This Privacy Policy (this “Policy”) sets forth, in a comprehensive and detailed manner, the policies and practices of StrateFai (“StrateFai”, the “Company”, “we”, “us”, or “our”) with respect to the collection, use, processing, storage, transmission, disclosure, retention, and protection of information obtained in connection with your access to and use of the StrateFai platform, including, but not limited to, all associated websites, applications, interfaces, APIs, smart wallet infrastructure, algorithmic trading systems, and any related features, functionality, or services (collectively, the “Services”).

This Policy is intended to provide a clear and thorough understanding of how information is handled within the operational scope of the Services. By accessing, browsing, interacting with, or otherwise using the Services in any capacity, you expressly acknowledge that you have read, understood, and agreed to the terms and conditions of this Policy.

If you do not agree with any portion of this Policy, you must immediately discontinue use of the Services.

Your continued access to and use of the Services constitutes your ongoing acceptance of this Policy, including any modifications, updates, or revisions that may be implemented from time to time at the sole discretion of the Company.

This Policy applies exclusively to information that is collected, processed, or otherwise handled by the Company in connection with your use of the Services. It does not apply to, and the Company expressly disclaims any responsibility or liability for, the data collection, processing, storage, or privacy practices of any third-party services, platforms, or entities.

Such third-party services may include, without limitation:

• Cryptocurrency exchanges (including, but not limited to, Binance, Bybit, or similar platforms).
• Blockchain networks and protocols.
• Wallet providers and custodial or non-custodial infrastructure.
• Payment processors and financial service providers.
• Analytics, monitoring, or infrastructure service providers.

Each such third-party entity operates independently and is governed by its own terms, policies, and practices. You acknowledge and agree that your interactions with such third-party services are conducted at your own risk and discretion, and that the Company bears no responsibility for the handling of your data by such entities.

The Company collects, processes, and utilizes only such information as is reasonably necessary to enable the operation, functionality, maintenance, security, and improvement of the Services. Information may be collected directly from you, automatically through your use of the Services, or indirectly through integrations with third-party systems.

Such information may include, without limitation:

Account and Identification Data including, but not limited to, email addresses, usernames, and other account-related identifiers provided during registration or account management processes.

Technical and Device Data including, but not limited to, IP addresses, device identifiers, browser types, operating systems, access timestamps, session durations, and other technical metadata generated through interaction with the Services.

Usage and Interaction Data including, but not limited to, logs, clickstream data, feature usage patterns, navigation behavior, and other indicators of how users interact with the platform.

API-Derived Financial Data including, but not limited to, account balances, order histories, trade execution data, and other information retrieved through authorized API integrations with third-party exchange accounts, strictly within the scope of permissions granted by the user.

Blockchain and On-Chain Data including, but not limited to, publicly accessible wallet addresses, transaction histories, smart contract interactions, and other blockchain-related metadata that is inherently public and accessible through distributed ledger systems.

For the avoidance of doubt, the Company does not collect, store, process, or have access to:

• Private keys.
• Seed phrases.
• Withdrawal credentials.
• Any other sensitive authentication data that would enable direct control over user funds.

Authentication-related information is handled using industry-standard security practices, including encryption, hashing, access controls, and secure storage mechanisms designed to prevent unauthorized access, misuse, or compromise.

The Company processes information on the basis of lawful and legitimate grounds, including, but not limited to:

• The necessity of processing for the performance of contractual obligations associated with providing access to and operation of the Services.
• Compliance with applicable legal, regulatory, or statutory obligations.
• Legitimate business interests pursued by the Company, including, but not limited to, improving system performance, ensuring security, preventing fraud, enhancing user experience, and maintaining operational integrity.

Where required by applicable law, the Company may rely on user consent for specific categories of data processing. In such cases, users may have the ability to withdraw consent in accordance with applicable legal requirements.

Information collected by the Company is used exclusively for purposes directly related to the provision, operation, maintenance, security, and improvement of the Services.

Such uses may include, without limitation:

• Enabling and facilitating automated trading strategies and system functionality.
• Supporting integrations with third-party exchanges, blockchain networks, and infrastructure providers.
• Generating analytics, insights, and performance metrics.
• Monitoring system performance, detecting anomalies, and preventing abuse or unauthorized activity.
• Communicating with users regarding account activity, system updates, security notifications, and support requests.
• Improving user experience, platform design, and overall service quality.

The Company does not, under any circumstances, sell personal data, nor does it use personal data for targeted advertising, behavioral profiling, or third-party marketing purposes.

The Services incorporate automated processing mechanisms, including, but not limited to, algorithmic, rule-based, and system-driven execution of trading strategies based on user-defined configurations and parameters.

Such automated processing is:

• Strictly non-discretionary in nature.
• Fully dependent on user authorization and configuration.
• Executed within predefined rules and constraints.

The Company does not independently initiate, modify, or override user-defined strategies, nor does it exercise judgment or discretion in executing transactions beyond the operation of system logic.

Users acknowledge that automated processing is an integral component of the Services and may involve risks, including unintended execution behavior, delays, or discrepancies resulting from external factors.

The Company may share information with third-party service providers solely to the extent necessary to support the operation and delivery of the Services.

Such providers may include, without limitation:

• Cloud infrastructure and hosting providers.
• Analytics and monitoring services.
• Payment processing providers.
• Security and compliance service providers.

The Company may also disclose information where required to comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

The Company does not share, sell, lease, or otherwise disclose personal data to advertisers, marketing networks, or data brokers.

The Company retains information only for as long as necessary to fulfill the purposes for which it was collected, including providing the Services, complying with legal obligations, resolving disputes, and enforcing agreements.

Retention periods may vary depending on the nature of the data, legal requirements, and operational needs.When information is no longer required, the Company takes reasonable steps to securely delete, anonymize, or otherwise dispose of such information in accordance with applicable standards.

The Company implements a range of technical, administrative, and organizational safeguards designed to protect information from unauthorized access, disclosure, alteration, or destruction.

Such measures may include, but are not limited to:

• Encryption of data in transit and at rest.
• Access controls and authentication mechanisms.
• Monitoring and logging systems.
• Regular security assessments and updates.

However, users acknowledge that no system can be guaranteed to be completely secure, and the Company does not warrant or guarantee absolute security of any information.

Information collected through the Services may be transferred to, stored in, and processed within jurisdictions outside of your country of residence, including jurisdictions that may have different data protection standards.

By using the Services, you acknowledge and consent to such transfers, subject to applicable legal safeguards and requirements.

Depending on applicable law and jurisdiction, users may have certain rights with respect to their personal data, including, but not limited to:

• The right to access and obtain a copy of their data.
• The right to request correction of inaccurate or incomplete data.
• The right to request deletion of data, subject to legal and operational limitations.
• The right to restrict or object to certain processing activities.

Requests to exercise such rights may be submitted through the contact details provided below.

The Company uses cookies and similar technologies for the limited purpose of supporting platform functionality, maintaining session state, enabling authentication, and performing limited analytics to improve performance and usability.

The Company does not use cookies for:

• Cross-site tracking.
• Behavioral profiling.
• Targeted advertising.

Users may control or disable cookies through their browser settings, although doing so may impact the functionality of certain features within the Services.

The Services are not intended for use by individuals under the age of eighteen (18), and the Company does not knowingly collect personal data from minors.

The Company reserves the right to modify, update, or revise this Policy at any time to reflect changes in legal requirements, operational practices, or service offerings.

Any such updates will be effective upon posting, and continued use of the Services constitutes acceptance of the revised Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or the Company's data practices, you may contact: support@stratefai.com