PRIVACY POLICY

1. PERSONAL INFORMATION WE COLLECT

We collect and process personal information only to the extent necessary for the operation of the Platform. We do not knowingly collect personal information from individuals under the age of eighteen (18).

1.1 Information You Provide Directly

We may collect the following information when you register or use the Service:

(a) Account information (required): email address; password (stored in encrypted/hashed form);

(b) Verification information (may be required): full name, country of residence, and, where required by law or for fraud prevention, government-issued identification and a selfie;

(c) Exchange-related information (required for Cashback and Rewards): Partner Exchange name, exchange user identifier (UID), and trading or transaction history relevant to Cashback calculation (including date, volume, fees, and related metrics). We do not require your Partner Exchange password;

(d) Communications: information you provide when contacting support, participating in surveys, or providing feedback.

1.2 Information Collected Automatically

When you access or use the Platform, we may automatically collect:

(a) IP address, browser type, operating system, device identifiers, and language settings;

(b) access timestamps, pages viewed, referral URLs, and interaction logs;

(c) Cashback and Reward history, including accumulation, application, and withdrawal records;

(d) cookies and similar tracking technologies.

2. PURPOSES OF PROCESSING

We process personal information for the following purposes:

(a) account creation, identity verification, and membership management;

(b) calculation, allocation, and payment of Cashback and Rewards;

(c) detection and prevention of fraud, abuse, abnormal trading behavior, and security incidents;

(d) operation, maintenance, and improvement of the Platform;

(e) customer support and dispute resolution;

(f) compliance with legal and regulatory obligations;

(g) communication regarding service updates, security notices, and transactional messages; and

(h) marketing and promotional communications, where permitted by law or with your consent. You may opt out of marketing emails at any time by using the unsubscribe link (if provided) or by contacting us.

3. LEGAL BASIS FOR PROCESSING

We process personal information on one or more of the following legal bases:

(a) performance of a contract (provision of the Service);

(b) compliance with legal obligations;

(c) legitimate interests (fraud prevention, security, service improvement);

(d) your consent, where required by applicable law.

4. RETENTION OF PERSONAL INFORMATION

4.1. We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy.

4.2. If you close your account or request deletion, we will delete or anonymize personal information within a reasonable period, generally within thirty (30) days, unless we need to retain it for the purposes described below.

(a) for ongoing investigations, disputes, or enforcement of rights;

(b) to comply with legal, accounting, tax, or regulatory requirements;

(c) to prevent fraud or re-registration abuse (e.g., retention of hashed email identifiers);

(d) for record-keeping of Cashback and Reward transactions for up to five (5) years, with identifying data masked where feasible.

4.3. Typical retention periods (unless longer retention is required or permitted by law) include:

(a) Cashback/Reward transaction records: up to five (5) years;

(b) security and access logs: up to twelve (12) months;

(c) customer support communications: up to twenty-four (24) months;

(d) marketing preferences and suppression lists: until you opt out (and then up to three (3) years);

(e) hashed identifiers for abuse prevention: up to five (5) years.

4.4. Backup copies may persist for up to ninety (90) days before being overwritten or deleted in the ordinary course.

5. SHARING OF PERSONAL INFORMATION

5.1. We do not sell personal information.

5.2. We may share personal information with:

(a) Partner Exchanges, strictly to verify trading activity and calculate Cashback and Rewards;

(b) service providers acting on our behalf (e.g., hosting, analytics, security, payment processing);

(c) legal or regulatory authorities, where required by law;

(d) professional advisors, subject to confidentiality obligations.

5.3. All third parties are required to process personal information in accordance with applicable data protection laws.

6. COOKIES AND TRACKING TECHNOLOGIES

6.1. We use cookies and similar technologies to:

(a) ensure proper functioning of the Platform;

(b) analyze usage patterns;

(c) enhance security;

(d) improve user experience; and

(e) support marketing and promotional activities.

6.2. You may control or disable cookies through your browser settings. Disabling cookies may limit certain features of the Platform.

6.3. Where required by applicable law, we will ask for your consent before placing non-essential cookies (such as analytics or marketing cookies). You can manage your cookie preferences through any cookie banner or settings tool made available on the Platform.

7. DATA SECURITY MEASURES

We implement appropriate technical and organizational measures to protect personal information, including:

(a) encryption and hashing of sensitive data;

(b) access controls and authentication mechanisms;

(c) monitoring and logging of system access;

(d) regular security reviews and employee training; and

(e) physical safeguards for infrastructure and data storage.

8. DESTRUCTION OF PERSONAL INFORMATION

When personal information is no longer required, it is securely destroyed or anonymized using industry-standard methods to prevent recovery or reconstruction.

9. YOUR RIGHTS

Subject to applicable law, you have the right to:

(a) access your personal information;

(b) correct inaccurate or incomplete information;

(c) request deletion or anonymization;

(d) restrict or object to certain processing activities;

(e) withdraw consent, where processing is based on consent;

(f) receive a copy of your personal information in a portable format.

Requests may be submitted to the contact details listed in Section 10.

We may need to verify your identity before responding to a request. Where required by applicable law, we will respond within thirty (30) days, although response times may vary depending on the complexity of the request and applicable legal requirements.

10. DATA PROTECTION CONTACT

For privacy-related inquiries, requests, or complaints, please contact:

Department: Privacy Team

Email: privacy@tetherback.com

Mailing Address: Via Ricardo J. Alfaro, Centro Comercial El Dorado, Piso S1, Oficina#2, Ciudad de Panama, Republic of Panama

11. INTERNATIONAL DATA TRANSFERS

Personal information may be processed or stored outside your country of residence, including in countries where our service providers are located. Where required, we implement appropriate safeguards to ensure lawful cross-border data transfers.

Safeguards may include contractual protections (such as standard contractual clauses where applicable), technical measures such as encryption, and vendor due diligence to help protect your personal information.

12. ADDITIONAL PROVISIONS FOR EU USERS

If you are a resident of the European Union or the United Kingdom, the following apply:

(a) processing is conducted in accordance with the GDPR (and, where applicable, the UK GDPR);

(b) you may lodge a complaint with a relevant supervisory authority;

(c) international transfers are safeguarded using approved mechanisms (such as standard contractual clauses where applicable);

(d) consent may be withdrawn at any time without affecting prior lawful processing.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice (for example, by posting on the Platform or by email) at least thirty (30) days in advance where reasonably practicable.

If changes require your consent, we will obtain your consent. If you do not agree with an updated Privacy Policy, you should discontinue use of the Platform and may request deletion of your account.