Privacy Policy

Infini Labs and its affiliated entities responsible for providing the Services (collectively, "Infini", "we", "us" or the "Company") act as the data controller of your personal information for the purposes described in this Privacy Policy, unless otherwise specified.

This Privacy Policy explains how we collect, use, store, share, and otherwise process personal information when you access or use our websites, mobile applications, APIs, or other digital products and services (collectively, the "Services").

We process personal information in accordance with applicable data protection laws and regulations, including, where applicable, the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other relevant privacy laws.

This Privacy Policy describes:

• The categories of personal information we collect;
• The purposes for which we process such information and the legal bases we rely on;
• How and with whom we share personal information;
• The rights available to you under applicable data protection laws and how you can exercise them;
• How we safeguard and retain personal information; and
• How you can contact us regarding privacy-related matters.

We may update this Privacy Policy from time to time. Where required by applicable law, we will notify you of material changes and obtain your consent where necessary. The updated version will be indicated by the "Last Updated" date at the top of this document.

We implement appropriate technical and organizational measures to protect personal information against unauthorized access, loss, misuse, or alteration. However, no transmission over the internet can be guaranteed to be completely secure.

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of such third parties, and we encourage you to review their privacy policies independently.

If you have any questions or wish to exercise your data protection rights, you may contact us using the details provided in the "Contact Us" section below.

1. Basic Definitions

In this Privacy Policy, unless the context otherwise requires, the following terms shall have the meanings set out below:

• "Infini", "we", "us" or the "Company" means Infini Labs and its affiliated entities responsible for providing the Services, acting as the data controller unless otherwise specified.
• "User" or "you" means any natural person who accesses, browses, registers for, or otherwise uses the Services.
• "Services" means the websites, mobile applications, APIs, and other digital products or services operated by us.
• "Personal Information" means any information relating to an identified or identifiable natural person (“data subject”), whether directly or indirectly identifiable, including by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to that person.
• "Basic Personal Information" means personal information necessary for account creation, account management, or communication, such as name, contact details, and account identifiers.
• "Identity Verification Information" means information used to verify identity or fulfill legal and regulatory obligations, including government-issued identification documents, verification results, and related information.
• "Financial Information" means information relating to financial status, accounts, assets, or transaction activity.
• "Payment Information" means information required to process payments or settlements, including payment method details and transaction records.
• "Device and Usage Information" means information generated from the use of the Services, including IP address, device identifiers, browser type, operating system, access time, and usage logs.
• "Processing" means any operation performed on personal information, including collection, use, storage, disclosure, transfer, or deletion.
• "Data Controller" means the entity that determines the purposes and means of processing personal information.
• "Data Processor" means a third party that processes personal information on behalf of the Company.
• "Third Party" means any individual or entity other than the Company, its affiliates, or its data processors.
• "Applicable Laws" means all laws and regulations applicable to the processing of personal information, including, where applicable, the GDPR and other relevant data protection laws.

2. Personal Information We Collect

We collect personal information only where it is necessary for the provision of our Services, compliance with legal obligations, or the pursuit of our legitimate business interests, in accordance with applicable data protection laws.

We may collect personal information through the following sources:

• Information you provide directly: when you register for an account, complete identity verification, conduct transactions, or otherwise interact with the Services;
• Information collected automatically: when you access or use the Services, including through cookies, log files, and similar technologies (further described in Section 6);
• Information obtained from third parties: including service providers, analytics partners, compliance and identity verification providers, public sources, or blockchain networks, where permitted by law.

We process personal information based on one or more of the following legal bases, where applicable:

• Performance of a contract (e.g., to provide and operate the Services);
• Compliance with legal obligations (e.g., KYC/AML requirements);
• Legitimate interests (e.g., service improvement, fraud prevention, and security);
• Your consent, where required (e.g., for marketing communications or non-essential cookies).

Further details regarding the categories of personal information we collect, the purposes of processing, and the corresponding legal bases are set out in Section 3 below.

