Privacy Policy

This Privacy Policy (this "Policy") was last updated on and is effective as of November 5, 2024.

Global Wallet, a product service and/or app developed and made available by Cube, Inc. (the "Services"), a Delaware corporation ("Cube", "we", "our" or "us"). Our goal is to offer an interface and software development kit ("SDK") that allows users to generate a digital asset wallet upon request. Please read on to learn about Cube's information practices with regards to its users ("you" or "your").

This Privacy Policy (this "Policy") sets forth Cube's policy with respect to information that identifies you or can be used to identify or contact you ("Personal Information"), that is collected from you through the Services. This Policy is incorporated into, is part of, and is governed by Cube's Terms of Service (the "Terms of Service").

The Services and our product offerings may change from time to time. As a result, at times it may be necessary for Cube to make changes to this Policy. We will not make changes that result in significant additional uses or disclosures of your Personal Information without allowing you to "opt in" to such changes. We may also make non-significant changes to this Policy that generally will not significantly affect our use of your Personal Information, for which your opt-in is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Services. Your continued use of the Services following the posting of non-significant changes to this Policy constitutes your acceptance of those changes.

To the extent that the Services are available to individuals located in the European Economic Area and the United Kingdom, this Policy sets out our practices and obligations under the General Data Protection Regulation 2016/679 (the "GDPR"). If an organization with which you are associated (our "End Customer") signs up to use our Services, we may receive Personal Information about you in connection with our provision of the Services to the End Customer. To the extent we process (as defined in the GDPR) that Personal Information solely in order to provide the Services to the End Customer, under the GDPR, to the extent applicable, we will act as a processor (as defined in the GDPR) on behalf of the End Customer in respect of that Personal Information; this Policy will not apply to the processing of that Personal Information and the End Customer will act as a controller (as defined in the GDPR) in respect of that Personal Information and is responsible for obtaining all necessary consents and providing you with all requisite information as required by applicable law. To the extent we process your Personal Information for any other lawful business purpose of ours, under the GDPR, to the extent applicable, we will act as a controller of such Personal Information and this Policy will apply to the processing of such Personal Information.

1. Information Collected

When you apply to use the Services, and specifically when you are setting up your Global Wallet account, you will come in through a web browser, either in desktop or mobile form, and you will use your gmail, another email, or a digital asset wallet; therefore, those service providers' terms and conditions, and privacy policies, will apply. You will then be directed to privy.io, a third party service provider, for authentication. All information collected through privy.io is governed by Privy's Privacy Policy, and is not collected or stored by us. However, we will be able to access the authenticated account information about you as a user, such as the email or wallet address you signed up with, via the Privy Dashboard and API that Privy shares with us.

Then, once you have set up your account and are directed to us, we may collect Personal Information and other information from you, as further described below:

Personal Information About You and Your Account:

We collect Personal Information from you only when you voluntarily provide such information. For instance, we may have access to the following information about you: your email or wallet address you signed up with (available to us via the Privy Dashboard and API), discord username (if you elect to provide it), twitter username (if you elect to provide it), your Global Wallet address, when your account was created, when you last logged into your account, and/or access credentials for the Services. We will not store any information for you about any transactions you make using your Global Wallet. However, records of these transactions will be publicly available onchain.

By voluntarily providing us with Personal Information, you are consenting to our use of it in accordance with this Policy. If you provide Personal Information to Privy or us, you acknowledge, agree, and expressly consent that such Personal Information may be transferred from your current location to our offices and servers and authorized third parties referred to herein. For clarification, your Personal Information may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Services may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such information. By using the Services and submitting such information on it, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to us to: (a) process and disclose such information in accordance with this Privacy Policy; (b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personally identifiable information (as determined by the European Commission); and (c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. If you are a user accessing the Services from a jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the Services are governed by the internal laws of the United States and Delaware, USA, regardless of your location.

Other Information:

Non-Identifiable Data: When you interact with us to access or use the Services, we may receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you, unless it is combined with Personal Information. We may store such information itself or such information may be included in databases owned and maintained by affiliates, agents, business partners or service providers. We may use such information and pool it with other information to track, for example, the total number of visitors who consider, request and/or sign up for the Services, the number of visitors who consider, request and/or sign up for the Services as compared to other services or products. It is important to note that we do not use Personal Information in this process.

Aggregated Information: In an ongoing effort to better understand and serve the users of the Services, we may conduct research on customer demographics, interests and behavior. This research may be compiled and analyzed on an aggregated basis, and we may elect to share this data with affiliates, agents, and third party service providers. This aggregated information would not identify you personally. We may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes, but again, this aggregated information would not identify you personally.

