SOLO CASH INC.

PRIVACY POLICY

Solo Cash Inc is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting https://solocash.io ("Website(s)"), you are accepting and consenting to the practices described in this policy.

Information we may hold about you

You may give us information about yourself by filling in forms on the Websites or by corresponding with us by phone number, email or otherwise and share your phone, email address, address, nature of any issues or problems you have with our service or security problem. This includes instances when you attempt to (or otherwise):

Request us to contact you in relation to services that we provide;
Select to receive downloads of documentation or software and related support;
Subscribe to our mailing lists, newsletters or bulletins;
Book a seminar or event run by us;
Interact with us on social media platforms (such as Facebook or LinkedIn);
Report a problem with our Websites;
Requests to join our newsletter;
Requests to become a user, which are subject to an identity check, sanctions screening, and liveness check. Note: We use third-party processors to verify identity. We do not retain sensitive documents, but we retain the status of your verification to enforce our Terms of Service. and
Information we collect about you. We may also collect information when you visit the Websites the device you use to access the Website of your IP address, location, time, the browser you use, your operating system or the pages you visit. We utilize third-party blockchain analytics for passive security and sanctions compliance. These tools do not perform automated decision-making or result in the denial of service

In addition to using your information to provide you with requested products or services, we may also use your information in the following ways:

To monitor and improve our products, services, and the Website;
To provide you with information about other goods and services we offer that are similar to those that you have already purchased or inquired about or that we feel may be of interest to you;
To notify you about changes to our services;
To administer the Websites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
To maintain the security and integrity of the platform through passive blockchain analytics, identifying high-risk markers without performing automated decision-making;
To enable us to comply with any legal or regulatory requirements.

Please note that we may monitor or record phone calls, chat, or email messages for training and quality purposes.

We do not store any information for any longer than necessary and delete your personal information within three years after using our service or inquiring about our services. Information stored after requests to join our newsletter are deleted upon your request to be unsubscribed.

Cookies

solocash.io or partners may use "Cookies" to help personalize and maximize the efficiency of your online time.
Cookies are text files that are placed on your hard disk by a web server. Cookies are not used to run programs or bring viruses to your computer. The cookie is assigned to your computer and can only be read by a web server on the domain that gives you cookies.
One of the purposes of Cookies is to provide the utilities to save your time when visiting our websites again without needing to re-register the information available.
You can accept or decline cookies. Most browsers automatically accept cookies, but you can change the settings to reject all cookies if you prefer. However, if you choose to decline cookies, that may interfere with or impair some cookies-related services and features at www.solocash.io

Sharing your information

All internal data access is brokered through a secure, US-controlled technical environment. Remote operations teams access data only via a restricted viewing interface that prevents local storage or extraction of personal information. We may share your personal information with any member of our group, which means our subsidiaries or partners, our ultimate holding company and its subsidiaries. We may disclose your personal information to third parties:

If Solo Cash Inc or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or to protect the rights, property, or safety of Solo Cash Inc, our customers, our partners, or others.
We may disclose or provide your personal information in the following cases when it is deemed necessary: at the request of a government agency; in cases we believe that it will help us to protect our legitimate interests from the law; an emergency situation and necessary to protect the personal right of the members

Exceptions

Under US law GLBA federal and state-level government exemptions exists (e.g., Privacy Act of 1974, CCPA/CPRA)

Legal Basis / Area	Key Exceptions / Exemptions
Lawful Processing	Contractual Necessity: Processing is necessary to fulfill a contract with the consumer (e.g., shipping an order).
Federal Law (Privacy Act)	Law Enforcement: Disclosures for civil or criminal law enforcement activities. National Defense/Foreign Policy: Classified information or disclosures in the interest of national defense. Routine Use: Disclosures for purposes compatible with the reason the data was collected. Court Order: Disclosures pursuant to a court order.
State Law (e.g., CCPA/CPRA)	Regulatory Carve-Outs: Data governed by other laws (e.g., HIPAA for Protected Health Information, GLBA for financial data) is often exempt from the state consumer privacy law's scope. Operational Necessity: Data necessary to complete a transaction or perform a service requested by the consumer.
Data Subject Rights	Legal Obligations: Denying an access or deletion request if the data is needed to comply with a legal obligation, complete a transaction, or detect security incidents.

The General Data Protection Regulation (GDPR) permits data processing based on several "lawful bases" other than consent, and allows Member States to establish derogations (exemptions) from certain data subject rights for specific public interests.

Legal Basis / Area	Key Exceptions / Exemptions (Lawful Bases)
Lawful Processing	Contractual Necessity: Processing necessary for a contract or to take steps at the individual's request before a contract. Legal Obligation: Processing necessary to comply with an EU or Member State legal obligation (e.g., tax reporting). Vital Interests: Processing necessary to protect the life (vital interests) of the data subject or another natural person (e.g., during a medical emergency). Public Interest: Processing necessary for a task carried out in the public interest or in the exercise of official authority (e.g., public health, social protection). Legitimate Interests: Processing necessary for the legitimate interests pursued by the controller or a third party, except where those interests are overridden by the data subject's rights and freedoms.
Platform Security and AML/Sanctions Screening	Legitimate Interests: Necessary for protecting the integrity of the non-custodial interface, preventing fraud, and ensuring compliance with international sanctions and Anti-Money Laundering (AML) standards. Personal Data Involved: Public wallet addresses, transaction metadata, and third-party risk markers/scores. Data Retention: For the duration of the security assessment and as required by statutory limitation periods (typically 5–7 years).
Data Subject Rights	National Security & Defense: Member States can restrict data subject rights (access, rectification, erasure) for reasons of national security, defense, or public security. Law Enforcement & Criminal Justice: Restrictions apply to prevent, investigate, detect, or prosecute criminal offenses. Journalistic/Artistic Purposes: Processing solely for journalistic, academic, artistic, or literary expression is typically exempt from many GDPR requirements.

