I. Types of Information We Collect

CICADA collects information that you voluntarily provide, information automatically generated by systems, and information shared by third parties. We only collect data necessary for service delivery, security, and compliance purposes.

1.1 Information You Voluntarily Provide We request identity information (KYC) only when essential, such as for Real World Asset (RWA) modules, statutory regulatory requirements, sanctions screening, or risk management.

You may be required to provide the following: (1) Identity and Verification Information

• Full name, date of birth, nationality, residential address;

• Government-issued identification documents (passport/ID card);

• Proof of residence (utility bills, bank statements, tax documents);

• Proof of investment funds and source of wealth;

• For corporate users: registration documents, ownership structure, and authorized representative details.

(2) Contact Information

• Email address, phone number, mailing address, social media handles (e.g., Telegram, X, Discord);

• Notification preferences and language selections.

Standard on-chain functions (e.g., wallet connection, swaps, staking) do not require identification documents or contact details.

However, the following may be obtained: (1) On-Chain and Transaction Information

• Wallet addresses, blockchain network types, token interaction records, transaction hashes, staking or bridging operation details;

• Asset types, quantities, transfer and conversion records.

1.2 Automatically Collected Information CICADA and its service providers (e.g., analytics and anti-fraud tools) automatically collect certain device and usage data, including:

• Technical Information: Browser type, operating system, language settings, IP address, access dates and times;

• Device Data: Device model, OS version, screen resolution, device identifiers;

• Website Usage Information: Navigation paths, dwell times, click behaviors, page scrolls, exit pages;

• Location Information: IP-based city or country, for identifying regional compliance restrictions;

• Cookies and Tracking Data: For session identification, preferences, and security validation.

This data is used to enhance performance, detect anomalous activities, and analyze platform usage.

1.3 Blockchain Information Collected Blockchain serves as a shared, immutable ledger for recording asset transactions. In providing services, we may collect current and historical blockchain data directly from individuals, the aforementioned third parties, or public blockchains themselves:

• Account Addresses: Unique blockchain addresses or domains for asset transfers.

• Wallet Information: Wallet providers and wallets linked to specific account addresses.

• Account Balances and Assets: Balances associated with blockchain addresses, along with stored assets linked to the account.

• Transaction Details: Transaction identifiers, blockchain locations, dates and times, transaction types, sent/received amounts, fees, sender/receiver addresses, and storage sizes.

In certain cases, we may combine blockchain information with the above data, such as when you connect a blockchain wallet (e.g., via Coinbase Wallet, WalletConnect, Fortmatic, Ledger, or Trust Wallet) to the services for account address creation and wallet linking.

1.4 Information from Third Parties To ensure compliant and secure services, we may obtain or verify information from:

• Identity verification and compliance service providers (for KYC/AML/CFT);

• Wallet and blockchain data providers (for on-chain transaction identification and risk analysis);

• Analytics and security partners (e.g., Chainalysis, TRM Labs, Nansen);

• Community and social platforms (when you actively interact with CICADA's official accounts);

• Public blockchain data (for asset flows, transaction transparency, and risk modeling).