3. Types of Personal Information We Collect

The categories of personal information we collect may vary depending on the service functions and applicable laws and compliance requirements (such as KYC, AML, CDD), specifically including the following categories.

3.1 Individual Users

We may collect the following categories of personal information from individual users: - Basic Information Including name, address, date of birth, nationality, country of residence, phone number, and email address. Purpose: account registration, identity verification, and user communication. Legal Basis: performance of a contract (Article 6(1)(b) GDPR) and compliance with legal obligations (Article 6(1)(c) GDPR). - Identity Verification Information (KYC Data) Including proof of address (e.g., utility bills), photographs, government-issued identification documents (such as passport or ID card), tax identification numbers, employment information, residency status, and other verification-related information. Purpose: identity verification (KYC), anti-money laundering (AML), fraud prevention, and compliance with regulatory obligations. Legal Basis: compliance with legal obligations (Article 6(1)(c) GDPR). - Financial Information Including proof of income or net assets, on-chain asset balances (e.g., USDT/USDC holdings), transaction records, and earnings details. Purpose: risk assessment, transaction processing, account management, and compliance with financial regulations. Legal Basis: performance of a contract (Article 6(1)(b)) and compliance with legal obligations (Article 6(1)(c)). - Payment Information Including payment method details and transaction records (such as amounts, timestamps, and counterparties). Purpose: payment processing, settlement, and fraud detection. Legal Basis: performance of a contract (Article 6(1)(b)) and legitimate interests (Article 6(1)(f)). - Device and Usage Information Including IP address, approximate location data, browser type, device identifiers, operating system, access logs, and interaction data. Purpose: service operation, security monitoring, fraud detection, and service improvement. Legal Basis: legitimate interests (Article 6(1)(f)) and, where applicable, consent (Article 6(1)(a)) for non-essential tracking technologies. We implement appropriate technical and organizational measures to protect such information, including encryption of personal data during transmission and storage, strict access controls, internal authorization mechanisms, and security monitoring to prevent unauthorized access, disclosure, or misuse. Access to identity verification data is restricted to authorized personnel on a need-to-know basis, and such measures are regularly reviewed in line with industry standards and regulatory expectations. Where you choose to close your account, we will delete or anonymize your personal information without undue delay, unless retention is required to comply with legal obligations (such as AML or record-keeping requirements), resolve disputes, or enforce our agreements. Retention periods are further described in Section 14.

3.2 Legal Entity Users

We may collect the following categories of personal information in relation to legal entity users (such as corporate clients): - Company Information Including company name, registered address, business type, registration details, incorporation documents, and ultimate beneficial ownership (UBO) information. Purpose: corporate account onboarding, identity verification, regulatory compliance, and ongoing due diligence. Legal Basis: compliance with legal obligations (Article 6(1)(c) GDPR) and performance of a contract (Article 6(1)(b) GDPR). - Shareholder and Director Information Including personal identification and contact information of shareholders, directors, and ultimate beneficial owners, such as name, address, date of birth, nationality, contact details, identification documents, proof of address, tax identification numbers, and related verification materials. Purpose: verification of controlling persons, compliance with KYC/AML requirements, and risk assessment. Legal Basis: compliance with legal obligations (Article 6(1)(c) GDPR). - Financial Data Including assets under management (AUM), transaction records, payment instructions, earnings details, and invoice-related information. Purpose: account management, transaction processing, financial reconciliation, and compliance with regulatory and reporting obligations. Legal Basis: performance of a contract (Article 6(1)(b) GDPR) and compliance with legal obligations (Article 6(1)(c) GDPR). - Operational Data Including account activity records, usage logs, system interactions, and technical data generated in connection with the use of the Services. Purpose: service operation, system integration, security monitoring, and service optimization. Legal Basis: legitimate interests (Article 6(1)(f) GDPR). We implement appropriate technical and organizational measures to protect such information, including encryption of personal data during transmission and storage, strict access controls, internal authorization mechanisms, and security monitoring to prevent unauthorized access, disclosure, or misuse. Access to sensitive information, including data relating to legal entity representatives, shareholders, and ultimate beneficial owners, is restricted to authorized personnel on a need-to-know basis, and such measures are regularly reviewed in line with industry standards and regulatory expectations. Where you choose to close your account, we will delete or anonymize personal information associated with the legal entity and its related individuals without undue delay, unless retention is required to comply with legal obligations (such as AML, KYC, or record-keeping requirements), resolve disputes, or enforce our agreements. Retention periods are further described in Section 14.

