STORE Privacy Policy for Users and Investors

STORE privacy policy for the private placement offering memorandum

1. POLICY APPLICATION

The following agreement (“Privacy Policy”) is between STORE (as defined below) and users participating in the Identify Verification Process required to comply with STORE’s private placement of electronic forward contracts for issue of tokens upon their initial release (“Token Sale”) as described in our Private Placement Offering Memorandum.

A. STORE and associated entities

The policies in this statement apply to STORE Research, Inc., Footprint Labs Inc., their subsidiaries and affiliates (collectively, “STORE”). This policy and any updates to the policy in the future shall also include all current and future subsidiaries or affiliates of STORE (including, but not limited to STORE Research, Inc., the STORE Foundation, Footprint Labs Inc., and any Footprint Labs subsidiaries around the world.).

These entities may include both for-profit and non-profit organizations. This privacy policy applies to users of this website, storecloud.org and its associated domains and subdomains (the “Site”).
‍
STORE may assign or transfer this Privacy Policy, as well as information covered by this Policy, in the event of a merger, sale, change in control, or reorganization of all or part of our business.

B. Users

Users include individuals submitting personally identifiable information as part of the Identity Verification Process per the terms of the Token Sale.

2. PURPOSE OF DATA COLLECTION

STORE’s mission is to expand commerce and trade by eliminating transaction fees in payments. Through governance, the p2p protocol can evolve to power compute for smart contracts, to zero-fee transactions in the cash register, and beyond. The data STORE collects as part of its Identify Verification Process is required to comply with a wide range of national laws and regulations regarding the issuance of securities and prevention of money laundering.
‍
Users that submit data to STORE as part of this process trust us to protect and secure that information. This Privacy Policy explains what data STORE collects, how we store that data, and how we share that data.

This Privacy Policy is limited to the data collected as part of the Identify Verification Process necessary to participate in the Token Sale. It does not include information collected on STORE’s website, which is covered by a separate policy, or data collected through other mechanisms for purposes not directly related to materials submitted in order to participate in the Token Sale.This Privacy Policy is limited to the data collected as part of the Identify Verification Process necessary to participate in the Token Sale. It does not include information collected on STORE’s website, which is covered by a separate policy, or data collected through other mechanisms for purposes not directly related to materials submitted in order to participate in the Token Sale.

A. Notification of changes

STORE reserves the right to update this Privacy Policy at our discretion. Any changes we believe will materially impact the privacy of user data will be published online noting the effective date of any changes and, should it be necessary, to obtain consent for those changes. To be sure that you are up to date, please check the STORE website periodically, or you can be notified by email if you sign up for our general newsletter on the Storecloud.org website.

3. THE INFORMATION COLLECTED

In order to comply with different national laws and regulations to execute the Token Sale, STORE must conduct an identity verification check. An identity verification check requires individuals to provide personally identifiable information. This information includes biographical information, images of government-issued identifications (e.g. a passport) and, comparing that information with information provided by appropriate government agencies.The entire process involves three entities: STORE, Persona, and government authorities.

A. Data Collection

STORE collects three pieces of information from users in order to complete the form located at storecloud.org/kyc: First Name, Last Name, and email address. Users submit this data via STORE’s website, where we may use third-party service providers to manage the data. STORE also embeds a third-party widget in our website. This widget operates as a form to collect the data used for the purposes of the Identity Verification Process. The third-party vendor that collects and stores the data submitted in this form is Persona (https://withpersona.com/). Navigate here to read Persona’s privacy policy: https://withpersona.com/legal/privacy-policy

The data collected by Persona includes personally identifiable information, images uploaded by the user (e.g. a picture of their passport), and data collected from other third parties (e.g. government authorities). This data is stored on Persona’s servers and falls under Persona’s Privacy Policy. STORE does not collect, store, or manage this data.

Because Persona is responsible for the collection and storage of the materials used for the Identify Verification Process, we encourage users to read the Persona privacy policy if they have any questions.

Similarly, data provided by government entities is outside of STORE’s domain. Because Persona manages data collected from third-party government authorities, we encourage users to read the Persona privacy policy for additional information regarding the use of data provided by government authorities.

B. Data sharing

STORE may share information with other third parties contracted to perform tasks on our behalf for the purpose of the Identity Verification Process. Persona, for example, is a contracted third party. Where legally possible, STORE takes steps to protect the information shared with third parties by including privacy and security safeguards in contracts on the recipients of the information.

