Privacy Policy

This Data Protection and Privacy Policy ("Privacy Policy") describes how we collect, use, protect, and disclose any Personal Data or data we receive when providing our services to you, including through our website https://liminal.money/ and its subdomains, our online or offline offerings, and including our services in connection with Liminal Customized and Liminal Tokenized ("Services").

For the purposes of this Policy, "Company", "we", "us" or "our" means Grey(H)edge Ltd, a BVI business company incorporated under the laws of the British Virgin Islands with company number 2184142, and our personnel, affiliates and related companies. "You” and “your” refers to you as the user of the Services. Capitalised terms have the meanings provided in the Definitions section of this Privacy Policy, elsewhere in this Privacy Policy, or in our Terms of Service.

Please read this Privacy Policy carefully. By using, accessing, connecting to, or use any of the Services, you agree and consent to the collection, use, disclosure, retention and security of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use, access, or connect to, the Services.

OUR COMMITMENT TO YOUR PRIVACY

We are committed to respecting the privacy of the users of our Services and minimising the collection of personal information. As a general principle, we do not collect or store Personal Data about users of the Services, except where necessary to ensure the usability and functionality of our Services, to communicate with you, to maintain security, or to comply with legal obligations.

This Privacy Policy sets out the limited categories of Personal Data we may collect, the purposes for which it is used, and the measures we take to safeguard your data. Our goal is to provide transparency and uphold your privacy at every step.

CHANGES TO THIS POLICY

Please note that we may revise this Privacy Policy from time to time at our sole discretion. If there are any material changes to this Privacy Policy, we will update the “Last Updated” date at the top of this Notice. If we make material changes to the way in which we use or disclose information we collect, we will may make reasonable efforts to notify you by posting notice of such changes on the Services, or by other means consistent with applicable law.

You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use, access, or connect to, our Services after the new Privacy Policy takes effect.

DEFINITIONS

For the purposes of this Privacy Policy, the following terms have the following meanings:

• "Appropriate Safeguards" means such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time.
• "Data Controller" has the meaning given in applicable Data Protection Laws from time to time.
• "Data Protection Laws" means, as binding on either party:
  • the British Virgin Islands Data Protection Act as revised ("DPA");
  • any laws that replace, extend, re-enact, consolidate or amend any of the foregoing;
  • any binding decision of the courts and tribunals of the British Virgin Islands that relate to the application or interpretation of any of the foregoing;
  • any other data protection laws as may be applicable to you.
• "Data Subject" has the meaning given in applicable Data Protection Laws from time to time.
• "Personal Data" has the meaning given in applicable Data Protection Laws from time to time.
• “Processing" (or to “Process”) means, in relation to personal data, collecting, recording, holding or storing the personal data or carrying out any operation or set of operations on the personal data, including the (a) organisation, adaptation or alteration of personal data; (b) retrieval, consultation or use of personal data; (c) disclosure of personal data by transmission, transfer, dissemination or otherwise making available; or (d) alignment, combination, correction, erasure or destruction of personal data.

PERSONAL DATA WE COLLECT

The categories of Personal Data we collect depend on how you interact with us, our Services, and the requirements of applicable Data Protection Laws. We collect information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services, as described below.

A. Personal Data You Provide to Us Directly

Some features of the Services may require you to directly provide us with certain information about yourself. In certain circumstances, you may elect not to provide this information, but doing so may prevent you from using or accessing these features or the Services. Personal Data that you may directly submit through our Services includes:

• digital wallet information you provide, such as your wallet provider, your wallet address and your publicly accessible blockchain activity data (such as information relating to public transactions or other on-chain activity associated with your wallet);
• your communications with us, including when you contact us through the Services or otherwise;
• your marketing preferences for receiving our communications and details about your engagement with them;
• your promotion data, including information you share when you enter a competition, promotion or complete a survey; and
• other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

We do not generally require you to disclose any sensitive Personal Data to us. If you do provide us with sensitive Personal Data for any reason, you consent to us collecting that information and then using and disclosing that information for the purpose for which you disclosed it to us.

B. Personal Data Collected Automatically

We may also automatically collect certain information about your interaction with the Services (“Usage Data”). Usage Data may include:

• device information, such as device type, operating system, unique device identifier, and internet protocol (IP) address, and geographical location information;
• online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them;
• communications tracking data, such as, to measure the effectiveness of our marketing campaigns and understand user conversion patterns; and
• other information regarding your interaction with the Services, such as browser type, log data, date and time stamps, clickstream data, transactional data, interactions with marketing emails, and ad impressions.

