Last Updated: April 7, 2026

Effective Date: April 7, 2026

Introduction

WeStack, Inc. (“WeStack,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, use our mobile application, create or join a Stack or ShortStack, purchase or use our services, interact with our support team, or otherwise engage with us.

This Privacy Policy applies to information collected through our website, mobile application, and related services (collectively, the “Services”). By using the Services, you agree to the practices described in this Privacy Policy.

Information We Collect

We may collect the following categories of information:

1. Information You Provide Directly

We may collect information you provide when you:

• create an account

• complete onboarding or identity verification

• link a bank account or payment method

• create, manage, or join a Stack or ShortStack

• make contributions, transfers, purchases, or crypto-related transactions

• communicate with us or request support

• respond to surveys, promotions, or marketing campaigns

• submit job applications or business inquiries

This information may include:

• name

• username or display name

• email address

• phone number

• date of birth

• mailing address

• government-issued identification information, where required

• profile information and preferences

• payment information and bank account details

• transaction notes, descriptions, and other user-submitted content

• communications with us

2. Financial and Transaction Information

Depending on the services you use, we may collect information such as:

• linked financial account details

• payment card information

• contribution amounts

• transaction history

• balances

• merchant and purchase information

• transfers between users or groups

• crypto buy, sell, hold, transfer, or reward activity

• identity verification and fraud-prevention information

Some financial information may be collected, processed, or stored by our service providers and financial infrastructure partners rather than directly by WeStack.

3. Information Collected Automatically

When you use the Services, we may automatically collect certain technical and usage information, including:

• device type and operating system

• IP address

• browser type

• app version

• language settings

• device identifiers

• pages or screens viewed

• session activity

• clickstream data

• approximate location derived from IP address

• crash logs, diagnostics, and performance data

We may use cookies, pixels, SDKs, local storage, and similar technologies to collect this information.

4. Information From Third Parties

We may receive information from third parties, including:

• identity verification providers

• banking, payments, and money movement partners

• wallet, authentication, and security providers

• crypto infrastructure providers

• credit and financial wellness partners

• fraud-prevention and compliance vendors

• analytics providers

• advertising and marketing partners

• social login or connected account providers, if offered

Examples may include providers supporting bank linking, identity verification, financial account infrastructure, wallet creation or authentication, crypto access, credit-related services, and transaction processing.

How We Use Information

We may use your information to:

• provide, maintain, and improve the Services

• create and manage your account

• facilitate Stacks, ShortStacks, shared balances, contributions, payments, transfers, and related features

• process transactions and maintain records

• enable wallet, authentication, crypto, and identity-related functionality

• verify your identity and eligibility

• detect, investigate, and prevent fraud, abuse, unauthorized activity, and security incidents

• comply with applicable laws, regulations, subpoenas, lawful requests, and financial compliance obligations

• communicate with you about your account, updates, security alerts, support matters, and transactions

• send marketing communications where permitted by law

• personalize content, product experiences, and recommendations

• analyze usage trends, performance, and engagement

• troubleshoot bugs and improve reliability

• enforce our Terms and other legal agreements

• protect the rights, safety, and property of WeStack, our users, and others

How We Share Information

We may share information in the following circumstances:

1. Service Providers and Infrastructure Partners

We may share information with vendors, contractors, and service providers that help us operate the Services, including providers for:

• cloud hosting

• analytics

• customer support

• communications

• payments and banking infrastructure

• identity verification and compliance

• authentication and wallet infrastructure

• crypto services

• fraud prevention

• credit or financial monitoring features

• card issuance and transaction processing

These parties may access information only as reasonably necessary to perform services for us, subject to contractual and legal safeguards.

2. Other Users in Your Group or Shared Experience

Because WeStack supports shared financial experiences, certain information may be visible to other users involved in the same Stack, ShortStack, shared balance, contribution flow, or transaction. Depending on the feature, this may include:

• your name, username, or profile image

• contribution status or participation status

• amounts contributed or allocated

• transaction activity connected to a shared group

• payment requests or related activity

We design features to support shared visibility where needed for the service to function, but we aim to limit unnecessary exposure.

