Privacy Policy

PRIVACY AND COOKIE POLICY FOR COLLECTION, USE, PROCESSING AND PROTECTION OF PERSONAL DATA AND USE OF COOKIES FOR RWA.IO

(Privacy Policy)

RWAIO OÜ, A company established under the laws of ESTONIA (hereinafter referred to as: “RWA.IO”, the “Company,” "we," “us,” or “our”) is committed to protecting and respecting your privacy.

This Privacy Policy (together with our terms of service published on our website: https://RWA.IO/ (hereinafter referred to as: “Website”) and any other documents referred to on it) sets out the basis on which any personal data we collect from you as a user of our Services or purchaser of RWAIO tokens (together: “User” or “You”) or that you provide to us, will be processed by us.

This Privacy Policy applies to our online service for the use of the RWA.IO Platform, accessible via our Website, Web Application, and in-person promotional events, including in-person auctions (hereinafter referred to as: “RWA.IO Platform”), provided by RWA.IO, or any other online products or services by us or our Affiliates, and to the whitelisting process and sale and purchase of rwaio tokens by purchasers during the rwaio token IDO or public crowdsale (hereinafter referred to as: the “Services”).

Please read the following Privacy Policy carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting the Website, rwa.io Platform and accessing and using the Services (including RWAIO token sale), you are accepting and consenting to the practices described in this Policy.

If you want to register with RWA.IO and/or use our Services, you’re required to sign up and sign in using your email and a personally selected password. This sign in/ sign up is required in order to protect your privacy and comply with KYC/AML laws and regulations.

After your registration, you will receive a RWA.IO User Account (hereinafter referred to as: the “Account”).

We reserve the right to amend or modify this Privacy Policy at any time and in response to changes in applicable law or our business practices.

Any changes we may make to our Privacy Policy in the future will be posted on this page and, when appropriate and necessary, notified to you by e-mail. Please check frequently to see any updates or changes to our Privacy Policy.

RWAIOToken Sale

This Privacy Policy shall also apply to the sale and purchase of RWAIO utility cryptographic tokens during the IDO, or other public token crowdsale event (either conducted by the Company or any of its Affiliates, or any third parties).

RWA.IO Affiliates

This Privacy policy also applies to any of RWA.IO’ Affiliates (present and future) and shall regulate how Affiliates collect, process and use the information of RWA.IO Users when providing any Services.

For the purposes of this Policy, “Affiliate(s)” means every present and future entity that directly or indirectly Controls, is Controlled by, or is under common Control with RWA.IO, where Control may be by either management authority, contract or equity interest; and “Control”: shall mean possession, directly or indirectly of at least fifty percent (50%) of the voting equity of another entity (or other comparable interest for an entity other than a corporation), or the power to direct or cause the direction of the management or policies of an entity whether through ownership of securities, by contract or otherwise.

Information we may collect from you

We may collect and process the following data about you as a RWAIO token buyer or as a User as defined above or in our terms of service:

1. Information you give us

We require Users who register to RWA.IO Platform to access and use the Services, or which want to participate (as purchasers) in seed or crowdsale RWAIOtoken sale, to give us certain contact information and information necessary for provision of our Services and compliance with KYC/AML laws and regulations. Users are required to provide accurate, lawful and up-to-date information to us and to comply with all applicable laws when sharing personal data with us.

When registering an account on the RWA.IO Platform or for the purposes RWAIO token purchase, the personal data we collect may include:

• First Name;

• Last Name;

• Selfie Video;

• Government Issued ID#;

• Copy of government issued ID with photograph;

• Expiration Date of government issued ID;

• Email;

• Physical address;

• Date of Birth (DOB);

• Birthplace;

• Photography;

• Credit Card Authorizations;

• Citizenship;

• Data collected by the cookies specified below.

When submitting a RWAIOtoken purchase order, the following personal data will also be collected:

• Wallet ID where RWAIOtokens are to be sent to;

• Amount sent in USDC/USDT;

• Official UTC timestamp of transaction;

• Transaction hash;

• Date.

The source of personal data is the User (or someone on the User’s behalf). In case you choose not to share certain personal data with us, we may not be able to offer or perform some or all our services insofar as these personal data are obligatory and/ or necessary by the law or for the performance of our services (for example, applicable anti-money laundering laws and regulations).

If you believe that someone has provided us with your personal information without your consent and you would like to request that it be removed from our database, please contact us at info@rwa.io.

We will hold the above information for as long as it is necessary in order to provide you with the service on the Website and RWA.IO Platform, deal with any specific issues that you may raise or otherwise as is required by the applicable laws or regulations.

