Privacy Policy

Last Updated: 11.12.2025

This Privacy Policy explains how CoinCooker (“CoinCooker”, “we”, “us”, or “our”) collects, uses, discloses and protects information in connection with:

• the CoinCooker token launch platform and related interfaces, modules, dashboards, APIs, analytics and tooling; and
• any websites, documentation or communication channels we operate in connection with CoinCooker (collectively, the “Services”). This Privacy Policy is an integral part of the CoinCooker Terms of Service (“Terms”). Capitalized terms not defined here have the meaning given to them in the Terms. By accessing or using the Services, including by connecting a wallet, initiating a configuration flow or interacting with any feature of the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, you must immediately stop using the Services.

1. PERSONAL DATA AND DATA CONTROLLER EXPLANATION
   1. For the purposes of this Privacy Policy, the term “Personal Data” refers to any information that can be associated with, relates to, or may reasonably be used to identify an individual. Personal Data includes information that directly identifies a person (such as a name or email address) as well as information that may indirectly identify a person when combined with other data (such as certain identifiers, device information, or blockchain wallet activity when linked to additional elements).
   2. Personal Data does not include information that has been aggregated, anonymized, de-identified, or otherwise processed in such a way that an individual can no longer be identified by reasonable means. Where data is aggregated or anonymized in this manner, it is no longer considered Personal Data for the purposes of this Privacy Policy.
   3. A data controller is a natural or legal person, public authority, agency, or other body that determines the purposes and means of processing Personal Data. The concept of a controller includes both entities that collect and process Personal Data directly, and entities that instruct another party to collect, hold, process, use, transfer, or disclose Personal Data on their behalf.
   4. For clarity, whenever this Privacy Policy refers to the processing of Personal Data, it applies to data processed by or on behalf of the operator of the CoinCooker Platform acting in the capacity of a data controller for the purposes described in this Privacy Policy.
2. SCOPE OF THIS PRIVACY POLICY
   1. This Privacy Policy applies to information that we collect:
      • when you visit or use any CoinCooker interface or website;
      • when you interact with the Services (including via APIs, dashboards or bots);
      • when you contact us or communicate with us in relation to the Services; and
      • when we process publicly available blockchain information in the context of operating CoinCooker.
   2. This Privacy Policy does not apply to:
      • third-party wallets, exchanges, analytics providers or other services that you use independently of CoinCooker; or
      • any processing carried out solely by public blockchain networks, which are decentralised systems outside our control.
   3. Those third parties have their own privacy practices, which we do not control and for which we are not responsible.
3. TYPES OF INFORMATION WE COLLECT
   1. Information You Provide Directly We may collect information that you voluntarily provide to us, including:

• If you contact us (for example via email, contact form, or support ticket), we may collect your name, email address, social media handle, role or company name (if provided), and the content of your message, including any attachments or metadata you choose to share.
• If certain CoinCooker modules require onboarding, KYC/AML checks or contractual registration (for example, for permissioned enterprise or compliance-focused launches), we may collect additional information such as professional contact details, company information, jurisdiction, and any supporting documentation you choose or are required to provide. As of the date of this Privacy Policy, CoinCooker does not routinely collect copies of passports or national IDs unless explicitly required for a specific permissioned feature and communicated to you.
• If you participate in surveys, user interviews, beta programmes, or provide feedback, we collect the information you choose to share about your experience, preferences and suggestions.

Providing this information is generally voluntary, but we may not be able to respond or provide certain Services if you choose not to provide it.

2. Information Collected Automatically When you access or use the Services, we may automatically collect certain technical and usage information, such as:

• browser type and version, operating system and device information;
• IP address, approximate geolocation derived from IP, and associated technical identifiers;
• the type of wallet or connector you use and the fact that a wallet is connected;
• log data about your interactions with the Services, including pages or screens viewed, configuration steps taken, time and date of visits, clickstream data and error reports;
• basic telemetry relating to performance, latency and request volume.

We may store such information in log files and use it for security, debugging, capacity planning, analytics and operational monitoring.

3. Blockchain and Public Information The Services interact with public blockchains (primarily the Bitcoin network and related meta-protocols). In that context we may process publicly available information such as:

• blockchain wallet addresses;
• transaction hashes, inscriptions, token identifiers and associated metadata;
• timestamps, block heights and other on-chain records related to your use of the Platform.
• Public blockchain data is, by design, transparent and immutable. We do not control or edit on-chain data. We may, however, read, index or associate that data with other information we hold (for example, for analytics, fraud detection or compliance screening).

We do not request or store your private keys, seed phrases or wallet passwords. We will never ask you to disclose them, and you should never share them with us or anyone claiming to act on our behalf.

4. Information from Third Parties We generally do not purchase or otherwise obtain Personal Data about you from data brokers. However, we may receive:

• limited information from third-party service providers (for example, analytics providers, security vendors, cloud hosting providers or KYT service providers) about the performance and security of the Services;
• information from public sources such as project websites, public social media profiles or public registries, to the extent necessary to operate, secure and improve the Services or to comply with legal obligations;
• risk indicators or screening results from KYT or sanctions-screening vendors, where we use such services for compliance purposes in connection with specific wallet addresses or transaction patterns.

