Effective date: August 18, 2025 We take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent to our collection, use and disclosure of your Personal Data as described in this Privacy Policy. Remember that your use of our website(s) and related services (“Services”) is at all times subject to any terms of use or other related terms made available to you (“Terms”), which incorporates this Privacy Policy. Any terms we use in this Privacy Policy without defining them have the definitions given to them in the Terms. You may print a copy of this Privacy Policy by clicking here. As we continually work to improve our Services, we may need to change this Privacy Policy from time to time. We will alert you of material changes by placing a notice on our website, by sending you an email and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes.

What This Privacy Policy Covers

This Privacy Policy covers how Skip Protocol collects and processes data that identifies or relates to you (“Personal Data”) This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage and that in some instances. Additionally, if you are accessing our Services in connection with one of our Customers, that Customer’s privacy policy will govern their collection and processing of your Personal Data.

Personal Data We May Collect

Device or Web Data. If you interact with us online (e.g., by visiting our website or using our web-based Services, or participating in a survey through our Services), we may collect information about your device and/or browser such as your IP address-based location data, and type of device or browser used to interact with our properties. Contact Data. If you sign up for an event, subscribe to our newsletters or other communications, or otherwise contact us, we may collect your contact information such as your name, email, job title, and your third-party handle (e.g., X) or username (e.g., Github, Telegram). Other Personal Data. We may collect other Personal Data that you make available through Services or to us, such as in emails or other communications you send us.

Sources of Personal Data

From You. We collect Personal Data when you provide it directly to us (e.g., you or contact us) and certain Personal Data (such as Device or Web Data) automatically when you use our Services (e.g., through Cookies – as defined in the “Cookies” section below). Public Sources. We may collect Personal Data from widely available media or other public sources. Other Parties: Such as:
  • Vendors that provide analytics on how you interact or engage with our Services or that help provide you with customer support.
  • Advertising Partners who may provide us with business leads, assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements, or communications.
  • Other third parties that you access or authorize in connection with our Services

Purpose for Collection and Processing Personal Data

To Provide, Customize, and Improve our Services.
  • Providing you with the products, services, or information you request.
  • Meeting or fulfilling the reason you provided the information to us, including to provide Services to our Customers.
  • Providing support and assistance for the Services.
  • Improving the Services, including testing, research, internal analytics, and product development.
  • Personalizing the Services, website content, and communications based on your preferences.
  • Doing fraud protection, security, and debugging.
Marketing our Services
  • Marketing and selling the Services.
  • Showing you advertisements, including targeted advertising.
Corresponding with You
  • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about the Company or the Services.
  • Sending emails and other communications according to your preferences.
Legal or Security
  • Meeting legal requirements and enforcing legal terms.
  • Preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
  • Protecting the rights, property or safety of you, Skip Protocol or another party.
  • Enforcing any agreements with you;
  • Responding to claims that any posting or other content violates third-party rights; and
  • Resolving disputes.

How We Disclose Personal Data

Service Providers. These parties help us provide the Services or perform business functions on our behalf. They may include: hosting, technology and communication providers; security and fraud prevention consultants; support and customer service vendors; analytics providers that analyze the use of our Services. Advertising Partners. These parties help us market our services and provide you with other offers that may be of interest to you. They may include: ad networks, data brokers, marketing providers, and analytics providers. Customers. If you access our Services in connection with a Customer, we may share your Personal Data, such as your responses to product-related questions with that Customer. Business Partners. These parties partner with us in offering various services. They may include organizations that we may partner with to offer joint Services or opportunities. Parties You Authorize, Access or Authenticate. This includes third parties you access or interact with through the Services or otherwise direct us to share Personal Data with. Others. We may also disclose Personal Data that we collect with third parties in conjunction with any of the activities set forth under the “Legal or Security” subsection above. Additionally, all of your Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy, or other transaction in which that third party assumes control of our business (in whole or in part).

