Skip to main content

DOCUMENT RETENTION POLICY V8

DOCUMENT RETENTION POLICY

VERSION 8.0  |  MARCH 2026

 

GROOVY COMPANY, INC. DBA OTCM PROTOCOL

Wyoming Corporation  |  CIK: 1499275  |  OTC: GROO  |  12 Daniel Rd East, Fairfield, NJ 07004

 

SEC Category 1 Model B  |  Release No. 33-11412  |  BOARD APPROVED  |  CONFIDENTIAL

 

Field

Value

Field

Value

Document ID

OTCM-POL-DRP-001

Version

1.8.0 (supersedes V1.0)

Effective Date

January 30,March 2026

Classification

CONFIDENTIAL

Approved By

Board of Directors

Legal Entity

Groovy Company, Inc. dba OTCM Protocol

Governing Law

Federal Securities Law, Wyoming Business Corporation Act, and New Jersey State Law


 

πŸ“‹ TABLE OF CONTENTS

  1. Article I: Purpose and Scope
  2. Article II: Definitions
  3. Article III: Document Retention Schedule
  4. Article IV: Blockchain and Digital Asset Records
  5. Article V: Electronic Records Management
  6. Article VI: Litigation Hold Procedures
  7. Article VII: Document Destruction
  8. Article VIII: Responsibilities
  9. Article IX: Compliance and Enforcement
  10. Article X: Administration

🎯 ARTICLE I: PURPOSE AND SCOPE

Section 1.1 β€” Purpose

This Document Retention Policy (the "Policy"β€œPolicy”) establishes standards and procedures for the retention, preservation, and destruction of Company records. The Policy is designed to:

🎯 Objective

Description

βš–οΈ

Legal Compliance

Ensureensures compliance with legal and regulatory retentionrequirements, requirements

πŸ›‘οΈ

Litigation Protection

Protectprotects the Company in actuallitigation, or potential litigation

πŸ“Š

Business Continuity

Supportsupports business operationsoperations, protects sensitive information, manages storage costs, and historical reference

πŸ”

Data Security

Protect sensitive and confidential information

πŸ’Ύ

Storage Efficiency

Manage storage costs and information overload

πŸ”—

Blockchain Integrity

Preserve immutablepreserves blockchain records appropriatelyappropriately.

 

Section 1.2 β€” Regulatory Framework

This Policy is adopted pursuant to and in compliance with:Regulation

βš–οΈ Regulation

Retention Impact

Securities Exchange Act of 1934

Broker-dealer and transfer agent records

SEC Rules 17a-3, 17a-4

Books and records requirements

SEC Rules 17Ad-6, 17Ad-7

Transfer agent recordkeeping (Empire Stock Transfer)

Sarbanes-Oxley Act

Audit workpapers, financial records

IRS Code Section 6001

Tax records

ERISA

Employee benefit records

Wyoming Business Corporation Act

Corporate records

SECRelease JanuaryNo. 2026 Guidance33-11412

TokenizedCategory securities5 Digital Securities records (March 17, 2026, binding)

Bank Secrecy Act

KYC/KYW/AML/OFAC records (5-year minimum)

 

Section 1.3 β€” Scope

This Policy applies to all records created, received, or maintained by the Company, including:

including

πŸ“paper Recorddocuments, Type

Examples

πŸ“„electronic

Paperfiles, Documents

Contracts,blockchain certificates,records correspondence

πŸ’»

Electronic Files

Emails, spreadsheets, databases, presentations

πŸ”—

Blockchain Records

Smart(smart contracts, transaction logs, wallet data

πŸŽ₯

Media

Audio,on video,Solana), photographs

πŸ’¬media,

Communications

Instantcommunications, messages, text messages, voicemails

☁️

Cloud Data

SaaS applications,and cloud storagedata.


 

πŸ“– ARTICLEArticle II: DEFINITIONSDefinitions

Section 2.1

β€œRecord” β€” Key Definitions

πŸ“„ "Record"

Anyany information, regardless of physical form or characteristics,form, created, received, or maintained by the Company in the conduct of its business,Company, including documents, data, and blockchain entries.

πŸ”— "

β€œBlockchain Record"

Record”

Anyβ€” any data stored on athe distributedSolana ledger,blockchain, including smart contract code, transaction hashes,signatures, wallet addresses, token transfers, and metadata associated with ST22 SecurityDigital TokensSecurities or OTCM Utility Tokens.

