OTC Meme Corp. Privacy Policy
๐ก๏ธ Privacy Policy
โ SEC CATEGORY 1 COMPLIANT | Issuer-Sponsored Tokenized Securities pursuant to SEC Division of Corporation Finance, Division of Investment Management, and Division of Trading and Markets Joint Statement dated January 28, 2026
๐ก๏ธ Our Commitment to Your Privacy
At OTCOTCM MemeProtocol, Corp.Inc., we are serious about protecting your privacy.privacy while maintaining compliance with federal securities laws and Category 1 regulatory requirements. You don't have to take our word for it though - thoughโyou can read below to understand how we treat your Personal Data.Data.
โ
Your Agreement
When you use our Services, we require that you:
Requirement
Description
๐
Acknowledge
Acknowledge and agree to our Privacy Policy
๐ค
Understand
Understand and consent to our Privacy Policy
โ
Accept
Accept that we will collect, use, and share information as outlined below
โ๏ธ
Regulatory Consent
Consent to data collection required for Category 1 compliance, KYC/AML, and accredited investor verification
๐ Related Documents
Remember that your use of our Website and Services are subject to:
- ๐ Our Terms of Use
- ๐ Our Terms of Service (which incorporates this Privacy Policy)
- ๐ Our Risk Disclosure
- ๐ Our Cookie Notice
Note: Capitalized terms in this Policy have the definitions given to them in the Terms of Use and Terms of Service, unless first defined in this Policy.
๐ฏ Why We Have A Privacy Policy (And What It Covers)
๐ก Purpose
Our Privacy Policy helps you understand:
Topic
Description
๐
Collection & Use
Our collection and use of information
โ๏ธ
Your Rights
Your rights regarding your data
๐๏ธ
Regulatory Requirements
How Category 1 compliance affects data handling
๐ก๏ธ Coverage
Our Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services.
โ๏ธ Special Notice: Category 1 Compliance Data
OTCM Protocol operates SEC Category 1 compliant infrastructure for tokenized securities. This requires collection and retention of certain data for regulatory compliance purposes, including:
Data Category
๐Regulatory
DEFINITION:Purpose๐ชช
"Personal Data" Any information relating to an identified or identifiable individual, protected similarly as PersonalKYC Data
Know
orYourpersonallyCustomeridentifiableverificationinformationrequiredunderbyapplicableBank Secrecy Act๐ฐ
Accreditation Data
Accredited investor verification required by SEC Rule 506(c)
๐ซ
OFAC Screening Data
Sanctions compliance required by U.S. Treasury
๐
Transaction Records
Securities transaction records required by federal securities laws
๐ฆ
Custody Records
Records coordination with SEC-registered transfer agent
โ ๏ธ Important: Certain data
protectioncollectionlaws.is mandatory for Category 1 compliance. You cannot use ST22 Tokenized Securities services without providing required KYC and accreditation verification data.
๐ข Third Party Data
If your Personal Data is lawfully given to any company that we don't own or
control,control, or to people we don't directlyoversee,oversee, then their privacy policyapplies,applies, not this Privacy Policy.๐ฆ Key Third-Party Data Sharing (Category 1 Requirements)
Third Party
Data Shared
Purpose
๐ฆ
Empire Stock Transfer
Identity, ownership records
SEC-registered transfer agent for custody and shareholder registry
๐
KYC/AML Providers
Identity verification data
Regulatory compliance verification
๐
Accreditation Verification
Financial qualification data
SEC Rule 506(c) compliance
๐ซ
OFAC Screening Services
Identity data
Sanctions compliance
๐๏ธ
Regulatory Bodies
As required by law
SEC, FinCEN, and other regulatory reporting
๐ Key Areas We'll Cover
Section
Topic
๐ฅ
How we obtain your Personal Data
๐
The types of Personal Data we collect
๐ง
How we use your Personal Data
๐ค
Sharing your Personal Data
โ๏ธ
Your rights with respect to your Personal Data
๐๏ธ
Category
1 regulatory data requirements
๐จ Questions or Concerns?
If any part of this Privacy Policy is unclear or if you believe your Personal Data is being misused, please contact us immediately so we can investigate and remedy the situation.
