Privacy Policy

Last Updated: October 1, 2025

This Privacy Policy (this "Policy") describes how Labyrinth and its affiliates ("Labyrinth", "us" or "we") may collect, use and disclose personal information in connection with your access to and/or use of our websites (including https://www.labyrinth.ac ), mobile applications, and any related services, sales, marketing or events (collectively, the "Services"). For the purposes of this Privacy Policy, "you" and "your" means you as the user of the Services.

Your access to or use of the Services is subject to this Policy as well as our Terms of Service and any documents and additional terms or policies that expressly incorporate the Terms of Use (collectively, the "Terms"). Please read this Policy and the Terms carefully to ensure you understand them. If you do not agree to this Policy, please do not use, access or download any of the Services.

We may update this Policy from time to time. If we make any changes, we will change the Last Updated date at the top of this Policy. We encourage you to periodically review the Policy for the latest information on our privacy practices. Any modifications to this Policy will be effective upon our posting of the updated Policy. In all cases, your continued use of the Services following the posting of any updated Policy indicates your acceptance of the updated Policy.

1. Personal Information We Collect

When you access or use the Services, we collect minimal information necessary for the protocol to function.

Personal Information You Give Us

We may collect the following personal information you provide directly to us in connection with the Services:

Your Communications with Us. If you contact us at [email protected] for support or information, we will collect the email address you used to contact us and the content of your communications.

Wallet Connection. When you connect your digital wallet ("Wallet") to use the Labyrinth protocol, we collect your public wallet address and a signature for registration on the Labyrinth protocol.

Transaction Data. We store encrypted transaction records to maintain protocol functionality. Your public blockchain transaction history is visible on the blockchain itself.

Information Collected Automatically

We do not use cookies, web beacons, or tracking technologies. We do not collect device information, IP addresses, location information, or usage analytics when you visit our website.

Information Collected from Third Parties

Blockchain Information. We may obtain information about your wallet address through analysis of publicly available blockchain information.

2. Legal Basis for Processing

• Provide, maintain, support and improve the Services and respond to inquiries related to the same;
• Enable your interaction with the Labyrinth protocol;
• Process blockchain transactions you initiate;
• Comply with our legal and regulatory obligations;
• Prevent, detect and investigate fraudulent, abusive or harmful activities;
• Debug to identify and repair errors with our Services;
• Enforce the Terms, this Policy and/or other applicable agreements, terms or policies; and
• Take certain actions that you have asked us to.

3. How We Share Information

In certain circumstances, we will share your information with third parties with your consent, as necessary, or as otherwise required or permitted by law. Specifically, we share your personal data:

• With service providers and vendors: We use MongoDB to store encrypted transaction records and hosting services for our domain.
• When you request us to share certain information with third parties: With your permission, we may share your personal data with relevant third parties.
• With professional advisors, in our legitimate interests or as required by law: As necessary, we will share your personal data with professional advisors such as auditors, law firms, cybersecurity specialists, data analysis organizations, and/or consulting or accounting firms.
• For legal and security reasons and to protect our services and business: We will share your personal data with regulators, law enforcement agencies, public authorities, or any other relevant organizations: (i) in response to a legal obligation; (ii) if we have determined that it is necessary to share your personal data to comply with applicable law or any obligations thereunder, including cooperation with law enforcement, judicial orders, and regulatory inquiries; (iii) to protect the interests of, and ensure the safety and security, of us, our users, a third party, or the public; (iv) to exercise or defend legal claims; and (v) to enforce our terms and conditions, other applicable terms of service, or other agreements.
• With our affiliates: We may share your personal data with our subsidiaries.
• In connection with business transactions: We may share your personal data with relevant third parties as necessary while negotiating or in relation to a change of corporate control such as a restructuring, merger, or sale of our assets.

4. Location of Personal Information

Please be aware that personal information we collect may be transferred to, processed, stored, and used in Switzerland and other jurisdictions.

Data protection laws in Switzerland are governed by the Swiss Federal Act on Data Protection (FADP) and may be different from those of your country of residence. Your use of the Services or provision of any information therefore constitutes your consent to the transfer to and from, processing, usage, sharing, and storage of information about you in Switzerland and other jurisdictions as set out in this Policy.

Your personal information may be transferred to and stored or processed in countries outside Switzerland, including outside the European Economic Area ("EEA"), in order to provide the Services. We will take steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Policy. Switzerland has been recognized by the European Commission as providing an adequate level of data protection, which facilitates data transfers between Switzerland and the EEA.

5. Your Choices and Your Rights

You may have choices about the collection and use of information about you. You can choose not to provide certain information, but then you might not be able to use the Services.

Communications. If you do not want to receive messages/communications from us, please contact [email protected].

Under the Swiss Federal Act on Data Protection (FADP), you have the following rights in relation to your personal data:

• Right of access: to your personal data that we hold, information on how we use it, and who we share it with;
• Right to rectification: request the correction of inaccurate or incomplete personal data we hold about you;
• Right to deletion: deletion or removal of your personal data, in certain circumstances (note that blockchain data cannot be deleted);
• Right to object: objection to the processing of your personal data, in certain circumstances;
• Right to restriction of processing: restriction of the processing of your personal data, in certain circumstances;
• Right to data portability: we will endeavor to provide you with a copy of the personal data that we hold about you in a structured, commonly used, machine-readable format;
• Right to withdraw consent: where we rely on consent to process personal data.

You may submit a written request concerning the processing of your personal data to [email protected]. Please note that we do not store user-specific personal data, so there are no data control functionalities available. Blockchain data and encrypted transaction records stored in MongoDB are permanent.

Note that these rights apply only in certain circumstances and all of these rights may be limited by law.

6. Social Networks and Other Third Party Websites and Links

We may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of these sites. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators.

7. Third Party Wallet Extensions

Certain transactions conducted via our Services require you to connect a Wallet to the Services. By using such Wallets to conduct such transactions via the Services, you agree that your interactions with such third party Wallets are governed by the privacy policy for the applicable Wallet. We expressly disclaim any and all liability for actions arising from your use of third party Wallets.

8. Children’s Personal Information

The Services are intended for general users who are 18 years of age or older, and are in no way directed at children. We do not knowingly collect personal information from children. If you believe such information has been collected in error, please email [email protected] to notify us of this.

9. Retention of Information

• Blockchain data: Permanent (inherent to blockchain technology)
• MongoDB encrypted transaction records: Permanent (for protocol functionality)
• Communications: If you contact us, we retain your message as long as necessary to respond and for legal compliance

10. Periodic Reviews and Updates to Policy

This Policy takes into account the requirements of the Swiss Federal Act on Data Protection (FADP) and general Privacy Principles. Individuals located in the European Union ("EU") may have rights under the EU General Data Protection Regulation 2016/679 ("GDPR"). Please note that you can file a complaint with the Swiss Federal Data Protection and Information Commissioner (FDPIC) if you believe we have infringed data protection laws. If you are located in the EU, you can file a claim with the data protection supervisory authority in the EEA country in which you live or work or where you think we have infringed data protection laws.

We may review and update this Policy from time to time. Updates to our Policy will apply only to information collected after the date of the change. If we make material changes to the Policy, we will note on our Website that the Policy has been updated and update the Last Updated date at the top of this Policy.

11. Contact Us

Labyrinth is the controller of the personal information we process under this Policy.

Should you have any questions or complaints about our privacy or data-protection practices, your personal data, or this Policy, please email us at [email protected].

Labyrinth

Any additional information please contact us at [email protected]