PRIVACY POLICY

Date of last update: May 2025

This Privacy Policy governs the collection and processing of personal data on the TRENDDI platform (the "Platform"), including but not limited to its website [www.trenddi.io] and any related services or applications.

The Platform is owned and operated by Coin Points, S.L. ("CoinPoints" or "we"), whose identification and contact details are as follows:

• Tax Identification Number: B75977058
• Address: Paseo Castellana, 259 50 - Torre Espacio, 28046, Madrid
• Contact e-mail address: info@nc43.com
• Data Protection Officer (DPO): derechosarco@nc43.com

At CoinPoints, we are committed to protecting your privacy and ensuring transparency in how we process your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable regulations.

1. WHO IS THE DATA CONTROLLER?

Coin Points S.L. is responsible for the processing of your personal data for the purpose of providing the services identified in this privacy policy.

We inform you that CoinPoints has a Data Protection Officer in accordance with the GDPR, at your disposal for any questions or concerns regarding the processing of your data. You can contact them via email at derechosarco@nc43.com.

2. WHAT INFORMATION DO WE PROCESS?

a) The data you provide directly to us:

• We collect information about you when you register on our platform, interact with our services, or contact us through provided channels such as contact forms.
• When you contact us, we may ask for your name, surname, email address, and other necessary data.
• The impersonation of identity or provision of third-party data is strictly prohibited. Users must provide accurate and truthful information.
• If your data changes, you must update it as soon as possible to ensure its accuracy.

b) Data obtained indirectly:

• When you browse the platform, cookies and other tracking devices may be installed on your device, as explained in our Cookie Policy.

3. WHAT IS THE ORIGIN OF THE DATA?

We consider that all data processed by CoinPoints have been freely provided by you.

If you provide third-party data, you warrant that you have informed them of this Privacy Policy and obtained their authorization to share their data with CoinPoints.

4. FOR WHAT PURPOSE AND ON WHAT LEGAL BASIS DO WE PROCESS THE DATA?

CoinPoints acts as the controller of personal data for the following purposes and in accordance with the following legal bases:

• On the basis of a contractual or pre-contractual relationship:
  • Managing and maintaining your user account and interactions on the platform.
• On the basis of compliance with legal obligations:
  • Allowing users to exercise their rights.
  • Complying with legal requirements applicable to CoinPoints.
• On the basis of explicit user consent:
  • Sending newsletters and marketing communications.

By registering on the platform or providing your email through designated forms, you expressly consent to being added to our mailing list for the purpose of receiving our periodic newsletter. You may unsubscribe at any time by using the unsubscribe link included in the newsletter or by contacting us at derechosarco@nc43.com.

• On the basis of legitimate interest:
  • Keeping users informed about CoinPoints products and services related to those previously contracted.
  • Responding to user inquiries and support requests.

Users may object to processing based on legitimate interest at any time by contacting derechosarco@nc43.com.

5. WHO HAS ACCESS TO THE DATA?

We may share your personal data with:

• Public authorities: Where required by law.
• Service providers: Companies offering hosting, IT, customer support, and analytics services.
• Affiliated companies and partners: Where necessary for service integration or marketing, with user consent.

Transfers outside the European Economic Area (EEA) are made with appropriate safeguards, such as Standard Contractual Clauses.

6. USER RIGHTS

Users have the right to:

1. Access their data and obtain details on processing activities.
2. Rectify incorrect or incomplete data.
3. Erase their data when it is no longer necessary.
4. Restrict processing under specific conditions.
5. Object to certain processing activities.
6. Request data portability where applicable.
7. Withdraw consent for processing based on user consent.
8. Not be subject to automated decision-making.

To exercise your rights, contact us at derechosarco@nc43.com. If you believe your rights have been violated, you may file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

7. DATA RETENTION PERIOD

Your personal data will be stored for as long as necessary to:

• Provide platform services.
• Comply with legal obligations.
• Manage user rights and claims.

When data is no longer required, it will be securely deleted or anonymized.

8. SECURITY MEASURES

We implement technical and organizational security measures to protect personal data against unauthorized access, loss, misuse, or disclosure.

Users are responsible for keeping their login credentials secure and should report any unauthorized access immediately.

9. MINORS' DATA

TRENDDI is not intended for users under 18 years old. If we discover that a minor has provided personal data without parental consent, we will take steps to delete such information.

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically. If significant changes occur, we will notify users via email or in-app notifications.

Continued use of the platform after updates signifies acceptance of the revised policy.

For questions or concerns regarding this Privacy Policy, contact us at derechosarco@nc43.com.