Privacy & Data Protection Policy

Last Updated: January 12, 2026

This Privacy and Data Protection Policy (“Policy”) explains how AurumShield (“we,” “us,” or “our”) collects, uses, retains, and discloses personal, corporate, and biometric information when you access or utilize the AurumShield deterministic gold clearing infrastructure, marketplace, and associated application programming interfaces (collectively, the “Platform”).

Given the institutional financial nature of the Platform, we are subject to strict regulatory frameworks, including but not limited to the Bank Secrecy Act (BSA), FinCEN regulations, the General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA). By accessing the Platform, the institutional entity and its authorized users (“Counterparty,” “you,” or “your”) consent to the rigorous data practices outlined herein.

ARTICLE 1: CATEGORIES OF INFORMATION WE COLLECT

To operate a compliant Delivery versus Payment (DvP) clearinghouse and execute physical commodities settlements, AurumShield collects highly sensitive, granular data:

• 1.1. Corporate & Institutional Identity Data: Legal entity names, Legal Entity Identifiers (LEI), certificates of incorporation, tax identification numbers, physical headquarters addresses, and capitalization table structures.
• 1.2. Ultimate Beneficial Owner (UBO) & Officer Data: Government-issued identification (passports, driver's licenses), residential addresses, dates of birth, and tax IDs for corporate directors, executive officers, and individuals holding a controlling equity interest.
• 1.3. Biometric and Forensic Data: Facial geometry, liveness check video feeds, and cryptographic document forensics utilized during onboarding and re-verification events.
• 1.4. Financial and Transactional Data: Corporate banking details, routing and account numbers, intraday capital margin states, trading histories, settlement ledger logs, and actuarial risk assessments.
• 1.5. Technical, Telemetry, and Security Data: Device fingerprinting, IP addresses, geolocation data, browser metadata, hardware security module (HSM) attestations, and immutable cryptographic audit logs recording all Maker/Checker authorizations.

ARTICLE 2: HOW WE USE YOUR INFORMATION

AurumShield operates on a “strict necessity” basis. We process the collected data exclusively for the following purposes:

• Execution of Core Services: Facilitating atomic settlement, operating the DvP escrow, managing physical logistics corridors, and running the deterministic claims engine.
• Regulatory Compliance: Conducting initial and continuous KYC/AML screening against global sanctions lists (e.g., OFAC, UN), Politically Exposed Persons (PEP) databases, and adverse media watchlists.
• Fraud Prevention & Security: Enforcing role-based access controls (RBAC), detecting synthetic identity fraud through biometric liveness checks, and preventing unauthorized corporate treasury actions.
• System Integrity: Populating our immutable audit ledgers and actuarial risk models to ensure the systemic stability of the clearinghouse.

ARTICLE 3: DATA SHARING AND ENTERPRISE SUB-PROCESSORS

AurumShield does not and will never sell Counterparty data.

We share data strictly with certified enterprise sub-processors required to operate the Platform's infrastructure:

• Identity & Compliance Verification: Data is shared with Veriff and Diro to execute automated biometric liveness checks, forensic document verification, and continuous AML screening.
• Banking & Settlement Routing: Financial data is transmitted via secure APIs to Column Bank (and associated banking partners) to facilitate fiat capital holds, escrow locking, and final settlement routing.
• Physical Logistics: Necessary delivery manifests, containing physical addresses and authorized receiving personnel contact details, are shared with secure transit providers, including Brink's and EasyPost.
• Contract Management: Authorized signatory data is processed via DocuSign CLM for the execution of institutional agreements and Maker/Checker authorizations.
• Law Enforcement & Regulatory Bodies: We will disclose data, without prior notice, to agencies such as FinCEN, the SEC, or international equivalents, to comply with Subpoenas, Suspicious Activity Reports (SARs), or other lawful mandates.

ARTICLE 4: DATA RETENTION AND IMMUTABLE LEDGERS

• 4.1. Regulatory Retention Periods: Due to our status as financial infrastructure, Counterparty and UBO data, transaction histories, and identity verification records are legally required to be retained for a minimum of seven (7) years following the termination of the Counterparty's account.
• 4.2. Immutable Ledger Architecture: Counterparties acknowledge that AurumShield utilizes immutable cryptographic ledgers for transactional and compliance audit trails. Data committed to the clearing ledger or deterministic claims engine cannot be structurally deleted, altered, or modified.

ARTICLE 5: INTERNATIONAL DATA TRANSFERS

As a global clearing network, data may be transferred to, and processed in, the United States and other jurisdictions. For Counterparties operating within the European Economic Area (EEA) or the United Kingdom, AurumShield utilizes Standard Contractual Clauses (SCCs) and rigorous encryption-in-transit (TLS 1.3) and encryption-at-rest (AES-256) to ensure cross-border transfers comply with GDPR adequacy requirements.

ARTICLE 6: YOUR PRIVACY RIGHTS AND LIMITATIONS

Depending on your jurisdiction (e.g., GDPR, CCPA), you may have rights to access, correct, or request the deletion of your personal data.

Crucial Exemption: Because AurumShield is a heavily regulated financial platform, your “Right to Erasure” (Right to be Forgotten) is explicitly superseded by our legal obligations under Anti-Money Laundering (AML) laws, the Bank Secrecy Act, and the technical realities of our immutable audit ledgers. Requests for deletion will only be honored for marketing communications or data not strictly tied to compliance or financial execution.

ARTICLE 7: DATA SECURITY

AurumShield implements institutional-grade security architectures, including but not limited to:

• Mandatory Multi-Factor Authentication (MFA) and Maker/Checker thresholds.
• Cryptographic hashing of sensitive database fields.
• Continuous penetration testing and zero-trust internal network policies.

However, no system is entirely impenetrable. Counterparties are strictly responsible for maintaining the confidentiality of their internal credentials and API keys.