Cookies

The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) that may collect or facilitate the collection of your Personal Data for various purposes. We may also supplement the information we collect via Cookies with information received from third parties, including third parties that have placed their own Cookies on your device(s). We may use the following types of Cookies:
  • Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and services unavailable.
  • Functional Cookies. Functional Cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services.
  • Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use our Services. They do this by collecting information such as the number of visitors to the Services, what pages visitors view on our Services and how long visitors are viewing pages on the Services. These Cookies help us better understand users of our Services and can also help us measure our targeted advertising efforts.
  • Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you.
Many internet browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work. To find out more information about Cookies generally, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.

Session Replay Technology

We may use session replay technology in order to identify and resolve customer issues, to monitor and analyze how you use our Services, to better understand user behavior, and to improve our Services. By continuing to use the Services, you consent to the use of session replay technology. If you would like to change your settings with respect to session replay technology, you can access your Cookie management settings on the homepage.

Data Security and Retention

Although we work to protect the security of your account and Personal Data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure. We retain Personal Data about you for as long as necessary to provide you with our Services or to perform our business or commercial purposes for collecting your Personal Data. When establishing a retention period for certain categories of Personal Data, we consider who we collected the data from, our need for the Personal Data, why we collected the Personal Data, and the sensitivity of the Personal Data. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

Personal Data of Children

As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data from children under 18 years of age; if you are a child under the age of 18, please do not attempt to use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 18 years of age, we will delete that information as quickly as possible. If you believe that a child under 18 years of age may have provided Personal Data to us, please contact us at Legal@interchainlabs.io.

State Law Privacy Rights

California Resident Rights

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; however, we do not make such disclosures.

Nevada Resident Rights

If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties. Please note that we do not currently sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.

European Data Subject Rights

If you are a resident of the European Union (“EU”), United Kingdom (“UK”), Lichtenstein, Norway or Iceland, you may have additional rights under the EU or UK General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below. If you engage with us in connection with a particular Project, we may be processing your Personal Data as a processor to a Customer (the controller). For any other Personal Data, Skip Protocol will be the controller. Depending on your relationship with us, you may need to submit requests related to your Personal Data to our customer. If you have any questions about this section or whether any of the following applies to you, please contact us at Legal@interchainlabs.io.

Personal Data Use and Processing Grounds

The “Purposes for Collecting and Processing Personal Data” section above explains how we use your Personal Data. We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
  • Contractual Necessity: We process the following categories of Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data. ○ Device or Web Data ○ Contact Data
  • Legitimate Interest: We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties: ○ Device or Web Data ○ Contact Data ○ Project Data ○ Other Personal Data ○ We may also de-identify or anonymize Personal Data to further our legitimate interests.
Examples of these legitimate interests include (as described in more detail above): ○ Providing, customizing and improving the Services. ○ Marketing the Services. ○ Corresponding with you. ○ Meeting legal requirements and enforcing legal terms. ○ Completing corporate transactions.
  • Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
  • Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

Disclosing Personal Data

The “How We Disclose Your Personal Data” section above details how we disclose your Personal Data with third parties.

EU, UK and Swiss Data Subject Rights

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at Legal@interchain.io. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
  • Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
  • Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • Erasure: You can request that we erase some or all of your Personal Data from our systems.
  • Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
  • Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  • Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
  • Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
  • Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Transfers of Personal Data

Depending on your relationship with us, the Services may be hosted and operated in the United States (“U.S.”) through Skip Protocol, its affiliates, and its service providers, and laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, may be provided to Skip Protocol in the U.S. and may be hosted on U.S. servers, and you authorize Skip Protocol to transfer, store and process your information to and in the U.S., and possibly other countries. In some circumstances, your Personal Data may be transferred to the U.S. pursuant to a data processing agreement incorporating standard data protection clauses.

