Page 1 | Introduction and Scope of Application

This Privacy Policy is formulated and is effective by CoinSageAI Inc. (registered at 250 Broadway, New York, NY 10007, USA) and aims to explain how the company collects, uses, stores, protects, and shares your personal information. This policy applies to all individual or institutional users who access or use the CoinSageAI website, applications, APIs, and other related products and services.

By accessing or continuing to use this website, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree to any part of this policy, please immediately cease using the service.

CoinSageAI strictly complies with US federal laws, New York State privacy regulations, and international standards such as GDPR and CCPA, and continuously maintains data security and compliance in its operations. If this policy is updated, the revised version will take effect immediately through a website announcement.

Page 2 | Scope of Information Collection

To provide high-quality, secure, and reliable trading and analysis services, CoinSageAI will collect the following information categories on a legal, legitimate, and necessary basis:

Account Registration Information: Name, email address, mobile phone number, nationality, identity verification documents (passport or ID card), and verification image.

Transaction and Asset Information: Including deposit, withdrawal, order records, digital asset balance, and earnings logs.

Device and Network Data: Such as IP address, browser type, device model, system version, language settings, access time, and cookie identifiers.

Behavioral and Operational Data: Interaction records, click paths, dwell time, API call frequency, and error logs.

Compliance Review Data: KYC materials, Anti-Money Laundering (AML) screening information, and risk classification reports.

All data collection follows the principle of minimization, limited to only what is necessary to complete the service.

Page 3 | Purpose of Information Use

CoinSageAI will only use user information for explicit and legitimate business and security purposes, including:
Completing registration, login, and account maintenance;
Executing transactions, fund settlement, and account reconciliation;
Identifying identity, preventing fraud, and monitoring risk control;
Improving algorithm models, system performance, and user experience;
Providing customer support, risk warnings, and product update information;
Conducting statistical analysis and market research to optimize functionality;
Fulfilling legal, tax, or regulatory obligations;
Using it for personalized recommendations or service improvements with the user’s consent.

CoinSageAI promises not to sell, rent, or disclose user data in any form without authorization. All data access is subject to strict access control and encryption protection.

Page 4 | Information Sharing and Third-Party Processing

CoinSageAI understands the importance of privacy protection and will not provide user data to any unrelated parties unless legally necessary. We may share data with third parties in the following situations:
Partner Institutions: Including payment service providers, identity verification platforms, cloud servers, and hosting institutions, solely for the purpose of achieving specific functions.

Compliance Disclosure: Providing necessary data when required by court orders, regulatory requirements, or legitimate requests from law enforcement agencies. Business Transfer: In the event of mergers, acquisitions, restructuring, or asset transactions, user information may be transferred along with the business, but will continue to be protected by this policy.

User Authorization: Data sharing is conducted with explicit permission.

All partners must sign a Non-Disclosure Agreement (NDA) and comply with the same data security and privacy protection standards.

Page 5 | User Rights and Data Control

CoinSageAI respects and protects each user’s data autonomy. You have the following rights under the law:

Right of Access: To access your personal data held by us;

Right of Correction: To correct errors or outdated information;

Right of Erasure: To delete personal data without affecting compliance obligations;

Right of Restricted Processing: To request the suspension or restriction of the use of certain types of data;

Right of Data Portability: To request the export or transfer of personal data to other institutions;

Right of Withdrawal of Consent: To revoke previously authorized processing permission at any time.

All requests can be submitted via email to [email protected], and we will process them within 30 days after identity verification. CoinSageAI will retain necessary data to fulfill compliance obligations in accordance with legal requirements.

Page 6 | Cookies and Tracking Technology

To improve user experience and website performance, CoinSageAI uses cookies, pixel tags, and local storage technology to identify accessing devices, record login status, analyze traffic sources, and detect potential risks.

Cookies do not contain sensitive information and are used only for statistical and security analysis. Users can refuse or delete cookies in their browser settings, but some functions (such as login persistence and transaction verification) may be limited as a result.

CoinSageAI does not conduct cross-site tracking or sell any browsing data. All collected information is stored in an anonymized and encrypted form, complying with the ISO/IEC 27018 cloud privacy standard.

Page 7 | Data Security and Storage Period

CoinSageAI implements a multi-layered security system to protect data from leakage, tampering, or misuse:

Encryption Technology: AES-256 and TLS 1.3 protocols ensure secure data transmission and storage;

Access Restriction: Only authorized employees can access internal systems with multi-factor authentication;

Security Monitoring: 24/7 intrusion detection and log tracking;

Regular Audits: Penetration testing and compliance reviews conducted by an independent security firm.

Unless legally required to be retained for a longer period, personal data is typically retained for 5 years after account termination. Expired data will be permanently deleted through cryptographic erasure and physical destruction to ensure irrecoverability.

Page 8 | International Data Transfer

As CoinSageAI has servers and partner institutions in multiple locations worldwide, user data may be transferred and stored between the United States and other regions.

We strictly adhere to Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework (DPF) to ensure secure, legal, and controllable cross-border transfers.

All overseas partners are bound by this policy and are subject to oversight by a Data Protection Officer (DPO). CoinSageAI will implement encrypted transmission, minimized access, and compliant filing measures to ensure that privacy protection is not compromised during cross-border processing.

Page 9 | Compliance and Regulatory Disclosure

CoinSageAI complies with, but is not limited to, GDPR, CCPA, FinCEN anti-money laundering regulations, OFAC sanctions regulations, and the New York Department of Financial Services (NYDFS) cybersecurity standards.

The company has a Data Protection and Compliance Committee that regularly reviews privacy policy implementation, data access logs, and third-party security audits.

Under regulatory or judicial requirements, we will only disclose information necessary to comply with legal procedures and maintain a complete disclosure log.

CoinSageAI is committed to conducting continuous annual compliance assessments and validating privacy standards through external law firms to ensure that its data governance system is aligned with international norms.

Page 10 | Terms Updates and Official Communication Channels

CoinSageAI reserves the right to revise this Privacy Policy based on changes in law, technology, or business. Any updates will be posted prominently on the website, indicating the latest effective date. Significant changes (such as changes in the use of information or expansion of the scope of sharing) will be communicated to users in advance via email.

If you have any questions or complaints regarding our Privacy Policy, data security, or the exercise of your rights, please contact:
Email: [email protected]
Address: 250 Broadway, New York, NY 10007 USA

We will respond within 15 business days.

This Privacy Policy is governed by and construed in accordance with the laws of the State of New York. In the event of any dispute, the parties agree to submit it to a court of competent jurisdiction in the State of New York for resolution. CoinSageAI is committed to continuously protecting user privacy in accordance with the principles of legality, fairness, and transparency.