Privacy Policy

How we collect, use, and protect your personal information

Effective Date: November 1, 2025

TGGO (the "Service") is provided by ALAN TURING LABS LLC ("we," "us," or "our"), a California limited liability company located at Irvine, CA, USA.

If you have questions, contact us at TURING@TGGO.US.

This Policy applies to account creation for individual and business users, KYC/KYB workflows, and any interaction with our APIs, websites, and apps.

1. Scope

This Policy applies to: • Account creation for individual and business users (including phone/email verification); • KYC/KYB and compliance workflows; and • Any interaction with our APIs, websites, and apps where this Policy is posted or linked. It does not apply to third-party services you choose to connect to TGGO (e.g., your external wallet apps or exchanges); those are governed by their own policies.

2. Information We Collect

A. You provide directly

• Identifiers & contact: name, email, phone number, country/region, business name and contact person. • Auth & security: passwords, one-time codes, session tokens. • KYC/KYB (where applicable): date of birth, address, government ID numbers, ID photos/liveness checks, corporate registration documents, ownership/control information, sanctions screening results. • Support: messages, attachments, feedback.

B. Automatically from your use

• Device/usage data: IP address, device OS, app version, language, time zone, crash logs, and analytics events (e.g., clicks, screens viewed). • Transaction/activity data: product interactions, API requests, timestamps, and audit logs; where you use on-chain features, public blockchain addresses and transactions recorded on public ledgers.

C. From third parties (as controllers or processors)

• KYC/KYB providers (identity verification, sanctions/PEP screening) • Anti-fraud & security services • Auth & messaging (e.g., SMS/email verification) • Cloud & analytics (hosting, monitoring)

Examples of service providers we may use: Amazon Web Services (including Amazon SES), Google Cloud, and Twilio (for SMS/phone verification). We update vendors from time to time.

3. How We Use Information

We use personal information to: 1. Create and secure accounts; send verification codes and password resets. 2. Provide and improve the Service; personalize experiences and measure performance. 3. Comply with law (KYC/KYB, AML/CFT, sanctions screening, tax/record-keeping, fraud prevention). 4. Communicate with you about service updates, security alerts, and policy changes; send transactional emails/SMS only (no marketing unless you opt in). 5. Protect the Service, our users, and the public (detect, investigate, and prevent security incidents, abuse, and violations of our Terms).

4. Legal Bases (EEA/UK/Switzerland)

Where GDPR or similar laws apply, we process personal data based on: • Contract (to provide the Service you request); • Legal obligation (KYC/KYB, AML/CFT, record retention); • Legitimate interests (security, fraud prevention, improving the Service); and • Consent (where required by law, e.g., certain cookies/analytics or optional features). You may withdraw consent at any time, without affecting prior lawful processing.

5. Sharing & Disclosure

We share personal information with: • Service providers/processors under contracts requiring confidentiality and data-protection (hosting, KYC/KYB, analytics, customer support, communications). • Affiliates for operations consistent with this Policy. • Compliance parties (banks, payment partners, regulators, law enforcement) when required by law or to protect rights. • Business transfers in connection with mergers, financing, acquisitions, or similar transactions. We do not sell personal information and do not share it for cross-context behavioral advertising.

6. Cookies & Similar Technologies

We use necessary cookies and local storage for authentication and security. With consent (where required), we may use analytics cookies to understand usage and improve features. You can control cookies through your browser settings; disabling some cookies may affect functionality.

7. Data Retention

We keep personal information for as long as needed to provide the Service, meet legal/AML record-keeping (often 5–7 years after account closure, depending on jurisdiction), resolve disputes, and enforce agreements. On public blockchains, transaction data may be stored indefinitely by design.

8. Security

We implement organizational and technical safeguards such as encryption in transit, access controls, least-privilege policies, logging, and periodic reviews. No system is 100% secure; you are responsible for using strong passwords, enabling device security, and notifying us promptly of any suspected compromise.

9. International Transfers

We may process and store information in the United States and other countries. When we transfer personal data from the EEA/UK/Switzerland, we rely on appropriate safeguards (e.g., Standard Contractual Clauses and additional measures as needed).

10. Your Rights

California/US (CPRA and similar laws)

You may have the right to know, access, correct, delete, and limit the use of sensitive personal information, and to opt out of the sale or sharing of personal information (we do not sell/share). We will not discriminate against you for exercising these rights.

EEA/UK/Switzerland (GDPR)

You may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests. You may lodge a complaint with your local data-protection authority.

How to exercise rights

Send requests to TURING@TGGO.US with sufficient information to verify your identity. For security, we may require additional verification (e.g., email/phone confirmation or government ID for KYC-linked accounts).

11. Children's Privacy

Our Service is not directed to children under 13 (or under 16 where applicable). We do not knowingly collect personal information from children. If you believe a child has provided information, contact us to delete it.

12. Third-Party Links & Wallets

The Service may link to third-party sites or allow you to connect third-party wallets. Your use of those services is governed by their policies, not ours. Review their privacy practices carefully.

13. Changes to This Policy

We may update this Policy from time to time. We will post the updated version and change the "Effective Date." Material changes will be notified through the Service or by email/SMS where appropriate.

14. Contact Us

ALAN TURING LABS LLC Address: Irvine, CA, USA Email: TURING@TGGO.US

If you are in the EEA/UK/Switzerland and wish to contact our representative or DPO (if appointed), email TURING@TGGO.US.

CPRA Notice at Collection (California)

Categories collected: identifiers (name, email, phone), commercial and usage information, geolocation (approximate IP-based), internet/network activity, sensitive data (government ID, biometrics/liveness, exact identifiers) for KYC/KYB.

Purposes: account creation, security, compliance (AML/KYC), service operations, fraud prevention, debugging, and legal obligations.

Retention: as described in Section 7.

Selling/Sharing: we do not sell or share personal information for cross-context behavioral advertising.

Right to Limit Sensitive PI: we use sensitive PI only for permitted purposes (e.g., to perform services reasonably expected by an average consumer, security, and legal compliance).

This Privacy Policy is provided by ALAN TURING LABS LLC and applies to all users of the TGGO platform and services.