Contact: privacy@otcm.io
โ๏ธ Blockchain Transparency Notice
Please understand that our Services utilize Solana blockchain smart contract technology
.Informationfor Category 1 compliant tokenized securities trading.๐ What Is Public on
theBlockchainData Type
Visibility
Notes
๐
Wallet Addresses
Public
Visible on Solana blockchain
๐ฐ
isTransaction
oftenHistoryPublic
All ST22 and OTCM token transfers visible
๐
Token Balances
Public
Holdings visible at wallet level
๐ชช
Identity Data
Private
NOT stored on blockchain
๐
KYC/Accreditation
Private
Stored off-chain with compliance providers
โ ๏ธ Privacy Limitation: Blockchain transactions are permanent and public. While we do not
private;publishhowever,yourweidentity on-chain, sophisticated analysis may potentially link wallet addresses to identities. We take reasonable steps toanonymizeprotectthisyourpublicprivacy,informationbutsoblockchainittransparencycannotisbe personally tiedinherent toyoutheor your Personal Data.technology.
๐ฅ Here Is How We Gather Personal Data
Methods๐ฏ Primary Collection
MethodFor our Services,
the main waywe obtain your Personal Dataisthroughdirectlymultiplefromchannels:you!1. ๐ค Directly From You
As a user, you will:
Action
Data Collected
โ
BeAccount
requiredCreationName,
toemail,providecontactPersonalinformation๐ชช
DataKYC
directlyVerificationGovernment
toID,us- address verification, date of birth
๐ฐ
Accreditation Verification
Financial documentation (for ST22 securities)
๐ณ
Payment Information
Payment details for minting fees
๐
MayService
provideUsageAdditional
additional Personal Datadata as you use our Services(as necessary to provide Services and comply with laws)๐ค2. ๐ฆ From ThirdPartyPartiesSources(Category 1 Requirements)From time to time,ThirdParties(companies we don't own/control or people we don't directly oversee) may provide us with PersonalPartyData
about you.ReceivedExamples:Purpose๐ Analytics service providers to help us understand how you use our Services
๐ฆ
Third parties likeEmpire Stock Transfer
Custody confirmations, shareholder records
Category 1 custody verification
๐
KYC Providers
Verification results
Identity confirmation
๐
Accreditation Services
Verification status
SEC Rule 506(c) compliance
๐ซ
OFAC Screening
Sanctions check results
Compliance verification
๐
Analytics Providers
Usage patterns
Service improvement
3. โ๏ธ From Blockchain
Data Type
Collection Method
๐
Wallet Addresses
When you connect wallet to
helpplatform๐ฐ
provideTransaction
ancillaryHistoryPublic
servicesblockchain data๐
Token Holdings
Public blockchain data
๐ช We Automatically Collect Certain Information
๐ Cookie Disclosure
When you use our Services, you will be shown a cookie disclosure with details on:
Information
Description
๐ช
Cookie
What cookies/pixels/tags we use
๐ฏ
Purposes
Purposes for each type
โ๏ธ
Management
How to control cookie preferences
๐ง Tracking Technologies
Our Site may use Cookies or similar methods:
Technology
Purpose
๐ช
// Tracking Technologies Used: ๐ชSession CookiesMaintain login state
๐
PixelAnalytics
tagsCookiesUnderstand
๐usageWebpatterns๐
beaconsSecurity
โจCookiesFraud
Clearprevention๐ฏ
GIFsPreference
๐ปCookiesRemember
JavaScriptyour settings๐ฏ Purpose of Cookies
- ๐ Recognize you (your web browser, phone, etc.)
