Privacy Policy

This Privacy Policy explains how ExcaliburHQ B.V. ("Company", "we", "us", or "our") collects, uses, stores, and protects personal data when you access or use the ForestLaunch platform (the "Platform").

We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and applicable Dutch data protection laws.

Because ForestLaunch is a non-custodial software platform, we collect limited personal data.

• Legitimate interest (Art. 6(1)(f) GDPR): platform security, fraud prevention, geographic/VAT determination, abuse detection
• Legal obligation (Art. 6(1)(c) GDPR): compliance with tax and sanctions laws
• Contractual necessity (Art. 6(1)(b) GDPR): providing Platform services

The Platform determines user location using IP-based systems and related technical measures. We process IP addresses and associated metadata to determine VAT treatment, enforce sanctions restrictions, and prevent circumvention via VPNs or proxies.

Users may not override or manually modify geographic classification. Attempts to bypass geographic detection may result in restricted access.

We retain personal data only as long as necessary for security and fraud prevention, legal compliance, and tax and accounting requirements. Retention periods may vary depending on the nature of the data and legal obligations.

We do not sell personal data. We may share data with:

• Hosting providers
• Security service providers
• Blockchain analytics providers (where applicable)
• Legal or regulatory authorities when required

All service providers are required to maintain appropriate data protection safeguards.

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions.

• Encryption where appropriate
• Access controls
• Logging and monitoring
• Security auditing

No system can guarantee absolute security.

• Access your personal data
• Rectify inaccurate data
• Request erasure (where applicable)
• Restrict processing
• Object to processing based on legitimate interest
• Data portability (where applicable)
• Lodge a complaint with a supervisory authority

Requests may be submitted to management@forestlaunch.com.

Blockchain transactions are public and immutable. We cannot modify, delete, or control data recorded on public blockchains. Users acknowledge that blockchain interactions are inherently public.

The Platform may use essential cookies and technical tools necessary for functionality and security. Where non-essential cookies are used (e.g., analytics), consent mechanisms may apply in accordance with EU law.

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors.

We may update this Privacy Policy from time to time. The latest version will always be available on the Platform. Continued use constitutes acceptance of the updated Policy.