1. Information we collect about you automatically

With regard to each of your visits to the Website and access the Services we may automatically collect the following information, mostly throughout your activities on our RWA.IO Platform:

• information about your visits, including the full Uniform Resource Locators (URL) clickstream to, through and from the Website (including date and time);

• products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;

• online identifiers and technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser fingerprint, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, GPS location when applicable;

• information regarding the provision of Services we might receive from any other sources;

• authentication data, Apple IDFA, and similar identifiers, if user granted permission, User ID and/ or other data collected via cookies and similar technologies (please read the cookie policy below for more information);

• other information: any information we deem to require to maintain compliance with any law, regulation or policy and/or information disclosed by an individual on a voluntary basis.

We may receive information about you from publicly available sources. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, advertising platforms, analytics providers, search information providers) and may receive information about you from them.

Users who simply visit the Website, any other RWA.IO website or search for information about active RWA.IO services, are not required to provide any personal information. The acquired information in such cases includes the IP address, the date, the time and the type of browser. This data is not sufficient to identify the User; however, it may be used to improve the RWA.IO services or their presentation.

1. Uses made of the information

The primary purpose in collecting personal data is to provide you with a secure, smooth, efficient, and customized experience. Generally, we use personal data to create, develop, operate, deliver, and improve our services, content and advertising, as well as for loss prevention, anti-fraud purposes, financial compliance regulations, and consumer protection regulations. We use your personal data to provide a service to you (in contract) or to comply with our legal obligations or with your consent. We may also use your personal data for our legitimate interests or those of a third-party.

We use information held about you in the following ways:

• to comply with applicable KYC/AML laws and regulations and our AML Policy;

• to provide you with Services offered through the Website and the RWA.IO Platform;

• to provide you with information about other services that you request or that we offer which are similar to those that you have already purchased/provided or enquired about;

• for the preparation, execution, settlement and the rescission of contracts and agreements relating to the services offered by RWA.IO;

• to notify you about changes to our Services;

• to ensure that content from the Website, Application, and/or RWA.IO Platform is presented in the most effective manner for you and for your computer;

• to prevent fraud and other prohibited or illegal activities;

• to protect the rights and safety of our affiliated entities and third parties, as well as our own;

• to monitor compliance with our Terms of Service;

• for our legitimate interests, including comply with applicable laws, conducting investigations and/or responding to regulatory enquiries or investigations and for dispute management purposes;

• for analytical purposes;

• to implement our AML Policy;

• to ensure you receive information relevant to you;

• to administer the Website and RWA.IO Platform for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

• to allow you to participate in interactive features of our Services, when you choose to do so; and

• as part of our efforts to keep the RWA.IO Platform and the Website safe and secure.

Interest-Based Advertising

We may use third-party advertising companies that use tracking technologies to serve our advertisements across the Internet. These companies may collect information about your visits to the Website and other websites and your interaction with our advertising and other communications. These advertising companies serve ads on behalf of us and others on non-affiliated sites, and some of those ads may be personalized, meaning that they are intended to be relevant to you based on information collected about your visits to the Website and elsewhere over time. Other companies may also use such technology to advertise on our Website.

You have the choice to tell us not to collect and use this information, and in some jurisdictions, we will only engage in interest-based advertising if you opt-in. If you would like more information about this practice and to know your choices concerning interest-based ads, visit:

• http://www.networkadvertising.org/choices/

• www.aboutads.info/choices

1. Disclosure of your information to third parties

We do not distribute or share any User personal information, except as outlined in this Privacy Policy, or as may be required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process.

We use the information we collect to set up our Services. We may also use the information to contact Users and prospects to further discuss their interest in our company, the services we provide, ways we can improve our Services, and send information such as announcements of promotions and events regarding RWA.IO or our partners.

We may also email you a newsletter and/or updates about the Services or the company. You can easily opt out of receiving these communications by clicking the hyperlink at the bottom of each message, or at any time by contacting us at info@rwa.io.

We may disclose your personal information to third parties in the following events and with the following persons:

• With Google Analytics (for the purpose of analyzing the visits to our site) and other service providers, including legal advisors, tax or audit advisors, consultants and others who are contractually obliged to protect your personal information;

• Any personal identification information collected during the whitelisting process for the purposes of participation in the RWAIOtoken sale, might be disclosed and shared with a RWA.IO third party professional KYC/AML service provider, currently SUM AND SUBSTANCE LTD incorporated and registered in England with company number 09688671, whose registered office is at 30 St. Mary Axe, London, England, EC3A 8BF.

• if RWA.IO or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers and Users will be one of the transferred assets;

• if we are under a duty to disclose or share your personal data in order to comply with any legal obligation;

• in order to enforce or apply our Terms of Service, AML Policy and any other relevant RWA.IO user agreements or Company’s policies;

• to protect the rights, property, or safety of RWA.IO, our customers, or others; which includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction; and

• as otherwise outlined in this Privacy Policy.

