SatoshiEye ("SatoshiEye") has created this Privacy Policy in line with SatoshiEye's commitment to your privacy on SatoshiEye websites and marketing initiatives. This policy is designed in compliance with the requirements of the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR) of the European Union ("Data Protection Laws"). This Privacy Policy applies to the personal information that SatoshiEye collects throughout its website, dissemination and protection practices in accordance with the Data Protection Laws.

For individuals in the European Economic Area (EEA), Switzerland, the United Kingdom, and other jurisdictions where applicable, we process personal data on different legal bases depending on the context, including performance of a contract, legitimate interests, legal obligations, and consent where required.

If you wish to stop receiving marketing communications from SatoshiEye, you may unsubscribe at any time by using the personal unsubscribe link provided in the most recent marketing email you have received from us, or by contacting us directly

Where personal data is processed for marketing purposes, SatoshiEye relies on:

• your consent, where required by applicable law; or

• its legitimate interests, where permitted by applicable law, including communicating with business contacts in a business-to-business context or informing existing customers about similar services that may be relevant to them.

You have the right to object to the processing of your personal data for direct marketing purposes at any time. Where marketing is based on consent, you may also withdraw your consent at any time.

SatoshiEye collects information necessary to provide services to its users and to better understand the visitors to its websites and what content is of interest to them. SatoshiEye collects information in the following ways:

• information you affirmatively choose to submit to us (such as your name, email address, wallet addresses entered into the system) for the purpose of accessing SatoshiEye services, various downloads, viewing specific content, subscribing to SatoshiEye newsletters, registering for events and your preferences in receiving marketing from SatoshiEye and its third-party partners and your communication preferences, etc;
• information related to Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance, including blockchain addresses and transaction data.
• information we have obtained about you from publicly available sources such as social media, marketing platforms or on events you attended. We may send marketing communications where permitted by applicable law. Where required, we will obtain your consent before sending such communications. You may unsubscribe at any time using the personal unsubscribe link provided in the most recent marketing email you have received from us or by contacting us directly.

We may send marketing communications:

- where you have provided your consent;

- where you have requested information from us; or

- where you or your organization has purchased services from us and we are permitted to contact you about similar services.

Where you interact with us in a business capacity, we may process your professional contact details for direct marketing purposes based on our legitimate interests, subject to your right to object.

You may unsubscribe at any time using the personal unsubscribe link provided in the most recent marketing email you have received from us, or by contacting us directly.

• information SatoshiEye receives from your use of SatoshiEye websites, such as the IP address, browser type, ISP, referring/exit pages, platform type, date/time stamp, number of clicks, domain name and country/state of all visitors to SatoshiEye's websites;
• location information when you use SatoshiEye's websites as SatoshiEye may collect and process information about your location. SatoshiEye use various technologies and tools to determine location;
• information that is considered aggregated data such as statistical data which SatoshiEye may use for marketing purposes. Aggregated data may be derived from your personal information but is not considered personal information in law as it does not directly or indirectly reveal your identity.
• SatoshiEye collects technical data from various third parties and public sources, such as analytics providers, advertising networks, and search information providers.
• Where we obtain personal data from third-party sources (such as marketing platforms, analytics providers, business partners, or publicly available sources), we take reasonable steps to confirm that such data has been collected and disclosed to us in accordance with applicable data protection laws and that we have an appropriate legal basis to use it.

When you engage with SatoshiEye we collect:

• Name and email address and information related to Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance, including blockchain addresses and transaction data.

Our Services are not directed to children, and we do not knowingly collect personal data from individuals under the age required by applicable law to use the Services independently.

When you create or manage a paid subscription, we and our service providers may process the following categories of personal data:

• account identifiers, such as your name, email address, username, and account ID;
• billing information, such as billing address, country, business name, VAT/tax number, and invoice details;
• subscription information, such as your plan, Included Usage, renewal dates, upgrades, downgrades, cancellation status, and support history;
• transaction information, such as transaction amount, currency, authorization status, settlement status, refunds, credits, chargebacks, and payment-failure events;
• payment method metadata made available to us by our payment service providers, such as payment method type, card brand, card issuer country, expiration month/year, and the last four digits of a card number; and
• fraud and security signals associated with a payment or account event.

Our payment service providers may collect full payment credentials directly from you in order to process a payment. We do not store the card verification code (CVV/CVC) after authorization.

Other than as allowed by the Data Protection Laws, SatoshiEye websites do not collect any special categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). SatoshiEye will not collect any information about criminal convictions and offences.

SatoshiEye will only use your personal information for the purposes for which it was collected unless it reasonably considers that it needs to use it for another reason that is compatible with the original purpose. If SatoshiEye needs to use your personal information for an unrelated purpose, SatoshiEye will notify you and provide you with the legal basis which allows SatoshiEye to do so or request additional consent if necessary.

When you use the Services, you may submit wallet addresses, transaction identifiers, transaction hashes, and related blockchain screening inputs.

