Privacy Policy and Data Protection – Token Tact

Version 4.0 – Last updated: April 23, 2026

Article 1: Identification of the Data Controller

This privacy policy defines the strict data processing protocols maintained by Token Tact ("the Platform", "we", "us"), headquartered at Schweigaards gate 15B, 0191 Oslo, Norway. We act as the data controller in accordance with the Norwegian Personal Data Act and the EU General Data Protection Regulation (GDPR). To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO) who can be contacted at: [email protected].

Article 2: Categories of Personal Data Processed

To provide institutional-grade technical services for digital assets, we collect the following data in accordance with the principle of data minimization:

Identity Data: Full name, date of birth, nationality, and official identification required for mandatory KYC (Know Your Customer) and AML (Anti-Money Laundering) checks.

Contact Information: Verified email address, active mobile number, and official residential address.

Cryptographic Telemetry: Information on source of funds, blockchain transaction history, wallet addresses, and risk profiles linked to our analytical interfaces.

Digital Footprint: IP addresses, device specifications, geographical location data, and granular logs of interaction with our systems.

Article 3: Legal Basis for Processing

The processing of your data is based on the following legal grounds:

Contractual Performance: Necessary for managing your account and delivering our technological services.

Legal Obligations: Compliance with Norwegian law, including the Anti-Money Laundering Act and directives from the Financial Supervisory Authority regarding virtual assets.

Legitimate Interests: Necessary for proactive cybersecurity, fraud prevention, and technical optimization of the platform.

Consent: For sending market analyses and using optional cookies.

Article 4: Data Security and Sovereignty

Token Tact employs enterprise-grade security architecture:

Encryption: All sensitive data is stored with AES-256 encryption and transmitted via TLS 1.3.

Hosting: Data is stored exclusively on high-security servers within the EEA, guaranteeing full protection under European data sovereignty regulations.

Article 5: Your Rights

You have the right to access your data, rectification, erasure, restriction of processing, and data portability. Inquiries should be sent to [email protected]. You also have the right to lodge a complaint with the Norwegian Data Protection Authority.