- ๐ Understand how and when you visit the Site
- ๐ Analyze trends to learn and improve our Services
๐๐SupplementMaintainwithsecurityotherandthird-partypreventinformationfraud- โ๏ธ Support Category 1 compliance monitoring
๐ซ "Do Not Track" Limitations
Browser Setting
Our Response
๐ซ
DNT Signal
We honor DNT signals where technically feasible
โ ๏ธ
IMPORTANT:Limitations
Some
WetrackingarerequiredcurrentlyforunableCategoryto1honorcompliance"Do Not Track" requests. If you ask us not to track, we may notcannot beabledisabledto
fulfill the Services for you.โ๏ธ Cookie Management
Option
Description
๐ง
YouBrowser
can accept/SettingsAccept/reject Cookies through browser settings
๐๏ธ
YouDelete
can deleteCookiesDelete existing Cookies on your device
โ ๏ธ
Functionality Impact
Some functions may not work if you disable Cookies
๐
YourPreference
preferencesResetPreferences may need readjustment when you visit
๐ Learn
MoreMore:About CookiesInterested in learning more? Check outVisit AllAboutCookies.orgtoforfindcomprehensiveโcookiewell โ All About Cookies!information.
๐ This
isIstheThekindKind of Personal Data We Collect๐ค Information
thatThat Identifies You PersonallyStandard Personal Data
Data Type
Purpose
๐
YourFull
fullNameAccount
name- identification, regulatory compliance
๐ฌ
Addresses
Mail,
billingbilling, and email addresses๐
Online
identifiersIdentifiersUsernames,
orwalletusernames- addresses
๐
InternetIP
ProtocolAddressSecurity, geolocation compliance
๐ฑ
Phone Number
Account security, communications
Category 1 Compliance Data (
IP)Requiredaddress- for ST22 Securities)
Data Type
Purpose
Regulatory Basis
๐ชช
Government ID
KYC verification
Bank Secrecy Act
๐
Date of Birth
Identity verification, age compliance
BSA, securities laws
๐
Residential Address
Identity verification, jurisdiction compliance
SEC regulations
๐ฐ
Financial Information
Accredited investor verification
SEC Rule 506(c)
๐
Tax
identificationIdentificationTax
numbersreporting,(usedregulatoryonlycomplianceIRS
torequirements๐ข
identifyEmployment
youInformationAccreditation verification
SEC Rule 501
๐
Net Worth Documentation
Accreditation verification
SEC Rule 501
โ ๏ธ Mandatory Collection: Category 1 compliance requires collection of KYC and
ensureaccreditationproperdata.taxationThisofdataearnedcollectioncompensation)
not optional for ST22 Tokenized Securities services.
๐ Customer and User Records
Information that may include customer and user records identified by applicable law:
Record Type
Contents
๐
PersonalAccount
Records:RecordsRegistration
โขdata,Fullpreferences๐ฐ
nameTransaction
โขRecordsST22
SignatureandโขOTCMTaxationtokennumbertransactions๐ฆ
โขCustody
BankRecordsEmpire
accountStockdetailsTransferโข Digital wallet information โข Credit card numbers โcoordinationโ๏ธ
Note:Compliance
TheseRecordsKYC/AML
mayverification,beaccreditationcontrolledstatus๐ง
byCommunication
localRecordsSupport
lawsrequests,incorrespondenceyour
jurisdiction๐ Internet Activity Information
Data Type
Purpose
๐
InternetBrowsing
browsingHistorySite
andusagesearchanalysishistory- (on our platform only)
๐ป
InformationInteraction
onDataHow
youryouinteractionusewithourwebsitesServices๐
orTrading
applicationsActivityTransaction
patterns for compliance monitoring
๐
Security Events
Login attempts, security alerts
๐ฏ Collection Philosophy
We
try tocollect information that we believe is necessary to:Purpose
Description
๐ฅ๏ธ
Functionality
Make the Site render and work well for you
โก
User Experience
Make your use of Services faster, easier, and more intuitive
๐
Improvement
Improve and expand our Services
โ๏ธ
Compliance
Meet Category 1 regulatory requirements
๐ก๏ธ
Security
Protect against fraud and unauthorized access
โ ๏ธ Without
much ofthis information:โ TheServicessimplywill not bepossible๐ธpossible,ImprovingandtheCategoryServices1willcompliance cannot bedifficult or more costly