C. Personal Data from Other Sources

We may obtain information about you from outside sources, including information that we collect directly from third parties and information from third parties that you choose to share with us. Such information may include:

• public sources, such as public records, social media platforms, public blockchains, and other publicly available sources;
• partners, such as marketing, development and software partners, or other third parties with which we integrate or otherwise connect in order to provide the Services; and
• third-party services, such as social media services, that you use to log into, or otherwise link to the Services, and any virtual asset wallet(s) or services that you link to the Services.

USE OF PERSONAL INFORMATION

We may Process and use Personal Data for the following purposes or as otherwise described at the time of collection:

• Service delivery and operations: We may use your Personal Data to provide the Services; enable security features of the Services; communicate with you about the Services, including by sending announcements related to the Services, updates, security alerts, and support and administrative messages; communicate with you about events or contests in which you participate; and provide support for the Services, and respond to your requests, questions and feedback.
• Service personalisation: We may use your Personal Data to: understand your needs and interests; personalise your experience with the Services and our related communications; and remember your selections and preferences as you navigate webpages.
• Service improvement and analytics: We may use your Personal Data to analyse your usage of the Services, improve the Services, improve the rest of our business, help us understand user activity on the Services, including which pages are most and least visited and how visitors move around the Services, as well as user interactions with our emails, and to develop new products and services.
• Marketing: We, together with our service providers and our partners, may collect and use your Personal Data for marketing and advertising purposes. For example, we may send you direct marketing communications and may personalise these messages based on your needs and interests.
• Events, promotions and contests: We may use your Personal Data to administer promotions and contests; communicate with you about promotions or contests in which you participate; and contact or market to you after collecting your Personal Data at an event, including an online event.
• Compliance and protection: We may use your Personal Data to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas, investigations or requests from government authorities; protect our, your or others’ rights, privacy, safety or property; audit our internal processes for compliance with legal and contractual requirements or our internal policies; enforce the terms and conditions that govern the Services; and prevent, identify, investigate and deter fraudulent, harmful, unauthorised, unethical or illegal activity, including cyberattacks and identity theft.
• Further uses: We may use your Personal Data for further uses, in which case, if they are not compatible with the initial purpose for which information was collected, we will ask for your consent to use of your Personal Data for those further purposes.

LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION

We consider it necessary to collect and use Personal Data for the purposes described above, and we do so on the following legal bases:

• Consent: You have agreed and consented to the Processing of your Personal Data for specified purposes
• Contractual Necessity: Processing is necessary for the performance of a contract to which you as are a party or for the Company or its service providers to responsibly enter into a contract.
• Compliance with Legal Obligations: Processing is necessary for compliance with a legal obligation to which the Company or its affiliates are subject.
• Vital Interests: Processing is necessary in order to protect your vital interests or those of another natural person.
• Public or Legitimate Interests: Processing is necessary for the performance of a task carried out in the public interest or is necessary for legitimate interests pursued by the Company or a third party, except where such interests are outweighed by your countervailing interests or fundamental rights and freedoms and require protection of your Personal Data from processing.

The processing of your Personal Data may be permissible under several of the above legal bases.

HOW WE DISCLOSE YOUR PERSONAL INFORMATION

We may disclose your Personal Data to third parties for legitimate purposes subject to this Privacy Policy, including the following categories of third parties:

• Third-party blockchain networks, applications, platforms and systems, including third-party wallet providers.
• Third-party service providers, including providers of price data, software development kits, payment processing, payment networks, user support, web analytics, security, marketing, analytics and cloud storage.
• Third-party entities affiliated with us, whether or not part of the same corporate group.
• Third party advisors, such as auditors, law firms or accounting firms.
• Third parties in connection with or anticipation of an asset sale, merger or other business transaction, including in the context of a liquidation or bankruptcy.
• Third parties to whom you request or direct us to disclose information, including through your use of social media widgets or login integration.

We may also disclose your Personal Data as needed to comply with applicable law or any obligations thereunder or to cooperate with law enforcement, judicial orders, and regulatory inquiries, to enforce any applicable Terms of Service, and to ensure the safety and security of our business, employees, and users.

THIRD PARTY PLATFORMS, WEBSITES, LINKS AND WALLETS

Our Services may contain links to websites, mobile applications, and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.

Certain transactions conducted via our Services may require you to connect a compatible third-party Wallet to the Services. By using such Wallet to conduct such transactions via the Services, you agree that your interactions with such third-party Wallets are governed by the privacy policy for the applicable Wallet, and you agree that you are using the Wallet in accordance with the terms and conditions of the applicable third-party provider of such Wallet. Wallets are not maintained or supported by, or associated or affiliated with, the Company. We expressly disclaim any and all liability for actions arising from your use of third-party Wallets, including but without limitation, actions relating to the use or disclosure of Personal Data by such third-party Wallets.