Third party service providers
STORE may also share information with external parties, in addition to Persona, that are performing tasks on our behalf (including our affiliates), and with other companies, organizations, government bodies, and individuals outside of STORE where we have a legitimate legal reason for so doing. For example, if additional information is required as part of the identity verification process.

Government Data Requests
Where required by applicable law, STORE may be legally obligated to disclose a user's information to a government authority. This might include when STORE is required to disclose personal information to respond to court orders, legal process, or subpoenas; or, to establish or exercise our legal rights or defend against legal claims. Any request STORE might receive by government authorities must strictly adhere to the due process of United States law and be subject to judicial oversight.

Other Data Sharing
STORE values transparency. As part of those values, we strive to disclose as many possible use cases where STORE reserves the right to share data. A non-exclusive list of ways that we reserve the right under this Privacy Policy to share data includes:

-Within entities associated and affiliated with STORE; defined for the purposes of this Privacy Policy as STORE Research, Inc., the STORE Foundation, Footprint Labs Inc., and any Footprint Labs subsidiaries around the world, both today and in the future;

-In the event of a merger, sale, change in control, or reorganization of all or part of STORE’s business;

-If STORE determines there is a good-faith belief that sharing is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Token Sale terms or applicable laws or regulations, or as otherwise required to comply with our legal obligations;

-As users may consent to in the future.

C. Third-Party Data Protection

STORE ensures that all third-party service providers, including Persona and other identity verification partners:
- Implement industry-standard encryption and security measures for all personal data
- Process personal data only for specified verification purposes
- Delete data after the completion of verification or regulatory retention periods
- Are contractually bound by strict confidentiality and data protection obligations
- Undergo regular security audits and compliance assessments

Users should note that while third parties may have access to personal data for verification purposes, this access is:
- Limited to what is necessary for verification
- Subject to strict contractual controls
- Monitored and audited regularly
- Terminated once verification is complete

4. YOUR DATA

Please contact STORE if you would like to access a copy of your information we maintain, or to have your information deleted, at privacy@storecloud.org.
‍
Please be aware that STORE only stores First Name, Last Name, and email address. Requests to manage other data, such as images and personally identifiable information collected as part of the Identify Verification Process are maintained by Persona, and all requests regarding that data must go directly to Persona.

Children’s Personal Information
We do not knowingly request collection of personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, STORE will not allow participation in the Token Sale.

California Privacy Rights
If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your personal information with third parties for the third parties' direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information: (a) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.

European, UK, Swiss Data Protection Rights
If the processing of Personal Data about you is subject to European Union, United Kingdom, and/or Swiss data protection laws, you have certain rights with respect to that data:

-You can request access to, and rectification or erasure of, Personal Data;

-If any automated processing of Personal Data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the Personal Data in a usable and portable format;

-If the processing of Personal Data is based on your consent, you can withdraw consent at any time for future processing;

-You can object to, or obtain a restriction of, the processing of Personal Data under certain circumstances; and

-For residents of France, you can send us specific instructions regarding the use of Personal Data after your death.

To make such requests, please contact us as described in the Contact STORE section below. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

We rely on different lawful bases for collecting and processing Personal Data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing privacy@storecloud.org.

5. COOKIES AND OTHER TRACKING MECHANISMS

We use cookies, web beacons, mobile analytics and advertising IDs, and similar technologies to operate our websites and online services and to help collect data, including usage data, identifiers, and device information.

6. DATA RETENTION POLICY

We retain Personal Data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and our legal or contractual obligations.

7. SECURITY MEASURES

We are committed to maintaining the confidentiality, integrity and security of information about our users, and we endeavor to take reasonable steps (including physical, electronic and procedural measures) to protect any data or other information collected via the Site or in providing our services. Please note, however, that we cannot guarantee that the data or information collected may not be accessed, disclosed, altered or destroyed by breach of one or more of our safety measures. No Internet, electronic transmission or electronic storage of information is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us. Please keep these risks in mind when disclosing personal data to us.

8. ENGLISH LANGUAGE CONTROLS

This policy is only in in English. For a non-English translation, please contact STORE using the contact information below. Please be aware that any non-English translation of this Policy is provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.

9. CONTACT STORE

If you would like more information about how STORE collects and uses information, please contact STORE at operations@storecloud.org, or send a letter by post to:

Attention: Privacy
STORE RESEARCH, INC.
440 N BARRANCA AVE #9117
COVINA, CA 91723

Within entities associated and affiliated with STORE; defined for the purposes of this Privacy Policy as STORE Labs, Inc., the STORE Foundation, Footprint Labs Inc., and any Footprint Labs subsidiaries around the world, both today and in the future;