βš–οΈ "

β€œLitigation Hold"

Hold”

Aβ€” a directive to preserve all documents and records potentially relevant to pending, threatened, or reasonably anticipated litigation, government investigation, or audit.

πŸ“ "

β€œRecord Custodian"

Custodian”

Theβ€” the department or individual responsible for maintaining and managing specific categories of records.

πŸ—‘οΈ

β€œDestruction” "Destruction"

β€”

Thethe permanent elimination of records through shredding, incineration, secure deletion, or other means that renderrendering the record unreadable and unrecoverable.

πŸ’Ύ

β€œPermanent "ActiveRecord” Record"

β€”

Aa record currently in use or referenced frequently for business operations.

πŸ“¦ "Inactive Record"

A record no longer needed for daily operations but retained for legal, regulatory, or historical purposes.

πŸ”’ "Permanent Record"

A record that must be retained indefinitely due to legal requirements, historical significance, or ongoing business value.


 

πŸ“… ARTICLEArticle III: DOCUMENTDocument RETENTIONRetention SCHEDULESchedule

Section 3.1 β€” Corporate Records

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ›οΈ

Retention

Notes

Articles of Incorporation

Permanent

Including all amendments

Bylaws

πŸ“œ Permanent

Bylaws

Permanent

Including all amendments

Board / Committee Minutes

πŸ“‹ Permanent

Board Minutes

Permanent

All board and committee meetings

πŸ—³οΈ

Shareholder Meeting Minutes

Permanent

Annual and special meetings

πŸ“Š

Stock Ledger

Permanent

All ownership records

Board/Committee Resolutions

πŸ“„ Permanent

All formal resolutions including Common B authorizations

StockDBA CertificatesFilings

Permanent

Issued and cancelled

🏷️ Permanent

OTCM Protocol assumed name certificates

Assumed Name Certificates

Permanent

DBA filings

πŸ“

Annual Reports to State

Permanent

All jurisdictions

βœ… (Wyoming, NJ)

Board/Committee Resolutions

Permanent

All formal resolutions

πŸ“‹

Shareholder Consents

Permanent

Written consents in lieu of meeting

Section 3.2 β€” Financial Records

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“Š

Retention

Notes

Annual Financial Statements

Permanent

Audited statements

πŸ“ˆ

Quarterly Financial Statements

7 years

Internal and external

πŸ“’

General Ledger

Permanent

All entries

AP/AR Records

πŸ’³

Accounts Payable Records

7 years

Invoices, paymentpayments, recordscollections

Bank Statements / Reconciliations

πŸ’°

Accounts Receivable Records

7 years

Invoices, collection records

🏦All accounts including stablecoin wallets

BankAudit StatementsReports / Workpapers

Permanent / 7 years

All accounts

βœ…Reports

Bankpermanent; Reconciliations

workpapers 7 years

Monthly reconciliations

🧾per SOX

Expense Reports

7 years

Employee reimbursements

πŸ“‹

Budgets

5 years

Annual budgets

πŸ”

Audit Reports

Permanent

Internal and external

πŸ“Š

Audit Workpapers

7 years

Per SOX requirements

Section 3.3 β€” Tax Records

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“‹

Retention

Notes

Income Tax Returns

Permanent

Federal and state

πŸ“Š

Tax Workpapers

7 years

Supporting documentation

πŸ’°

Payroll Tax Returns / W-2s

7 years

All filings

🧾 and wage statements

Sales Tax Returns

7 years

All jurisdictions

πŸ“„

1099 Forms Issued

7 years

Information returns

πŸ“

W-2 Forms

7 years

Employee wage statements

🏒

Property Tax Records/ Tax Exemptions

Permanent

Assessments and payments

πŸ“‹ Permanent

TaxAssessments, Exemption Documents

Permanent

Certificates andcertificates, rulings

 

Section 3.4 β€” Employment Records

termination

termination

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ‘€

EmployeeRetention

Notes

Personnel Files

7 years after termination

General employment records

πŸ“‹

I-9 Forms

3 years after hire or 1 year after termination (longer)

Immigration verification

πŸ’°

Payroll Records

7 years

Wages, deductions, hours

πŸ₯

Benefits Records

7 years after plan termination

ERISA requirement

Background Checks

πŸ“Š

Performance Reviews

5 years

after

Evaluations

⚠️Per FCRA

DisciplinaryOSHA Records

7 years after termination

Warnings, actions

πŸ†

Training Records

5 years

after

Certifications, completions

πŸ“

Employment Applications

3 years

Hired and not hired

πŸ”’