COOKIES AND OTHER TRACKING TECHNOLOGIES

To enhance your experience on our website and ensure the functionality of the services, we may use the following tracking technologies (collectively, the "Tracking Technologies"):

• Cookies, which are small text files that websites store on user devices and that allow web servers to record users’ web browsing activities and remember their submissions, preferences, and login status as they navigate a site. Cookies used on our sites include both “session cookies” that are deleted when a session ends, “persistent cookies” that remain longer, “first party” cookies that we place and “third party” cookies that our third-party business partners and service providers place.
• Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data on your device outside of your browser in connection with specific applications.
• Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
• Software development kits, which are third-party computer code that may be used for a variety of purposes, including to provide analytics regarding the use of Services, to integrate with third-parties, and to add features or functionality to the Services.

You have several options for managing the use of Tracking Technologies:

• Browser Settings: Most web browsers allow you to control cookies through your settings. You can set your browser to notify you when a cookie is being set or to block or delete all cookies; however, blocking or deleting cookies may cause some of the Services, including certain features and general functionality, to work incorrectly.
• Opt-out Mechanisms: You can opt-out of certain Tracking Technologies by using the following links:
  • Google Analytics Opt-Out
  • Google Ads Settings

Your browser settings may allow you to transmit a “do not track” signal, “opt-out preference” signal, or other mechanism for exercising your choice regarding the collection of your information when you visit various websites. Like many websites, our website is not designed to respond to such signals, and we do not use or disclose your information in any way that would legally require us to recognize opt-out preference signals.

If you have questions regarding the specific information about you that we process or retain, as well as your choices regarding our collection and use practices, please contact us at our Notice Address (below)

PERSONAL DATA OF CHILDREN

The Services are not intended for use by anyone under eighteen (18) years of age. If you are a parent or guardian of a child from whom you believe we have collected personal information in a manner prohibited by law, please contact us at our Notice Address.

INTERNATIONAL DATA TRANSFERS

All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the British Virgin Islands or other countries, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws.

If we transfer Personal Data which originates in the European Economic Area, Switzerland, and/or the United Kingdom to a country that has not been found to provide an adequate level of protection under applicable data protection laws, one of the safeguards we may use to support such transfer is the EU Standard Contractual Clauses.

For more information about the safeguards we use for international transfers of your personal information, please contact us as set forth below.

RETENTION OF PERSONAL DATA

We store the Personal Data we collect as described in this Privacy Policy for as long as you use our Services, or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

To determine the appropriate retention period for personal information, we may consider applicable legal requirements, the amount, nature, and sensitivity of the personal information, certain risk factors, the purposes for which we process your personal information, and whether we can achieve those purposes through other means.

SECURITY OF PERSONAL DATA

The Company employs appropriate technical and organisational measures to protect against unauthorized Processing, accidental loss or destruction of, or damage to, your Personal Data. However, despite our reasonable efforts to protect your Personal Data, no security measures are impenetrable, and we cannot guarantee “perfect security.” Any information you send to us electronically, while using the Services or otherwise interacting with us, may not be secure while in transit. We recommend that you do not use unsecure channels to send us sensitive or confidential information.

In the case of a known data breach involving any loss, misuse, or alteration of your Personal Data that is likely to result in a material risk to your rights and freedoms, and unless Data Protection Laws require otherwise, the Company will use reasonable endeavours to notify you and applicable supervisory or data protection authorities within five days barring exigent circumstances.

YOUR RIGHTS AS A DATA SUBJECT

You have a right to be informed how your Personal Data is processed and this Privacy Policy fulfills the Company’s obligation in that respect. If you have further questions or concerns not addressed in this Privacy Policy, you may contact us at our Notice Address.

You may have the right to request access to your Personal Data, the right to request rectification/correction of your Personal Data, the right to request that processing of your Personal Data be stopped or restricted, deleted and the right to require the Company to cease processing your Personal Data for direct marketing purposes. If you have such rights and wish to exercise them, please contact us at our Notice Address. We will process such requests in accordance with applicable Data Protection Laws.

If you are a resident of the UK or the EU, you may have additional rights under GDPR. To exercise your rights available under GDPR, please contact the Controller.

CONTACT US

The Company is the Controller of the Personal Data we process under this Privacy Policy.

If you have any questions about our privacy practices or this Privacy Policy, or to exercise your rights as detailed in this Privacy Policy, please contact us at: [email protected]

Last Updated: 21/11/2025