2. Use of Information

We use the Personal Information you provide in a manner that is consistent with this Policy and to the extent that the law allows. Pursuant to the GDPR, legal bases for our processing your Personal Information may include (without limitation):

(a) where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;

(b) where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Services or otherwise); and/or

(c) where it is necessary for the purposes of our legitimate interests (or those of a third party) in providing the Services and your interests or fundamental rights and freedoms do not override those legitimate interests.

If you provide Personal Information for a certain reason, we may use the Personal Information in connection with the reason for which it was provided. For instance, if you contact us by e-mail, we will use the Personal Information you provide to answer your question or resolve your problem. In addition to the foregoing purposes, we and our affiliates may use your information to: (a) improve the content and functionality of the Services and provide the Services; (b) better understand our users; (c) improve our marketing and promotional efforts and customize the Services' content, layout, and Services to better suit your needs; and (d) resolve disputes, troubleshoot problems and enforce the Terms of Service or any other agreement we may have with you.

3. Disclosure of Information

There are certain circumstances in which we may share your Personal Information or other information with third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might sell or buy businesses or assets or receive funding. In the event of a corporate sale, merger, reorganization, dissolution, strategic investment by a third party, or similar event, Personal Information may be shared in connection with any of the foregoing and/or as part of the transferred assets.

Related Companies: We may also share your Personal Information with our affiliates for purposes consistent with this Policy.

Agents, Consultants and Third Party Service Providers: Cube, like many businesses, sometimes hires other companies or individuals to perform certain business-related functions. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function.

Legal Requirements: We may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation, including lawful requests by public authorities, including to meet national security or law enforcement requirements, (b) protect and defend our rights or property, (c) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (d) identify, contact or bring legal action against someone who may be violating the Terms of Service or other agreement with us, to detect fraud, or for assistance with a delinquent account.

4. Security

We will take reasonable steps to protect the Personal Information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet, onchain or e-mail transmission is ever fully secure or error free. In particular, e-mails sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Information to us.

5. Third Parties

This Policy applies only to the Services. The Services may link or connect you to other websites, products and services not operated or controlled by us. The policies and procedures described here do not apply to the Third Party websites, products or services, though we will do our best to identify third party service providers that we interact with upon request. Any links do not imply that we endorse or have reviewed the Third Parties' Terms of Service, Privacy Policies, policies and procedures for collecting, using or storing information. We suggest contacting those sites, services, entities or persons directly for information on their privacy policies.

6. Children's Online Privacy Protection

The Services are not designed for or directed to children under the age of 13. We do not knowingly collect Personal Information from children under the age of 13. In fact, as currently operated persons under the age of 18 may not use the Services. By providing information to us, you represent that you are 18 years of age or older.

7. Exclusions

This Policy does not apply to any Personal Information collected by us other than Personal Information collected through the Services. This Policy shall not apply to any unsolicited information you provide to us through the Services or other means. This includes any ideas for new products or modifications to existing products, email inquiries, and other unsolicited submissions (collectively, &quote;Unsolicited Information&quote;). All Unsolicited Information shall be deemed to be non-confidential, and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

8. Access to Information; Contacting Us

We generally use Personal Information as described in this Policy or the Terms of Service or as authorized by you or as otherwise disclosed at the time we request such information from you. You generally must "opt in" and give us permission to use your Personal Information for any other purpose. You may also change your preference and "opt out" of receiving certain marketing communications from us by following the directions provided in association with the communication or such other directions we may provide or by contacting [email protected].

Under certain circumstances and in compliance with the GDPR, you may have the right to:

• Request access to your Personal Information (commonly known as 'subject access request'). This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it;
• Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
• Request erasure of your Personal Information. This enables you to ask us to delete or remove your Personal Information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your Personal Information in certain circumstances;
• Object to processing of your Personal Information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
• Request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information, for example, if you want us to establish its accuracy or the reason for processing it;
• Request the transfer of your Personal Information to another party; and
• Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your Personal Information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.

You may also make similar access, correction, or take-down requests, depending upon where you reside and/or your country of citizenship, pursuant to the laws of your jurisdiction. If you want to review, verify, correct or request erasure of your Personal Information, object to the processing of your Personal Information, or request that we transfer a copy of your Personal Information to another party, please contact [email protected].

Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your Personal Information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all Personal Information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

To keep your Personal Information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Information in our possession that you have previously submitted via the Services. Please also feel free to contact us if you have any questions about this Policy or our information practices.

We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it, or as otherwise required by law.