Background Check Records

5 years

Per FCRA

πŸ“‹

OSHA Records

5 years

Injury/illness logs

 

Section 3.5 β€” Contracts and Legal

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“œ

Retention

Notes

Executed Contracts

10 years after expiration

All material contracts

🏒

Real Estate Documents

Permanent

Deeds, leases, mortgages

πŸ“‹

Intellectual Property

Permanent

Patents, trademarks, copyrights

βš–οΈcopyrights, IP assignments

Litigation Files

10 years after finalresolution

resolution

All legal matters

NDAs / Confidentiality

πŸ“

Settlement Agreements

Permanent

All settlements

πŸ”’

NDAs/Confidentiality Agreements

10 years after expiration

Non-disclosure agreements

πŸ“„Global NDA and all issuer NDAs

Insurance Policies / Claims

Permanent

All policies

πŸ’³Permanent / 10 years

InsurancePolicies Claims

permanent; claims 10 years after settlement

Claims and correspondence

πŸ“‹

Licenses and Permits

Permanent

Current and expired

βš–οΈ

Legal Opinions

Permanent

OutsideAll counselLegal Counsel opinions

 

Section 3.6 β€” Securities and Regulatory Records

πŸ“ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“Š

Retention

Notes

SEC Filings (10-K, 10-Q, 8-K)

Permanent

All forms filed

πŸ“‹ with SEC EDGAR

Form D Filings

Permanent

Reg D exemption notices

πŸ“œ

Private Placement Memoranda

Permanent

Offering documents

βœ… Permanent

PPM V8 and all prior versions

Subscription Agreements

Permanent

InvestorAll investor subscriptions

πŸ‘€

Accredited Investor Verification

7 years

Documentation of status

πŸ“ŠEmpire Stock Transfer verification documentation

Cap Table Records

Permanent

All ownership records

πŸ“‹ including Common B register

Investor Communications

7 years

Reports, notices

πŸ”’

Insider Trading Records

7 years

Pre-clearance, blackout

πŸ“„blackout, wallet registrations

Related Party Transaction Records

7 years

Approvals, documentation

πŸ“Šdocumentation, questionnaires

Section 16 Filings

Permanent

Forms 3, 4, 5

SEC Crypto Task Force Correspondence

Permanent

All regulatory engagement materials

No-Action Letter Materials

Permanent

Consolidated no-action letter and all drafts


 

πŸ”— ARTICLEArticle IV: BLOCKCHAINBlockchain ANDand DIGITALDigital ASSETAsset RECORDSRecords

Section 4.1 β€” Immutable Blockchain Records

⚠️ IMPORTANT: Blockchain records are inherently immutable and cannot be deleted. This Policy addresses the retention of related off-chain records and metadata.

 

Section 4.1 β€” Immutable Blockchain Records

πŸ”— Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“œ

Retention

Notes

Smart Contract Source Code

Permanent

All deployed Transfer Hook and CEDEX contracts

πŸ”

Smart Contract Audits

Permanent

SecurityQuantstamp, auditHalborn, Certora formal verification reports

πŸ“Š

Deployment Records

Permanent

Transaction hashes,signatures, program addresses

πŸ”§ on Solana

Contract Upgrade History

Permanent

All Transfer Hook and CEDEX modifications

 

Section 4.2 β€” ST22 SecurityDigital TokenSecurities Records

πŸ”— Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

🏦

Retention

Notes

Custody Agreements

Permanent

Empire Stock Transfer tripartite agreements

πŸ“„

Common B / Series MS Share CertificatesDocumentation

Permanent

Underlying equity documentation

πŸ“Š Permanent

Certificates of Designation, board resolutions, CUSIP assignments

Token Minting Records

Permanent

Issuance documentation

πŸ”—documentation, Ledger Enterprise logs

Transfer Hook Configurations

Permanent

SecurityAll 42 control settings

πŸ“‹ and parameter changes

ReserveCustody Oracle Data

7 years

Daily balance verifications

πŸ‘€Ed25519 attestation logs (~400ms frequency)

Token Holder Registry

Permanent

Off-chain holder information

πŸ“Š linked to Empire MSF

Transaction Logs

7 years

Off-chain transaction records and analytics

 

Section 4.3 β€” OTCM Utility Token Records

Period

πŸ”— Record Type

πŸ“…Retention

Retention

Notes

πŸ“‹STO Notes/ Offering Documents

πŸ“œ Permanent

TokenAll Sale Documents

Permanent

ICO/offering materials

βœ…

SAFT/Token Purchase Agreements

Permanent

TokenSAFT purchaseand subscription agreements

πŸ“Š

Token Distribution Records

Permanent

All distributions

πŸ”’ and allocations

Vesting Schedules

7 years after full vesting

Locked token records

πŸ’°

Staking Records

7 years

Staking activity and reward logs

 

