Privacy Policy

LAST UPDATED: May, 2022

Amalgamated Token Services Inc. and its wholly-owned subsidiaries (collectively, "CoinList",
"we", "us") value the privacy of individuals who visit our token offering platform, available at
https://coinlist.co/ , and any of our other websites, applications, or services that link to this
Privacy Policy. CoinList offers users ("Users") the ability to participate in token offerings by
blockchain companies ("Token Developers"), to buy or sell cryptocurrencies, or to stake, lend, or
borrow cryptocurrencies (collectively, the "Service"). This Privacy Policy ("Policy") is designed to
explain how we collect, process, and share information from users of the Service, including
Users and Token Developers. This Policy is incorporated by reference into our Terms of Service.
By agreeing to this Policy in your account setup and through your continued use of the Service,
you agree to the terms and conditions of this Policy.

1. Information We Collect

“Personal Information” means information that identifies or is reasonably capable of identifying

an individual, directly or indirectly, and information that is being associated with an identified or
reasonably identifiable individual.

We collect any personal information you provide to us when you use the Service. You may
provide us with information in various ways on the Service.

Personal Information You Provide to Us

Account Profile Registration Information: If you register with us or one of our customers as a
User, you are required to provide us with your name and email address and to designate a
password.

Personal Identification Information: In order to participate in the Service, we may require

certain information to confirm your status as a qualified User. Users hoping to engage in the
activities offered by the Service in an individual capacity, and not on behalf of a corporation or
trust, must provide information including full name, social security number or equivalent,
phone number, address, date of birth, and visual image of face.

Government Identification Information: Government issued Identification documents such as a

passport or state issued license, national identity card, Tax ID number must be provided.

Financial Information: We may collect necessary financial information, such as your bank's
routing number, your account number and verification of income sources (such as tax filings or
pay stubs).

Institutional Information: Entity applicants may be required to provide proof of required assets
(such as an asset appraisal), formation documents (such as articles of incorporation), and the
personal identification information described above for all material beneficial owners.

Transaction Information: Information about transactions you make using CoinList services.

Communications: If you contact us directly, we may receive additional information about you.
For example, when you email our Customer Support Team, we will receive your email address,
the contents of a message or attachments that you may send to us, and other information you
choose to provide.

Marketing Data: Information regarding your preferences for receiving information, subscribing
to newsletters or other publications,

Inferences: Information about your interests, preferences, and favorites. We may also require
Users to complete a short questionnaire regarding their interest in specific types of tokens and
crypto assets. Token Developers will provide us with information about their project and token
offering, certain of which will be provided to potential Users to assist in making a decision about
participating.

Other information: We may collect which is not specifically listed here, but which we will use in
accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Personal Information We Collect Automatically From Your Use of the Service

When you use our Service, we may collect information from you through automated means, to
the extent permitted by law. These may include:
Identifiers: The information collected in this manner includes IP address.

Device Information: Device IDs and characteristics, browser, operating system version, language
preferences, referring URLs.

Internet or network information: (e.g., browsing and search history, site and advertisement
interactions, audience research data)

Geolocation: (e.g., precise location derived from GPS-enabled services)

Usage Data: We collect information about the usage of our Service. We may use this
information, for example, to ensure that the Service functions properly, to determine how many
users have visited certain pages or opened messages, or to prevent fraud.

Personal Information We Collect From Third Parties

We may collect, store, use, and transfer the following types of Personal Information:

Transaction Analysis: CoinList analyses blockchain transactions to identify and prevent fraud
related activity.

Third Party Verification Analysis: Third-party service providers make inquiries to verify user
identity, provide credit report information, and to fulfill CoinList’s obligations to detect illegal
activity such as money laundering, terrorist financing, and fraud.

2. How We Use Your Information

We use your information for the following purposes and as described in this Privacy Policy or at
the time of collection, except as otherwise permitted by law:

1. To enforce our Terms of Service or other legal rights: We use your information that
includes identification and financial information to provide quality services to our Users
while mitigating and monitoring instances of illegal activities and enforcing agreements
with third party service providers.
2. To conduct identity verification: We collect and process personal information to verify
the identity and qualification status of Users, which may include conducting a soft pull
on your credit history and conducting verification of visual identification images.
3. To operate, maintain, enhance and provide features of the Service: We may use
information to provide services and information that you request.
4. To provide customer support: In order to respond to comments and questions, and
otherwise to provide support to Users, we may use your personal information.
5. To conduct research and development: We may use information to understand and
analyze the usage trends and preferences of our Users, to improve the Service, and to
develop new products, services, features, and functionality.
6. To provide service related communications: CoinList may contact you for administrative
or informational purposes, such as providing customer service or sending
communications, including changes to our terms, conditions, and policies.
7. To deliver marketing opportunities: CoinList uses information to develop and provide
promotional and advertising materials that may be useful, relevant, valuable or
otherwise of interest. See Your Privacy Rights.
8. To operate and manage CoinList’s Karma reward program: CoinList uses information as it
relates to user activity and participation in CoinList services such as trading, staking,
mining, etc. in order to reward active community participants with Karma points, our
loyalty program points that seek to reward users for value-add activities that further the
development of blockchain technology. In line with a tiered point system, users are
provided with the possibility of obtaining access to the “priority queue” to improve
users’ chances of successfully participating in token sales, and may be offered additional
discounts, services and other perks, as CoinList may determine from time to time in its
sole and absolute discretion.
9. To conduct content analytics: To enhance your customer experience and personalize
your use of the Service by presenting a tailored user interface or presenting offers or
services based on your past use of the Services or related activities. For example, you
may choose to provide us access to additional information, including personal
information, through third parties or external applications such as blockchains or
external wallets.
10. To aggregate data or create anonymized data: We may aggregate data collected through
the Service and may use and disclose it for any purpose.
11. To comply with legal obligations: These include items such as audits, security, and
compliance with applicable laws and regulations.
12. To detect and prevent fraud: We process information to identify, prevent, and mitigate
fraud in relation to our services in order to protect Users.
3. How We Share Your Information
CoinList only shares information to fulfill the purposes described above. CoinList will not share
personal information with third parties outside of these purposes without your consent. We
may disclose information that we collect through the Service to third parties in the following
circumstances:

● Third Party Verification providers: Information may be shared with third parties who
provide Know Your Customer and Anti-Money Laundering services, credit review, and
identification verification services, including verifying qualified users.
● Token Developers: Information collected from and about Users may be shared with
Token Developers to facilitate User directed participation and to communicate
independently with you.
● Financial institutions: In order to process payments, we share information with our
banking and custodial partners.
● Third party service providers: Information collected is used only in connection with
services performed for us. These include services such as website hosting, data analysis,
customer service, email delivery, marketing, auditing, security threat detection, payment
processing, fraud prevention, and other services.
● Business Transfers: A potential or actual acquirer, successor, or assignee as part of any
reorganization, merger, sale, joint venture, assignment, transfer or other disposition of
all or any portion of our business, assets or stock (including in bankruptcy or similar
proceedings) may receive information.
● Law enforcement, legal process or emergency situation: If required to do so by law or in
the good faith belief that such action is appropriate, we may share information: (a)
under applicable law, including laws outside your country of residence; (b) to comply
with legal process; (c) to respond to requests from public and government authorities,
including public and government authorities outside your country of residence; (d) to
enforce our terms and conditions; (e) to protect our operations or those of any of our
subsidiaries; (f) to protect our rights, privacy, safety or property, and/or that of our
subsidiaries, you or others; and (g) to allow us to pursue available remedies or limit the
damages that we may sustain.

We may use and disclose aggregate information that does not identify or otherwise relate to an
individual for any purpose, unless we are prohibited from doing so under applicable law.

4. Cookies
CoinList may make use of the standard practice of placing cookies, flash cookies, pixel tags, or
other tracking tools (herein, “Cookies”) on your computer or other devices used to visit CoinList.
We use Cookies to help us collect information in order to detect and prevent fraud and in order
to enhance your experience.

We may rely on marketing and analytical cookies on our website by our advertising and
marketing service providers and partners. We also work with analytics providers which use
cookies and similar technologies to collect and analyze information about use of the Service and
report on activities and trends. For example, Google and Facebook. Learn more about these
platforms here and here. You may refer to
http://www.allaboutcookies.org/manage-cookies/index.html to learn more about cookies and
your browser. Please note, if you reject some cookies, you may not be able to access some or all
of CoinList’s services.

We do not share your information with these third parties, but analytics service providers may
set and access their own cookies, pixel tags, and similar technologies on the Service and they
may otherwise collect or have access to information about you which they may collect over
time and across different websites

5. Third Party Services

We may display third-party content on the Service. Third-party content may use cookies, web
beacons, or other mechanisms for obtaining data in connection with your viewing of and/or
interacting with the third-party content on the Service. This Policy does not address, and we are
not responsible for, the privacy, information or other practices of any third parties, including any
third party operating any site or service to which the Service links. The inclusion of a link on the
Service does not imply endorsement of the linked site or service by us or by our affiliates.

6. Your Choices

From time to time, we send marketing materials including e-mail messages to our users, subject
to applicable laws and regulations. If you no longer want to receive such materials, you may opt
out via the "unsubscribe" link provided in every email communication or by sending us an email
with your request at team@coinlist.co. Otherwise, you may change your setting preference by
accessing your account on your profile dashboard and selecting ‘email preferences’.
7. Security
We use certain physical, organizational, and technical safeguards that are designed to maintain
the integrity and security of information that we collect. Some measures we take include
encryption of the CoinList website communications with SSL; required two-factor authentication
for all sessions, and periodic review of information security and storage. Please be aware that
no security measures are perfect or impenetrable and thus we cannot and do not guarantee the
security of your data. It is important that you maintain the security and control of your account
credentials, and not share your password with anyone.

