as dtec financial technologies inc. a corporation incorporated and validly operating in netherlands and having the registered address of keizersgracht 555, 1017 dr amsterdam, netherlands (hereinafter referred to as "dtec", the "company", "we", and through similar words such as "us", "our", etc.), we respect your privacy. we provide a website under the domain name of https://dtec.space/ (the "website" or the "platform") which is an informative platform that introduces dtec to the users (each, a "user", "you" or "your").

this global privacy policy (the "policy") describes dtec's practices and policies with regards to use and process of personal information while operating the website and providing the services thereunder (the "service"). in this regard, this policy describes the types of personal information we collect through the website, how we use that information, our legal basis for doing so, with whom we share it, your rights and choices in this regard, and how you can contact us about our privacy practices. this policy does not apply to third-party sites, products, or services, even if they link to our services or the website, and you should consider privacy practices of those third-parties carefully.

capitalized words not defined under this policy shall be understood as described under our terms of use. (the "terms").

by accepting this policy, you are familiarized yourself with this policy, understood and are agreeing with the terms and practices described in this policy (including new versions of the policy when and as they come into effect), and the terms, which governs this policy and contains all disclaimers of warranties and limitation of liabilities.

definitions

within the scope of this policy, following terms shall have the meanings ascribed to them below:

overview

if you access or interact with our website, we may collect certain personal data relating to you. this may occur in the following circumstances:

• when you browse the website: we may automatically collect technical data such as ip address, browser type, device information, operating system, referring urls, and usage data through cookies or similar technologies (please refer to ourcookie policy for more information).
• when you contact us: if you reach out via e-mail or our social media accounts, we may collect your name, e-mail address, the content of your message, and any other information you voluntarily provide.
• when you create an account: if you register for an account, we collect identifiers such as your name, e-mail address, and login credentials.

applicability of the policy

dtec services and platform use

this policy explains how we process your personal information when you interact with dtec, communicate with our team, or use our website and platform in any capacity. it applies to personal information collected during your relationship with us, including your use of the platform, account registration, interaction with blockchain-based data sharing services, and participation in data reward mechanisms.

dtec may also prepare separate privacy notices for specific categories such as employees, suppliers, and business partners. these notices will be made available to the relevant groups when necessary.

where applicable, we will inform you whether the provision of personal data is mandatory, and the potential consequences of not providing such information. if you choose not to provide certain personal information, you may not be able to access some functionalities of the platform or participate in our data reward programs.

your ability to access and use the dtec platform is based on the accuracy and completeness of the information you provide, particularly regarding your age and identity. we rely on this information to deliver services appropriately and securely.

this policy does not apply to third-party services, blockchain or web interfaces you may have visited prior to accessing dtec, nor to external tools used to facilitate services such as crypto-wallets or analytics services integrated into the platform. please refer to their respective privacy policies for more details.

blockchain-related data processing

dtec leverages blockchain technology to store and verify records of user-contributed vehicle data and the associated rewards in a transparent and immutable manner. when you share data via our platform (e.g., your data sharing consent status and the size of processed in-vehicle data), it may be hashed and recorded on a blockchain, meaning certain interactions are permanently registered. while we take steps to avoid processing directly identifiable personal data on the blockchain, please be aware that data associated with your blockchain wallet address may be linked to you depending on how you use the platform.

third-party tools and wallet integrations

if you choose to connect third-party crypto wallets or interact with external blockchain explorers, please note that these third-party tools are governed by their own privacy practices. we do not control and are not responsible for how these third parties collect, use, or disclose your information. always review their terms and privacy policies before use.

data sharing and consent

if you are uncomfortable with the ways your data may be processed—including data recorded on blockchain or data shared to receive rewards—we advise you not to use the platform or its data monetization functionalities. your use of the platform signifies your understanding of and agreement with the processing activities described in this policy.

types of data we collect

personal data that we collect from you

while using our website or interacting with our platform, you may provide us with certain personally identifiable information, which may include your first and last name, e-mail address, and other contact information. this occurs in contexts such as:

• when you create or register an account on the platform,
• when you contact us via e-mail, fill out forms (e.g., to join a waitlist), or provide feedback,
• when you participate in surveys, promotional activities, or research initiatives facilitated through the platform.

you may also choose to engage with us via our social media accounts or third-party integrations where applicable, in which case your interactions and shared data may be processed as part of our engagement analysis.

information collected during platform onboarding

as part of the onboarding process for participating in the dtec ecosystem, we may request information such as:

• your location or driving region (to determine data compliance requirements),
• your vehicle type and model,
• your preferred language,
• technical compatibility of your vehicle with our data capture mechanisms.

some information may be used to determine the suitability of your participation in the reward model based on driving data analytics.

information that we collect automatically from website and platform use

we use cookies and similar tracking technologies to collect certain information automatically, which may include:

• browser and device data: ip address, device id, browser type, operating system, screen resolution, and language preferences.
• usage data: time spent on the website or platform, pages viewed, clickstream data, and interaction patterns with platform features and blockchain interfaces.
• professional or business information: when you sign up for an event, request content or choose to share this information voluntarily, we collect information about your company or employer or your role within your company that helps us better understand you as a customer.
• financial information: for any services you purchase for a fee, we collect billing information and your payment card number, bank details and/or a billing address and authentication details needed to process your payments.
• blockchain interaction data: wallet addresses used to interact with smart contracts (e.g., for rewards), token balances, and anonymized transaction hashes (note: blockchain transactions may be publicly viewable by design).
• vehicle data: with your explicit consent, the platform may collect in-vehicle data such as location data, speed patterns, sensor information, or system status. this data is pseudonymized where possible and used for analytical and reward allocation purposes.
• communication data: when you contact us, we may collect and store records of communications including emails, support inquiries, or interaction logs.
• commercial information: if you create an account, we store a service history of the services you have purchased from us and our communication history related to those services.
• voice and image recordings: when you use our voice assistant technology (dteca), we collect certain voice data and visual data to improve the quality and functionality of the service. the microphone listens continuously for specific "wake words." only after detection of the wake word is the system activated and user speech transmitted for processing. this approach protects user privacy compared to continuous listening systems. in addition, the system may use image or signal data for background noise reduction and voice isolation. these data are processed only for the purpose of enabling the functionality of the voice assistant, improving its performance, and ensuring the accuracy of voice commands. voice or image data are not used for profiling or advertising purposes. we rely on your explicit consent where required.
• third-party sources: we may combine personal information we receive from you with personal information that we obtain from other sources, such as public records and other websites. we may include hyperlinks to other websites either managed and owned by us or by a third party. in the event that, we receive your personal information via our other websites which you accessed via dtec website, we may collect the personal information you shared with us.
• user preferences: such as your user preferences and feedbacks regarding the services and incorporates your specific preferences and requirements.

we do not guarantee that all of the third parties we work with will honor the elections you make using those options, but we strive to work with third parties that do.

we may also collect information about your online activities on the website and connected devices over time and across third-party sites, devices, apps, and other online features and services. we use web log analysis software (google analytics etc.) on our website to help us analyze your use of the website and diagnose technical issues.

to learn more about the cookies that may be served through our website and how you can control our use of cookies and third-party analytics, please see ourcookie policy section.

how we use personal data

our services

we rely on several legal bases to ensure that the processing of your personal data is lawful, fair, and transparent, as required under the general data protection regulation (gdpr). these include the performance of a contract, your explicit consent, compliance with legal obligations, and our legitimate business interests.

contractual and pre-contractual relationships:

we process your personal data to register your participation on the dtec platform, facilitate your interactions with the system, and ensure proper performance of the user agreement. these include:

• using your email address and identification details to create and manage your user account.
• providing support services, system notifications, and technical assistance related to data processing, token rewards, or platform use.
• processing telemetry and vehicle data (e.g., driving patterns, location data, fuel efficiency) to calculate token rewards based on your explicit consent.
• matching your profile with appropriate reward mechanisms based on the type and volume of vehicle data you choose to share.

in-vehicle data sharing and rewards

users of dteca may choose to opt-in to share their in-vehicle data for the purpose of contributing to the development of dtec's artificial intelligence systems. users who choose to share such data are rewarded with dtec tokens annually. this data is collected securely, encrypted, and used to train dtecb, our ai model used across dteca applications.

participation in this program is entirely voluntary. users may withdraw consent at any time without affecting their ability to use the core functionality of the service. we ensure transparency in data usage and provide users with options to manage their preferences.

platform analytics and improvements:

we use technical and usage data to analyze how users interact with the dtec platform. these include:

• improving the efficiency, usability, and personalization of the website and dashboard experience.
• monitoring in-vehicle data usage trends to improve the reliability of our blockchain-based data verification systems.
• adapting user interfaces and reward dashboards based on behavioral insights and language preferences.

compliance with legal obligations:

we may process your data to comply with regulatory obligations, including:

• responding to lawful requests by public authorities, including data protection authorities, where applicable.
• keeping records required for tax or anti-money laundering (aml) purposes, especially when interacting with decentralized finance (defi) systems.

legitimate business interests:

we process certain personal data under the basis of legitimate interests, such as:

• detecting and preventing fraud or misuse of the platform.
• monitoring system security and protecting user data from unauthorized access.
• developing anonymized statistics and reports to measure performance and adoption of the reward model.
• facilitating token distribution, staking, or transfer operations as part of the reward ecosystem.

in all cases, we carefully balance our legitimate interests with your privacy rights, and we apply additional safeguards (such as pseudonymization or access controls) where required.

