# Privacy Policy This Privacy Policy ("**Privacy Policy**") describes how **Agentic Finance Inc.** ("**Agentic Finance**," "**Sail**," "**we**," "**our**," or "**us**") collects, uses, discloses, and protects personal information about you when you access our user interface located at sail.money and any associated subdomains, applications, and APIs (the "**Sail UI**"), interact with our machine-learning software and algorithms (the "**Agent**" or "**Agent Logic Software**"), or otherwise communicate or transact with us (collectively, the "**Services**"). This Privacy Policy is incorporated into and forms part of our Terms & Conditions, available at . By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, do not access or use the Services. If you provide information to us about any person other than yourself, you must ensure that the information is accurate and that the other person has been informed of, and consents to, the sharing and processing of their data in accordance with this Privacy Policy. *** ### 1. Data Controller and Contact The data controller responsible for the processing of personal information under this Privacy Policy is: **Agentic Finance Inc.** (d/b/a Sail) 1021 E Lincolnway, Suite 8932 Cheyenne, WY 82001, USA EIN: 32-0822535 For privacy-related inquiries or to exercise your rights under this Privacy Policy, please contact us at ****. *** ### 2. Information We Collect We collect information about you from the following sources: #### 2.1 Information You Provide * **Communications.** Contact details, message content, and other information you submit when you contact us by email, support ticket, social media, or other means. * **Account Configuration.** Information you provide when configuring Strategies, Permissions, Session Keys, or other settings within the Sail UI. * **Compliance Information.** Where we request information to comply with applicable law (for example, sanctions screening, anti-money-laundering, or tax-information-reporting requirements), the information you provide in response. #### 2.2 Information Collected Automatically When you access the Sail UI, we automatically collect technical and usage information, including: * IP address and approximate location derived from it; * Device identifiers, operating system, browser type and version, and language settings; * Date, time, region, and duration of your visit; * Pages and features accessed, referrer URLs, click and scroll behavior; * Amount of data transferred and network protocols used; * Cookies and similar technologies (see Section 7). #### 2.3 On-Chain Information When you connect an externally owned account ("**EOA**" or "**Wallet**"), deploy a Smart Account, or sign a Sign Request, the following information is recorded on public blockchain networks: your wallet address(es); transaction history; assets held; smart contract interactions; and related metadata. This information is publicly available to anyone with access to the relevant blockchain (see Section 12). #### 2.4 Information from Third Parties We may receive information from third parties, including analytics providers, security and fraud-prevention vendors, sanctions-screening services, blockchain analytics providers, and our other service providers, in each case in accordance with applicable law and the third party's privacy policy. *** ### 3. How We Use Your Information We use the information we collect for the following purposes: * **To provide and operate the Services**, including authenticating access, processing your configurations, generating Sign Requests, and supporting Smart Account functionality; * **To communicate with you**, including responding to inquiries, sending service-related notices, and providing customer support; * **To maintain security**, including monitoring, detecting, investigating, and preventing fraud, abuse, security incidents, and other harmful or illegal activity; * **To improve and develop the Services**, including analyzing usage patterns, debugging, conducting research, and developing new features; * **For marketing and outreach**, where permitted by applicable law and where you have not opted out (or, where required, where you have provided consent); * **To comply with law**, including responding to legal process, regulatory inquiries, tax-information-reporting obligations, and sanctions and anti-money-laundering screening; * **For risk management and corporate governance**, including assessing and managing legal, financial, operational, and reputational risk; * **For business transactions**, in connection with a merger, acquisition, financing, reorganization, sale of all or substantially all of our assets, or similar transaction; and * **To assert or defend legal claims**, including in disputes, investigations, or proceedings. *** ### 4. Legal Bases for Processing For users in the United States, our processing of personal information is governed by applicable federal and state law. We rely on the legal bases provided under the privacy laws of your state of residence, where applicable. For users in the European Economic Area, the United Kingdom, Switzerland, or another jurisdiction with comparable data-protection law, we process your personal information on the following legal bases: * **Consent**, where you have given us consent to process your data for a specific purpose (you may withdraw consent at any time); * **Contract**, where processing is necessary to perform our agreement with you or to take steps prior to entering into a