Privacy Policy — Maxturbine

Section 01

Introduction

Maxturbine Energy Inc. ("Maxturbine," "we," "our," or "us") is a renewable energy investment company incorporated in Missouri, United States. We operate a fractional wind energy investment platform that allows eligible individuals to acquire ownership shares in commercial wind turbines and receive proportional returns from electricity revenue.

This Privacy Policy describes how Maxturbine collects, stores, uses, and protects personal information when you access our website, create an investor account, participate in investment offerings, or interact with our team. It also explains your rights in relation to your personal data.

By creating an account or using any part of the Maxturbine platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree, please do not use the platform.

This policy applies to all users of the Maxturbine platform, including prospective investors, registered investors, and individuals who contact Maxturbine through our website or email channels.

Section 02

Information We Collect

Maxturbine collects information necessary to provide our services, verify your identity, process transactions, and comply with legal obligations. We collect information in three primary categories:

Personal Information

Information you provide directly when creating or managing your account:

Data Type	Examples
Identity data	Full name, date of birth, nationality
Contact data	Email address, phone number, country of residence
Verification data	Government-issued ID, passport, proof of address documents
Account credentials	Username, encrypted password, security settings
Communication records	Support tickets, emails, form submissions

Financial Information

Information collected in connection with deposits, withdrawals, and investment activity:

Data Type	Examples
Payment details	Bank account numbers, SWIFT/routing codes, Bitcoin wallet addresses
Transaction records	Deposit amounts, withdrawal history, dates, reference numbers
Investment records	Shares held, share purchase history, distribution records
Tax information	Where required by applicable law or investor request

Technical Data

Information collected automatically when you access the platform:

Data Type	Examples
Device data	Device type, operating system, screen resolution
Network data	IP address, approximate location (country/region level)
Browser data	Browser type and version, language settings
Usage data	Pages visited, session duration, features accessed, timestamps
Cookies & tracking	Session identifiers, preference cookies (see Section 07)

What we do not collect

Maxturbine does not collect or store full payment card numbers, CVV codes, or full banking credentials beyond what is necessary to process your stated payment method. We do not collect biometric data or monitor your activity outside the Maxturbine platform.

Section 03

How We Use Information

Maxturbine uses your information only for purposes that are necessary, proportionate, and disclosed to you. The following table outlines the primary purposes and the lawful basis for each:

Account management. We use your personal information to create, maintain, and administer your investor account, including authentication, profile management, and account security.

Identity verification (KYC/AML). We are required to verify the identity of all investors to comply with anti money-laundering and know-your-customer regulations. This involves processing your identification documents and, where applicable, cross-referencing them against compliance databases.

Transaction processing. We use financial information to process deposits, process withdrawal requests, calculate profit distributions, and maintain accurate investment records for each shareholder.

Communications. We use your contact information to send account notifications, distribution confirmations, platform updates, and responses to your support requests. We do not send unsolicited marketing without your explicit consent.

Platform improvement. Technical and usage data helps us identify performance issues, improve user experience, and develop new features. This analysis is conducted on an aggregate or anonymized basis wherever possible.

Legal compliance. We process data as required to meet our obligations under applicable law, including responding to lawful requests from regulatory authorities, courts, or law enforcement agencies.

Fraud prevention and security. We use data to detect, investigate, and prevent fraudulent activity, unauthorized account access, and other security threats to the platform and its users.

Section 04

Data Sharing

Maxturbine does not sell your personal data. We do not sell, rent, or trade your personal information to third parties for commercial or marketing purposes. Data is shared only in the specific, limited circumstances described below.

Service Providers

Maxturbine works with trusted third-party service providers who assist in delivering our platform and services. These providers are granted access only to the data necessary for their specific function and are contractually required to maintain confidentiality and process data only as instructed by Maxturbine. Service providers may include:

Identity verification and KYC/AML compliance providers
Cloud infrastructure and data hosting providers
Email delivery and communication service providers
Payment processing and banking partners
Legal, accounting, and audit service providers

Legal and Regulatory Requirements

Maxturbine may disclose your personal data where required or permitted to do so by law, including in response to:

Court orders, subpoenas, or other legally binding judicial processes
Requests from regulatory bodies, government agencies, or law enforcement authorities with proper jurisdiction
Compliance with anti-money-laundering (AML), counter-terrorism financing (CTF), or tax reporting obligations
Enforcement of our Terms & Conditions or protection of Maxturbine's legal rights

Business Transfers

In the event of a merger, acquisition, asset sale, or restructuring involving Maxturbine, your personal data may be transferred to the successor entity as part of that transaction. You will be notified in advance of any such transfer that materially affects your data rights.

