PRIVACY POLICY

Effective Date / Last Updated: June 25, 2026

ProDAO Finance ("**ProDAO Finance**," "**Company**," "**we**," "**our**," or "**us**") is a sole proprietorship operating in the State of Illinois with a registered address at [BUSINESS ADDRESS]. We respect your privacy and are committed to protecting information collected through your use of our website, applications, dashboards, trading evaluation environments, and related services (collectively, the "**Services**").

This Privacy Policy explains what information we collect, how we use and share it, the choices available to you, and how to exercise your rights. By accessing or using the Services, you acknowledge the practices described here.

If you have questions or requests regarding this policy, contact us at **team@propdao.finance**.


1. INFORMATION WE COLLECT

Information you provide directly:

Account identifiers: username, email address, country of residence (if provided)

Wallet address(es) connected to your account for payment processing through Nowpayments only

Communications you send to support or other Company channels

Any information submitted through forms, surveys, or applications within the Services

Trading Performance and Account Activity Data:

Live and simulated trading performance metrics including profit/loss (P&L), win rate, loss rate, consecutive winning/losing trades, and drawdown (both daily and peak)

Individual trade data including entry/exit times, position sizes, instruments traded, leverage used, and outcome

Account balance history, deposits, withdrawal requests, and transaction records

Risk metrics including maximum single-trade loss, account equity curves, and risk-per-trade ratios

Timestamps of all account activity, including login times, trade execution times, and data access patterns

Evaluation program participation history, including program start/end dates, program rules accepted, and completion status

Wallet and Blockchain-Related Information (Payment Processing Only):

Public wallet address(es) you connect to the Nowpayments integration for evaluation fee payment processing only

Blockchain transaction hashes and timestamps associated with fee payments processed through Nowpayments

We do **not** collect, store, or have any access to private keys, seed phrases, wallet passwords, or any credentials that control your external wallet

We do **not** monitor or collect data about your general wallet activity outside of payment transactions to ProDAO Finance

Device, Network, and Security Information:

IP address, browser type, device identifiers, operating system, and device model

Device fingerprint data (used to detect multi-accounting and prevent fraud)

Access times, pages viewed, referral paths, and navigation patterns

General diagnostic and analytics data

Account Compliance and Risk Data:

Compliance status and any violations of program rules, including strategy violations, risk limit breaches, or prohibited conduct

Account security incidents, breach records, and account suspension/termination reasons (if applicable)

Dispute or complaint history

Categories of personal information collected (past 12 months), for purposes of the CCPA/CPRA:

| Category (Cal. Civ. Code § 1798.140) | Collected? | Specific Examples |

|---|---|---|

| Identifiers (email, username, wallet address) | Yes | Email, account ID, wallet address, IP address |

| Internet/network activity (usage data, device info) | Yes | Login times, trades executed, page views, device fingerprint, browser type |

| Geolocation (country-level only) | Yes | Country of residence |

| Commercial information (evaluation/performance results) | Yes | P&L, trade history, risk metrics, account balance history, program enrollment |

| Professional information (trading patterns, strategy) | Yes | Instruments traded, timeframes, strategy rules followed, risk parameters |

| Inferences (derived characteristics) | Yes | Skill level (inferred from P&L and trade metrics), risk tolerance (inferred from strategy choices) |

| Sensitive personal information (SSN, precise geolocation, financial account credentials) | No | Not collected |

| Biometric information | No | Not collected |

We do not infer characteristics for advertising or cross-context behavioral targeting purposes.


2. HOW WE USE INFORMATION

We use the information described above to:

Operate, maintain, and improve the Services, including evaluation environments and account functionality

Process and display simulated trading performance data

Analyze usage trends and improve platform stability and security

Communicate with you about updates, support requests, or policy changes

Detect, investigate, and prevent fraud, abuse, unauthorized access, or attempts to compromise the Services

Comply with legal obligations and enforce our agreements

We will not use personal information for materially different purposes than those described here without providing notice and, where required by law, obtaining your consent.

Aggregated or de-identified data (data that no longer identifies you) may be used for analytics, research, and product development without further restriction.


3. BLOCKCHAIN AND WALLET DATA

Blockchain networks are public by design. Transaction data associated with a wallet address you use with the Services may be visible on public block explorers and other third-party infrastructure independent of us. We have no ability to modify, delete, or otherwise control data recorded on public blockchain systems. By using wallet-connected features, you acknowledge that this activity is inherently transparent and may be permanently and publicly recorded outside of our control.