๐ง How We Use Your Personal Data
Nearly all Personal Data we collect is used to manage, improve,
understand andunderstand, personalize ourServicesServices, and maintain Category 1 compliance.๐ฏ We Use Personal Data To:
Service Delivery
Service Delivery:UseDescription
โ
Purpose Fulfillment
Accomplish a purpose when you provide Personal Data
for a particular purpose๐ ๏ธ
Service Provision
Provide our Services
to youand respond to your requests๐ฐ
Communication:Transaction ProcessingProcess
- ST22 and OTCM token transactions
๐ฆ
Custody Coordination
Coordinate with Empire Stock Transfer
Category 1 Compliance (Required)
Use
Regulatory Basis
๐ชช
KYC Verification
Bank Secrecy Act, AML requirements
๐ฐ
Accreditation Verification
SEC Rule 506(c)
๐ซ
OFAC Screening
U.S. Treasury sanctions requirements
๐
Transaction Monitoring
Securities law compliance
๐๏ธ
Regulatory Reporting
SEC, FinCEN reporting obligations
๐
Record Keeping
Securities transaction record requirements
Communication
Use
Description
๐ง
Service Communications
Communicate
with youabout Services based on your preferencesโ
Confirmations
Send
confirmationtransactionemailsand promotional offers- confirmations
๐จ
Updates
Email you about your use of the Services
๐จ
Security Alerts
Notify you of security-related events
Support &
Personalization:PersonalizationUse
Description
๐ค
Support
Offer and provide support for the Services
๐จ
Personalization
Personalize the content on our Site
๐
Requests
Fulfill requests and respond to questions
Improvement &
DevelopmentDevelopment:Use
Description
๐ฌ
Better test,ResearchTest, research, analyze and develop the Service
๐
New Features
Offer new Services and make the Site better
Security &
ComplianceCompliance:Use
Description
๐ก๏ธ
Fraud Prevention
Deter and stop illegal, fraudulent, and other damaging actions
๐
Security
Maintain safety, security and integrity of the Site and Services
โ๏ธ
Policy Enforcement
Ensure compliance with obligations and enforce company policies
๐๏ธ
Legal Compliance
Interact with governmental and law enforcement
requestsas required by lawOther
Functions:๐ผPerform other business functionsnoted when we collected your Personal Data๐ Functions as set forth in applicable data privacy laws
๐ New Uses
We may need to use your previously-collected Personal Data for new purposes consistent with our Services and their evolution. When this happens, we will inform you before we start (except where required by law or Category 1 compliance).
๐ง Communication Preferences
Don't want to receive marketing communications from us?
Method
Instructions
๐ฑ
Email Opt-Out
Use the opt-out link provided in emails
๐ง
Contact Us
Email your preference to:
privacy@otcm.ioinfo@otc.meme
operations.โ ๏ธREQUIREDNote:COMMUNICATIONS: Some communicationsYou cannotbe optedopt out ofwhiletransactionalyouorusecompliance-relatedourcommunicationsServices: โข Corporate action noticesrequired foryourCategorymeme1token investments โข Tax reporting for compensation from token sales
๐ค How We Share Your Personal Data
๐ฐ Not for Monetary Gain
We are NOT in the business of sharing your Personal Data for monetary gain.
We do need to perform and improve our
Services,Services and maintain Category 1 compliance, which requires sharing your Personal Data with:
๐๏ธ Regulatory and Compliance Sharing (Required)
Recipient
Data Shared
Purpose
๐ฆ
Empire Stock Transfer
Identity, ownership records
SEC-registered transfer agent custody
๐๏ธ
SEC
As required by law
Securities law compliance
๐ต
FinCEN
SAR/CTR filings as required
Bank Secrecy Act compliance
๐ซ
OFAC
Screening data
Sanctions compliance
๐ฎ
Law Enforcement
As required by law
Legal obligations
โ ๏ธ Mandatory Sharing: Category 1 compliance requires sharing certain data with regulatory bodies and Empire Stock Transfer. This sharing is not optional.
