Last Updated: December 2023

This Privacy and Cookie Policy (“Policy”) governs the access to and use of all parts of the website and services branded as LFi Platform (“LFi”, “we”, “our”, “us”) and referring to the domain https://lfi.io (hereinafter referred as the “Platform”) and all documents, data, materials or other information made available on the Platform.

This Policy applies to all visitors and/or users (“User”, “you”, “your”) who act in their own personal capacity. Please read this Policy along with our Terms and Conditions carefully, and note that by using LFi, you are consenting to the collection, storage, processing, and transfer of your personal information as described in this Policy.

1. Definitions

1.1 “Account” means the account created on the Blockchain ID to use the services offered by the LFi Platform.

1.2 “Blockchain ID” is an intermediary platform that operates as a unified sign-on system enabling Users to access Third-Party Partners services and products offered on their platforms, which encompasses platforms such as Blockchain Era, TBE, LyotechLabs, and LFi platform.

1.3 “Personal Data” refers to any information that relates directly or indirectly to a natural person whether living or deceased, who is identified or identifiable from that information, or from that and other information.

1.4 “Third-Party Partner” means the service providers and third-parties with which we have service agreements to expand the range of services and products accessible across LFi Platform to its Users and community members. However, each one is governed by their own terms and policies. LFi does not exercise any control or management over these Third-Party Partners websites. Users should display her/his/their own due diligence to read and understand each one of the legal documentation governing those products and services.

1.5 “Third-Party Partner Websites” means the platforms provided by those Third-Party Partners to display and inform about their products and services available to LFi Members.

2. Purpose

2.1 LFi knows and understands how important it is for the User to understand how we collect, store, process, share, and use Personal Data. We respect and protect the privacy of our Users Personal Data in our Platform.

2.2 The purpose of this Policy is to describe how LFi collects, processes, and manages Users Personal Data through the Platform, which is developed to offer our services. For data protection matters related to Third-Party Partners Platforms, services and products, Users should contact the involving service provider directly.

3. Acceptance

3.1 By using or accessing the Platform, you agree to be bound by this Policy and all supplementary agreements, including the Terms and Conditions, the Delivery, Warranty, and Return Policy, and any other subsequent and supplementary agreement related to the present document and the operations of LFi.

4. User Login Credential Information

4.1 To properly use our Platform, Users are required to create an Account under our Third-Party Partner Website, Blockchain ID. This process involves sharing your Personal Data not only with us but also with Third-Party Partners. Users should acknowledge that their responsibility encompasses reading and understanding the privacy policies of each Third-Party Partner Website.

4.2 Each Third-Party Partner Website maintains its own distinct privacy policy that governs the collection, utilization, and processing of your Personal Data. It is your responsibility to read and understand the extent of the terms and practices outlined in the respective privacy policies on how your Personal Data is accessed, employed, and managed across the different platforms available within the ecosystem.

4.3 Users grant LFi permission to use their Personal Data as required to provide services on the Platform.

5. Collected Personal Information

5.1 LFi collects and retains User’s Personal Data to facilitate, advance, and improve our array of products and services. This encompasses the development of technical infrastructure, reinforcement of security measures, adherence to compliance standards, prevention of fraud, and provision of robust customer support. Additionally, it is imperative to acknowledge that your Personal Data will also be collected in line with the prerequisites of our Third-Party Partner Websites.

5.2 The Personal Data we collect from our Users are:

5.2.1 Users - Natural person

• Full name.

• Date of birth.

• Email address.

• Gender.

• Residence address.

• Nationality.

• Country code.

• Telephone number.

• Referral activities on Third-Party Partner Websites.

• Wallet address.

• Transaction details.

5.2.2 Users - Legal entity

• Company name.

• Company registration number.

• Country of incorporation.

• Country of operation.

• Registered address.

• Details of the authorized person of the entity.

• UBO details and proof of address.

• A copy of the certificate of incorporation.

• Shareholder registry.

• Director registry.

• General information about the nature of business.

• Wallet address.

• Transaction details.

5.2.3 Browser Information

• IP address.

• Login information.

• Browser type and version.

• Time zone setting.

• Platform.

• Operating system.

• Transaction history.

• Pages accessed and links clicked.

6. Usages of Personal Data

• To communicate with the User.

• To provide our services.

• To comply with legal and regulatory compliance.

• To detect and prevent fraud and credit risks.

• To provide, troubleshoot, and improve LFi Services.

• To enforce our terms in our Term of Use.

• To provide customer services.

• To ensure quality control.

• To ensure network and information security.

• To enhance and personalize User experience.

• To facilitate corporate acquisitions, mergers, or transactions.

• To engage in marketing activities.

• For transaction services.

• Purposes for which we seek User’s consent.