if we need to use your personal data for a new purpose that is not compatible with the ones described here, we will inform you and, where required, request your consent in advance.

marketing and communications

with your explicit consent, we may send you communications regarding:

• new features, tools, or reward mechanisms introduced in the dtec platform;
• educational content about blockchain-based data ownership and personal data monetization;
• community events, beta testing opportunities, or surveys aimed at improving dtec services.

you can opt out of receiving these emails at any time by clicking the "unsubscribe" link included in each message or by contacting us via the information provided in the "contact us" section below.

interest-based advertising

we may use cookies and similar technologies to deliver personalized content and advertising based on your preferences and interaction with our website. with your consent, we may:

• show you ads for dtec or its partner initiatives across third-party websites or apps (e.g., via google ads, linkedin, or similar ad networks).
• use hashed versions of your email or other identifiers to help display relevant messages on third-party platforms.

how we share personal data

dtec may share your personal data to (i) satisfy any applicable law, regulation, legal process, or governmental request; (ii) enforce this policy and our terms, including investigation of potential violations hereof; (iii) detect, prevent, or otherwise address fraud, security, or technical issues; (iv) respond to your requests; or (v) protect our rights, property or safety, our users and the public. we share personal data with a limited number of our service providers. we have service providers that provide services on our behalf, such as website hosting, information technology and related infrastructure. these service providers may need to access personal data to perform their services properly. we authorize such service providers to use or disclose the personal data only as necessary to perform services on our behalf or comply with legal requirements. we require such service providers to contractually commit to protecting security and confidentiality of the personal data they process on our behalf. our service providers are predominantly located in germany.

we will encourage our service partners to adopt and post transparent privacy policies. however, use of your personal information by our service partners is governed by their privacy policies and is not under our control. you acknowledge that we are not responsible for the violations caused by our service partners.

we share personal data with third-party business partners when this is necessary to provide our services to our users. we share data with parties directly authorized by a user to receive personal data. the use of personal data by an authorized third party is subject to such third party's privacy policy.

in the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share personal data with third parties for the purpose of facilitating and completing such transaction.

we share personal data as we believe necessary: (i) to comply with applicable law; (ii) to protect the rights, privacy, safety and property of dtec, you or others; and (iii) to respond requests of the courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.

employees and authorized contractors

other relevant units within dtec, including technical support, software team and authorized contractors may need to access information about you when they require this information to perform their job. for example, a customer support representative would need access to your account to validate your identity and respond to your question or request; our email communications team would need access to your contact information to ensure this information is sent correctly and any unsubscribe requests are properly managed; and our security staff would need to review information to investigate attempted denial of service attacks, fraudulent account activity, or other attempts to compromise the services. all our employees and contractors are required to agree to maintain the confidentiality and protect the privacy of your information.

blockchain transactions

where you have opted in to receive annual dtec token rewards, relevant transaction data (such as wallet address and transaction metadata) may be recorded on a public blockchain. please note that while blockchain records are pseudonymous, they are not always fully anonymized and may, in certain contexts, be linked to identifiable individuals. we minimize the amount of data written to the blockchain and ensure that no directly identifying personal data is stored on-chain.

business transfers

in the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share personal information with third parties for the purpose of facilitating and completing the transaction. if we do, we will inform such entities of the requirement to handle your information in accordance with this privacy policy or inform you that you are covered by a new privacy policy. you will have the opportunity to opt-out of any such transfer if the new entity's planned processing of your information differs materially from that set forth in this privacy policy.

your rights and choices under gdpr

dtec is committed to respecting the confidentiality of your personal data and ensuring that you can exercise your rights under the general data protection regulation (eu) 2016/679 ("gdpr"). if you are located within the european union or european economic area (eea), you have the following rights concerning your personal data:

• right of access: you have the right to obtain confirmation as to whether or not we process personal data concerning you. where that is the case, you may request access to such data and information about how it is processed.
• right to rectification: you have the right to request the correction of inaccurate personal data and to have incomplete personal data completed.
• right to erasure ("right to be forgotten"): you may request the deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, or where you have withdrawn your consent (where applicable).
• right to restriction of processing: you may request that we restrict the processing of your personal data under certain circumstances, such as when you contest the accuracy of the data or object to its processing.
• right to data portability: you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller without hindrance, where the processing is based on consent or contract and is carried out by automated means.
• right to object: you may object to the processing of your personal data where the processing is based on legitimate interests, including profiling. you always have the right to object to the processing of your data for direct marketing purposes.
• right not to be subject to automated decision-making: you have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or significantly affects you, unless certain exceptions apply.
• right to lodge a complaint: you have the right to file a complaint with a supervisory authority in the eea if you believe that your rights under the gdpr have been infringed.
• right to compensation: if you suffer material or non-material damage as a result of an infringement of the gdpr, you may be entitled to receive compensation.