3.3 Automatically Collected Information

We may automatically collect certain information when you access or use the Services: - Browser and Device Details Including IP address, approximate location information, device type, operating system, browser type, network connection, and device identifiers. Purpose: ensuring the proper functioning of the Services, security monitoring, fraud detection, and system administration. Legal Basis: legitimate interests (Article 6(1)(f) GDPR). - Usage Behavior Including access times, pages viewed, interaction data, and operation logs. Purpose: analyzing usage patterns, improving service performance, and detecting abnormal or unauthorized activities. Legal Basis: legitimate interests (Article 6(1)(f) GDPR). Where such data is collected through cookies or similar tracking technologies, the processing is further described in Section 6. Non-essential cookies (including analytics and marketing cookies) are used only with your consent, in accordance with applicable data protection laws.

3.4 Information Obtained from Third Parties

We may obtain personal information about you from third-party sources, where permitted by applicable laws: - Analytics Data Including website usage statistics, device information, browser information, and approximate location data obtained from analytics service providers. Purpose: analyzing user behavior, improving service performance, and supporting analytics functions. Legal Basis: your consent (Article 6(1)(a) GDPR) for non-essential analytics technologies, where applicable. - Error Monitoring Data Including technical and diagnostic information collected by third-party service providers for error tracking, system monitoring, and performance optimization. Purpose: identifying and resolving technical issues, ensuring system stability and reliability. Legal Basis: legitimate interests (Article 6(1)(f) GDPR). - Compliance Data Including background check information obtained from credit bureaus, public records, compliance partners, or identity verification providers. Purpose: conducting KYC/AML checks, fraud prevention, and fulfilling regulatory obligations. Legal Basis: compliance with legal obligations (Article 6(1)(c) GDPR). - Blockchain Data Including publicly available information from blockchain networks, such as wallet addresses, transaction histories, and token activity. Purpose: transaction verification, risk assessment, and compliance monitoring. Legal Basis: legitimate interests (Article 6(1)(f) GDPR) and, where applicable, compliance with legal obligations (Article 6(1)(c) GDPR). Where personal information is obtained from third-party sources, we ensure that such data is collected and shared in accordance with applicable laws. Where required, we rely on appropriate legal bases and contractual safeguards. We apply appropriate technical and organizational safeguards, including encryption and access controls, to protect personal information obtained from third-party sources. If you do not provide, or if we are unable to obtain, personal information necessary for providing the Services or fulfilling legal obligations, we may be unable to provide certain features or complete specific transactions, including identity verification and payment processing.

4. How We Use Personal Information

We use personal information to provide, maintain and improve the Services, and to fulfill applicable legal obligations. The processing of relevant personal information is based on legitimate grounds provided by applicable laws, such as performing contracts, complying with legal obligations, our legitimate interests, or based on your consent where necessary. Specific purposes include:

• Account Management and Operations: Registration, verification, account maintenance, providing customer support, managing your account and its daily operations, processing your applications, subscribing and registering for our products and services, managing your account, and providing our products and services to you.
• Service Delivery: Processing transactions, payments, earnings distribution, providing content and information related to service functions, and providing relevant service information to you through our websites, applications or other legitimate communication channels, providing our services to you, including through in-person events, social media, email and other online venues.
• Compliance and Risk Management: KYC/AML checks, anti-fraud, reporting to regulatory authorities, complying with legal obligations, complying with court orders, subpoenas or other legal processes (regardless of jurisdiction), complying with applicable laws and regulations, complying with requirements from government authorities, law enforcement agencies or similar institutions (regardless of jurisdiction), conducting customer due diligence, anti-fraud and risk assessments under applicable legal requirements, and submitting or verifying necessary information to regulatory authorities or authorized compliance service providers in accordance with the law.
• Service Improvement: Analyzing trends, usage behavior, testing new features, diagnosing issues, managing, providing, maintaining, improving and personalizing our products and services, including identifying you and remembering your personal information when you return to our Services, helping us facilitate transactions and personal benefits and services, including customer support, contests, sweepstakes and promotions, identifying and analyzing how you use our Services, helping us monitor and analyze trends, usage and activities related to our Services, helping us improve and customize our Services to meet the needs and interests of our user base and other individuals who interact with us, helping us test, enhance, update and monitor the Services, or diagnose or fix technical issues.
• Marketing and Communication: Sending updates and promotions based on your interests (with consent), managing contests/sweepstakes, through email or phone marketing functions, products or special events, sending updates or promotional information related to our Services to you where applicable laws permit and your explicit consent is obtained, and supporting the marketing and advertising efforts of our Services, generating and analyzing data about users and their usage of our Services. We will not use your personal information for third parties' independent marketing purposes without your consent.
• Security and Integrity: Detecting malicious activities, maintaining system security, helping us maintain the security, reliability and integrity of the Services, technical assets and business, helping us detect, prevent, investigate or notify malicious, deceptive, fraudulent, illegal or criminal activities.
• Internal Operations: Auditing, data analysis, business development, testing changes and developing new features and products for our Services, resolving issues you may encounter related to our Services, including providing support and resolving disputes, managing service platforms, including support systems and security, preventing, investigating and responding to fraud, unauthorized access or use of our Services, violations of terms and policies or other improper activities, complying with legal obligations and applicable retention periods, establishing, exercising or defending our rights in legal proceedings.

Unless applicable law provides otherwise, if GDPR or other laws apply, we will clearly inform you of the processing basis (see Section 17 for details).

5. How We Share Personal Information

We only share personal information when necessary and within the scope permitted by applicable laws. Within the scope permitted by law, third parties assume corresponding responsibilities for their independent processing of your personal information. Sharing recipients include:

• Service Providers: Sharing personal information with third-party service providers that provide services on our behalf (such as payment processing, cloud infrastructure, data storage, technical support or compliance service providers), and limited to the scope necessary for them to fulfill their contractual obligations with us.
• Within the Group: If applicable, we may share your personal information within the company group for internal management or to support the provision of Services, and strictly follow the processing purposes described in this Privacy Policy.
• Regulatory Authorities: Under applicable legal requirements, we may disclose personal information to regulatory authorities, law enforcement agencies, courts or other competent institutions, such as fulfilling anti-money laundering reporting obligations, responding to legitimate judicial or regulatory requests.
• Business Transfers: In the event of mergers, acquisitions, reorganizations or asset transfers of the company, personal information may be transferred as part of the transaction, but will continue to be bound by applicable data protection laws and this Privacy Policy or privacy arrangements with equivalent protection levels.
• Others: Sharing with your consent, or in other necessary circumstances permitted by law, for protecting relevant rights or security.

When sharing personal information, we will require recipients to take reasonable and appropriate data protection measures in accordance with applicable legal requirements, and sign data processing or confidentiality agreements where necessary. We may need to retain, process and/or disclose your personal information to agents, contractors or other third-party service providers, and for the processing of personal information under their independent control by third parties, they shall assume corresponding responsibilities in accordance with applicable laws.