Section 4.4 β€” Wallet and Key Management

πŸ” Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ’³

Retention

Notes

Company Wallet Addresses

Permanent

AllOTCM Protocol Solana Treasury, Staking Pool, all controlled wallets

πŸ”‘

Key Generation / Ceremony Records

Permanent

KeyLedger Enterprise key ceremony documentation

πŸ‘₯

Multi-Sig Configurations

Permanent

Signer3-of-5 and 5-of-9 signer requirements

πŸ“‹ and changes

Wallet Access Logs

7 years

Access and transaction logs

πŸ”„

Key Rotation Records

7 years

Key changes and reasonsjustifications

 

Section 4.5 β€” Platform Operations

πŸ”— Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“‹

Retention

Notes

Issuer Onboarding Records

Permanent

All issuer documentation

πŸ“ŠKYB documentation, board resolutions, Certificates

CEDEX Trading Volume Data

7 years

Historical platform data

πŸ’§

Global Unified CEDEX Liquidity Pool Records

7 years

Pool configurations, balancesbalances, LP token burn records

CPMM Parameters

πŸ“ˆ Permanent

Historical bonding curve and AMM configurations

Bonding Curve Parameters

Permanent

Historical configurations

πŸ”§

Platform Incident Reports

7 years

Security incidents, outages

πŸ“Šoutages, Transfer Hook failures

API Access Logs

3 years

Third-party integrations

Section 4.6 β€” Transfer Agent Records (Empire Stock Transfer)

Per SEC Rules 17Ad-6 and 17Ad-7:

πŸ“‹ Record Type

πŸ“… Retention Period

πŸ“‹

 Notes

πŸ“Š

Retention

Notes

Master Securityholder File

Permanent

DLT-based records

πŸ”„ under UCC Article 8

Transfer Journals

6 years

All transfers

❌ including on-chain ST22 transfers

Cancelled Certificates

6 years

Physical and digital

πŸ“‹

Stop Transfer Orders

6 years

Stop orders and releases

Holder Correspondence

πŸ“

Written Communications

6 years

Holder correspondence

πŸ“ŠWritten communications with securityholders

Reconciliation Records

6 years

Daily on-chain vs. off-chain reconciliations

 

Section 4.7 β€” Compliance Records

Record Type

Retention

Notes

KYC/KYB/KYW Records

5 years after account closure

Bank Secrecy Act β€” Empire Stock Transfer onboarding

AML Transaction Monitoring

5 years

Chainalysis KYT + TRM Labs screening logs

SAR/CTR Filings

5 years from filing

BSA requirement β€” confidential

OFAC Screening Records

5 years

Three-layer screening results and match resolution

Accreditation Verification

7 years

Reg D / Reg S verification documentation via Empire


 

πŸ’» ARTICLEArticle V: ELECTRONICElectronic RECORDSRecords MANAGEMENTManagement

Section 5.1 β€” Email Retention

πŸ“§ Email

 Category

πŸ“… Retention Period

πŸ“‹ Notes

πŸ’Ό

Category

Retention

Notes

Business Critical

Per subject matter schedule

Contracts, legal, financialfinancial, regulatory

Operational

πŸ“‹

Operational

3 years

Day-to-day business communications

Transitory

πŸ—‘οΈ

Transitory

1 year

Scheduling, routine inquiries

⚠️

Litigation Hold

Until hold released

All related emails

πŸ“§ Email Best Practices:

βœ… Practice

Description

πŸ“

Filing

File business-criticalAll emails towithin appropriatehold folders

🏷️ scope

Categorization 

Use consistent subject lines and categories

πŸ”—

Attachments

Save important attachments separately

🚫

Personal

Do not use company email for personal matters

Section 5.2 β€” Instant Messaging and Collaboration Tools

πŸ’¬ Platform

πŸ“…

 Retention Period

πŸ“‹ Notes

πŸ’Ό

Platform

Retention

Notes

Slack/Teams (Business)

3 years

Business channels

πŸ“Š

Project Channels

Life of project + 3 years

Project-specific

πŸ”’

Confidential Channels

7 years

Legal, HR, FinanceFinance, Compliance

Business SMS/Text

πŸ“±

Text Messages (Business)