contract; * **Legal obligation**, where processing is necessary to comply with applicable law; * **Vital interests**, where processing is necessary to protect the vital interests of you or another natural person; and * **Legitimate interests**, where processing is necessary for our legitimate interests (such as operating, securing, and improving the Services), provided that those interests are not overridden by your rights and freedoms. *** ### 5. How We Share Your Information We do not sell your personal information for monetary consideration. We may share your information with the following categories of recipients: * **Service providers and processors** that perform services on our behalf, including hosting, analytics, communications, security, fraud prevention, sanctions screening, customer support, payment processing, and professional advice. These providers are bound by confidentiality and data-protection obligations. * **Business partners**, where contractually required to deliver Services or features you have requested. * **Successors in interest**, in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction. Your information may be transferred to the acquiring or surviving entity subject to this Privacy Policy or a successor policy. * **Legal and regulatory authorities**, where we are required by law, court order, subpoena, or regulatory request, or where we believe in good faith that disclosure is necessary to protect our rights, the rights of others, or to prevent harm or illegal activity. * **Professional advisors**, including our lawyers, auditors, accountants, and consultants, subject to appropriate confidentiality obligations. *** ### 6. Cookies and Tracking Technologies The Sail UI uses cookies and similar technologies (such as pixels, web beacons, local storage, and SDKs) to operate the Services, remember your preferences, analyze usage, and improve performance. You can control cookies through your browser settings or, where available, through cookie-management tools we provide. We respond to Global Privacy Control ("**GPC**") signals where required by applicable law. *** ### 7. Data Retention We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including: * For the duration of your use of the Services and a reasonable period thereafter; * As required to comply with our legal, tax, accounting, or reporting obligations (typically up to seven (7) years for financial records); * As necessary to assert or defend against legal claims (typically until the applicable statute of limitations has expired); and * Where otherwise required or permitted by applicable law. When personal information is no longer needed, we will securely delete or anonymize it. **On-chain data cannot be deleted by us** (see Section 12). *** ### 8. Data Security We implement reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, loss, alteration, or disclosure. **No method of transmission over the internet or electronic storage is completely secure, however, and we cannot guarantee the absolute security of your information.** If we become aware of a security incident affecting your personal information, we will notify you and applicable authorities to the extent and within the timeframes required by applicable law, including state breach-notification statutes (see Section 15). You are responsible for the security of your EOA, Smart Accounts, Session Keys, private keys, recovery phrases, and any device or system used to access the Services. We cannot recover lost or compromised credentials, nor funds sent to incorrect addresses. *** ### 9. Children's Privacy The Services are not directed to, and we do not knowingly collect personal information from, individuals under the age of 18. If you believe we have collected personal information from a child under 18, please contact us at and we will take reasonable steps to delete the information. We do not knowingly sell or share the personal information of minors under 16. *** ### 10. International Data Transfers Agentic Finance Inc. is based in the United States, and your personal information may be processed and stored in the United States and in other countries where we or our service providers operate. Data-protection laws in the United States and other jurisdictions may differ from those in your country of residence. For users located in the European Economic Area, the United Kingdom, or Switzerland, where we transfer your personal information outside your jurisdiction, we rely on appropriate transfer mechanisms — including the European Commission's Standard Contractual Clauses (SCCs), the UK Addendum, or comparable safeguards — to the extent required by applicable law. *** ### 11. Your Privacy Rights #### 11.1 California Residents (CCPA / CPRA) If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act: * **Right to know** what personal information we have collected, used, disclosed, and (if applicable) sold or shared about you, including the categories of sources, purposes of collection, and categories of recipients; * **Right to delete** personal information we have collected from you, subject to certain exceptions; * **Right to correct** inaccurate personal information we maintain about you; * **Right to opt out** of the sale or sharing of your personal information for cross-context behavioral advertising; * **Right to limit** the use and disclosure of sensitive personal information; * **Right to non-discrimination** for exercising your CCPA/CPRA rights. We honor Global Privacy Control (GPC) signals