๐ข Service Providers
Provider Type
Purpose
๐ณ
Payment
processorsProcessorsProcess payments for minting fees
๐ก๏ธ
Security
providersProvidersMaintain platform security
๐ป
Technology/Hosting
Infrastructure services
๐
Analytics
providersProvidersUsage analysis
๐
KYC/AML Providers
Identity verification
๐ฐ
Accreditation Verification
SEC Rule 506(c) compliance
๐ Compliance & Security
Recipient
Purpose
๐
Auditors
and others that help us maintainMaintain compliance and security
๐จ
ThoseSecurity
detectingServicesDetect security issues and fraud
๐ก๏ธ
ThoseFraud
protectingPreventionProtect against illegal or improper activity
๐ฌ Research & Development
Recipient
Purpose
๐งช
ThoseInternal
undertakinginternal researchResearchfor technologicalTechnological development
๐
ThoseDebug
thatdebugServicesand help repairRepair errors on the Site or Services
๐ฅThose that need Personal Datashort-termto build consumer profiles (with additional consent when required)
๐ Customer Service
Recipient
Purpose
๐ค
Customer
careCareCustomer
providers- support services
๐ฆ
Order
processing orProcessingTransaction fulfillment
services๐ขAdvertising and marketingservices
๐๏ธ Legal Requirements๐๏ธGovernment, law enforcement, or administrative bodiesthat require information as mandated by law or regulations
๐ Public & Transaction Information
Others may access your Personal Data if you:
Action
Consequence
๐ข
Post
informationPubliclyInformation
publicly- becomes public
๐ฐ
Complete
transactionsTransactionsTransaction
initiateddataorrecordedauthorizedonbyblockchainyou- (public)
๐ค
Access
third-partyThirdbusiness partnersPartiesthrough our ServicesWhen this happens:โ ๏ธ Blockchain Transparency: ST22 and OTCM token transactions are recorded on the
useSolanaofblockchainthatandinformation,are publicly visible. While your identity is notours.directly published, wallet addresses and transaction history are public.
๐ข Corporate Changes
While we hope this never happens, yourYour Personal Data may beacquiredtransferred through:Event
Handling
๐ค
CorporateMerger/Acquisition
Data
acquisitiontransfers(merger)- to acquiring entity
๐
Bankruptcy
Data may be transferred as asset
๐ฐ
Asset Sale
Data may be included in sale
We will notify you of any such transfer and your options.
๐ก๏ธ Data Security and Retention
๐ Security Measures
We employ
a number ofsafeguards designed to protect Personal Data:Safeguard Type
Examples
๐ง
Technical
Encryption,
safeguards- access controls, monitoring
๐ข
Organizational
Employee
safeguards- training, access policies
๐๏ธ
Physical
Secure
safeguardsfacilities,device security
โ ๏ธ Security Disclaimer
๐จIMPORTANTNOLIMITATION:SYSTEMSecurityISrisk100%isSECUREinherentDespiteinourallsecurityinternetmeasures, we cannot guarantee absolute security. You are responsible for: โข Maintaining security of your wallet andinformationprivatetechnologies.keysWEโขCANNOTUsingGUARANTEEstrong,THEuniqueSECURITYpasswordsOFโขYOURProtectingPERSONALyourINFORMATION.devices from unauthorized access โข Reporting any suspected security breaches immediately
๐ Data Retention
Category 1 Compliance Retention Requirements
Data Type
Retention Period
Regulatory Basis
๐ชช
KYC Records
5 years after account closure
Bank Secrecy Act
๐ฐ
Transaction Records
7 years
Securities laws, IRS requirements
๐
Accreditation Records
5 years
SEC Rule 506(c)
๐ซ
OFAC Screening
5 years
Treasury requirements
๐ง
Communications
3 years
Business records
โ ๏ธ Regulatory Retention: We are required by law to retain certain records for specified periods. Deletion requests cannot override regulatory retention requirements.