7. Data Transfer

7.1 LFi may share User’s Personal Data with specific Third-Party Partners, which include Third-Party Partners Websites, encompassing business suppliers, distributors, and subcontractors. Sharing Personal Data becomes essential for the effective delivery of our products and services or in instances where a legal basis mandates such sharing. Please note that the aforementioned Third-Party Partner Websites are authorized to collect, utilize, and disclose your information as directed by us, ensuring that the services provided are comprehensive and aligned with our standards.

7.2 Your Personal Data may be subject to transfers between integrated Third-Party Partner platforms based on the needs to provide efficiency and better user experience to our community members. Please be aware that these transfers may be conducted without prior notice to you. Your continued engagement with our services signifies your acknowledgment and acceptance of this data transfer mechanism.

7.3 We further ensure that we comply with the applicable data protection legal norms and we shall only share information in the following circumstances:

7.3.1 With applicable regulatory and governmental bodies.

7.3.2 With third-party KYC/AML service providers to LFi (if applicable) or any of the Third-Party Partner Websites to perform verification services in the User onboarding process.

7.3.3 With service providers under contracts to operate the business. For instance and not limited to:

• Cloud storage.

• Network infrastructure.

• Security.

• Customer support.

• Marketing.

• Data analytics.

• Payment process.

7.3.4 We transfer only the minimum amount of data necessary for a particular outsourced service provider(s) (if applicable), and we only cooperate with the outsourced service providers who can provide and ensure adequate level of Personal Data protection.

7.4 LFi ensures that the service providers and affiliates/business partners who process personal information acknowledge the confidentiality of this information and protect the User’s right to privacy by complying with all applicable privacy and data protection laws.

7.5 Each Third-Party Partner Website may have its own data transfer clauses, terms of use, and privacy policies governing how your information is handled, processed, and shared. By using our Platform to access the services of Third-Party Partner Websites, you acknowledge and agree to adhere to the data transfer clauses and privacy policies of those Third-Party Partner Websites.

8. Protection and Storage of Personal Data

8.1 LFi maintains physical, technical, administrative, and procedural safeguards in connection with the collection, storage, and disclosure of the User’s Personal Data. We use firewall barriers, encryption techniques, and authentication procedures to maintain the security of User’s online sessions.

9. Data Retention

9.1 LFi is responsible for retaining either the original or a precise copy of all data and information acquired from its Users. This retention will be in a format that is readily accessible for a seven (7) years period following the conclusion of your involvement with our services, as well as those offered by our Third-Party Partner Websites on which our services are engaged. Any Personal Data provided by you will be securely maintained by us until the point at which you choose to request the termination of our association. Variation in this period of retention might change based on the type of interaction of each User with the platform, products and services, and compliance with requirements from governmental authorities.

9.2 LFi shall take reasonable measures to ensure that all Personal Data is destroyed or permanently deleted if it is no longer required for the purpose of providing our services for which it was processed and in certain circumstances, if required by law, we may not destroy any relevant records or Personal Data even though the prescribed period for retention shall have elapsed.

9.3 Information or data collected via technical means such as cookies, web page counters, and other analytics tools is kept for a period of up to twelve months from the expiry of each specific cookie, as defined under Section 12.

10. Data Protection Law and the European Data Protection Rights

10.1 This Policy is governed by and shall be construed in accordance with the data protection laws of the British Virgin Islands. Additionally, the highest standard of data protection, as set under the General Data Protection Regulation ("GDPR"), shall also apply to the processing of personal data covered by this Policy.

10.2 According to the GDPR, LFi provides privacy notices:

• In a concise, transparent, intelligible, and easily accessible form.

• Written in clear and plain language.

• Delivered in a timely manner; and

• Provided free of charge.

10.3 If the Users are located in the European Economic Area (EEA), you will have the rights as described below.

10.3.1 You may request access to and receive information about the Personal Data we maintain about you, update and correct inaccuracies in your Personal Data, restrict or object to the processing of your Personal Data, have the information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Data to another company. 10.3.2 You may withdraw any consent you previously provided to us regarding the processing of your Personal Data, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdraw your consent. 10.3.3 If you are located in the EEA, we will comply with applicable GDPR law and related regulations when transferring your Personal Data outside of the EEA.

11. Rights Protected under the GDPR

11.1 Under certain circumstances, Users have rights under data protection laws in relation to Personal Data which as indicated below.

11.1.1 Request access - This enables you to receive copies of your Personal Data we hold about you and to check that we are lawfully processing it. This is also commonly known as a "data subject access request". This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

11.1.2 Request eraser - This enables you to request us to delete or remove Personal Data where there is no good reason for us to continue to process it. Please note that there may be circumstances where we may be legally entitled to retain your Personal Data.

11.1.3 Request to Restrict Processing - This enables you to object to the processing of your Personal Data, which is processed based on our legitimate interests. In the event of such an objection, we will no longer process your Personal Data, unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.

11.1.4 Request to Object Processing - You have the right to object to the processing of your Personal Data where we are relying on a legitimate interest (or those of a Third-Party Partner) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes.