as a request to opt out of the sale or sharing of personal information. To exercise your rights, contact us at . We may need to verify your identity before responding. You may also designate an authorized agent to act on your behalf. #### 11.2 Other US State Residents If you are a resident of Virginia, Colorado, Connecticut, Utah, Texas, Iowa, Indiana, Montana, Oregon, Delaware, New Hampshire, New Jersey, Tennessee, Maryland, Minnesota, Rhode Island, Kentucky, or any other US state that has enacted a comprehensive consumer privacy law, you may have rights similar to those described above, which may include the right to access, delete, correct, port, and (where applicable) opt out of certain processing of your personal information, including targeted advertising and profiling. Specific rights vary by state. To exercise any such right, contact us at . #### 11.3 European Economic Area, United Kingdom, and Switzerland Residents If you are a resident of the EEA, the UK, or Switzerland, you have the following rights under applicable data-protection law: * **Access** to the personal data we hold about you; * **Rectification** of inaccurate or incomplete personal data; * **Erasure** ("right to be forgotten"), subject to legal exceptions; * **Restriction** of processing in certain circumstances; * **Data portability** to another controller; * **Objection** to processing based on our legitimate interests or for direct marketing; * **Withdrawal of consent** at any time, where processing is based on consent; * **Right to lodge a complaint** with your local supervisory authority. To exercise these rights, contact us at . Note that **on-chain data cannot be deleted, modified, or restricted by us** due to the technical nature of public blockchain networks (see Section 12). #### 11.4 How to Exercise Your Rights To exercise any privacy right, contact us at ****. We will respond within the timeframes required by applicable law. We may need to verify your identity, and we may decline requests that are unfounded, excessive, or not permitted by law. We will not discriminate against you for exercising your rights. *** ### 12. On-Chain Data When you transact on a public blockchain, your wallet address, transaction history, asset holdings, and related transaction metadata are permanently recorded on the blockchain. This information is publicly available, and **neither we nor any third party has the ability to delete, modify, or restrict access to on-chain data**. If you are concerned about the public visibility of on-chain data, you should not transact on public blockchains. By using the Services to interact with a blockchain, you acknowledge that certain data-protection rights (including deletion, rectification, and restriction) cannot be effectively exercised with respect to on-chain data. *** ### 13. Third-Party Services and Wallets The Sail UI may contain links to, or integrations with, third-party services, websites, EOAs (wallets), DeFi protocols, bridges, or oracles. We do not control, and are not responsible for, the privacy practices of those third parties. When you connect a third-party EOA, your interactions with that wallet are governed by its provider's terms and privacy policy, not this Privacy Policy. We encourage you to review the privacy policies of any third party you interact with. We may operate accounts on third-party platforms (such as X/Twitter, Discord, Telegram, or LinkedIn). When you interact with our accounts on those platforms, the platforms also process your data in accordance with their own terms and privacy policies. *** ### 14. Profiling and Automated Decision-Making We may analyze usage patterns and behaviors to operate, secure, and improve the Services — for example, to detect abuse, prevent security incidents, identify fraud, and prioritize support. We do not use solely automated decision-making that produces legal or similarly significant effects on you without human involvement. *** ### 15. Security Incidents and Notifications If a security incident affects your personal information, we will notify you and any applicable regulatory authority to the extent and within the timeframes required by applicable law, including state breach-notification statutes. Notifications may be sent by email, in-product notification, or other means we deem reasonable under the circumstances. Notification of an incident does not constitute an admission of fault, and any remediation we may undertake is in addition to (not in lieu of) such notification. *** ### 16. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, applicable law, or for other operational, legal, or regulatory reasons. When we update this Privacy Policy, we will revise the "Last updated" date above and, where appropriate, provide additional notice (for example, by email or through the Sail UI). Your continued use of the Services after the effective date constitutes your acceptance of the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must cease using the Services. *** ### 17. Contact Us If you have questions, comments, or requests regarding this Privacy Policy or our privacy practices, please contact us at: **Agentic Finance Inc.** (d/b/a Sail) Attn: Privacy 1021 E Lincolnway, Suite 8932 Cheyenne, WY 82001, USA Email: *** *Agentic Finance Inc. (d/b/a Sail) | 1021 E Lincolnway, Cheyenne, WY 82001, USA | | EIN: 32-0822535* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sail.money/legal/privacy-policy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.