We assure that your personal data will not be disclosed to third parties without obtaining your prior consent, unless we are required by law, or if we must disclose the data to enforce our claims to third parties, who are obligated to maintain secrecy.

Be aware that you are responsible for the protection of the password you have chosen. Requesting a new password is possible and is required in case you lose your current password or in case your password has been obtained by an unauthorized third party. When you login to your RWA.IO account, all communication is protected through appropriately secure technology.

RWA.IO employs organizational methods and processes as well as technical measures and processes, to protect your data from loss, theft, misuse, unauthorized access or dissemination, alteration and/or destruction. We strive to employ strict security and cyber-security measures to protect your personal data.

1. Your rights

You are entitled to review, correct, or amend your personal data, or to delete that data where it is inaccurate. You are also entitled to receive a copy of the personal data undergoing processing or request information about how your personal data is processed. Where we rely on legitimate interests for processing your personal data, you can object to this processing. Upon request, we will provide you with information about whether we hold or process any of your personal information, whether on behalf of a third party or otherwise. To request this information, please contact us at info@RWA.IO.

If your personally identifiable information changes, or if you no longer desire our Services, you may correct, update, discontinue the use of our Services or delete it by making the change on our member information page or by emailing our Customer Support at info@rwa.io. We will respond to your request to access within 30 days, or such shorter timescale if required under applicable law.

We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We use a third-party platform host, who hosts the forms on our site, they do not have any access to the personal information that you submit on our Website.

Please let us know if you have any concerns about your personal data being processed by RWA.IO. Where applicable under data protection laws, you can complain to a supervisory authority in your country of residence if you are concerned about RWA.IO’ processing of your personal data, but we would appreciate first having the opportunity to address your concerns.

We may enable the Users the possibility to use the Services to host data and information. We will not review, share, distribute, print, or reference any such data except as provided in this Privacy Policy or as may be required by law.

We will view or access individual records only with your permission (for example, to resolve a problem or support issue). Users of the Services are responsible for maintaining the confidentiality and security of their User registration and passwords.

We have established internal policies for the deletion of data from User accounts following termination of a User’s subscription to the service. Personal data whose retention period has expired or whose purpose of processing has been served, are deleted, destroyed, blocked or anonymized.

You may ask us not to process your personal data for a particular purpose, or to access such information, by contacting us at info@rwa.io. Please note, however, that you shall remain liable for any fees or costs incurred at the time of the withdrawal of your consent to process your personal data.

The Website may, from time to time, contain links to other third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies (including, as the case may be, landing pages of other RWA.IOproducts or services; i.e. other than RWA.IO Platform) and that we do not accept any responsibility or liability in respect of these policies. Please check these policies before you submit any personal data to these websites.

1. Where we store your personal data

The data that we collect will be stored on the cloud based in the European Economic Area (“EEA”). Where we need to transfer your personal data outside the EEA to a country not otherwise deemed to have adequate data protection laws, we will comply with transfer restrictions such as executing appropriate transfer agreements and implementing required safeguards to protect your personal data.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

Please note that by visiting and using the Website and RWA.IO Platform, or purchasing and RWAIOtokens from us or our Affiliates (as defined in the AML Policy and/or Terms of Service) and giving us your personal data, you consent to your personal data being collected, used, processed, disclosed and stored by us, only as described in the Terms of Service and this Privacy Policy.

1. Safeguarding personal data

The communication internally between our servers (e.g. between application server and database) is handled via up-to-date best practices, providing an industry-standard level of protection for data in-transit.

You should always make sure that your browser can validate the Website’s certificate. All encrypted data is signed using a message authentication code (MAC) so that the underlying value cannot be modified once encrypted.

We also implement an advanced security method based on dynamic data and encoded session identifications and host the Services in a secure server environment using preventive, detective and corrective technology and processes to safeguard information from attackers. Finally, we require unique usernames and passwords that must be entered each time a customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of data.

The security of your personal information is important to us. When you enter sensitive information such as credit card numbers or order forms, we encrypt that information using transport layer security (TLS) technology. We also encrypt any information entered within the platform once Users log into their accounts. If you have any questions about security on our Website , you can contact us at info@rwa.io .

Any fiat payment transactions will be processed securely by third party payment providers.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website and RWA.IO Platform, you are responsible for keeping this password confidential.

Your passwords are stored on our servers in encrypted form using a one-way hashing algorithm.

