Privacy Policy

Version date: 26 January 2026 (Effective as of: 26 January 2026)

Introduction

This Privacy Policy (the “Policy”) explains how Tetris DAO LLC (the “Company,” “we,” “us,” or “our”) collects, uses, stores, and protects personal data when you use the user-facing web interface at tetris.money and related interfaces (the “Interface” or the “Service”).

This Policy also describes your rights and choices regarding your personal information.

This Policy forms part of the Terms of Use for the RUBT Token and the Tetris Protocol (version dated 23 January 2026). By using the Service, you agree to the collection and use of information in accordance with this Policy. If you do not agree with how we process your data, please do not use the Service.

We may update this Policy from time to time. When we make changes, we publish an updated version and update the “Version date.” Material changes may also be brought to your attention by other means (for example, a notice on the website or by email, where appropriate). Your continued use of the Service after changes means you accept the updated Policy.

Terms

Capitalized terms have the meaning given in the Terms of Use and the Whitepaper of Tetris DAO LLC, unless expressly defined in this Policy. For the purposes of this Policy:

• Company means Tetris DAO LLC (the Issuer).

• Interface (Service) means the user-facing web interface at tetris.money and related interfaces.

• Execution Platform, DIS Platform, Settlement Agent, RUBT, Tetris Protocol, Managed Wallet have the meanings set out in the Terms of Use and the Whitepaper.

1. What information we process

1.1 Blockchain and wallet information

When you interact with the Interface, we may process your public blockchain wallet address and related on-chain transaction information. This is necessary to operate the Service (for example, to read balances, display data, and initiate actions at your request). All transactions you perform through the Interface are recorded on public blockchains. Such data may include wallet addresses, token types, amounts, and transaction timestamps.

Please note: public blockchain data is, by nature, publicly accessible. We do not link your blockchain address to your real-world identity in our systems; however, other parties may do so (for example, if you publicly disclose your address or if you use an Execution Platform where you have completed identification).

1.2 Managed Wallets and technical synchronization

If you use integrations with Execution Platforms, the Managed Wallet mechanism and synchronization of “Execution Platform accounting ↔ on-chain balance” (the “mirror” principle) may apply. In such cases, we may process public identifiers of addresses/transactions and technical metadata about your interaction with the Interface to ensure the integration functions correctly. The Company does not obtain access to your private keys and does not control User assets.

1.3 User communications

If you contact us (for example, by email or through support channels), we process the information you provide (for example, name, email address (if applicable), message content, and attachments). We use this information to respond to you and improve the Service.

1.4 Interaction with an AI chatbot

If you use an AI chatbot or similar features within the Interface, we may process the content of your prompts and the chatbot’s responses to generate replies and (where applicable) to improve quality. We do not ask you to provide personal or confidential information in the chatbot and recommend that you refrain from sharing such information.

1.5 Technical data (logs)

We may automatically collect technical information about your device and connection, including IP address, browser type and version, language settings, device information, timestamps, pages/features you interacted with, error reports, performance metrics, and other log data. This helps us maintain the security and stability of the Service.

2. How we use your data

We use the information we process for the following purposes:

2.1 Providing the Service

We process your public wallet address and on-chain data to provide core Interface functionality (for example, displaying balances and operation statuses and preparing transactions at your request). Without such data, the Service cannot function properly.

2.2 Improving the Service and analytics

We analyze usage data (including on-chain interactions, logs, and cookies) to understand how users use the Interface, identify issues, improve user experience, and optimize performance. We aim to use aggregated metrics and do not use data for advertising targeting within the Interface.

2.3 Security and abuse prevention

Technical data (for example, IP address, device information, anomalous usage patterns) may be used to maintain Service security and to detect and prevent fraudulent, unauthorized, or unlawful activity.

2.4 Communications and support

If you contact support or submit requests, we use the information you provide to respond, resolve issues, and maintain records of requests.

2.5 Compliance with law (with clarification of KYC/AML roles)

The Company does not perform KYC/AML within the Interface. Identification, customer checks, and compliance procedures (KYC/AML) related to admission to operations within the perimeter of Execution Platforms / DIS Platforms are performed by the relevant Execution Platforms in accordance with their rules and applicable law.