We use this information to:

• provide requested screening results and risk insights;

• operate, secure, troubleshoot, and maintain the Services;

• improve the accuracy, reliability, and functionality of the Services, including for training any Artificial Intelligence (AI) models or systems; and

• generate aggregated or de-identified statistics and analytics for service improvement.

We do not sell personal data submitted by users.

We may use your personal data to:

• send newsletters, updates, and promotional communications;

• inform you about services, features, offers, or content that may be relevant to you;

• invite you to events, webinars, surveys, or promotional campaigns;

• measure and analyze engagement with our communications, such as opens, clicks, and preferences, in order to improve our communications and marketing effectiveness, where permitted by applicable law.

We process personal data for marketing purposes only where we have an appropriate legal basis, including your consent where required by law or our legitimate interests where permitted.

Service-related communications concerning your account, subscription, payments, security, or operational matters are not marketing communications.

Any information collected by SatoshiEye will be done in accordance with this Privacy Policy for the purposes of:

• supporting the activities you choose to engage in, and
• providing higher quality solutions and services to SatoshiEye's customers.
• create, administer, and renew subscriptions; process recurring payments and one-time charges; generate invoices, receipts, and billing notices; calculate, collect, and report taxes; detect, prevent, and investigate fraud, abuse, payment disputes, and chargebacks; manage plan changes, cancellations, suspensions, and refunds; provide customer support and billing assistance; and comply with accounting, tax, legal, and regulatory obligations.

We use Stripe as our payment service provider. When you make a payment, start or renew a subscription, or save a payment method for future charges, Stripe may process your payment details, billing details, transaction data, and related fraud-prevention and security signals on our behalf. We may receive limited payment metadata and billing status information from Stripe for billing, support, fraud prevention, and compliance purposes.

Additionally, SatoshiEye uses your location information to tailor your experience with SatoshiEye websites. It may also use any non-personal information collected to enhance SatoshiEye websites and your IP address for website diagnostics and administration. For information about cookies and similar technologies, including how to manage your preferences, please refer to our Cookie Policy.

As explained above, SatoshiEye will collect and use your personal data for marketing purposes. Your data will be stored in our CRM system. We will use your data to inform you about SatoshiEye products and services we think may be of your interest and send you our newsletters. For statistical purposes, we will collect information about your response to our emails and our interaction with you to make decisions on future marketing.

We may store and use relevant personal data in our customer relationship management (CRM) systems to manage customer relationships, communications, support requests, and marketing activities.

We may analyze your interaction with our communications, such as email opens, clicks, preferences, and unsubscribe requests, in order to improve the relevance and effectiveness of our communications, where permitted by applicable law.

Where required by applicable law, such processing or tracking will be based on your consent. You may opt out of marketing communications at any time.

We retain personal data for as long as necessary for the purposes described in this Privacy Policy, including to provide the Services, manage subscriptions, comply with legal, tax, accounting, and regulatory obligations, resolve disputes, enforce agreements, and protect our legitimate interests.

Retention periods vary depending on the type of data, the purpose of processing, and applicable legal requirements.

We use principles relating to the processing of personal data according to Article 5 of General Data Protection Regulation:

(a) processed lawfully, fairly and in a transparent manner in relation to individuals ('lawfulness, fairness and transparency');

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes ('purpose limitation');

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimisation');

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to the implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals ('storage limitation');

(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality'').

SatoshiEye may disclose your personal information to the following categories of recipients:

• to its group companies, professional advisers, third-party services providers and partners who provide data processing services to SatoshiEye (for example, to support the delivery of, provide functionality on, or help to enhance the security of SatoshiEye websites), or who otherwise process personal information for purposes that are described in Privacy Notices or notified to you when SatoshiEye collects your personal information.
• to its payment service providers, banks, acquirers, and card networks; fraud-prevention, risk-scoring, and account-security vendors; invoicing, bookkeeping, tax, and accounting providers.
• to any competent law enforcement body, regulatory, government agency, court or other third party where SatoshiEye believes disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish or defend its legal rights, or (c) to protect your vital interests or those of any other person.
• to any other person with your consent to the disclosure.

We may disclose your information to our affiliates or subsidiaries, subcontractors, partners from EU and non-EU countries, which may help us to better process it. We may disclose some of your data to the service providers, who perform functions on our behalf, such as website management, hosting, technical support, and marketing analytics, only if it is required by the project flow. We use third parties that process personal data in accordance with applicable data protection laws and implement appropriate technical and organisational security measures. In all cases these services have implemented separate privacy policies and procedures, we encourage you to familiarise yourself with those policies. Should you not wish for any of these services to process your data, you need to stop using SatoshiEye websites and services.

Where we use third-party providers for marketing, analytics, or advertising purposes, such providers may process personal data either on our behalf or in accordance with their own applicable privacy terms, depending on the services provided.

This may include measuring campaign performance, analyzing user engagement, providing analytics, and helping us deliver relevant communications or advertising, in accordance with applicable data protection laws.