๐ Personal Data Use/Storage
๐บ๏ธ Global Processing
Your Personal Data may be used,
hostedhosted, or otherwise processed outside of your home jurisdiction in jurisdiction(s) that may not provide equivalent levels of protection, including the United States.Processing Location
Safeguards
๐บ๐ธ
United States
.Primary processing location
๐
โOther
REQUIREDJurisdictionsStandard
CONSENT:contractualYouclausesmustwhereconsent to this use and storage in order to use our Services.applicable
๐ถ Personal Data of Children
๐ซ Age Restrictions
Requirement
Description
โ
No Minors
We do not offer our Services to children
๐ซ
No Collection
We do not knowingly collect
or solicitchildrenanyone under 18โโ๏ธIFAccredited
YOUInvestorsST22
AREsecuritiesUNDERrequire18accreditedYEARSinvestorOFstatusAGE:(adultsPleaseonly)do NOT attempt to register for or use the Services or send us any Personal Data๐๏ธ Data Deletion Policy
If we discover Personal Data from a child under 18:
Action
Timeline
๐จ
Deletion
We will delete it as quickly as possible
๐ง
Contact
If you believe a child under 18 has given us Personal Data, contact us at
info@otc.meme
โ๏ธ Privacy Rights In Certain Jurisdictions
๐๏ธ Consumer Data Protection Laws
Certain jurisdictions have enacted laws to protect and empower consumers with respect to their data and Personal Data.
๐๐บ๐ธLocation-BasedCaliforniaRightsResidents (CCPA/CPRA)California residents have specific rights:
Right
Description
๐
Right to Know
Request disclosure of Personal Data collected
๐๏ธ
Right to Delete
Request deletion of Personal Data (subject to exceptions)
๐ซ
Right to Opt-Out
Opt-out of sale/sharing of Personal Data
โ๏ธ
Right to Correct
Request correction of inaccurate Personal Data
โ๏ธ
Non-Discrimination
Not be discriminated against for exercising rights
โ ๏ธ Limitations: Category 1 regulatory retention requirements may limit deletion rights.
๐ Other Jurisdictions
You may have additional rights
regarding Personal Data we collect and usebased on your residency.
jurisdiction-specific๐ContactEvolvingprivacy@otcm.ioLegalforLandscapeThis area of law is evolving. To learn what laws your state has enacted (or is considering), check resources like theUnited Nations Conference on Trade and Development.information.
๐ Changes to this Privacy Policy
๐ Updates May Occur
From time to time, we may need to change how we use your Personal Data due to:
Reason
Description
โ๏ธ
Legal Changes
Applicable laws
- and regulations
๐๏ธ
Regulatory Updates
Category 1 compliance requirements
๐
Service Evolution
Better performance of our Services
๐ข Notification Process
If changes happen, we will:
Action
Method
๐
Update Policy
Update this Privacy Policy
๐จ
Alert
you and other visitorsYouby:๐ Placing a
Place notice on the Site
๐งSendingand/oransend email๐ฑ๐
AnotherEffective
expedientDateClearly
methodindicatewhen changes take effect
โ Continued Use = Agreement
โ ๏ธ IMPORTANT: If you visit the Site or use our Services after changes have been posted, you agree to the changes.๐ Effective DateWe use Personal Data according to the Privacy Policy effective at the time that information is
collected.collected. Continued use after policy updates constitutes acceptance.
๐ Contact Information
๐ค Questions or Comments?
If you have any questions or comments about:
Topic
Contact
๐
Your Personal Data
privacy@otcm.io
๐ก๏ธ
Your
privacy- Privacy
privacy@otcm.io
๐
Our Privacy Policy
privacy@otcm.io
โ๏ธ
Your
rightsRightsprivacy@otcm.io
๐๏ธ
Category 1 Compliance
compliance@otcm.io
PleaseMailingcontactAddress:usOTCMat:Protocol, Inc. Attn: Privacy Officer [Address] Wyoming, United States
๐ Document Information
Field
Value
Document Version
3.0
info@otc.meme๐Effective Date
January 2026
๐
Jurisdiction
Wyoming, United States
โ๏ธ
Governing Law
Wyoming State Law and Federal Law
๐๏ธ
Regulatory Framework
SEC Category 1 (Issuer-Sponsored Tokenized Securities)
๐ก๏ธ Your Privacy Matters
-โ We're committed to protecting your personal information while maintaining Category 1 compliance and providing you with the best possible service experience.
ยฉ 2026 OTCM Protocol, Inc. | All Rights ReservedST22 Tokenized Securities are securities under federal securities laws. Category 1 compliance requires collection and retention of certain personal data as described in this Privacy Policy.