11.1.5 Request to transfer - Under previous request in written form LFi can transmit your Personal Data in a structured, commonly used, machine-readable format to another controller. Note that this right only applies to automated information that you initially provided consent for us to use or where we used the information to perform a contract with you.

12. Cookie Policy

12.1 Cookies are small text files that are placed on your device like a computer, mobile, or any other device by a website, containing details of your browsing history. In simple terms it is explained as that it contains information about your browsing activity. Whenever the User visits our Platform, the website sends a cookie to the device you are using to access our Platform. Your device automatically stores the cookie in a file that’s located within your website browser.

12.2 Cookies allow our Platform to recognize the User's device. When you revisit a site, the website will respond in a more personalized way, remembering your preferences, and it will make your page load faster. Cookies set by our operators are called “First party cookies,” set by parties other than our Platform to enable Third-Party Partners features or functionality to be provided on or through the website for instance such as advertising, interactive content, and analytics.

12.3 We use the following cookies to operate our Platform, such as:

12.3.1 Session Cookies are temporary and expire once you close your browser. It stores information for the time, or session when you are on our Platform.

12.3.2 Persistent Cookies encompass all cookies that remain on your hard drive until you erase them or your browser does it. It depends on the cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary.

12.3.3 First-Party Cookies are placed on your device directly by our Platform.

12.3.4 Third-Party Cookies are placed on your device, not by our Platform, but by a third party like an advertiser or an analytic system. Generally, Third-Party Cookies consist of tracking cookies used to identify online behavior, understand interests, and then customize advertising the User on other websites. Any information obtained from Third-Party Cookies is processed by the respective Collaborative Partners.

12.3.5 Google Analytics Cookies to measure our User’s interactions with the content on our Platform. These cookies collect information about your interactions with our Platform, such as unique visits, repeat visits, session duration, and website activity.

12.3.6 Essential Cookies are known as strictly necessary cookies for you to browse our Platform and use its features, such as accessing secure areas of our Platform. These cookies are generally First-Party Session Cookies. These cookies do not require consent from you. Essential cookies help to make our Platform easy to use by providing basic functions such as page navigation, language selections, authorization, and filling in forms. Our Platform will not function without these cookies and they cannot be disabled. These cookies do not reveal the User’s identity or collect information. They are stored on the User’s device until the browser is closed.

12.3.7 Functionality Cookies allow our Platform to remember choices you have made in the past like what language you prefer, what region you would like, or what username and password are so you can automatically log in. We use cookies for navigation and to facilitate your access to and use of this site. These cookies are necessary for the transmission of communications on the network or to supply services whatever requested by you. Further, they help us to know which pages are the most and least popular and see how visitors move around the website.

12.3.8 Performance Cookies collect information about how you use our Platform, like which page you visited and which link you clicked on. None of this type of information can be used to identify you. The sole purpose of performance cookies is to improve our Platform functions. Analytics may collect information through log data, such as; (i) IP address, (ii) Type of browser and device, (iii) Operating system, (iv) Name of the Internet Service Provider, (v) Country information, (vi) Date and time of visit, (vii) Web page origin and exit.

12.3.9 Marketing Cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an ad. These cookies can share information with other organizations or advertisers. However, these are Persistent Cookies which are third-party-proven. These cookies may be set through the website by our advertising partners. If you do not allow these cookies, you will experience less targeted advertising.

12.4 You reserve the right to decide whether to accept or reject cookies from our Platform. You can exercise your cookie rights by setting your preferences in the Cookie Consent Manager. However, you will not be able to reject the Essential Cookies, as they are strictly necessary to provide you with the products and services available on LFi Platform. In the event you choose to reject cookies, you may still use our Platform though your access to some functionality and areas of our Platform may be restricted. You may also set or amend your web browser controls to accept or refuse cookies. Be conscious of rejecting or disabling cookies, which may affect the functionality of our Platform. Therefore, it is recommended that you do not disable cookies.

13. Privacy Terms in using digital assets and blockchain

13.1 The digital assets and/or digital tokens are recorded on a public blockchain. It is a ledger which means a chain of blocks where each block contains the recording of any data transmission. Blockchains are decentralized or third-party networks that are not controlled or operated by any Third-Party Partner service provider affiliates or business partners of LFi, and we have no access or authority to erase, modify, or alter any personal data that could be available in such networks.

14. Modifications

14.1 We reserve the right, at our sole discretion, to modify, amend, supplement, or replace this Policy at any time and such update details shall be indicated at the top of this page. Our Platform Policies and Terms may be revised or updated periodically to meet the necessary requirements and standards. We encourage you to regularly visit our Platform to stay informed about any changes to these Policies and the Terms. Your continued access to the Platform means that you agree to the updated content and to abide by the updated Policy.

15. Contact information

15.1 In the event of any comments, questions, inquiries, or complaints regarding this Policy, the User has the right to submit questions and/or concerns at support@.lfi.io