The Company may process data to the extent necessary to comply with applicable legal obligations, ensure security, and respond to lawful requests from competent authorities. In particular, where legally required, the Company may use available technical data (for example, logs) to detect and stop abuse or to comply with legal requirements, to the extent permitted by applicable law.

2.6 Enforcing the Terms and policies

We may use data to investigate and enforce compliance with the Terms of Use and other Company policies (for example, where misuse of the Interface is detected).

3. Cookies and automatically collected data

3.1 Cookies and tracking technologies

The Interface may use cookies and similar technologies to improve user experience and collect usage statistics. Cookies help remember preferences and understand how you use the website (for example, theme selection, dismissing notifications).

We may use both session cookies (deleted when you close your browser) and persistent cookies (stored on your device for a set period or until deleted). We may also use web beacons/pixel tags to measure effectiveness of communications and website functionality.

Data collected via cookies may include: browser and OS type, IP address and approximate location (based on IP), date/time of visit, pages visited, feature interactions, performance metrics, and errors.

3.2 Analytics (for example, Google Analytics)

We may use third-party analytics services (for example, Google Analytics) to collect and analyze information about website usage. These services may set cookies and collect information under their own policies. We use results in aggregated form to improve the Service.

3.3 Managing cookies

You can manage cookies through your browser settings (including blocking and deleting). Restricting cookies may affect certain Interface functions.

4. Your rights

Depending on your jurisdiction, you may have rights regarding your personal data, including:

• the right to access your data;

• the right to correct inaccurate data;

• the right to delete data (where applicable);

• the right to restrict processing;

• the right to object to processing;

• the right to data portability (where applicable);

• the right to withdraw consent where processing is based on consent.

Please note: data recorded on public blockchains cannot be changed or deleted by the Company because blockchain is a distributed system. We can delete or anonymize data stored in our systems where deletion is required by law and technically possible.

To exercise your rights, contact us using the details in Section 10.

5. Third-party links and services

The Interface may contain links to third-party websites, dApps, and services that are not controlled by the Company. Use of such services is governed by their own terms and privacy policies, for which the Company is not responsible.

Execution Platforms and DIS Platforms

If you use an Execution Platform (including a DIS Platform under FZ-259) to deposit/withdraw RUBT and/or to perform Buyback settlement, the operator of that platform acts as an independent operator (controller) of personal data and processes your data (including KYC/AML and settlement data) under its own documents and privacy policy. The Company does not receive or store your KYC data unless you expressly provide it to the Company (for example, when contacting support).

6. Data retention and deletion

We retain personal data only for as long as necessary for the purposes of processing, including compliance with legal obligations. In general:

• Technical logs (for example, IP addresses) are typically retained for a limited period (often 30–90 days), unless longer retention is required for security or by law.

• Blockchain data is effectively permanent because it is recorded on public blockchains. We cannot modify or delete blockchain history.

• Communications (support requests) may be retained for a reasonable period to handle requests and maintain records.

• AI chatbot logs (if retained) are used to improve quality and kept for a limited period; we aim to minimize retention and avoid storing direct identifiers.

If you request deletion of data, we will delete it where possible and permitted by applicable law (including mandatory retention requirements).

7. International data transfers

The Company may process data using infrastructure and service providers located in different countries. In such cases, we take reasonable measures to ensure an adequate level of data protection required by applicable law.

8. Data security

We implement reasonable technical and organizational measures to protect data against unauthorized access, loss, disclosure, or destruction. However, no method of transmission or storage can guarantee absolute security.

9. Children’s privacy

The Service is not intended for individuals under the age at which they can lawfully consent to data processing in their jurisdiction. We do not knowingly collect children’s personal data. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps.

10. How to contact us

If you have questions, concerns, or requests related to this Policy or data processing, contact us:

Email: admin@tetris.money (use the subject line “Privacy Inquiry”) Mailing address: TETRIS DAO LLC – Privacy 852 Lagoon Road Majuro, Marshall Islands MI-1 96960

We will consider your request within a reasonable timeframe and, in any event, within the timelines required by applicable law. If you are located in a jurisdiction with a data protection authority, you may also have the right to lodge a complaint with the relevant supervisory authority.