6. Cookies and Similar Technologies

When you access or use Infini's websites or applications, we may use Cookies and similar technologies to automatically collect some information. Cookies are small text files stored on your device. In addition, we may also use similar technologies, such as web beacons, pixel tags, embedded scripts and log files (hereinafter collectively referred to as "Cookies and Similar Technologies"), to help us understand the usage of the Services, enhance website performance and optimize user experience. We and authorized third-party service providers may use the above Cookies and Similar Technologies (i) Cookies or small data files stored on your device, and (ii) other similar technologies (including web beacons, pixel tracking, embedded scripts, location identification technologies and logging technologies, collectively referred to as "Cookies"), to automatically collect information related to your use of the Services, and use such information only within the scope of achieving the purposes described in this Privacy Policy. The purposes for which we use cookies and similar technologies include: ensuring the normal operation of the websites and services, including authentication and session management; analyzing website traffic and usage behavior to identify popular content and improve navigation; improving functionality and overall performance, such as remembering your preferences and settings; enhancing security and preventing fraudulent behavior, such as detecting abnormal logins; supporting content display or promotional activities related to the Services with your explicit consent. For the above purposes, we may entrust third-party service providers to assist in providing related analytics services. Such third parties may process relevant information in accordance with their own privacy policies, and you may manage or opt out of their data collection activities through options provided by the relevant service providers.

7. Choices for Managing Cookies

You have the right to disable non-essential Cookies at any time. However, please note that disabling some Cookies may affect some functions or Services of the website, such as inability to remember login status or personalized recommendations. If you do not wish to receive cookies, most browsers support the following operations: (i) prompt you when receiving cookies by adjusting settings, allowing you to decide whether to accept them autonomously; (ii) disable existing cookies; or (iii) set the browser to automatically reject cookies. Please note that these operations may affect the website usage experience, and some functions or Services may experience abnormalities or even be completely unusable. Depending on your device and operating system version, it may not be possible to completely clear all cookies. In addition, if you want to uniformly reject cookies on all browsers and devices, you need to set them separately in each browser on each commonly used device. You can also prevent the system from automatically downloading images that may contain technical codes through email option settings—these codes can help us identify whether you have accessed the email and performed related operations. You can manage Cookies through browser settings, including accepting or rejecting Cookies and deleting existing Cookies. For marketing information sent via email, you can choose to unsubscribe at any time through the methods provided in the relevant communications. Most browsers support the above Cookie management options, and you can regularly check and adjust relevant settings according to your own preferences.

The legal basis for setting cookies is the legitimate interests under Article 6(1)(f) of the General Data Protection Regulation (hereinafter "GDPR") (if applicable), and your consent under Article 6(1)(a) of the GDPR under the premise of complying with legal requirements. Where the use of cookies is necessary for fulfilling a contract in initiating or continuing a contractual relationship, the legal basis is Article 6(1)(b) of the GDPR. For situations where GDPR applies, the processing of relevant personal data will be based on legitimate interests (Article 6(1)(f) of the GDPR) or the data subject's consent (Article 6(1)(a)), or necessary for fulfilling a contract (Article 6(1)(b)).

8. Blockchain Public Information

The data we collect comes from publicly visible and/or accessible activities on the blockchain. This may include blockchain addresses and information about token holdings, purchases, sales or transfers, which may be associated with other information you provide to us under the premise of complying with laws and regulations and where necessary for fulfilling compliance or risk management obligations. We may use this information for compliance checks, risk assessments and service optimization, but will ensure compliance with privacy regulations.

9. Children's Personal Information

Our Services are not directed at, nor intended to collect or actively solicit personal information from children under 18 years old. If an individual is under 18 years old (or the age of majority under local laws), they should not use this Service or provide personal information to us in any way. If children under 18 have provided personal information to us, we recommend that their parents or guardians contact us to request that we delete the relevant data from the system. If we discover that the collected personal information is indeed provided by children under 18, we will delete it immediately. We do not intentionally collect children's information and will take measures to prevent such occurrences.