Contact Information

If you have any questions or comments about this Privacy Policy or the ways in which we collect and use your Personal Data, please do not hesitate to contact us at: Skip Protocol Inc. 740 Broadway, STE 1002 New York, New York, 10003 United States legal@interchainlabs.io

GDPR Job Applicant and Worker Privacy Notice

Effective Date: August 18, 2025 Skip Protocol Inc. and its operating groups, subsidiaries and affiliates (collectively, “Company,” “us” or “we”) are committed to protecting the privacy and security of the personal data of provided by individuals applying for a job or other role at (“Job Applicants”), as well as the personal data of our current and former employees and contractors (collectively, “Workers”) and their emergency contacts and beneficiaries. Please read this Job Applicant and Worker Privacy Notice (the “Privacy Notice”) to learn how we treat your personal data when you are one of our Job Applicants or Workers. If you are located in in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”), you have certain rights under General Data Protection Regulation (“EU GDPR”) and as the EU GDPR forms part of the law of England and Wales by virtue of section 3 of the European Union (Withdrawal) Act 2018 (together, the “GDPR”) with respect to your personal data, as outlined below. In this Privacy Notice, we use the term “personal data” as it is defined under the GDPR. This Privacy Notice only applies to Job Applicants and Workers located in the EEA, Switzerland, and the UK. As we continually work to improve our operations and business, we may need to change this Privacy Notice from time to time. Upon material changes, we will alert you to any such changes by placing a notice on ‘s intranet, by sending you an email and/or by some other means.

What Categories of Personal Data Do We Collect?

Below details the categories of personal data we may collect and may have collected over the past twelve (12) months. Note that the collection, use, and disclosure of your personal data may vary depending on the nature of your relationship with us, including whether you’re a Job Applicant, a Worker, or a Worker’s emergency contacts and beneficiaries. FOR JOB APPLICANTS: Depending on where you are in the application stage (e.g., screening, assessment tests, interviews, background and reference checks, or decision stage), the collection, use, and disclosure of your personal data may vary. We may collect:
  • Personal Contact Data such as name, alias, mailing address, email address, phone number.
  • Internet or Other Electronic Network Activity Data such as information regarding your interaction with our career website, application, or advertisement, including chats and instant messaging.
  • Geolocation Data such as IP-address-based location information.
  • Sensory Data such as photos, videos, and recordings of you and your environment.
  • Professional or Employment-Related Data such as resume, job title, job history, performance evaluations, membership in professional organizations and unions, and job interview notes, responses to screening questions and assessment results.
  • Education Data such as grades or transcripts, student financial information, and student disciplinary records.
  • Special Categories of Personal Data - in countries where it is legal to do so - such as genetic, biometric and health data, as well as personal data revealing racial and ethnic origin, political opinions, religious or ideological convictions or trade union membership.
FOR WORKERS: Similar categories of data we collect in your role as a Job Applicant as described above may be collected and retained if you are employed by the Company. For additional categories of personal data that may be collected solely from Workers, please see below.
  • Geolocation Data such as IP-address-based location information.
  • Professional or Employment-Related Data such as performance management information (e.g., employment status, work schedule, job assignments, hours worked, accomplishments, awards), training and development information, discipline and counseling information, and employment termination information.
  • Other Personal data such as dependent information, emergency contact information, and beneficiary information.
Depending on the nature of your relationship with us, including whether you’re a Job Applicant, a Worker, or a Worker’s emergency contacts and beneficiaries, we only process your personal data where applicable law permits or requires it, including where the processing is necessary to assess your potential employment with us, to comply with our legal obligations, for our legitimate interests or the legitimate interests of third parties, or with your consent. We may process your personal data for legitimate business purposes and for the following purposes:
  • Process and manage your application: We use your personal data to process your job application, establish a job applicant profile for the recruitment process, assess your qualifications for a specific role with us, schedule and conduct interviews, communicate with you, and carry out background and reference checks (see the following bullet point for additional information). We may collect audio and visual information of job applicants through photographs used for identification purposes. With your consent, we may record video of you in connection with the application process, for example through a third party screening service.
  • Process and manage your employment: If you are offered a position with us, we will use your personal data in the employment on-boarding process and managing your personnel records including enrolling and administering employee benefits, paying wages, managing workflows, carrying out job promotion processes, evaluating performance, and other related employment purposes (as authorized by you and permitted by applicable law).
  • Conduct reference and background checks (as permitted by applicable law): We use personal data we collect to conduct reference checks and to evaluate your qualifications and experience. We may also conduct background checks (as authorized by you and permitted by applicable law).
  • Provide immigration support: If applicable and as permitted by applicable law, we may collect your personal data to assist with immigration support, such as applying for visas or work permits.
  • Analyze and improve our recruitment process and tools: For example, we analyze trends in our applicant pool, and use personal data to understand and improve our recruitment process and tools, including improving diversity and inclusion.
  • Record-keeping: We keep records of your personal data as required by law and in accordance with our record retention policies.
  • Meeting legal requirements and enforcing legal terms: We collect and process your personal data for purposes of: fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities; protecting the rights, property or safety of you, us or another party; enforcing any agreements with you; responding to claims; and resolving disputes. Additionally, we may use information about protected characteristics to analyze and monitor the diversity of our job applicants and Workers in accordance with applicable laws.
We will only process your personal data for the purposes we collected it for or for compatible purposes. If we need to process your personal data for an incompatible purpose, we will provide notice to you and, if required by law, seek your consent. We may process your personal data without your knowledge or consent where required by applicable law or regulation. We may also process your personal data for our own legitimate interests, including for the following purposes:
  • To prevent fraud.
  • To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution.
  • To support internal administration with our affiliated entities.
  • To conduct data analytics analyses to review and better understand our recruitment process.
You will not be subject to automated decision-making or profiling (as such terms are described in the GDPR) without your prior consent.

