Privacy Policy

This Privacy Policy describes how RWABTC Ltd Co, doing business as The Token Playbook ("TTP," "we," "us," or "our"), collects, uses, stores, and shares information about you when you access or use the Platform at tokenplaybook.com and its subdomains, newsletters, APIs, and related services.

By creating an account or using the Platform in any way, you consent to the data practices described in this Policy. If you do not agree, please do not use the Platform.

We collect information in the following categories:

Account & Registration Data

• Name, email address, and password (hashed)
• Subscription tier and billing information (processed by Stripe)
• Role or professional category (if provided during signup)
• Account creation date and subscription history

Usage and Behavioral Data ("Contributed Data")

• Pages visited, articles read, dwell time, and scroll depth
• Search queries entered on the Platform
• Clicks, navigation patterns, and feature interactions
• Inputs to Agentic Tools (The Advisor), including prompts and responses
• Form submissions, survey responses, feedback, and annotations
• Newsletter opens, clicks, and engagement data

Device & Technical Data

• IP address, browser type, and operating system
• Device identifiers and screen resolution
• Referral source (how you arrived at the Platform)
• Cookie identifiers and session tokens

Communications Data

• Email correspondence with TTP
• Support requests and feedback submitted through the Platform

Biometric Data (if enabled)

• If TTP implements biometric identity verification (facial recognition, liveness detection, or fingerprint authentication), biometric data will be collected with your explicit prior consent, in compliance with the Texas Capture or Use of Biometric Identifier Act (CUBI) and other applicable statutes.

We use the data we collect for the following purposes:

• Platform operation: To create and maintain your account, process payments, deliver content, and provide customer support.
• Personalization: To tailor content, recommendations, and features to your reading behavior and interests.
• Platform improvement: To analyze usage patterns, diagnose technical issues, and improve the design, quality, and performance of the Platform.
• Internal AI training and model development: Behavioral data, search queries, and interactions with Agentic Tools may be used to train, fine-tune, and improve TTP's internal AI models and systems. See Section 5 for details.
• Communications: To send transactional emails (account confirmation, billing receipts), editorial newsletters (The Digest), and product update notifications. You may opt out of marketing communications at any time.
• Security and fraud prevention: To detect, investigate, and prevent unauthorized access, automated account creation, credential sharing, and other policy violations.
• Legal compliance: To comply with applicable law, respond to lawful requests, enforce our Terms of Service, and protect TTP's legal rights.
• Business analytics: For aggregated market research, trend analysis, and business intelligence. Aggregated data does not identify individual users.

What "Contributed Data" means in practice: Every interaction you have with the Platform — every article you read, every query you submit to The Advisor, every newsletter you open — generates data. That data belongs to RWABTC Ltd Co and may be used, analyzed, and exploited for lawful business purposes, including (but not limited to) AI training and product development.

What you retain: You retain ownership of any pre-existing intellectual property you bring to the Platform (e.g., your original writings submitted in communications). You retain ownership of your personal identity — TTP's data ownership claim applies to behavioral and interaction data, not to your personal identity as a legal matter.

Sponsor content exception: Sponsor logos, trademarks, and advertising creative materials submitted by Registered Sponsors remain the property of those sponsors. TTP's ownership claim does not extend to sponsor intellectual property.

TTP uses Contributed Data — including Platform usage behavior, search queries, and interactions with Agentic Tools such as The Advisor — to train, fine-tune, and improve TTP's internal AI models and systems.

Specifically, TTP may use your data for:

• Improving the quality, accuracy, and relevance of The Advisor and other AI features
• Personalizing content delivery and recommendations
• Training intent classification and query understanding models
• Generating aggregated, de-identified insights about how practitioners use the Platform

TTP does not use the Platform's editorial content or third-party sources to train AI models without appropriate licensing. Restrictions on subscribers using TTP content for AI training are set out in the Terms of Service (Section 3.3) and are separate from TTP's own rights as described here.

We use cookies and similar tracking technologies to operate and improve the Platform. Types of cookies we use:

• Essential cookies: Required for account authentication, session management, and core platform functionality. Cannot be disabled without breaking the Platform.
• Analytics cookies: Used to understand how users navigate the Platform, which content is most read, and where users encounter friction. We use privacy-respecting analytics tools.
• Preference cookies: Remember your settings and preferences across sessions.
• Security cookies: Used to detect fraud, enforce access controls, and prevent automated abuse.