3. Financial, Compliance, and Crypto Partners

We may share relevant information with banking partners, payments providers, identity vendors, fraud-monitoring vendors, and crypto partners as needed to enable account functionality, satisfy regulatory obligations, process transactions, or prevent misuse.

4. Legal and Safety Reasons

We may disclose information if we believe doing so is necessary to:

• comply with law or legal process

• respond to requests from regulators or government authorities

• enforce our agreements and policies

• detect, prevent, or address fraud, money laundering, sanctions risks, or other unlawful activity

• protect the rights, property, and safety of WeStack, our users, or others

5. Business Transfers

We may share or transfer information in connection with a merger, acquisition, financing transaction, asset sale, corporate reorganization, bankruptcy, or similar event.

6. With Your Direction or Consent

We may share information when you direct us to do so or otherwise consent.

Cookies and Similar Technologies

We and our partners may use cookies, software development kits, pixels, and similar technologies to:

• keep you signed in

• remember preferences

• measure traffic and engagement

• improve product performance

• support security and fraud detection

• help deliver or measure marketing communications

You may be able to control certain cookie preferences through your browser or device settings. Blocking some technologies may affect how the Services function.

Analytics and Advertising

We may use third-party analytics tools to understand how users interact with the Services. We may also engage in marketing or retargeting activities where permitted by law.

Depending on your jurisdiction, you may have the right to opt out of certain targeted advertising, profiling, or data-sharing activities. We may also honor browser-based or device-based preferences where required by law.

Data Retention

We retain information for as long as reasonably necessary to provide the Services, operate our business, comply with legal and regulatory obligations, resolve disputes, enforce agreements, and maintain appropriate business and financial records.

Retention periods may vary depending on the type of information, the nature of the relationship, the sensitivity of the data, and applicable legal requirements.

Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your login credentials and for notifying us if you believe your account has been compromised.

Your Choices and Rights

Depending on where you live, you may have certain rights regarding your personal information, which may include the right to:

• access personal information we hold about you

• request correction of inaccurate information

• request deletion of certain information

• request a copy of your information in a portable format

• object to or restrict certain processing

• opt out of certain marketing communications

• opt out of certain targeted advertising or profiling activities

• appeal a decision relating to a privacy request, where applicable

We may need to verify your identity before processing certain requests. We may also deny requests where permitted or required by law, including where retention is necessary for compliance, fraud prevention, dispute resolution, or security purposes.

To exercise privacy rights, contact us using the details in the “Contact Us” section below.

State Privacy Rights

Residents of certain U.S. states may have additional privacy rights under applicable law. Where required, we will provide those rights and any required notices, including rights related to access, deletion, correction, portability, targeted advertising, profiling, and appeals.

If WeStack later becomes subject to specific state privacy laws, we may provide supplemental disclosures or notices for those jurisdictions.

Children’s Privacy

The Services are not directed to children under 18, and we do not knowingly collect personal information from children under 18 without appropriate authorization where legally required. If you believe a child has provided personal information to us in violation of applicable law, contact us so we can take appropriate action.

Third-Party Links and Services

The Services may contain links to third-party websites, products, or services. We are not responsible for the privacy, security, or content practices of those third parties. Their own terms and privacy policies will apply.

International Users

The Services are intended for users in the United States unless otherwise stated. If you access the Services from outside the United States, you understand that your information may be transferred to, processed in, and stored in the United States or other jurisdictions where our service providers operate.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice as required by law, which may include posting the updated policy, updating the effective date, or notifying you through the Services or by email.

Your continued use of the Services after an updated Privacy Policy becomes effective means the updated policy will apply, subject to applicable law.

Contact Us

If you have questions about this Privacy Policy or would like to submit a privacy request, contact us at:

WeStack, Inc.

Support@Westack.cash

Optional Product-Specific Addendum for WeStack

The following language can be added if you want a more product-specific tone:

WeStack is designed to help users create and manage shared funds, group balances, contributions, and related financial activity. Because certain features are collaborative by nature, information related to a shared Stack or ShortStack may be visible to participating members to support transparency, coordination, and accurate balance management.

If crypto services, wallet services, credit features, or card-related features are made available through third-party partners, those services may involve additional disclosures, consents, or partner terms presented at the time of use.