3 years

Business-related SMStext messages

 

Section 5.3 β€” Cloud StorageDatabase and SaaSBackup Records

Period

☁️Type

System

Retention

πŸ“…Notes

Retention

User Account Data

πŸ“‹ Notes

πŸ“

Google Drive/OneDrive

Per document type

Apply document schedules

πŸ“Š

CRM Data

7 years after relationshipclosure

ends

Customer/issuer records

πŸ’°

Accounting Software

7 years

Financial data

πŸ‘€

HR Systems

Per employment record schedule

Personnel data

πŸ”§

Development Tools

Life of product + 5 years

Code repositories, tickets

Section 5.4 β€” Database Records

πŸ’Ύ Database Type

πŸ“… Retention Period

πŸ“‹ Notes

πŸ‘€

User Account Data

7 years after account closure

Platform user records

πŸ“Š

Transaction History

7 years

All CEDEX platform transactions

πŸ“ˆ

Analytics Data

5 years

Aggregated platform data

πŸ“‹

Security/Audit Logs

7 years

SystemAuthentication, authorization, system access

logs

Daily Backups

πŸ”30 days rolling

Rolling daily

SecurityMonthly LogsBackups

24 months rolling

Rolling monthly

Annual Backups

7 years

Authentication, authorization

Section 5.5 β€” Backup and Disaster Recovery

πŸ’Ύ Backup Type

πŸ“… Retention Period

πŸ“‹ Notes

πŸ“…

Daily Backups

30 days

Rolling daily

πŸ“†

Weekly Backups

12 weeks

Rolling weekly

πŸ“Š

Monthly Backups

24 months

Rolling monthly

πŸ“

Annual Backups

7 years

Year-end snapshots

πŸ”—

Blockchain Node Data

Permanent

Full Solana node archives


 

βš–οΈ ARTICLEArticle VI: LITIGATIONLitigation HOLDHold PROCEDURESProcedures

Section 6.1 β€” Triggering Events

A Litigation Hold must be implemented whenupon: anylawsuit offiled the(immediate), followingdemand occurs:

letter

🚨received Trigger(immediate), Event

Actiongovernment Required

βš–οΈinvestigation

Lawsuit Filed

Immediate hold on all related records

πŸ“‹

Demand Letter Received

Immediate hold pending evaluation

πŸ”

Government Investigation

Immediate hold on all related records

⚠️

Anticipated Litigation

Hold when litigation(immediate), reasonably anticipated

πŸ“Š

Regulatorylitigation, Inquiry

Holdregulatory oninquiry all(SEC, requestedCFTC, categories

πŸ”’FinCEN,

InternalOFAC), Investigation

Holdor internal investigation as directed by Legal Counsel.

 

Section 6.2 β€” Litigation Hold Process

βš‘β€’       Step

Action

Responsible Party

1️⃣

Identify1: Legal Counsel identifies triggering event

β€’       Step 2: Legal Department

2️⃣

DefineCounsel defines scope of hold

β€’       Step 3: Legal Department

3️⃣

IdentifyCounsel + CTO identify custodians and systems

β€’       Step 4: Legal +Counsel IT

4️⃣

Issueissues written hold notice

Legalβ€’       Department

5️⃣

SuspendStep 5: All custodians suspend destruction of affected records

Allβ€’       Custodians

6️⃣

CollectStep 6: CTO + custodians collect and preserve relevant records

ITβ€’       +Step Custodians

7️⃣

Document7: Legal Counsel documents preservation efforts

β€’       Step 8: Legal Department

8️⃣

MonitorCounsel monitors compliance with hold

β€’       Step 9: Legal Department

9️⃣

ReleaseCounsel releases hold when appropriate

Legal Department

Section 6.3 β€” Litigation Hold Notice Requirements

All Litigation Hold notices must include:

πŸ“‹ Element

Description

πŸ“…

Date

Date hold is effective

πŸ“‹

Matter

Generaldate, description ofgeneral matter (ifdescription, appropriate)

πŸ“

Scope

Categoriescategories of records subject to hold

⏱️hold,

Time Period

Relevantrelevant date range

🚫range,

Prohibition

Clearclear prohibition on destruction

πŸ‘€

Contact

Person todestruction, contact withperson questions

βœ…for

Acknowledgment

Requirementquestions, and requirement to acknowledge receiptreceipt.

