Volatiliti

Terms of Use and Privacy Policy

Effective date 4 November 2025

This document comprises two parts: (A) Terms of Use and (B) Privacy Policy. It applies to both our website and our application unless expressly stated otherwise.

(A) Terms of Use

1. Scope and Parties

These terms apply between Volatiliti Fund Manager AB and the user who has created or has been assigned an account. The app and website are provided to a closed group of invited and verified investors and their representatives. By using the services, you accept these terms.

2. Eligibility and Registration

The service is available only to invited users acting on their own behalf or on behalf of their organization. You are responsible for ensuring that the information you provide upon registration is correct and up to date. You must not share login credentials. We may deny, limit, or terminate access in case of suspected misuse or noncompliance with these terms.

3. License and Right of Use

We grant a personal, non‑exclusive, non‑transferable, and revocable license to use the app and website for information and reporting purposes related to your investments. You must not attempt to circumvent security, decompile, reverse‑engineer, or use the service in violation of law or these terms.

4. Prohibited Use

You must not use the service to: (i) violate the law or third‑party rights, (ii) bypass access controls, (iii) upload malicious code, (iv) share, copy, or redistribute content outside your authorized organization, (v) create derivative works of our software, or (vi) conduct automated scraping or bulk extraction.

5. No Investment or Legal Advice

The app provides data and analytics. Nothing in the app or on the website constitutes individual investment, tax, or legal advice. Past performance does not guarantee future results. All decisions are made at your own risk.

6. Intellectual Property Rights

All rights, including copyright, trademarks, and know‑how in the service and its content, belong to Volatiliti Fund Manager AB or our licensors. Nothing in these terms transfers ownership. We may use feedback without compensation to improve the service.

7. Third‑Party Services and Links

The service may integrate third‑party providers (e.g., operations, hosting, analytics, communications). Their terms may apply. We are not responsible for third‑party content, products, or services.

8. Availability, Maintenance, and Changes

The service is provided “as is” and “as available.” We may make changes, updates, interruptions, or discontinue the service in whole or in part. We aim to provide reasonable notice for material changes that significantly affect you.

9. Disclaimer of Warranties

To the extent permitted by mandatory law, no warranties of any kind are given, express or implied, including but not limited to merchantability, fitness for a particular purpose, and non‑infringement. Data and metrics may contain errors or delays.

10. Limitation of Liability

To the extent permitted by mandatory law, we are not liable for indirect damages, loss of profit, data loss, consequential or special damages. Our total liability to you for all claims related to the service is limited to the fees you have paid for the service during the last twelve (12) months, or, if no fees have been paid, to a maximum of SEK 1,000. Nothing in these terms limits liability that cannot be limited by law.

11. Indemnity

You agree to indemnify and hold us harmless from claims arising from your unauthorized use of the service or breach of these terms.

12. Termination and Suspension

You may terminate your account at any time via Settings > Account > Delete Account. We may temporarily suspend or terminate your access in case of material breach, legal obligation, or security risk. Upon termination, the license ceases immediately. Provisions which by their nature should survive termination will continue to apply.

13. E‑Commerce and Payment Terms (if applicable)

Any fees, invoicing, and payment terms are set out in a separate agreement or order confirmation. You are responsible for taxes and charges not expressly included in the price.

14. Electronic Communication

You consent to receive agreements, notices, and other communications electronically. You should retain copies for your own records.

15. Force Majeure

We are not liable for failure to fulfill obligations where the cause lies beyond our reasonable control, including but not limited to disruptions in power or network services, labor disputes, governmental actions, or natural events.

16. App Store Terms

For iOS, the license is also subject to the Apple Media Services Terms and the Apple Standard EULA. Apple is a third‑party beneficiary of these terms to the extent required by its terms. Any app store purchases are handled by the respective platform.

17. Export Control and Sanctions

You confirm that you are not located in a country subject to comprehensive sanctions and that you are not listed on relevant sanctions lists. You must not use the service in violation of applicable export and sanctions laws.

18. Governing Law and Disputes

Swedish substantive law applies. Disputes shall be resolved in the general courts of Sweden with the Stockholm District Court as the court of first instance. For business customers, arbitration under the rules of the Stockholm Chamber of Commerce may be agreed separately.

19. Miscellaneous

20. Changes to These Terms

We may amend these terms. Material changes will be communicated in the app, on the website, or by email before they take effect. Continued use after the effective date constitutes acceptance.