exercising your data protection rights arising from the uk gdpr

you can exercise your rights of access, rectification, erasure, restriction, objection, and data portability by contacting us at the details provided in the "contact us" section of this policy. we may ask you to verify your identity before we act on your request. we aim to respond to all legitimate requests within one month, although this period may be extended where necessary.

if you have concerns about how we process your personal data, you also have the right to lodge a complaint with your local data protection authority. you can find their contact details at: https://edpb.europa.eu/about-edpb/board/members_en.

security and retention

we are making reasonable efforts to provide you with an appropriate level of security for the risks associated with process of your personal data. we take organizational, technical, and administrative measures designed to protect your personal data against unauthorized access, destruction, loss, alteration, or abuse. your personal data may only be accessed by a limited number of personnel who need access to such information in order to perform their duties properly. unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. if you have a reason to believe that your interaction with us is no longer secure, please contact us immediately.

if you are a user of the website, we retain your personal data as long as we are providing the services to you. we retain personal data after we cease providing services to you, to the extent necessary to comply with our legal and regulatory obligations. we also retain personal data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data due to our contractual commitments to our financial and business partners. where we retain data, we do so in accordance with any limitation periods and record retention obligations that are imposed by applicable laws.

your communication choices

legal communications and service announcements

by providing dtec with your email address and/or using the platform you affirmatively consent to use of your email address for legal and service notifications or dtec to send you notifications through pop-ups and etc. regarding important service announcements and other legal and administrative communications related to your use of the platform. we may send the following to you by email or posting them on the platform; this policy, our terms, cookie notice, including legal disclosures; future changes to this policy, terms, and other notices, legal communications or disclosures and information related to the services. such communications are part of the services which you cannot opt out of receiving. however, if you do not wish to receive certain service and other administrative and legal notifications, your only way to opt out of such messages is to stop using the platform and/or (if any) delete your account on the platform by emailing us at privacy@dtec.space.

promotional communications

you may receive marketing and advertising communications (e.g., informing you of service benefits and features, letting you know of new features or developments, letting you know of new subscription plans or add-ons, offering you promo codes or coupons) about dtec, platform and services, pursuant to your prior explicit and informed consent. to receive marketing and advertising communications from dtec, you can contact our customer service, support assistant, or give your explicit consent in the applicable areas. due to our global privacy practices, we provide our users with the opportunity to "opt-in" and "opt out" of receiving marketing and advertising communications other than those for purposes directly related to your transactions with us and in general legal and administrative communications regarding your account.

if you prefer to opt-in to promotional communications, you may receive periodic promotions and other offers or materials that we believe might be of interest to you until you unsubscribe or opt-out.

international data transfers

we are a global business. personal data may be stored and processed in any country where we have operations or where we engage service providers. we may transfer personal data that we maintain about you to recipients in countries other than the country in which the personal data was originally collected. those countries may have data protection rules that are different from those of your country. however, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your personal data remains protected to the standards described in this policy. in certain circumstances; courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your personal data.

use by minors

the services are not directed to individuals under the age of eighteen (18), and they shall not provide personal data through the website or the service. if you have a reason to believe that anyone under the age of 18 has provided us with any personal information, please contact us.

updates to this policy and notifications

we may change this policy from time to time to reflect new services, changes in our personal data practices, or relevant laws. the "last updated date" legend at the top of this policy indicates when this policy was last revised. any changes are effective when we post the revised policy on the website. we may provide you with disclosures and alerts regarding the policy or personal data collected by posting them on our website and by contacting you through the e-mail address you provided (if any).

links to other websites

the services may provide the ability to connect to other sites. these sites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you to review. if any linked website is not owned or controlled by us, we are not responsible for its content, any use of such website, or the privacy practices of the website's operator.

jurisdiction

dtec is established in amsterdam, the netherlands, and complies with the european union's general data protection regulation (gdpr). our data processing activities are subject to the supervision of the dutch data protection authority (autoriteit persoonsgegevens).

you have the right to request additional information about how we process your personal data under the applicable laws of your country of residence. if you are located in the european economic area (eea), you may also file a complaint with your local data protection authority or with the autoriteit persoonsgegevens.

for inquiries or complaints, you may contact the dutch data protection authority at: https://autoriteitpersoonsgegevens.nl.

contact us

if you have any questions or complaints about this policy, please contact us at privacy@dtec.space.

you may send us your request on exercising your above-mentioned rights, together with documents providing your identity and the scope of your request through following channels:

again by sending an e-mail to privacy@dtec.space. with or without a secured electronic signature,

through delivery by hand, by notary, or by certified mail to the address of keizersgracht 555, 1017 dr amsterdam, netherlands.

we are committed to answering your request as soon as possible, not more than 30 (thirty) days, and free of charge as long as there is no transaction cost.