 

Section 6.4 β€” Blockchain Records and Litigation Holds

πŸ”— Record Type

Hold Procedure

πŸ“ŠOn-chain

On-Chaindata Data

Nois actionimmutable neededand (immutable)

πŸ“‹requires

Off-Chainno Metadata

action. Standard hold procedures apply

πŸ’³

Walletto Accessoff-chain Logs

Preservemetadata, allwallet access records

πŸ”§logs,

Smartsmart Contractcontract Modifications

Documentmodification records, and preserve

πŸ“Šplatform

Platformanalytics. Analytics

Export and preserve relevant CEDEX data as needed.

 

Section 6.5 β€” Consequences of Non-Compliance

🚨 Consequence

Description

βš–οΈ

SpoliationNon-compliance Sanctions

Court-imposedwith penaltieslitigation for destruction

πŸ“Š

Adverse Inference

Juryholds may assumeresult destroyedin: evidencecourt-imposed wasspoliation harmful

πŸ’°sanctions,

Monetaryadverse Sanctions

Finesinference instructions, monetary sanctions and cost-shifting

πŸ‘€shifting,

Personalpersonal Liability

Individual responsibilityliability for destruction

πŸšͺindividuals

Termination

Employmentwho destroy records, and employment termination for intentional destructiondestruction.


 

πŸ—‘οΈ ARTICLEArticle VII: DOCUMENTDocument DESTRUCTIONDestruction

Section 7.1 β€” Conditions for Destruction Authorization

Records may only be destroyed when:

βœ… Condition

Requirement

πŸ“…

Retention Period Expired

Minimumminimum retention period has passed

βš–οΈexpired,

No Litigation Hold

Nono active or anticipated litigation hold

πŸ”

Noexists, Audit

Nono pending audit requiringrequires records

βœ…the

Approvalrecords, Obtained

Requiredrequired approvals received

πŸ“‹have

Documented

Destructionbeen obtained, and destruction is properly documenteddocumented.

 

Section 7.2 β€” Destruction Methods

Method

πŸ“ Record Type

πŸ—‘οΈMethod

Destruction

Confidential Paper

πŸ“„

Paper Documents (Confidential)

Cross-cut shredding or incineration

Non-Confidential Paper

πŸ“„

Paper Documents (Non-Confidential)

Recycling acceptable

πŸ’Ύ

Electronic Media

Secure wiping (DoD 5220.22-M or NIST 800-88 equivalent)

Hard Drives / SSDs

πŸ’Ώ

Hard Drives/SSDs

Degaussing and physical destruction

☁️

Cloud Data

Certified deletion with written confirmation

πŸ”— from provider

Blockchain Data

CannotCANNOT be destroyed (β€” document off-chain only)records only

 

Section 7.3 β€” DestructionDocumentation Documentationand Annual Cycle

All destruction must be documented with:

with

πŸ“‹date, Field

Description

πŸ“…

Date

Datedescription of destruction

πŸ“records,

Recordsdate Destroyed

Descriptionrange, method, authorizing person, performing person/vendor, and certificate of records

πŸ“†

Date Range

Dates covered by records

πŸ—‘οΈ

Method

Destruction method used

πŸ‘€

Authorized By

Person authorizing destruction

πŸ‘€

Performed By

Person/vendor performing destruction

πŸ“„

Certificate

Certificate of destruction (if vendor)

Section 7.4 β€”destruction. Annual Destructioncycle: Cycle

January

πŸ“… Month

Activity

January

Identify records(identify eligible forrecords), destruction

February

Verify (verify no litigationholds/audits), holdsMarch or(obtain audits

March

Obtainapprovals), requiredApril approvals

April

Execute(execute destruction

destruction), May

Document (document and file certificatescertificates).

Section

 7.5

β€” Destruction Prohibitions

🚫 NEVER destroy records:

  • Subjectrecords subject to a Litigation Hold
  • RequestedHold, requested by regulators or auditors
  • Beforeauditors, before retention period has expired
  • Withoutexpired, without proper authorization
  • Thatauthorization, or that may be relevant to anticipated litigation
litigation.