10. Third-Party Websites and Services

Our Services may contain links to third-party websites, plugins and applications. Unless we publish, link or explicitly adopt/reference this Privacy Statement, this Statement does not apply to the personal information processing methods of third-party websites and online services, and Infini assumes no responsibility for any consequences caused by the independent actions of any third parties or their privacy policies. Nor does it assume related responsibilities. To understand the personal information processing methods of third parties, please review their respective privacy statements. We recommend that you review their applicable privacy policies before accessing any third-party websites or services.

11. Third-Party Wallet Extensions

Certain transactions conducted through this Service require you to associate your wallet with this Service. Using such third-party wallets for transactions means that you agree that your interactions with the third-party wallet are governed by its privacy policy. For any consequences arising from the use of third-party wallets, including but not limited to the use or disclosure of personal information by third-party wallets, the relevant responsibilities shall be borne by the third-party wallet service provider in accordance with applicable laws.

12. Cross-Border Transfer of Personal Information

For one or more of the above purposes, we may transfer your personal information to specific third-party service providers outside your jurisdiction. These service providers include agents, contractors or partners that provide us with technical support, data storage, data analysis, payment processing, customer support and related operational services, which may be located in different countries or regions. Where there are related affiliated entities and there is a business need, we may also share your personal information within the Infini company group to provide you with the requested products or services, or for internal management and operational purposes directly related to the purposes at the time of collection. Data sharing within the group will be limited to what is necessary and bound by appropriate privacy and data protection measures.

When your personal information is transferred to other countries or regions, we will take appropriate safeguards in accordance with applicable data protection laws to ensure that your personal information is adequately protected. These measures may include signing applicable standard contractual clauses with relevant recipients, or adopting other recognized cross-border data transfer mechanisms. Where required by applicable laws, we may also conduct relevant data transfers based on your explicit consent. We will require all third parties processing personal information on our behalf to take reasonable and appropriate technical and organizational measures to prevent personal information from unauthorized or illegal access, disclosure, alteration, loss or destruction, and ensure that personal information is retained only for the period necessary to achieve the relevant purposes.

We may rely on your consent for data transfers, or adopt contracts and/or other means to ensure that agents, contractors or other third-party data processors processing personal information on our behalf will take all reasonable steps (i) to protect the personal information they hold from unauthorized or accidental access, processing, deletion, loss or use; and (ii) to ensure that personal information is not retained longer than necessary. For one or more of the above purposes, we may transfer your personal information to any agents, contractors or other third-party service providers outside your jurisdiction, these third-party service providers in different countries or regions provide us with administration, telecommunications, computer, payment, debt collection, data processing, data storage, data analysis or other services, as well as other third parties notified at the time of collection.

13. Protection of Personal Information

All personal information you provide to us will be securely stored, and all personal information will be protected through reasonable technical and administrative measures, with access limited to authorized personnel only within the necessary scope. We may use encryption or other industry-standard security measures to protect the security of data during transmission and storage, to protect your data in a secure encrypted format, ensuring its privacy and security, preventing unauthorized access or disclosure, accidental loss, alteration or destruction. In addition, we may prevent any risks to personal information transferred to data processors through obtaining your consent or adopting contractual agreements, etc.: (i) retention beyond the time required for data processing; (ii) unauthorized or accidental access, processing, deletion, loss and use, if we choose to cooperate with data processors.

We will comprehensively apply globally accepted data security standards and relevant data protection laws and regulations in the user's location, in accordance with the specific circumstances of users in different countries and regions, to fulfill corresponding data compliance obligations in accordance with the law and take necessary data security safeguards. For data processors located in the EU or UK (if any), we need to impose mandatory contractual obligations on them in accordance with the requirements of the EU General Data Protection Regulation (GDPR) and the UK General Data Protection Regulation (GDPR).

Although we will make every effort to protect your personal information, we cannot guarantee that data transmitted to this website is completely secure. Once we receive your personal information, we will use strict procedures and security features to prevent unauthorized access, including multi-factor authentication, intrusion detection systems and regular security audits.