Where we receive Personal Data from third parties, we process it in accordance with this Privacy Policy and any applicable contractual and legal constraints.

4. COOKIES AND SIMILAR TECHNOLOGIES
   1. We may use cookies and similar technologies (such as local storage, pixels, and tags) to operate and improve the Services. These technologies help us:
      • maintain session state and basic functionality;
      • understand how the Services are used, including which features are most frequently accessed;
      • detect and mitigate abuse, bots and suspicious activity;
      • remember certain preferences where applicable.
5. We may use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period unless deleted). You can generally control or delete cookies using your browser settings; however, disabling certain cookies may affect the functionality or performance of the Services.
6. Where we use third-party analytics tools (for example, Google Analytics or similar services), those providers may set their own cookies and process usage data on our behalf in accordance with their own terms and privacy notices. We do not use cookies to run targeted advertising campaigns for CoinCooker or third parties.
7. HOW WE USE YOUR INFORMATION
   1. We use the information we collect for the following purposes, to the extent permitted by Applicable Law:
      • We process information to operate CoinCooker, execute your Instructions, render configuration flows, provide dashboards and analytics, maintain compatibility with supported wallets and protocols, and provide technical support.
      • We process log data, wallet interactions and blockchain information to detect suspicious activity, prevent fraud, mitigate abuse, respond to security incidents, and enforce access controls. In certain cases, we may use KYT or other risk-screening tools to assess whether specific wallet activity appears high-risk or may implicate sanctions, AML/CFT or other legal concerns.
      • We use technical and usage information to debug issues, optimize performance, understand how users interact with the Platform, and prioritize new features or changes. We may create aggregated or anonymised analytics for internal product development and business intelligence.
      • We may use your contact details to respond to inquiries, send important notices about the availability or security of the Services, notify you about changes to the Terms or this Privacy Policy, or communicate about beta programmes, developer updates or product improvements. Where required by law, we will obtain your consent for any optional marketing communications and provide an unsubscribe mechanism.
      • We may process information as necessary to comply with legal obligations, respond to requests from regulators or law enforcement, assert or defend legal claims, enforce the Terms, and protect the rights, property and safety of CoinCooker, its users and the public.
      • We may process information for standard business administration purposes, including accounting, auditing, financial reporting, corporate governance and internal control.
   2. Where required by applicable data protection law, we process Personal Data based on one or more legal bases, such as:
      • your consent (for example for optional communications or certain cookies);
      • the performance of a contract or to take steps at your request before entering into a contract (for example, providing you with access to the Platform);
      • compliance with a legal obligation (for example, where we are required to retain records for regulatory or tax purposes); or
      • our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms (for example, securing the Services, preventing fraud, improving the user experience, or operating an efficient business).
8. HOW WE SHARE YOUR INFORMATION
   1. We do not sell your Personal Data and we do not share it with data brokers for their independent commercial purposes. We may share information in the following limited circumstances:
      • We may share information with carefully selected third-party vendors who provide services to us, such as cloud hosting, analytics, security monitoring, customer support tools, email delivery, logging and storage, or KYT/AML screening. These providers are authorized to process Personal Data only as necessary to provide services to us and are bound by appropriate confidentiality and data protection obligations.
      • CoinCooker may be operated by or in cooperation with one or more affiliates. We may share information within our group of companies where necessary for operation of the Services, compliance, risk management, or consolidated reporting, subject to appropriate safeguards.
      • To the extent you deploy User-Generated Digital Assets or interact with the Platform, some related information will be publicly visible on the blockchain or otherwise publicly accessible (e.g. through explorers, indexers, or analytics tools). We may also display aggregated or project-level information via our own dashboards.
      • We may disclose information in connection with a merger, acquisition, restructuring, sale of assets, financing or similar corporate transaction, or in contemplation of such a transaction. Where legally required, we will take steps to ensure the continuing protection of Personal Data.
      • We may disclose information where we believe in good faith that such disclosure is reasonably necessary to comply with a legal obligation, court order or request from a regulatory, tax, law enforcement or government authority; to protect the safety, rights or property of CoinCooker, our users or others; or to detect, prevent and address fraud, security or technical issues.
      • We may disclose information to other third parties where you explicitly request or authorize us to do so.
   2. In all cases, we share only the information that is reasonably necessary for the relevant purpose and take steps to ensure that recipients handle Personal Data in a manner consistent with this Privacy Policy and applicable law.
9. INTERNATIONAL DATA TRANSFERS
   1. CoinCooker and its service providers may process and store information in multiple jurisdictions, which may include countries outside your country of residence, such as the United Arab Emirates, Switzerland, the European Economic Area, the United Kingdom or the United States.
   2. Where required by law, we implement appropriate safeguards for cross-border transfers of Personal Data, such as standard contractual clauses approved by relevant authorities, or rely on other legally recognized transfer mechanisms. By using the Services, you acknowledge that your Personal Data may be processed in countries that may have different data protection standards than those applicable in your home jurisdiction, while we continue to protect your information as described in this Privacy Policy.
10. DATA RETENTION
    1. We retain Personal Data for as long as reasonably necessary to fulfil the purposes for which it was collected, as described in this Privacy Policy, and to comply with applicable legal, regulatory, accounting and reporting requirements.
    2. In determining retention periods, we consider factors such as:
       • the nature and sensitivity of the information;
       • the potential risk of harm from unauthorized use or disclosure;
       • the purposes for which we process the information and whether we can achieve those purposes through other means; and
       • applicable legal obligations (for example, statutory retention periods).
    3. Once Personal Data is no longer required for the purposes for which it was collected and there is no legal requirement to retain it, we will delete it or, where permitted, irreversibly anonymise it. Please note that this does not apply to data recorded on public blockchains, which cannot be altered or deleted by us.
11. SECURITY
    1. We implement administrative, technical and organizational safeguards designed to protect Personal Data from unauthorized access, loss, misuse, alteration or destruction. These measures may include access controls, encryption in transit, network security measures, separation of environments, and regular security monitoring.
    2. However, no method of transmission or storage is completely secure. We cannot guarantee absolute security of your information. You remain responsible for securing your own devices, wallet software, private keys, seed phrases, passwords and any credentials used to access the Services. If you believe that your interaction with the Services is no longer secure, or that your wallet or credentials have been compromised, you should notify your wallet provider and contact us promptly using the details in Section 14.
12. YOUR RIGHTS AND CHOICES
    1. Depending on your jurisdiction and subject to applicable law, you may have certain rights in relation to your Personal Data, including:
       • the right to request access to the Personal Data we hold about you;
       • the right to request correction of inaccurate or incomplete Personal Data;
       • the right to request erasure of your Personal Data in certain circumstances;
       • the right to request restriction of our processing of your Personal Data;
       • the right to object to certain processing, including processing based on legitimate interests;
       • the right to data portability, where applicable; and
       • where processing is based on consent, the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

