Privacy Policy

1. Introduction
DLT256 GmbH (“DLT256”, “we”, “us”, or “our”) is committed to protecting the privacy of individuals who interact with our website, services and investor-facing platforms (collectively, the “Services”). As a company operating under the jurisdiction of Switzerland and the European Union, we process personal data in accordance with the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). By accessing our Services, you acknowledge and agree to the practices described herein.

2. Categories of Personal Data Collected
We collect and process personal data that you voluntarily provide, including but not limited to your name, professional email address, company affiliation, jurisdiction and investor classification. We also collect data necessary to facilitate onboarding, such as regulatory documentation or communications submitted through our institutional inquiry forms. Additionally, we automatically collect technical data (e.g., IP address, browser type, session logs and site usage) through cookies and similar technologies to ensure secure and optimized platform functionality.

3. Purposes of Processing
Your personal data is processed strictly for legitimate purposes, which include responding to inquiries, verifying investor status, facilitating access to private placement materials, fulfilling regulatory obligations, providing requested information and enhancing the security and usability of our Services. We do not sell, lease, or trade your personal data under any circumstance.

4. Legal Basis for Processing
Our data processing activities are grounded in one or more of the following legal bases: (i) your explicit consent, where required; (ii) necessity for the performance of a contract or pre-contractual measures; (iii) compliance with applicable legal obligations; and (iv) our legitimate interest in operating a secure and efficient institutional platform, provided that such interests do not override your rights and freedoms.

5. Data Sharing and Disclosures
We may share your personal data with third-party service providers that support our operational, compliance, or hosting infrastructure, including cloud services, CRM providers and KYC/AML tools, all of whom are bound by strict confidentiality and data protection obligations. We may also disclose data to legal or regulatory authorities where required by applicable law or as necessary to comply with judicial or administrative proceedings.

6. International Data Transfers
Where personal data is transferred outside Switzerland or the European Economic Area (EEA), DLT256 ensures that appropriate safeguards are implemented, including reliance on adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms to ensure a level of protection equivalent to Swiss and EU standards.

7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this policy or as required under applicable legal or regulatory retention schedules. Upon expiration of such periods, data is securely deleted or anonymized in accordance with industry standards.

8. Data Subject Rights
You have the right, subject to legal conditions, to request access to your personal data, correct inaccuracies, restrict or object to processing, request erasure, or receive your data in a structured, machine-readable format. You also have the right to withdraw consent where processing is based on consent. Requests should be directed to privacy@dlt256.com. You may also lodge a complaint with your national data protection authority if you believe your rights have been violated.

9. Cookies and Tracking Technologies
DLT256 uses essential and analytics cookies to improve user experience, measure site performance and ensure secure operation. By continuing to use our Services, you consent to the use of such technologies as described in our Cookie Policy. You may adjust your browser settings to restrict or block cookies at any time.

10. Data Security
DLT256 maintains appropriate technical and organizational measures to safeguard personal data, including encryption, access control, multi-tier authentication and periodic security reviews. Our infrastructure is hosted in secure environments with restricted access and continuous monitoring.

11. Amendments
We may revise this Privacy Policy from time to time to reflect changes in law, practice, or technology. The most current version will be published at www.dlt256.com/privacy. Material updates will be clearly communicated where legally required.

12. Contact
For any questions regarding this policy or to exercise your data protection rights, please contact: compliance@dlt256.com