Collection and Use of Special Categories of Personal Data

We may collect and process certain special categories personal data about you, in countries where it is legal to do so, such as genetic, biometric and health data, as well as personal data revealing racial and ethnic origin, political opinions, religious or ideological convictions or trade union membership, to the extent such processing is necessary for us to carry out our obligations with respect to your application or employment. Where we have a legitimate need to process special categories of personal data about you for purposes not identified above, we will only do so only after providing you with notice and, if required by law, obtaining your prior, express consent.

How We Disclose Personal Data

Unless specifically noted, we disclose personal data to the categories of service providers and other parties listed in this section.
  • Affiliates. Our affiliates help us to perform business functions on our behalf.
  • Service Providers. These parties help us to perform business functions on our behalf, such as: ○ Hosting, technology and communication providers. ○ Security and fraud prevention consultants. ○ Background and reference check screening services. ○ Hiring process and benefits management and administration tools. ○ Health and safety technology providers.

Data Security

We seek to protect your personal data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of personal data and how we are processing that information. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism, limiting access to your computer or device and browser, and signing out after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

Data Retention

We retain personal data about you for as long as necessary to perform our business or commercial purposes, including employment-related purposes, for collecting your personal data. When establishing a retention period for specific categories of personal data, we consider who we collected the personal data from, our need for the personal data, why we collected the personal data, and the sensitivity of the personal data. In some cases we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally. Note that if you are a Job Applicant that applied through a third-party such as a recruiting company or submitted your application through a recruiting software (e.g., Greenhouse, Linkedin, etc.), you may be subject to their separate terms of service and privacy policy.

Your Rights under the GDPR

If you are a Job Applicant or Worker located in the EEA, Switzerland, or the UK, we are required to provide you with additional information about our processing of your personal data. Please note that, except as otherwise provided by applicable law, the information in this section as well as the other sections of this Privacy Notice apply to you. If you are a Job Applicant or Worker located in the UK, Switzerland or EEA, is the controller of your personal data. As a data controller, is responsible for ensuring that ‘s processing of your personal data complies with the GDPR.

Rights of Access, Correction, Erasure, and Objection

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during the recruitment process. By law, you may have the right to request access to, correct, and erase the personal data that we hold about you, or object to the processing of your personal data under certain circumstances. You may also have the right to request that we transfer your personal data to another party. Where you have provided your consent to the collection, processing, or transfer of your personal data, you may have the legal right to withdraw your consent under certain circumstances. We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or anonymized your personal data in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Cross-Border Data Transfers

Where permitted by applicable law, we may transfer the personal data we collect about you to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country for the purposes set out in this Privacy Notice. Where necessary, we have implemented standard contractual clauses to help secure the transfer.

Contact for Questions

If you have any questions or comments regarding this Privacy Notice, the ways in which we collect and use your personal data or your choices and rights regarding such collection and use, please contact: Individuals with disabilities may access this Privacy Notice in an alternative format by contacting legal@interchainlabs.io.