Privacy Policy

Last Updated: Jan 11, 2025

1. Introduction

We recognize our responsibilities in relation to the collection, holding, processing, use, and/or transfer of personal data. Your privacy is of utmost importance to us.
This Privacy Policy ("Policy") along with the Terms of Use (also known as "Terms and Conditions") documents outline how we collect, use, store, and disclose your personal data and govern your use of all our Services, Products, Websites, or Platforms (collectively, the "Services") operated by GCRx Inc. ("GCRx"), including our website, Telegram app, and any future digital services. By accessing or using GCRx Services, you agree and consent to GCRx, its related corporations, teams, and affiliates, as well as their respective representatives and/or agents (collectively referred to herein as "we," "us," or "our"), collecting, using, disclosing, and sharing your personal data, and to disclosing such personal data to relevant third-party providers.

This Policy supplements but does not supersede nor replace any other consent which you may have previously provided to us nor does it affect any rights that we may have at law in connection with the collection, use, and/or disclosure of your personal data. We may update this Policy periodically to ensure consistency with our future developments, industry trends, and legal or regulatory requirements. The prevailing terms of this Policy shall apply. For the avoidance of doubt, this Policy forms part of the terms and conditions governing your relationship with us and should be read in conjunction with such terms and conditions.

The security of your personal data is important to us. At each stage of data collection, use, and disclosure, we have cloud-based, electronic, and procedural safeguards to protect the personal data stored with us. However, no transmission of personal data over the Internet can be guaranteed to be 100% secure—accordingly and despite our efforts, we cannot guarantee or warrant the security of any information you transmit to us. We shall not have any responsibility or liability for the security of information transmitted via the Internet.

This Policy describes how we may collect, use, disclose, process, and manage your personal data and applies to any personal data of individuals or organizations which are in our possession or under our control.

2. What Personal Data is Collected by Us

"Personal data" means data, whether true or not, about an individual or organization who can be identified (i) from that data, or (ii) from that data and other information to which we have or are likely to have access. Examples of personal data we may collect include:

• Name, email address, and contact details.
• Data submitted through forms, such as investment preferences or inquiries.
• Digital wallet addresses and associated transactions.
• Interactions with GCRx Services, such as commands executed and messages sent.
• IP address, device type, operating system, and geographical location.
• Location or address where the individual or organization is based.
• Completion of KYC (Know Your Customer), KYB (Know Your Business), and AML (Anti-Money Laundering) forms through third-party providers.
• Financial details, including funds collected via our Services.

Personal data is automatically collected when you interact with our Services, submit forms, or contact us for support.

3. Use of Cookies and Tracking Technologies

In addition to the above, we may use cookies and similar tracking technologies on our Services to enhance user experience, analyze Services’ performance, and improve functionality. Cookies are small text files stored on your device when you visit a website or a service that uses such functionality. They help us remember your preferences and activities to provide a personalized experience.

Types of Cookies We Use

• Essential Cookies: Necessary for Services’ functionality, such as security and navigation.
• Analytics Cookies: Collect data on user behavior to improve our Services.
• Preference Cookies: Store your preferences, such as language settings.
• Advertising Cookies: Deliver relevant advertisements based on browsing activity.

Managing Cookies

You can control cookies through your settings. Blocking cookies may impact Services’ functionality.

Third-Party Cookies

We may partner with third-party service providers who use cookies. These cookies are governed by the third party's privacy policies.

By using our Services, you consent to the use of cookies as described.

4. Purposes for Collection, Use, and Disclosure of Your Personal Data

We collect, use, and disclose your personal data for legitimate business purposes, including:

• Facilitating onboarding and membership management.
• Providing access to investment opportunities and related materials.
• Collecting and processing funds for investment opportunities.
• Setting up and managing SPVs in globally recognized jurisdictions tailored to client needs.
• Improving functionality and user experience across GCRx Services.
• Communicating updates and promotional offers.
• Complying with applicable laws and regulatory requirements.
• Protecting our rights, property, and ensuring security.

5. Use of Personal Data for Marketing Purposes

We may use your personal data to offer you products or services, including special offers or promotions. Such marketing messages may be sent via email, messaging platforms, or other channels. You may opt out of receiving marketing communications by contacting us.

6. Disclosure and Sharing of Personal Data

We may disclose your personal data to:

• Service providers for operational purposes.
• Affiliates and partners for business functions.
• Regulatory authorities as required by law.
• Third parties with your explicit consent.

We work with service providers and partners who adhere to robust data protection standards. Any transfer of personal data to these third parties is conducted under agreements that ensure appropriate levels of protection.

KYC and KYB Disclaimer

We rely on third-party providers for KYC, KYB, and AML processes. While we ensure these providers meet high standards of data protection, GCRx does not directly store or manage KYC or KYB data.

7. Retention of Personal Data

Your personal data will be retained as long as necessary to fulfill the purposes outlined in this Policy, including to comply with legal, regulatory, or contractual obligations. Once the data is no longer required, it will be securely deleted or anonymized.

8. Security Measures

We employ technical and administrative measures to safeguard your data. However, we cannot guarantee the absolute security of data transmitted online. We utilize a combination of firewalls, encryption, and access controls to secure your personal data. Additionally, regular audits and employee training programs ensure ongoing adherence to data protection best practices.

9. International Transfers

Your data may be processed and stored in jurisdictions outside your country of residence. We implement appropriate safeguards to ensure adequate protection for international data transfers. For users located in the European Economic Area (EEA), we ensure that data transfers outside the EEA are conducted in accordance with the European Union General Data Protection Regulation (GDPR), including the use of standard contractual clauses or other legally recognized mechanisms.

10. Governing Law and Jurisdiction

This Policy is governed by the laws of the State of Delaware, United States. Any disputes will be resolved under the jurisdiction of the courts of Delaware. Specific SPV agreements may include jurisdiction-specific terms where applicable.

11. Queries, Access/Correction Requests, and Withdrawal of Consent

To request access to, correction of, or withdrawal of consent for your personal data, contact us at support@gcrx.io. Note that withdrawing consent may affect your ability to use our Services.

By using the Services, you acknowledge that you have read, understood, and agree to this Privacy Policy. You further acknowledge and agree that GCRx reserves the right to amend, modify, or update this Privacy Policy at any time, at our sole discretion, without prior notice. Any such changes will take effect immediately upon their adoption, unless otherwise specified. Your continued use of the Services after any changes constitutes your acceptance of the revised Privacy Policy. It is your responsibility to review this Privacy Policy periodically to stay informed of any updates.