We process personal data on the following legal bases, depending on the context:

• performance of a contract, where processing is necessary to provide our services, including account creation, subscription management, and payment processing;

• legitimate interests, such as ensuring platform security, preventing fraud, and improving our services, where such interests are not overridden by your rights; and

• legitimate interests, such as ensuring platform security, preventing fraud, improving our services, and, where permitted by applicable law, sending relevant marketing communications, where such interests are not overridden by your rights; and

• consent, where required, including for certain marketing communications, cookies, or similar technologies.

If you have questions about or need further information concerning the legal basis on which SatoshiEye collects and uses your personal information, please contact SatoshiEye using the contact details provided under the "Contact Details" heading below and in the right-hand side column.

SatoshiEye operates on a global basis and may use service providers that process personal data in multiple jurisdictions.

As a result, your personal data may be processed in countries other than the one in which you are located.

Where required by applicable law, such processing is carried out in accordance with applicable legal requirements.

We implement reasonable technical and organisational measures designed to protect personal data and support compliance with applicable data protection laws. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. We also take measures to ensure our subcontractors, service providers and other partners that process your personal data on our behalf also have appropriate security measures in place.

SatoshiEye protects your personal information in the same way that it protects its other confidential information, such as storing it on secure servers that only select SatoshiEye personnel have access to, and by encrypting it to help prevent access by any unauthorised parties. SatoshiEye has put in place procedures to deal with any personal information breach and will notify you and any applicable regulator of a breach when legally required to do so.

SatoshiEye websites contain links, plug-ins and applications to various third-party websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. SatoshiEye has no control over, and is not responsible for the content, privacy policies or reliability of such third-party connections. When you leave SatoshiEye's website, SatoshiEye encourages you to read the privacy notice and privacy policy of every website you visit.

If your personal information is protected by EU data protection law, you have the following data protection rights which you may be able to exercise by contacting SatoshiEye using the contact details provided under the "Contact Details" heading below and in the right-hand side column:

• If you wish to access, correct, update or request the deletion of your personal information, you can do so at any time by contacting SatoshiEye.
• In addition, you can object to the processing of your personal information, ask SatoshiEye to restrict the processing of your personal information or request portability of your personal information by contacting SatoshiEye.
• You have the right to opt out of marketing communications that SatoshiEye sends you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails SatoshiEye sends you or by using the relevant opt-out mechanism for non-email-based marketing.
• You have the right to object at any time to the processing of your personal data for direct marketing purposes, including any related profiling.
• Similarly, if SatoshiEye has collected and processed your personal information based on your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing SatoshiEye conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

If you believe that SatoshiEye has not complied with your data protection rights, you have the right to lodge a complaint with the relevant supervisory authority. For individuals in Switzerland, the relevant authority is:

Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
CH – 3003 Berne Switzerland
T +41 (0)58 462 43 95
info@edoeb.admin.ch

For individuals in the European Economic Area (EEA), you have the right to lodge a complaint with your local data protection authority. You can find the contact details for your national data protection authority here: https://edpb.europa.eu/about-edpb/board/members_en

Before lodging a complaint, we would appreciate the chance to deal with your concerns, so please contact us first at privacy@satoshieye.com. Please note that lodging a complaint will not affect any other legal rights or remedies that you have access to under applicable data protection laws.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, SatoshiEye may charge a reasonable fee or refuse to comply with your request if your request is clearly unfounded, repetitive or excessive. SatoshiEye tries to respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or you have made a number of requests. In this case, SatoshiEye will notify you and keep you updated.

If you wish to access or amend any personal data we hold about you, or to request that we delete any information about you may contact us. When technically feasible, SatoshiEye will transfer your personal data to you or transmit it directly to another controller. At any time, you may also object to the processing of your personal data for direct marketing purposes or ask us to restrict the processing of your personal data. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us. You also have a right to lodge a complaint with data protection authorities.

For more information about your rights and how to exercise them, we recommend visiting this resource from the European Commission, which is available in many languages.

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies some parts of SatoshiEye websites may become inaccessible or not function properly. For more information about the cookies that SatoshiEye uses, please see SatoshiEye's Cookie Policy.

SatoshiEye reserves the right to modify or amend this Privacy Policy at its own discretion from time to time. The changes can be viewed here or elsewhere on SatoshiEye websites. We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date. Where required by law, we will provide additional notice. This version of the Privacy Policy was published on May 08, 2026.

It is important that the personal information SatoshiEye holds about you is accurate and current. Please keep SatoshiEye informed if your personal information changes during your relationship with SatoshiEye. Additionally, if you have any questions about this Privacy Policy, the practices of SatoshiEye websites or your interaction with SatoshiEye via SatoshiEye websites, please contact:

SatoshiEye (GLO Services AG)
Address: Grafenauweg 8, CH-6300 Zug, Switzerland

Data Protection Officer:
Contact: privacy@satoshieye.com