4. HOW WE SHARE INFORMATION

We do **not sell** your personal information, and we do **not share** it with third parties for cross-context behavioral advertising purposes.

We may share information with:

**Service providers** who perform functions on our behalf (e.g., hosting, analytics, security monitoring, customer support), under contractual confidentiality and use restrictions

**Legal and safety recipients**, where we believe in good faith that disclosure is necessary to comply with law, respond to lawful requests from public authorities, enforce our agreements, or protect the rights, property, or safety of the Company, our users, or the public

**Successors**, in connection with a merger, acquisition, financing, or sale of some or all of our assets, subject to standard confidentiality obligations


5. DATA RETENTION

We retain personal information for as long as your account is active, and afterward for the longer of:

The period needed to resolve disputes, enforce our agreements, or satisfy legal/regulatory recordkeeping obligations; or

Three (3) years following account closure.

We retain aggregated or de-identified data without time limit. We will delete or anonymize information once these retention needs no longer apply.


6. YOUR PRIVACY RIGHTS

Depending on your location, you may have the right to:

**Access** the personal information we hold about you

**Correct** inaccurate information

**Delete** your personal information, subject to legal exceptions

**Restrict or object to** certain processing

**Port** your data to another provider in a portable format

**Opt out** of any sale or sharing of personal information (we currently do not engage in either)

**Not be discriminated against** for exercising these rights

To exercise any of these rights, contact us at **[PRIVACY CONTACT EMAIL]**. We will verify your request and respond within the timeframe required by applicable law (e.g., 30â——45 days under GDPR/CCPA). You may designate an authorized agent to act on your behalf where permitted by law.

**EU/UK users:** For purposes of the GDPR and UK GDPR, ProDAO Finance (operating as a sole proprietorship) acts as the data controller for personal information processed through the Services. Our legal basis for processing includes performance of our contract with you, our legitimate interests in operating and securing the Services, and compliance with legal obligations. As a U.S.-established sole proprietor processing EU/UK residents' data, we are in the process of appointing an EU/UK representative under Art. 27 GDPR / UK GDPR; until appointed, you may contact us directly at team@propdao.finance for all data subject requests. You have the right to lodge a complaint with your local data protection supervisory authority.

**Automated decision-making:** Evaluation results and payout determinations may be generated in part through automated performance scoring against pre-disclosed program rules. This processing does not produce legal or similarly significant effects based solely on automated decision-making without the opportunity for human review â—— you may request human review of any payout denial or adjustment by contacting **team@propdao.finance**.

**California residents:** You have rights under the CCPA/CPRA as described above. We have not sold or shared personal information in the preceding 12 months.


7. INTERNATIONAL DATA TRANSFERS

The Services may be operated and supported from multiple jurisdictions. Where we transfer personal information out of the EEA, UK, or other regions with data transfer restrictions, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms recognized under applicable law.


8. DATA SECURITY

We implement administrative, technical, and organizational safeguards designed to protect information against unauthorized access, loss, misuse, or alteration. No method of transmission or storage, over the internet or blockchain infrastructure, is completely secure, and we cannot guarantee absolute security.

In the event of a data breach affecting your personal information, we will notify affected users and relevant authorities without undue delay and within the timeframe required by applicable law â—— for example, within 72 hours of becoming aware of a breach where notification to a supervisory authority is required under Art. 33 GDPR, or within the timeframe specified by applicable U.S. state breach-notification statutes.


9. CHILDREN'S PRIVACY

The Services are intended only for individuals at least eighteen (18) years of age. We do not knowingly collect personal information from anyone under 18. If we become aware that we have done so, we will delete the information and may terminate the associated account. Parents or guardians who believe we have collected information from a minor may contact us at **team@propdao.finance** to request deletion.


10. THIRD-PARTY SERVICES

The Services may integrate with third-party services, including blockchain networks, wallet providers, and analytics or infrastructure partners. We are not responsible for the privacy practices of these third parties; your use of them is governed by their own policies.


11. MARKETING COMMUNICATIONS

If you receive marketing communications from us, you may opt out at any time using the unsubscribe link in those communications or by contacting **[PRIVACY CONTACT EMAIL]**. You cannot opt out of essential service-related communications (e.g., security notices, account confirmations) while maintaining an active account.


12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Material changes will be communicated through the Services or by other reasonable means before becoming effective. Continued use of the Services after the effective date constitutes acceptance of the revised policy.