Third-party cookies may be set by services embedded in the Platform (see Section 7). You can control cookies through your browser settings, though disabling essential cookies will impair Platform functionality.

We work with third-party service providers to operate the Platform. Each provider receives only the data necessary for the services they provide and is contractually required to protect your data.

Stripe (Payment Processing)
We use Stripe to process subscription payments. When you subscribe, your payment card information is transmitted directly to Stripe and is never stored on TTP's servers. Stripe's privacy practices are governed by the Stripe Privacy Policy. TTP receives billing confirmation, subscription tier, and transaction identifiers from Stripe.

Email Service Provider
We use a third-party email delivery service to send transactional emails and The Digest newsletter. This provider receives your email address and basic engagement data (opens, clicks). We use a reputable provider with strong data protection practices.

Analytics Provider
We use analytics tools to understand Platform usage. We prefer privacy-respecting analytics that do not build cross-site advertising profiles. Where possible, IP addresses are anonymized or hashed before processing.

CAPTCHA / Bot Detection
We use CAPTCHA and behavioral analysis services to prevent automated account creation and abuse. These services may collect device fingerprinting data for security purposes.

Cloud Infrastructure
The Platform is hosted on cloud infrastructure in the United States. Your data is processed and stored in the United States.

TTP does not sell your personal information to third parties. We do not share your personal data with data brokers or advertising networks.

Depending on your location, you may have the following rights with respect to your personal data:

• Access: Request a copy of the personal data TTP holds about you.
• Correction: Request correction of inaccurate personal data in your account.
• Deletion: Request deletion of your account and associated personal data, subject to TTP's legal retention obligations and the data ownership provisions of the Terms of Service.
• Opt-out of marketing: Unsubscribe from marketing emails at any time using the unsubscribe link in any email or by contacting us at [email protected].
• Data portability (where applicable): Request a machine-readable copy of personal data you have provided to TTP.
• Objection to processing (where applicable): Object to certain processing of your personal data.

To exercise your rights, contact: [email protected]. We will respond within 30 days. Identity verification may be required before processing certain requests.

TTP implements reasonable technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/HTTPS)
• Passwords stored as hashed values (never in plain text)
• Access controls limiting employee access to personal data
• Regular security review and monitoring

No security system is impenetrable. In the event of a data breach that affects your personal data, TTP will notify you as required by applicable law.

We retain your account data for as long as your account is active or as necessary to provide services. Upon account deletion, we will delete or anonymize your personal account data within a reasonable time, subject to:

• Legal obligations that require retention (e.g., tax records, legal holds)
• Legitimate business interests in maintaining audit trails and fraud prevention records
• The data ownership provisions of the Terms of Service, under which Contributed Data owned by RWABTC Ltd Co may be retained indefinitely in aggregated or de-identified form

Biometric data (if collected) will be destroyed within a reasonable time after the purpose for which it was collected has been satisfied, consistent with Texas CUBI requirements.

The Platform is intended solely for individuals aged 18 and older. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data from a minor has been collected, we will take steps to delete it promptly.

The Platform is operated from and data is processed in the United States. If you access the Platform from outside the United States, your data will be transferred to and processed in the United States, which may have different data protection laws than your country of residence.

EU/UK Users: The Platform is primarily designed for U.S.-based practitioners. If you are located in the European Union, European Economic Area, or United Kingdom, please be aware that GDPR/UK GDPR rights may apply to you, but TTP's current data practices are optimized for U.S. law. Contact [email protected] to discuss your rights as an EU/UK user.

California Users: California residents may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Contact us at [email protected] to exercise CCPA rights or request a CCPA-specific privacy notice.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email to the address on file and/or by posting a notice on the Platform with a revised "Last Updated" date. Your continued use of the Platform following any such notification constitutes your acceptance of the updated Policy.

We encourage you to review this Policy periodically. The current version is always available at tokenplaybook.com/privacy/.

For privacy-related questions, data subject requests, or concerns about our data practices:

• Email: [email protected]
• Entity: RWABTC Ltd Co d/b/a The Token Playbook
• Address: Austin, TX 78746, United States
• Legal inquiries: [email protected]

We will respond to all privacy inquiries within 30 days.