In India, the DPDP Act permits processing based on Consent or certain specified "Legitimate Uses" where consent is not required.

Legal Basis / Area	Key Exceptions / Exemptions (Legitimate Uses)
Lawful Processing	State Instrumentality: Processing by a State instrumentality for: sovereignty/security of India, friendly relations with foreign states, maintenance of public order, or preventing/investigating offenses. Legal Proceedings: Processing for the exercise or defense of legal claims or mandatory compliance with a court order. Provision of Services/Benefits: Processing by the State or a State instrumentality to provide a subsidy, benefit, service, or permit to the individual. Employment: Processing necessary for employment or safeguarding the employer from loss or liability. Publicly Available Data: Processing of personal data that has been voluntarily made public by the individual.
Specific Exemptions	Research/Archiving: Processing for research, archiving, or statistical purposes, provided the data is not used to make decisions that affect the individual. Small Fiduciaries: The Central Government can exempt certain data fiduciaries (including startups) from some obligations based on the volume and nature of data processed.

Legal Basis / Area

Key Exceptions / Exemptions (Legitimate Uses)

Lawful Processing

State Instrumentality: Processing by a State instrumentality for: sovereignty/security of India, friendly relations with foreign states, maintenance of public order, or preventing/investigating offenses. Legal Proceedings: Processing for the exercise or defense of legal claims or mandatory compliance with a court order. Provision of Services/Benefits: Processing by the State or a State instrumentality to provide a subsidy, benefit, service, or permit to the individual. Employment: Processing necessary for employment or safeguarding the employer from loss or liability. Publicly Available Data: Processing of personal data that has been voluntarily made public by the individual.

Specific Exemptions

Research/Archiving: Processing for research, archiving, or statistical purposes, provided the data is not used to make decisions that affect the individual. Small Fiduciaries: The Central Government can exempt certain data fiduciaries (including startups) from some obligations based on the volume and nature of data processed.

UAE and Gulf Cooperation Council (GCC) Regions

For users in the United Arab Emirates (UAE), the Kingdom of Saudi Arabia (KSA), and other GCC member states. We process your information in accordance with the UAE Federal Decree-Law No. 45/2021 on Personal Data Protection (PDPL) and the KSA Personal Data Protection Law (PDPL).

Control	Implementation & Compliance Narrative
Data Sovereignty & Processing	We prioritize data residency for regional users. Where cross-border transfer is necessary for technical administration, it is conducted via a secure, US-controlled Virtual Desktop Infrastructure (VDI). This ensures that processing remains under our direct jurisdictional control and that raw data is not stored on local devices outside the designated secure environment.
Legal Basis for Processing	We process personal data based on (a) your explicit consent, (b) the necessity of fulfilling our terms of service, and (c) our legitimate interest in maintaining the security and integrity of the interface.
Passive Security Monitoring	In alignment with regional AML and Sanctions requirements, we utilize passive blockchain analytics. This processing is strictly limited to security verification and does not involve automated decision-making that results in the denial of financial services or the freezing of assets.
Your Rights	Under regional laws, you have the right to: (i) request access to your data, (ii) request the rectification of inaccurate data, (iii) request the destruction of data that is no longer necessary for its original purpose, and (iv) withdraw consent at any time, subject to legal or contractual restrictions.

In the Philippines

The DPA defines both general lawful bases for personal information processing and specific conditions for processing sensitive personal information without consent. We process your information in accordance with the following

Legal Basis / Area	Key Exceptions / Exemptions
Lawful Processing	Contractual Necessity: Processing is necessary for the fulfillment of a contract or in preparation for one. Legal Obligation: Processing necessary for compliance with a legal obligation. Vital Interests: Processing necessary to protect the life and health of the data subject or another person. National Emergency: Processing to respond to a national emergency or to fulfill an obligation of a public authority. Legitimate Interests: Processing necessary to pursue the legitimate interests of the data controller, provided these interests are not overridden by the fundamental rights and freedoms of the data subject.
Sensitive Personal Info	Processing is allowed without consent if it is: Pursuant to law that does not require consent (e.g., health/public interest laws). For medical treatment by a medical professional or institution. For protection of lawful rights in court or legal proceedings.
Scope Exclusion	Information processed for journalistic, artistic, literary, or research purposes (intended for public benefit) is excluded from many DPA provisions.

Your rights

In some jurisdictions, you have the right to request removal and/or a copy of all personal data we hold about you. Be advised, however, as a data processor subject to AML and KYC provisions for our users, we may not be obliged to do a full removal at least for several years in keeping with legal requirements. For removals that we can process, a small charge may be made for this service. If you would like a copy of the information held on you or would like us to correct, amend or update your information please contact us via our Chatbot for Contact page and input your username and why you need to update your username.

The Websites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Also, these policies may be updated in keeping with the regulations and laws of the various jurisdictions in which we operate and may not necessarily reflect a particular change in one or more jurisdictions in which our platform is accessible.

Version 2.9.26