21. Contact

Volatiliti Fund Manager AB, Org. no. 5594002163, c/o Hermelin & Friends AB, Box 3395, 103 68 Stockholm, info@volatiliti.se

(B) Privacy Policy

1. Controller

Volatiliti Fund Manager AB, org. no. 5594002163, c/o Hermelin & Friends AB, Box 3395, 103 68 Stockholm, is the controller for the processing of personal data in the app and on the website. Contact: info@volatiliti.se. If we have appointed a Data Protection Officer, the contact details are provided here: [if applicable].

2. Categories of Data We Collect

We process the following categories

• Identity and contact details: name, email, phone, organization/customer relationship.
• Account and access data: username, role/permissions, login and session logs.
• Investment data: fund affiliation, portfolio values, transactions, TWRR, balances, turnover, reports, and derived analytics.
• Device and usage data: device type, OS version, app version, IP address, language settings, technical identifiers (e.g., IDFV), crash and performance data.
• Communications data: correspondence, support tickets, messaging preferences.
• Cookies and similar technologies on the website: necessary, functional, analytics and, subject to consent, marketing cookies. A detailed cookie list is provided in About cookies.

We collect data from you, your employer/fund manager, our service providers, and public registers where appropriate.

3. Purposes and Legal Bases

We do not normally process special categories of personal data.

4. App‑Level Tracking and Platform Privacy Settings

The app does not use advertising identifiers for tracking unless explicit consent is obtained under the respective platform’s requirements. Push notifications and location data are used only with your explicit consent in the operating system and can be disabled in system settings.

5. Recipients and Processors

We share data only with

• Service providers acting as processors: cloud hosting, operations, IT security, email, and analytics. We have data processing agreements with each processor.
• Professional advisers: legal and audit, subject to confidentiality.
• Authorities: where required by law.

6. Transfers to Third Countries

If data are transferred outside the EU/EEA, we ensure safeguards through the European Commission’s Standard Contractual Clauses and, where necessary, supplementary measures. Information on recipient countries and safeguards is available on request.

7. Retention Periods

We retain data only as long as necessary for the purposes or as required by law

• Account and identity data: while the account is active and up to 24 months after closure.
• Investment and transaction data: in accordance with applicable accounting law, normally up to seven (7) years after the end of the financial year.
• Logs and security data: 12–24 months depending on category.
• Support matters and correspondence: up to 36 months after the matter is closed.
• Marketing communications: until consent is withdrawn or no later than 24 months after the last interaction.

8. Security

We use appropriate technical and organizational measures, including encryption in transit and at rest where feasible, access controls, segmentation, multi‑factor authentication, and logging. No method is completely secure; a residual risk may remain.

9. Your Rights

You may request: (i) access, (ii) rectification, (iii) erasure, (iv) restriction, (v) data portability, and (vi) to object to processing based on legitimate interests. You may withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Contact info@volatiliti.se to exercise your rights. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

10. Account Deletion and Data Portability

You can delete your account in the app via Settings > Account > Delete Account. Deletion is initiated immediately and completed within 30 days at the latest. Some information may be retained longer where required by law or to establish, exercise, or defend legal claims. You may request an export of your data by contacting info@volatiliti.se.

11. Cookies on the Website

We use cookies to operate the website and, with your consent, for analytics and possibly marketing. On first visit, a consent banner is shown where you can accept, reject, or customize. You can change your choices at any time via About Cookies on the website. Details of each cookie are provided in About cookies.

12. Children’s Privacy

The service is not directed to children. We do not knowingly register users under 18 years of age. If you believe a child has provided data, contact us and we will remove the data where required.

13. Data Protection Incidents

We maintain processes to detect, report, and investigate personal data incidents. Where an incident is likely to result in a risk to your rights and freedoms, we will take action and, where required, notify IMY and you without undue delay.

14. Changes to This Privacy Policy

We may update this policy. The latest version is available in the app and on the website with the specified effective date. We will notify of material changes before they take effect.

15. Contact

Annex A – Data Categories for App Store Declarations (Overview)

Data collected (examples)

• Contact details (email) – linked to your identity.
• Identifiers (user ID, device ID/IDFV) – linked to your identity for login and security.
• Usage and diagnostics data – linked to your device for performance and crash reporting.
• Financial/investment‑related information – linked to your identity for reporting.

Advertising tracking: not applied without explicit consent.

Annex B – Cookies

See About cookies for more information.