8. Retaining Your Information

CoinList takes privacy and security seriously. We will only retain your personal information for as
long as necessary to fulfill the purposes for which we collected it. In some cases, we will retain
information for a period of time required after an account is closed in order to comply with legal
and reporting requirements. These include applicable financial services and anti-money
laundering laws. Information collected for marketing purposes will be retained unless you
unsubscribe, at which point preferences will be marked in our databases and you will no longer
receive direct marketing material.

9. Use of Service by Minors

The Service is not directed to individuals under the age of eighteen (18), and we request that
you not provide personal information through the Service if you are under 18.

10. International Cross-border Data Transfer

CoinList uses servers hosted in the United States. Please note that we may be transferring your
information outside of your region for storage and processing in the United States and around
the globe. By using the Service you consent to the transfer of information to countries outside
of your country of residence, including the United States, which may have data protection rules
that are different from those of your country.
EEA PRIVACY RIGHTS

If you are located in the EEA, UK, or Switzerland, the following information applies with respect
to personal data collected through your use of our Services.

Legal Basis for Processing Your Information

CoinList processes your information in order to perform the services it offers. In order to
process personal information, CoinList relies on the legal basis as outlined in Article 6 of the EU
General Data Protection Regulation (“GDPR”), as applicable. CoinList processes personal
information (1) as necessary to perform our agreement to provide the Service; (2) as necessary
to comply with CoinList’s legal obligations; (3) as necessary for our legitimate interests in
providing the Service where those interests do not override your fundamental rights and
freedoms related to data privacy; and (4) with your consent.

Purpose Legal Basis

Based on our contract with you

1. To enforce our Terms of Service or other
legal rights; 3. To operate, maintain, enhance
and provide features of the Service; 4. To
provide customer support; 6. To provide
service related communications

2. To conduct identity verification; 10. To Necessary to comply with legal obligations

aggregate data or create anonymized data;
11. To comply with legal obligations; 12.To
detect and prevent fraud

5. To conduct research and development; 7. CoinList’s legitimate interest

To deliver marketing opportunities; 8. To
operate and manage CoinList’s Karma
reward program;

9. To conduct content analytics Your consent

Data Transfers out of EU
Pursuant to Article 49 of the EU GDPR, the transfer of data is necessary for the performance of a
contract between the data subject and the controller or the implementation of pre-contractual
measures taken at the data subject’s request;

Your Privacy Rights

If you are an individual in the European Economic Area (EEA),You have the right to:

● Request a copy of your information,

● To object to our use of your information. (including for marketing purposes. We will
contact you by electronic means for marketing purposes only if you have consented to
such communication. You may object to initial or further processing for purposes of
direct marketing),
● To correct any inaccurate personal information, where applicable,
● You have the right to request the deletion of your information. If you choose to close
your CoinList account, your account will be marked closed. Your information will no
longer be used by CoinList for further processing purposes, except as required by
applicable laws. Information will be retained as required by financial and anti money
laundering regulations which include but are not limited to the prevention of fraud.

You can exercise any of these rights by contacting us at privacy@coinlist.co

CALIFORNIA PRIVACY RIGHTS

For purposes of this section, “Personal Information” has the meaning given in the California
Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the
scope of the CCPA.

The sources from which we collect information are described in Section 1 of this Privacy Policy;
the business and commercial purposes for which we collect this information are described in
Section 2 of this Privacy Policy; and the categories of third parties to whom we “disclose” the
information for a business purpose are described in Section 3 of this Privacy Policy
As a California resident, you have rights under the California Consumer Privacy Act (“CCPA”).
However, these rights are not absolute, and in certain cases we may decline your request as
permitted by law. You may request to know more details about the categories or specific pieces
of Personal Data we collect (including how we use and disclose this information), to delete your
Personal Data, subject to certain exceptions, and to not be discriminated against for exercising
these rights.

You may submit a request to access or delete your personal information by emailing us at
privacy@coinlist.co. We are legally obligated to verify your identity when you submit a request.
We may request additional information from you to verify your identity.

CoinList does not sell your data and has not sold your personal data in the previous 12 months.

Updates to this Privacy Policy

We may make changes to this Policy. The "Last Updated" date at the top of this page indicates
when this Policy was last revised. If we make material changes, we may notify you through the
Service or by sending you an email or other communication. We encourage you to read this
Policy periodically to stay up-to-date about our privacy practices. Your use of the Service
following these changes means that you accept the revised Policy.

U.S. Consumer Privacy Notice

Companies choose how they share your personal information. Under federal law, that means
personally identifiable information. Federal law gives consumers the right to limit some but not
all sharing. Federal law also requires us to tell you how we collect, share, and protect your
personal information. To understand what we do, please carefully read the U.S. Consumer
Privacy Notice, available here.

Contact us
If you have any questions about this Policy, please contact us at: notice@coinlist.co.

900 Kearny Street #350 San Francisco, CA 94133