If you suspect that your personal information has been misused, lost or accessed without authorization, please inform us immediately, see the "Contact Us" section below for details. We will investigate and take appropriate action.

14. Retention of Personal Information

Unless applicable laws, regulations and ordinances require or permit longer retention periods, we will not retain your personal information longer than necessary to achieve the purposes for which it was collected. The specific retention period will depend on the data type, our legitimate business needs and other legal requirements that may require us to retain data for a minimum period.

We may need to retain certain data for tax filings or to respond to tax inquiries. In other cases, there may be other legal or risk management requirements to retain data, including certain data that may be related to any potential litigation (considering relevant statutes of limitations).

When determining appropriate retention periods for different types of personal information, we will always consider the following factors: the amount, nature and sensitivity of the personal information involved; the potential risks of unauthorized use or disclosure of the personal information; the purposes for which we need to process the data; and whether these purposes can be achieved through other means (of course, in addition to ensuring that we comply with the above legal and risk management obligations).

Once we determine that we no longer need to retain your personal information, we will delete it from our systems or anonymize it.

We will take commercially reasonable measures to ensure the accuracy of your personal information. If we become aware that your personal information is inaccurate, we will not use such data and will notify any third parties that such personal information has been removed.

15. Your Rights

Under applicable data privacy laws, you have the right to request access to your personal information, obtain a copy of your personal information, correct any inaccurate personal information, and delete or stop collecting, processing or using any personal information. You may also request that we inform you of the types of personal information we hold. To access and correct personal information, or to learn about our policies, practices and types of data held, please contact us in writing by mail or email to the details listed in the "Contact Us" section below. We have the right to charge reasonable fees for processing any data access requests in accordance with applicable legal provisions.

In addition, data protection laws applicable in some jurisdictions (such as GDPR and other international regulations) provide multiple protection measures and clearly grant individuals relevant rights in data privacy. Therefore, even if you have provided relevant data to us, you still have multiple rights to such data in accordance with the law.

In addition, the EU and UK GDPR provide multiple protection measures and clarify the rights of EU or UK citizens and individuals in data privacy. This means that when the law applies, even if you have provided data to us, you still retain multiple rights to these data.

Please submit requests through contact@infini.money. We will respond within legal time limits and may charge reasonable fees. If refused, we will explain the reasons. You may complain to regulatory authorities.

16. Notice for California Residents

In addition to the information and rights described in this Privacy Policy, California residents have additional rights and may obtain specific information regarding personal information under the California Consumer Privacy Act (hereinafter or referred to as "CCPA"). If you are a California resident (i.e., a "consumer" as defined by CCPA), the relevant provisions of this Privacy Policy apply to you; if you are not a consumer, this section does not apply to you, please do not rely on its content.

17. Supplemental Disclosures for European Personal Information Involving GDPR

If you are located in a region where GDPR applies or in related circumstances, the European Economic Area ("EEA"), the United Kingdom or Switzerland, you have certain legal rights and protections regarding the processing of personal information, and this section applies to you. Infini's Services are not targeted at individuals in the European Economic Area (EEA), the United Kingdom or Switzerland, nor are they actively directed at the above regions for promotional or business operations. Therefore, unless otherwise provided by applicable laws, Infini has not established a data protection representative in the above jurisdictions in the sense of GDPR.

18. Updates to This Privacy Policy

We will update this Privacy Policy from time to time. When modifications are made to this Privacy Policy, we will indicate the update date at the beginning of the Privacy Policy. If major revisions are made to this Privacy Policy, we will send notifications through your registered email, post notices in prominent positions on the service pages or inform you through other appropriate communication channels. Unless otherwise stated, all changes take effect from the date of publication. We encourage you to periodically review this policy to understand the latest changes.

19. Contact Us

If you have any questions or requests regarding this Privacy Policy or other privacy-related matters, please send an email to contact@infini.money. We will respond to inquiries in a timely manner and process your requests within a reasonable time. If necessary, we may request additional information to verify your identity.