Cider.trade Privacy Policy

Welcome to Cider.trade

This Privacy Policy applies to:

• www.cider.trade;
• Cider web applications;
• mobile applications;
• APIs;
• SDKs;
• trading interfaces;
• wallet integrations;
• execution and routing services;
• compliance tools;
• identity services;
• analytics products; and
• all related services provided by Cider (collectively, the "Services").

Our Privacy Philosophy

Cider is designed to minimize unnecessary collection of personal information.

We collect only the information necessary to:

• provide Services;
• execute user-directed transactions;
• support users;
• maintain platform security;
• comply with applicable laws;
• satisfy contractual obligations with service providers and partners; and
• improve platform functionality.

Cider does not sell personal information.

Transaction Information

When you use the Services, we may automatically collect information relating to user-directed transactions.

This may include:

• wallet addresses;
• blockchain addresses;
• transaction hashes;
• asset types;
• asset amounts;
• chain identifiers;
• destination addresses;
• routing information;
• exchange execution information;
• order information;
• execution timestamps;
• liquidity venue information;
• device information;
• IP addresses; and
• related technical metadata.

("Transaction Information")

Transaction Information is used solely to:

Transaction Information — Use

• facilitate transactions;
• provide execution services;
• support customer inquiries;
• maintain platform security;
• detect fraud and abuse;
• comply with legal obligations; and
• improve platform performance.

Transaction Data Retention

Cider retains transaction-related information only for as long as reasonably necessary for:

• transaction execution;
• customer support;
• operational monitoring;
• security reviews;
• dispute resolution;
• legal obligations; and
• regulatory compliance.

Retention periods may vary depending on:

Transaction Data Retention — Factors

• transaction type;
• applicable law;
• partner requirements; and
• ongoing investigations.

Following expiration of the applicable retention period, data is securely deleted or anonymized.

Wallet Information

When you connect a wallet to the Services, we may collect:

• public wallet addresses;
• wallet type;
• blockchain network information;
• transaction history associated with connected wallets;
• balances required for platform functionality;
• digital asset holdings visible through public blockchain records; and
• wallet interaction data.

Cider does not take custody of user assets unless expressly disclosed through a separate custodial arrangement.

Private keys remain under user control unless otherwise disclosed and agreed.

Identity and Compliance Information

Certain Services may require identity verification, sanctions screening, risk assessments, fraud prevention reviews, or compliance monitoring.

In such cases, Cider or its approved service providers may collect:

• full name;
• date of birth;
• residential address;
• email address;
• phone number;
• government-issued identification;
• proof of address;
• corporate formation documents;
• beneficial ownership information;
• source of funds information;
• sanctions screening results; and
• risk assessment data.

Such information may be collected directly or through approved third-party compliance providers.

Communications

When you contact Cider through:

• email;
• support tickets;
• chat systems;
• social media platforms;
• messaging applications; or
• community channels,

we may collect information you voluntarily provide, including:

Communications — Information Collected

• names;
• email addresses;
• usernames;
• social media handles;
• telephone numbers; and
• communication content.

We use this information solely to:

Communications — Use

• respond to inquiries;
• provide support;
• improve services; and
• maintain platform security.

User Content

Users may voluntarily submit information including:

• documents;
• files;
• images;
• feedback;
• bug reports;
• feature requests;
• compliance documentation; and
• other content.

We may retain such content as reasonably necessary to:

User Content — Retention Purposes

• provide Services;
• resolve disputes;
• investigate fraud;
• satisfy legal obligations; and
• protect our rights.

Information Collected Automatically

When you access the Services, we may automatically collect:

• browser type;
• operating system;
• device identifiers;
• session information;
• usage statistics;
• referral URLs;
• timestamps;
• geolocation data;
• network information; and
• analytics information.

This information helps us:

Information Collected Automatically — Use

• maintain platform security;
• improve user experience;
• troubleshoot issues;
• monitor performance; and
• detect suspicious activity.

Information from Third Parties

We may receive information from:

• blockchain analytics providers;
• compliance providers;
• custodians;
• exchanges;
• liquidity providers;
• payment processors;
• identity verification vendors;
• wallet providers;
• business partners;
• publicly available blockchain records; and
• publicly available information sources.

We may combine such information with information already collected through the Services.

How We Use Information

We may use collected information to:

1. Provide and operate the Services;
2. Facilitate transactions and routing;
3. Authenticate users;
4. Verify identities;
5. Conduct compliance reviews;
6. Prevent fraud and abuse;
7. Monitor platform security;
8. Respond to support requests;
9. Improve products and services;
10. Conduct analytics and research;
11. Communicate with users;
12. Enforce agreements and policies;
13. Meet legal and regulatory obligations;
14. Protect users and the platform; and
15. Develop new products and services.

Disclosure of Information

Cider may disclose information in the circumstances described below.

Disclosure of Information — Service Providers

We may share information with service providers that assist in:

• transaction execution;
• custody services;
• compliance services;
• infrastructure hosting;
• cybersecurity;
• analytics;
• customer support; and
• payment processing.

These providers are contractually required to protect user information.

Disclosure of Information — Exchange and Liquidity Partners

Where transactions are routed through third-party exchanges, brokers, custodians, liquidity providers, or execution venues, limited information may be shared as necessary to facilitate user-directed transactions.

Disclosure of Information — Corporate Transactions

Information may be disclosed in connection with:

• mergers;
• acquisitions;
• financings;
• reorganizations;
• asset sales; or
• insolvency proceedings.

Disclosure of Information — Legal and Regulatory Requirements

We may disclose information where required to:

• comply with applicable laws;
• satisfy regulatory obligations;
• respond to lawful requests;
• prevent fraud;
• investigate criminal activity;
• protect rights and property; or
• protect users and the public.

Disclosure of Information — Consent

We may disclose information where a user has expressly consented to such disclosure.

Blockchain Transparency

Users acknowledge that blockchain networks are public and immutable.

Transactions executed on public blockchains may be permanently visible to:

• blockchain participants;
• blockchain analytics providers;
• regulators;
• exchanges; and
• the general public.

Cider cannot modify, delete, or obscure information that is publicly recorded on a blockchain.

International Data Transfers

Information may be processed in jurisdictions outside a user's country of residence.

By using the Services, users acknowledge that their information may be transferred to and processed in other jurisdictions where privacy laws may differ.

Security

Cider maintains administrative, technical, and physical safeguards designed to protect information against:

• unauthorized access;
• misuse;
• disclosure;
• alteration; and
• destruction.

No security system can guarantee absolute security, and users acknowledge the inherent risks associated with internet-based services and blockchain technologies.

Children's Privacy

The Services are intended solely for individuals who are at least 18 years of age.

Cider does not knowingly collect information from individuals under 18 years of age.

Third-Party Services

The Services may contain links to third-party websites, exchanges, custodians, applications, or services.

Cider is not responsible for the privacy practices of third parties.

Users should review the privacy policies of all third-party services independently.

User Rights

Subject to applicable law, users may have rights to:

• access information;
• correct information;
• request deletion;
• restrict processing;
• object to processing; and
• withdraw consent where applicable.

Requests may be submitted through Cider Support.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

Updated versions will be posted on the Services with a revised effective date.

Continued use of the Services following any update constitutes acceptance of the revised Privacy Policy.

Contact Information

For questions regarding this Privacy Policy, please contact:

Cider.trade Compliance Department

Email: compliance@cider.trade

Website: www.cider.trade

Support: support@cider.trade