 

πŸ‘₯ ARTICLEArticle VIII: RESPONSIBILITIESResponsibilities

Section8.1β€” 8.3GeneralCustodians)

Role

Key Responsibilities

Board of Directors

πŸ“‹ Responsibility

Description

βœ…

Approval

Approve this Policy and material amendments

πŸ‘οΈamendments;

Oversight

Overseeoversee compliancecompliance; with retention requirements

πŸ“Š

Review

Reviewreview annual compliancereport

report

CEO

Section

 8.2 β€” Chief Executive Officer

πŸ“‹ Responsibility

Description

🎯Set

Tonetone at Top

Settop; expectationsallocate forresources; compliance

πŸ’°

Resources

Allocate resources for implementation

πŸ“‹

Accountability

Holdhold departments accountable

Section

β€” Chief

Legal OfficerCounsel

/		 Counsel

πŸ“‹ Responsibility

Description

βš–οΈ

Litigation Holds

Implement and manage litigation holds

πŸ“‹holds;

Legal Guidance

Adviseadvise on retentionretention; requirements

πŸ”

Compliance

Monitor compliance withmonitor legal requirementscompliance; recommend updates

CTO

πŸ“Š

Updates

Recommend Policy updates

Section 8.4 β€” Chief Financial Officer

πŸ“‹ Responsibility

Description

πŸ’°

Financial Records

Ensure retention of financial records

πŸ”

Audit Support

Support audit record requirements

πŸ“Š

Tax Records

Ensure retention of tax records

Section 8.5 β€” Chief Technology Officer

πŸ“‹ Responsibility

Description

πŸ”—

Blockchain Records

Oversee blockchain record retention

πŸ’Ύretention;

Systems

Implementimplement technical retentioncontrols; controls

πŸ”manage

Security

Ensurebackups; ensure secure storage and destruction

πŸ’Ύ

Backups

Manage backup retention schedules

Section 8.6 β€” Compliance Officer

πŸ“‹ Responsibility

Description

πŸ“‹

Administration

Day-to-day Policyadministration; administration

πŸŽ“conduct training; monitor compliance; prepare reports

Training

Conduct retention training

πŸ”

Monitoring

Monitor compliance

πŸ“Š

Reporting

Prepare compliance reports

Section 8.7 β€” Department Heads

(Record

πŸ“‹ Responsibility

Description

πŸ“

Department Records

Ensure proper retention ofwithin departmentdepartments; records

πŸ‘₯train staff; authorize destruction; implement holds

Staff Training

Train staff on retention requirements

πŸ—‘οΈ

Destruction

Authorize department record destruction

βš–οΈ

Litigation Holds

Implement holds within department

Section 8.8 β€” All Employees

πŸ“‹ Responsibility

Description

πŸ“

Compliance

Comply with thisPolicy; Policy

πŸŽ“complete

Training

Completetraining; required training

βš–οΈ

Holds

Complycomply with litigation holds

🚨holds;

Reporting

Reportreport potential violations

 

⚠️ ARTICLEArticle IX: COMPLIANCECompliance ANDand ENFORCEMENTEnforcement

Section 9.1 β€” Training

πŸŽ“ Training

 Type

Frequency

Audience

πŸ“‹

Type

Frequency

Audience

Initial Training

Upon hire

All employees

πŸ”„

Annual Refresher

Annually

All employees

Blockchain-Specific

πŸ”—

Blockchain-Specific

Upon assignment

Technical staff

βš–οΈstaff, CTO team

Litigation Hold

As needed

Affected custodians

πŸ‘”

Management Training

Annually

Department heads

Section 9.2 β€” Auditing

πŸ” Audit Type

Frequency

Scope

πŸ“‹

Frequency

Scope

Compliance Audit

Annually

Policy compliance

πŸ’Ύ across all departments

Systems Audit

Annually

Technical controls

πŸ”—controls, backup integrity

Blockchain Audit

Quarterly

On-chain/chain / off-chain alignment

πŸ—‘οΈalignment, Transfer Hook logs

Destruction Audit

Annually

Destruction practices and documentation

 

Section 9.3 β€” Violations

Violations of this Policy may result in:

in

🚨verbal Consequence

Description

⚠️warning

Verbal(minor/first-time), Warning

Minorwritten orwarning first-time(repeated/serious), violations

πŸ“termination

Written Warning

Repeated or more serious violations

πŸšͺ

Termination

Intentional(intentional destruction or serious violations

βš–οΈviolations),

Legalpersonal Liability

Personallegal liability for spoliation

πŸ’°spoliation,

Regulatoryor Penalties

Finesregulatory penalties for regulatorynon-compliance.

non-compliance

 

Section 9.4 β€” Reporting Violations

πŸ“‹ Reporting Channel

Contact

πŸ“§Report

violations to: Compliance Officer

compliance@otcmprotocol.com

πŸ“ž

(compliance@otcm.io), Ethics Hotline

[To be(ethics@otcm.io), established]

πŸ‘”direct

Directsupervisor, Supervisor

Departmentor management

βš–οΈ

Legal Department

legal@otcmprotocol.com

Counsel

πŸ›‘οΈ No Retaliation:(frank@otcm.io). The Company prohibits retaliation against anyone who reports a good faith concern about Policy compliance.concern.


