries for cross-border transfers and off-ramp services.
• Regulatory and Government Authorities: Where required by law, regulation, legal process, or governmental request, we may disclose your information to relevant authorities, including for purposes of AML compliance, tax reporting, or law enforcement cooperation.
• Professional Advisors: Our legal, accounting, and other professional advisors in connection with audits, compliance, and legal proceedings.
• Affiliates: Our subsidiaries and affiliated entities, where they act as service providers or for their own internal operational purposes.
• Business Transfers: In connection with any merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

Blockchain Disclosures

Please be aware that transactions conducted through blockchain networks are recorded on public ledgers. Transaction data, including wallet addresses and transfer amounts, may be publicly visible on the blockchain. We cannot edit or delete information that is stored on a blockchain.

4. Cookies and Tracking Technologies

We may use cookies, web beacons, and similar tracking technologies to collect information about your interactions with the Services. These technologies help us:

• Provide and maintain the functionality of the Services.
• Analyze usage patterns and improve the user experience.
• Remember your preferences and settings.
• Deliver relevant communications.

Types of Cookies We May Use

• Strictly Necessary Cookies: Essential for the Services to function properly, enabling core features like page navigation and access to secure areas.
• Analytical/Performance Cookies: Help us understand how visitors interact with the Services, allowing us to improve functionality and performance.
• Functional Cookies: Enable enhanced functionality and personalization, such as remembering your preferences.

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Services.

5. Third-Party Services

The Services may contain links to or integrations with third-party websites, platforms, and services not operated or controlled by PureFi. This includes third-party wallet providers, on-ramp and off-ramp partners, yield providers, and other financial service providers.

When you interact with these third parties, their collection and use of your information is governed by their own privacy policies and terms of service. We encourage you to review those policies before providing any information to third parties. PureFi is not responsible for the privacy practices or content of third-party services.

6. Data Security

We implement reasonable administrative, physical, and technical security safeguards designed to protect your personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, secure data storage, and regular security assessments.

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, tax, accounting, or reporting requirements. When determining retention periods, we consider the nature and sensitivity of the information, the purposes for which it is processed, applicable legal requirements, and our legitimate business interests.

When your personal information is no longer required, we will securely delete or anonymize it. Where deletion is not possible (for example, information stored on a public blockchain), we will take reasonable steps to ensure the information is no longer actively processed.

8. International Data Transfers

Information collected through the Services may be transferred to, processed, stored, and used in the United States and other jurisdictions where PureFi or its service providers operate. Data protection laws in these jurisdictions may differ from, and may be less protective than, those in your country of residence.

By using the Services, you consent to the transfer of your information to the United States and other jurisdictions as described in this Policy. Where required by applicable law, we will implement appropriate safeguards, such as standard contractual clauses, to protect your information during international transfers.

9. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

• Access: The right to request access to the personal information we hold about you.
• Correction: The right to request correction of inaccurate or incomplete personal information.
• Deletion: The right to request deletion of your personal information, subject to certain legal exceptions.
• Portability: The right to request a copy of your personal information in a structured, commonly used format.
• Restriction: The right to request that we restrict the processing of your personal information.
• Objection: The right to object to certain processing of your personal information.
• Withdrawal of Consent: Where processing is based on your consent, the right to withdraw consent at any time.
• Opt-Out of Marketing: You may opt out of receiving promotional communications by following the unsubscribe instructions in those messages or by contacting us directly.

To exercise any of these rights, please contact us at privacy@getpurefi.com. We will respond to your request within the timeframe required by applicable law. We may require verification of your identity before processing your request.

Please note that we cannot edit or delete information stored on public blockchains, and certain information may be retained as required by law or for legitimate business purposes.

10. Additional Disclosures for California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with additional rights regarding your personal information.

Notice of Collection

We collect the categories of personal information described in Section 1 of this Policy for the business purposes described in Section 2. We do not "sell" or "share" (as those terms are defined under the CCPA) your personal information.

Your California Rights

As a California resident, you have the right to:

• Request that we disclose the categories and specific pieces of personal information we have collected about you.
• Request deletion of your personal information, subject to certain exceptions.
• Request correction of inaccurate personal information.
• Not be discriminated against for exercising your privacy rights.

To submit a request, please email us at privacy@getpurefi.com. You may also designate an authorized agent to make a request on your behalf, subject to verification requirements.

11. Additional Disclosures for EEA and UK Residents

If you are located in the European Economic Area (EEA) or the United Kingdom (UK), the General Data Protection Regulation (GDPR) provides you with additional protections.

Lawful Basis for Processing

We process your personal data on the following lawful bases:

• Contractual Necessity: Processing necessary to perform our agreement with you and provide the Services.
• Legal Obligation: Processing necessary to comply with applicable laws and regulations, including KYC/AML requirements.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention, security, and service improvement, provided your fundamental rights do not override those interests.
• Consent: Where you have provided explicit consent for specific processing activities.

Your GDPR Rights

In addition to the rights listed in Section 9, you have the right to lodge a complaint with your local data protection authority. Where we transfer your personal data outside the EEA or UK, we will implement appropriate safeguards, such as standard contractual clauses approved by the European Commission.

12. Children

The Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided personal information to us, please contact us at privacy@getpurefi.com and we will take steps to delete such information promptly.

13. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, the Services, or applicable laws. When we make material changes, we will notify you by posting the updated Policy on the Site with a revised "Last Updated" date. For significant changes, we may also provide additional notice through the Services or via email. Your continued use of the Services after any changes to this Policy constitutes your acceptance of the updated Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy, our data practices, or your rights, please contact us:

PureFi Tech, Inc.
Email: admin@getpurefi.com