2. To exercise any of these rights, you may contact us using the contact details in Section 14\. We may need to request specific information from you to help us confirm your identity and process your request. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

3. Please note that these rights are not absolute and may be subject to exceptions. For example, we may be unable to delete information we are required by law to keep, or information that is permanently recorded on a public blockchain.
4. You may also have the right to lodge a complaint with a competent data protection authority in your country or region if you consider that our processing of your Personal Data infringes applicable law. We would, however, appreciate the opportunity to address your concerns before you approach a regulator, and encourage you to contact us first.
5. For email-based communications that are not strictly service-critical (for example, newsletters or product updates), you can usually opt out by following the unsubscribe instructions in those communications or by contacting us.

11. MINORS 1. The Services are not directed to, and we do not knowingly collect Personal Data from, individuals under the age of 18. If we become aware that we have inadvertently collected Personal Data from a minor without appropriate parental consent, we will take reasonable steps to delete such information. 2. If you believe that a minor has provided us with Personal Data in connection with the Services, please contact us using the details in Section 14.

12. THIRD-PARTY SERVICES AND WALLETS
    1. The Services may allow or require you to interact with third-party wallets, indexers, analytics tools, infrastructure providers or other services. These third parties operate independently from CoinCooker and are responsible for their own privacy and security practices.
    2. We do not control and are not responsible for:
       • the collection, use or disclosure of information by third-party wallet providers, exchanges or other services;
       • any loss, misuse or compromise of your data or Digital Assets resulting from your use of third-party services; or
       • the content, terms or privacy practices of any third-party websites, interfaces or applications.
    3. We encourage you to review the privacy policies and terms of any third-party services you choose to use in connection with CoinCooker. You remain solely responsible for safeguarding your private keys and wallet credentials. CoinCooker cannot recover lost or stolen assets and will never ask you to reveal your private keys or seed phrase.
13. BLOCKCHAIN TRANSACTIONS AND PUBLIC DATA
    1. Transactions executed through the Services are recorded on public blockchains that are not under our control. Because of the immutable and transparent nature of such ledgers:
       • transaction data, including wallet addresses and amounts, may be visible to anyone using blockchain explorer tools;
       • combining blockchain data with other information can, in some cases, lead to re-identification of individuals; and
       • we cannot delete, modify or alter data stored on public blockchains.
    2. By using the Services, you acknowledge and understand the inherent characteristics of public blockchains and accept that the privacy of blockchain-based activity cannot be fully controlled by CoinCooker.
14. CHANGES TO THIS PRIVACY POLICY
    1. We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or the Services. When we do so, we will revise the “Last Updated” date at the top of this document and, where appropriate, provide additional notice (for example on the relevant interface or by email).
    2. Your continued use of the Services after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms. If you do not agree with the updated Privacy Policy, you must stop using the Services.