 

πŸ›οΈ ARTICLEArticle X: ADMINISTRATIONAdministration

Section 10.1 β€” Policy Owner

practices.

πŸ“‹Administrative Duty

Description

πŸ“Šchanges

Maintenance

Keeping Policy current

πŸ”

Interpretation

Providing authoritative interpretation

πŸ“‹

Amendments

Recommending amendments

πŸ“Š

Reporting

Reporting to Board on compliance

Section 10.2 β€” Annual Review

This Policy shallmay be reviewed annuallyapproved by the Legal DepartmentCounsel; andretention updatedschedule aschanges necessaryrequire to reflect:

πŸ”„ Review Area

Consideration

βš–οΈ

Legal Changes

New laws and regulations

πŸ”—

Technology Changes

New systems and platforms

πŸ’Ό

Business Changes

New business activities

πŸ“Š

Audit Findings

Issues identified in audits

πŸ†

Best Practices

Industry developments

Section 10.3 β€” Amendment Procedures

πŸ’° Amendment Type

Approval Required

πŸ“‹

Administrative

Chief Legal Officer

πŸ“…

Retention Schedule Changes

CEO + CLOLegal Counsel; material policy changes require Board approval.

 

πŸ›οΈQuestions:

Material Policy Changes

Board of Directors

Section 10.4 β€” Questions

πŸ“§ Contact: compliance@otcmprotocol.com

Questions regarding this Policycompliance@otcm.io or specific retention requirements should be directed to the Compliance Officer or Legal Department.frank@otcm.io.


 

✍️Acknowledgment ACKNOWLEDGMENTand AND CERTIFICATIONCertification

 

I acknowledge that I have received and read the Groovy Company, Inc. dba OTCM Protocol, Inc.Protocol Document Retention Policy. I understand its contents and agree to comply with all of its terms and conditions.

 

I understand that I am responsible for retaining records in accordance with this Policy and the applicable retention schedules.

I agree to comply with any Litigation Hold notices I receive and understand that failure to preserve records subject to a hold may result in serious consequences for the Company and for me personally.

I understand

thatintentionaldestruction

Field

 

Signature

_________________________________

Date

_________________________________

Printed Name

_________________________________

Title / Position

_________________________________

Department

_________________________________

 

 

Document Information

Field

Value

Document ID

OTCM-POL-DRP-001

Version

8.0

Effective Date

March 2026

Legal Entity

Groovy Company, Inc. dba OTCM Protocol

Entity Type

Wyoming Corporation

Governing Law

Federal Securities Law, Wyoming Business Corporation Act, and New Jersey State Law

Approved By

Board of records in violation of this Policy or a Litigation Hold may result in disciplinary action, up to and including termination, and may expose me to personal legal liability.Directors

Field

Value

Signature

_________________________________

Date

_________________________________

Printed Name

_________________________________

Title/Position

_________________________________

Department

_________________________________

 

πŸ“Ž APPENDIX A: QUICK REFERENCE RETENTION SCHEDULE

🏒 Corporate

Record

Retention

Articles/Bylaws

Permanent

Board Minutes

Permanent

Stock Records

Permanent

Annual Reports

Permanent

πŸ’° Financial

Record

Retention

Financial Statements

Permanent

General Ledger

Permanent

AP/AR Records

7 years

Bank Statements

7 years

πŸ“‹ Tax

Record

Retention

Tax Returns

Permanent

Supporting Docs

7 years

πŸ‘€ Employment

Record

Retention

Personnel Files

7 years after termination

Payroll

7 years

I-9 Forms

3 years or 1 year after term

Record

Retention

Contracts

10 years after expiration

Litigation Files

10 years after resolution

IP Records

Permanent

πŸ”— Blockchain

Record

Retention

Smart Contracts

Permanent

Custody Agreements

Permanent

Token Records

Permanent

Transaction Logs

7 years

OTCM Protocol, Inc. A Wyoming Digital Asset Corporation

πŸ“œΒ© 2026 Groovy Company, Inc. dba OTCM Protocol  SEC| Category 1All Issuer-SponsoredRights TokenizedReserved Securities Infrastructure|  CONFIDENTIAL

Document ID: OTCM-POL-DRP-001 | Version 1.0 | Effective: January 30, 2026

Back to top