Privacy Policy

1.1 STC processes personal data provided by data subjects themselves or collected when they use our Services: Registration information required for registering the Services. When you choose to sign up for our Service through your Google account (or any other third-party account permitted by STC), you are also authorizing us to receive, store, and use such information that you have agreed that Google or such other third parties could provide to us through their application programming interface.

1.2 Information you may provide when you communicate with us by phone, e-mail, or otherwise. Provided you have been duly informed by us, we may monitor and record phone calls, e-mails, live chats, or other communications between you and our Service representatives or other STC's representatives, to improve and monitor the quality of our Services. You may provide your information through web forms to be contacted by us or to submit your request or query to us.

• (1) You may provide us information we need to check your identity as part of our KYC procedures. According to Art. 957 OR, these information will be stored for 10 years.
• (2) You may provide information on behalf of another person or entity. If you completed the registration on behalf of another entity or if you otherwise provide information regarding another person or entity, you represent to us that you were authorized by that person or entity to use the submitted information.
• (3) You may provide your personal information such as your mobile device information, action history, transaction history, wallet address, etc.
• (4) When you are directed to a third-party DApp, the DApp will collect personal information from you and you may provide these data. GlobalForce does not keep the personal information collected by the third-party DApp. We need to access your camera when you save an image to your photo library or scan a QR code. Your refusal to agree means that you will not be able to scan or save images to a photo library. Please turn on the corresponding access when you need to scan or save again.
• (5) When you visit or access our Services, upon your consent, we may use (and authorize 3rd parties to use) pixels, cookies and other technologies (collectively, "Cookies") as further detailed in Paragraph 8 of this policy.

2.1 STC processes personal data related to its potential and current customers (individuals or representatives of legal entities), individuals who actually use the services (users), and users of the Website. The categories of processed personal data include:

• (1) Full name
• (2) Contact information such as email address, phone number
• (3) Job title
• (4) Company name
• (5) Company size
• (6) Company industry
• (7) Other information provided by the customer in the registration form
• (8) Payment and billing details
• (9) Authentication or authorization data
• (10) Information contained in support requests
• (11) Metadata: personal data STC collects or generates during the provision and administration of any decentralized service and cloud services...
• (12) Type and device ID, identifiers from cookies or tokens
• (13) Your mobile device information, action history, transaction history, wallet address, etc.
• (14) Browser type and version
• (15) Geographical location based on the IP address
• (16) Statistics on page views and time spent on pages
• (17) Information about usage of the Website obtained through Cookies
• (18) Your direct communications
• (19) Partially obscured copies of your ID document (for KYC)
• (20) Third-party DApp interaction data (not kept by GlobalForce)

(21) Data processing is carried out in accordance with the Swiss Data Protection Act (DSG, SR 235.1) and the Ordinance to the DSG (VDSG).

2.2 You acknowledge that your wallet password, private key, mnemonics, and Keystore on GlobalForce are not stored in or uploaded to our servers. We do not provide any service to recover your wallet password, private key, mnemonics or Keystore.

2.3 Sensitive personal data: We do not intentionally collect sensitive personal data (for example, information revealing race, ethnic origin, political opinions, religion, etc.) and we ask our users not to provide us with such information.

3.1 We only collect and use personal data for the scopes which are necessary in connection with the processing of your request/query, to verify your identity if you contact us, to send you our newsletter, enhance both the performance and the content of our websites, to tailor our services and our websites to our customers' and users' preferences, to analyze trends and to comply with any law in accordance with the applicable legislation, to protect us and our users/customers, from fraud or other illegal activities. More specifically to:

• (1) To provide appropriate feedback to your questions and requests, and/or to fulfill the necessary steps to conclude an agreement with you;
• (2) To provide our services, specifically to create/update and personalize your account, enabling accessibility features, process payments, support requests...
• (3) To allow the provision of the Services of a third party, when you request this Service.
• (4) To develop, improve the performance of, and secure our Services;
• (5) To determine the effectiveness of our promotional campaigns...
• (6) For analytics, statistical, development and research purposes...

3.2 All this based on our legitimate interest to provide you with a better experience and product and fine tune our offers to your needs. Moreover we may process your personal data:

• (7) To comply with legal obligations...
• (8) To protect and enforce our rights...
• (9) To verify your identity during onboarding as part of our KYC...
• (10) To perform audits...
• (11) To use the unique serial number of your mobile device to match you with your wallet.
• (12) To send you important notices promptly...
• (13) In accordance with GlobalForce User Agreement...
• (14) To meet legal and regulatory requirements...

3.3 Moreover, we engage in notifications and promotional communications, (marketing): subject to your approval...

5.1 We may disclose certain personal data to the following recipients to the extent required or permitted by applicable law and/or based on our legal interests. More specifically:

• (1) Affiliate entities which are a part of the same group of companies...
• (2) Third party vendors providing services to us (ITSM, CRM, ERP, billing, legal advisers, accountants, payment services)...
• (3) Various public authorities, if and exclusively when this is strictly necessary...
• (4) Other third parties to enforce our Terms and Conditions...
• (5) In the event that STC goes through a business transition (merger, acquisition, sale)...

5.2 Where we use WhatsApp or Telegram as a mean of communication, we will share your Personal data with this provider...

5.3 Upon having obtained your consent, we may share your Personal data with third parties - marketing and analytics vendors (e.g., Google Analytics).

5.4 We will never use your data other than described in this Policy except with your prior consent.

5.5 You acknowledge that neither you nor we have control over whether your transaction records are made public or not (blockchain transparency).

6.1 Personal information collected and generated by us in the People's Republic of China will be stored on servers in the aforementioned country. If cross-border transfer is needed, we will obtain approval...

6.2 We will not share or transfer your personal information to any third party without your prior consent, except for specified circumstances (legal requirements, lawful public disclosure, etc.).

7.1 We store your Personal data in Data Centers in the European Union and Switzerland. However, we operations globally...

7.2 When we transfer your personal data outside the EU, EEA or Switzerland, we are fully committed to ensure the safeguard and the protection of your personal data...

7.3 For an overview on the level of data protection in each country, please see https://www.cnil.fr/en/data-protection-around-the-world.

8.1 We retain your Personal data only for as long as it is necessary to fulfil the scopes described in this Policy...

8.2 Please consider that non-Personal data may be retained and used by STC without limitation... Blockchain data is permanent.

9.1 We use cookies and similar tracking technologies...

9.2 What cookies are and why STC and Global Force uses them? ...

9.3 Types of cookies we use: (1) Strictly necessary, (2) Marketing, (3) Analytics.

9.4 How long cookies are stored on your device? ...

9.5 How to manage cookies? ...

9.6 Who else can access cookies information? ...

9.7 Third party services (Google, LinkedIn, Facebook)...

10.1 STC has a team dedicated to ensuring the security of your personal data. We have implemented technical, administrative and physical security measures...

10.2 How we protect your information: (1) Cesation of operations protocols, (2) Technical measures and training, (3) Regular security messages.

12.1 US: CCPA, CPRA, and other state laws compliance. Your Rights: access, portability, correction, deletion. Appeal rights. No sale of personal data.

12.2 Canada: Rights to access, correction, deletion, complaint.

• (1) The right to request access, correction, or deletion;
• (2) The right to restrict processing;
• (3) The right to object and withdraw consent;
• (4) The right to data portability.

You can make a complaint to the supervisory authority: EU Data Protection Authorities.