Please be reminded that you must protect any passwords or other credentials associated with your account for the Services and take full responsibility for any use of the account under your password. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to the Website, although we will do our best to protect your personal data. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

1. Information about our use of cookies

Our Website uses cookies to distinguish you from other Users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies. Where required under applicable laws, your consent to non-essential cookies will be requested and these cookies will not be placed without your consent. You can revoke your consent at any time.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive. They are widely used in order to make websites work, or function more efficiently, as well as to provide information to the owners of the site.

Information collected from cookies is used to evaluate the effectiveness of our Site, analyze trends, and administer the RWA.IO Platform. The information collected from cookies allows us to determine which parts of our website are most visited and difficulties our visitors may experience in accessing our website. With this knowledge we can improve the quality of your experience on the RWA.IO Platform by recognizing and delivering the most desired features and information, as well as by resolving access difficulties.

Most of the cookies are only used for one session and afterwards they are deleted from your hard drive at the end of the browser session. Other permanently stored cookies remain on your computer and allow us to recognize you when you visit the website again.

We also use cookies and/or a technology known as web bugs or clear gifs, which are typically stored in emails to help us confirm your receipt of, and response to, our emails and to provide you with a more personalized experience when using our Website.

We also employ adserver unique links to connect our emails, your responses and our offers and advertisements to each other.

We use the following cookies (with your consent where required):

• Strictly necessary cookies. These are cookies that are required for the operation of the Website and RWA.IO Platform. They include, for example, cookies that enable you to log into secure areas of the Website,

• Analytical/performance cookies. They allow us to recognize and count the number of visitors and to see how visitors move around the Website and RWA.IO Platform when they are using it. This helps us to improve the way the Website and Application works, for example, by ensuring that Users are finding what they are looking for easily.

• Functionality cookies. These are used to recognize you when you return to the Website and RWA.IO Platform. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

A cookie cannot read data off your hard drive or read cookie files created by other websites. Cookies set by the website operator are called "first party cookies." Cookies set by parties other than the website operator are called "third party cookies." The parties that set third party cookies can recognize your computer both when it visits the RWA.IO website and when it visits certain other websites and/or mobile apps.

We may use the web analytics service (such as Google Analytics) from the company Google Inc. Cookies are also used with Google Analytics. This obtained information will be transmitted to a Google server and stored in the United States. If necessary, Google can transmit this data to third parties, as far as it is permitted by law. The same applies in the case of transferring data to third parties, who have legal contracts with Google. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/ and “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. Our service providers will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our site, what products are browsed, and general information. Our service providers analyze this information and provide us with aggregate reports. The information and analysis provided by our service providers will be used to assist us in better understanding our visitors' interests in our website and how to better serve those interests. The information collected by our service providers may be linked to and combined with information that we collect about you while you are using the RWA.IO Platform. Our service providers is/are contractually restricted from using information they receive from our Site other than to assist us.

We treat information collected by cookies as non-personal information. However, to the extent that IP addresses or similar identifiers are considered personal data by applicable data protection laws, we also treat these identifiers as personal data. If we combine non-personal information with personal data, the combined information will be treated as personal data for as long as it remains combined.

You can control the setting of cookies on your device using your browser’s settings. In the event the terms and conditions governing cookies are amended, all previous cookies managed by us will be deleted and set again according to the newly published terms and conditions. We cannot delete cookies set on our website that are managed by other parties (for instance AddThis, Google, etc.). You can delete them in your browser’s settings.

You can also block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Your use of our website or service with a browser that is configured to accept cookies constitutes an acceptance of our and third-party cookies.

1. Opt-Out Statement

We offer you a means to choose how we may use the information you provide. If, at any time after registering for information or ordering the Services, you change your mind about receiving certain email communications from us or about sharing personal information with third parties, unsubscribe from such promotional emails by clicking the link provided at the bottom of each of such email (or send us a request to opt-out from receiving promotional emails or from having your personal information shared with third parties; you can send your request to info@rwa.io.

1. Social Media Widgets

Our Website and RWA.IO Platform may include Social Media Features, such as the Facebook button and Widgets, such as the Share this button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these Features are governed by the privacy policy of the company providing it.

1. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we do, you will be notified when you first visit our website after the change. You can also revisit this page if you wish to keep yourself informed.

1. Children

We do not knowingly solicit or collect personally identifiable information online from children under the age of 13 without prior verifiable parental consent. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information we have collected from children under 13, please contact us using the contact information below.

Minors under 18 years of age may have the personal information that they provide us deleted by contacting us at info@rwa.io and requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personally identifiable information does not ensure complete and comprehensive removal of that data from all systems.

1. Contact Information

If you have questions, concerns or suggestions related to our Privacy Policy or our privacy practices you may reach us at: info@rwa.io

For any questions regarding your rights or if you believe that someone has provided us with your personal information and you would like to request that it be removed from our database, you can contact our data protection officer via this email: info@rwa.io