SONAR TRADE

PRIVACY POLICY

Effective Date: April 7, 2026

1. Introduction

This Privacy Policy ("Policy") describes how Sonar Trade ("Sonar," "we," "us," or "our") collects, uses, stores, shares, and protects information in connection with your use of the Sonar platform, available at sonar.trade (the "Platform"), and all associated services, tools, and features.

By accessing or using the Platform, you acknowledge that you have read and understood this Policy and consent to the collection and use of your information as described herein. If you do not agree with any part of this Policy, you should discontinue use of the Platform immediately.

This Policy should be read in conjunction with our Terms of Use, which are incorporated herein by reference.

2. Information We Collect

Sonar collects information necessary to provide and improve the Platform. The categories of information collected depend on how you interact with the Platform and the authentication method you choose.

2.1 Account and Authentication Information

When you create an account or log in, Sonar collects information based on your selected authentication method. This may include:

• Email address (if you authenticate via email-based one-time code verification).
• Google account information, including your name and email address (if you authenticate via Google login).
• Blockchain wallet address (if you authenticate via wallet connection). Wallet connection is used strictly for account access and identity verification and does not grant Sonar control over your external wallet.

Authentication is powered by Turnkey, a third-party authentication provider. Sonar does not store your passwords. Authentication sessions expire after 24 hours of inactivity.

2.2 Transaction and Execution Data

When you use the Platform to deposit, withdraw, swap, or execute strategies, Sonar collects data associated with those activities, including:

• Deposit addresses generated for your account.
• Deposit amounts, asset types, and confirmation statuses.
• Withdrawal destination addresses, amounts, and transaction records.
• Strategy configuration parameters (strategy type, direction, volume allocations, price and market cap thresholds, duration, and execution status).
• Swap details (token pairs, amounts, direction, and execution timestamps).
• On-chain transaction hashes and blockchain confirmation data.

2.3 Referral and Points Data

If you participate in the referral program or earn Sonar Points, we collect data related to:

• Your unique referral link and referral code.
• The identity of users you have referred (by account identifier, not personal information).
• Referral tier relationships (Level 1, Level 2, Level 3).
• Referral reward accruals and claim history.
• Points earned through on-chain execution, referrals, API usage, quests, and multiplier tiers.

2.4 Technical and Usage Data

Sonar may automatically collect certain technical information when you access the Platform, including:

• IP address.
• Browser type and version.
• Device type and operating system.
• Pages visited, features used, and interaction patterns on the Platform.
• Timestamps and session duration.
• Referral source (if you arrived via a referral link).

2.5 Support Communications

If you contact Sonar for support via Telegram (@SonarTradeBot) or any other channel, we may collect the content of your communications, your Telegram username or contact identifier, and any additional information you voluntarily provide during the support interaction.

3. How We Use Your Information

Sonar uses the information collected for the following purposes:

• To create and manage your account and authenticate your identity.
• To facilitate deposits, withdrawals, swaps, and strategy execution as directed by you.
• To process and track referral program participation and reward distribution.
• To calculate and maintain Sonar Points balances and multiplier status.
• To monitor Platform performance, detect errors, and improve functionality.
• To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity.
• To comply with applicable legal and regulatory obligations.
• To communicate with you regarding your account, including service-related notifications.
• To enforce our Terms of Use and protect the rights, property, and safety of Sonar and its users.

4. How We Share Your Information

Sonar does not sell your personal information to third parties. We may share information in the following limited circumstances:

4.1 Third-Party Service Providers

We engage trusted third-party service providers to support the operation and security of the Platform. These providers include:

• Turnkey: authentication and account access services.
• HashiCorp HCP Vault: secure transaction signing and key management.
• Cantina: security auditing and review.

These providers are contractually obligated to use your information only to perform services on our behalf and in compliance with applicable data protection laws.

4.2 Blockchain Networks

Transactions executed through the Platform are recorded on public blockchain networks (Ethereum, Solana, Base, BNB). On-chain transaction data, including wallet addresses, transaction amounts, and transaction hashes, is publicly visible and cannot be deleted or modified by Sonar. This is inherent to the nature of blockchain technology.

4.3 Legal and Regulatory Compliance

Sonar may disclose your information if required to do so by law, regulation, legal process, or governmental request. We may also disclose information if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Sonar, its users, or the public, or to detect, prevent, or address fraud, security issues, or technical problems.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of such transaction. We will provide notice before your information becomes subject to a different privacy policy.

5. Data Retention

Sonar retains your information for as long as your account remains active and as necessary to fulfill the purposes described in this Policy. We may also retain certain information after account closure as required to comply with legal obligations, resolve disputes, enforce our agreements, and maintain records of transactions for audit and compliance purposes.

On-chain transaction data is permanently stored on the relevant blockchain network and is not subject to deletion by Sonar.

6. Data Security

Sonar implements industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Isolation of signing keys within HashiCorp HCP Vault, which is the only component authorized to sign transactions. Raw private keys are never stored in application code or databases.
• End-to-end encryption of communications between the Vault and Sonar systems using TLS.
• Private network connections that keep sensitive data off the public internet.
• Compartmentalized infrastructure, with deposit, execution, withdrawal, and API services operating as separate services with scoped permissions.
• Multi-signature wallet controls for smart contract ownership and privileged role management.
• Two-Factor Authentication (2FA) available for user accounts.

While we take extensive measures to protect your information, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security of your data.

7. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information, including:

• The right to access the personal information we hold about you.
• The right to request correction of inaccurate personal information.
• The right to request deletion of your personal information, subject to legal retention requirements and the immutable nature of blockchain records.
• The right to object to or restrict certain processing of your personal information.
• The right to data portability, where applicable.
• The right to withdraw consent at any time, where processing is based on consent.

To exercise any of these rights, please contact us via Telegram at @SonarTradeBot. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

Please note that certain information may be exempt from such requests under applicable law. Additionally, on-chain data recorded on public blockchain networks cannot be modified or deleted, as this is a fundamental characteristic of blockchain technology.

8. Cookies and Tracking Technologies

Sonar may use cookies, local storage, and similar tracking technologies to enhance your experience on the Platform, maintain session state, and collect usage analytics. These technologies help us understand how the Platform is used and allow us to improve functionality and performance.

You may configure your browser settings to refuse cookies or alert you when cookies are being sent. However, disabling cookies may affect certain features of the Platform.

9. International Data Transfers

Sonar operates globally and may transfer, store, and process your information in jurisdictions other than the one in which you reside. By using the Platform, you consent to the transfer of your information to countries that may have different data protection standards than your country of residence.

Where required by applicable law, Sonar will implement appropriate safeguards to ensure that your information receives an adequate level of protection regardless of where it is processed.

10. Children's Privacy

The Platform is not intended for use by individuals under the age of 18 or the age of legal majority in their jurisdiction, whichever is greater. Sonar does not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a minor, we will take steps to delete such information promptly.

11. Third-Party Links and Services

The Platform may contain links to third-party websites, services, or applications. This Policy does not apply to the practices of third parties that Sonar does not own or control. We encourage you to review the privacy policies of any third-party services before providing them with your information.

12. Changes to This Policy

Sonar reserves the right to update or modify this Policy at any time. Any changes will be effective upon posting the revised Policy on the Platform, with an updated effective date. Your continued use of the Platform after changes are posted constitutes your acceptance of the revised Policy.

We encourage you to review this Policy periodically to stay informed about how we collect, use, and protect your information.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through the following channel:

Telegram Support: @SonarTradeBot

Website: sonar.trade