Section 05

Data Security

Maxturbine implements technical and organizational security measures designed to protect your personal data against unauthorized access, disclosure, alteration, loss, or destruction. Our security practices include:

Encryption in transit: All data transmitted between your browser and Maxturbine's servers is encrypted using TLS (Transport Layer Security), ensuring communications cannot be intercepted.
Encryption at rest: Sensitive personal and financial data stored within our systems is encrypted using industry-standard AES-256 encryption.
Access controls: Access to personal data is restricted to authorized Maxturbine personnel on a strict need-to-know basis. All access is logged and subject to regular review.
Password security: Account passwords are hashed and salted using modern cryptographic methods. Maxturbine staff cannot view your password and will never request it.
Regular security reviews: Our systems undergo periodic security assessments and vulnerability testing to identify and address potential weaknesses.
Incident response: Maxturbine maintains a documented data breach response protocol. In the event of a breach affecting your data, we will notify you and relevant authorities within timeframes required by applicable law.

Your role in security

No security system is infallible. You are responsible for maintaining the confidentiality of your account credentials. Use a strong, unique password, enable any available two-factor authentication, and notify Maxturbine immediately if you suspect unauthorized access to your account.

Section 06

Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal data. Maxturbine is committed to honoring these rights in a timely and transparent manner.

Right of Access

Request a copy of the personal data Maxturbine holds about you, along with information about how it is being used.

Right to Correction

Request that inaccurate or incomplete personal data be corrected or updated. You may also update most information directly through your account dashboard.

Right to Deletion

Request deletion of your personal data where it is no longer necessary for the purposes it was collected, subject to legal retention requirements.

Right to Object

Object to the processing of your data where it is based on our legitimate interests, unless we have compelling grounds to continue processing.

Right to Portability

Request a structured, machine-readable copy of the personal data you have provided to Maxturbine, where technically feasible.

Right to Restrict Processing

Request that we limit how we use your data in certain circumstances, for example while a correction request is being reviewed.

To exercise any of these rights, submit a request to privacy@Maxturbine.com. We will respond within 30 days. In some cases we may need to verify your identity before processing a request. Certain data may be retained beyond a deletion request where required by law — for example, transaction records maintained for regulatory compliance purposes.

Section 07

Cookies & Tracking

The Maxturbine platform uses cookies and similar technologies to maintain session integrity, remember preferences, and understand how the platform is used. We do not use cookies to build advertising profiles or share tracking data with marketing networks.

Types of cookies used

Cookie Type	Purpose	Duration
Essential	Maintain your login session and platform security. Cannot be disabled without affecting core functionality.	Session
Functional	Remember your preferences such as language, display settings, and dashboard layout.	Up to 12 months
Analytics	Understand how users navigate the platform so we can improve its design and performance. Data is aggregated and anonymized.	Up to 12 months

Maxturbine does not use third-party advertising cookies or cross-site tracking technologies. Analytics data, where collected, remains within Maxturbine's control and is not shared with advertising networks.

Managing cookies. You may configure your browser to block or delete cookies. Blocking essential cookies will affect your ability to log in and use the platform. Blocking functional and analytics cookies will not affect core functionality but may reduce the quality of your experience.

Section 08

Data Retention

Maxturbine retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. The following principles guide our retention approach:

Active accounts: Data associated with an active investor account is retained for the duration of the account relationship.
Closed accounts: Following account closure, personal data is retained for a minimum of 5 years to comply with financial record-keeping requirements, anti-money-laundering regulations, and potential dispute resolution needs.
Transaction and investment records: Financial transaction data and investment records are retained for at least 7 years in accordance with U.S. financial regulation standards.
KYC and identity documents: Identity verification documents are retained for the period required by applicable AML regulations, typically 5 years following the end of the investor relationship.
Communications: Support communications and correspondence are retained for 3 years following resolution, unless longer retention is required for legal purposes.
Technical and analytics data: Anonymized or aggregated technical usage data may be retained indefinitely as it cannot be linked to specific individuals.

When data is no longer required and no legal retention obligation applies, Maxturbine securely deletes or anonymizes it so that it can no longer be associated with an identifiable individual.

Section 09

Third-Party Links

The Maxturbine platform or associated communications may contain links to third-party websites, services, or resources. These external sites operate independently of Maxturbine and are governed by their own privacy policies, which may differ substantially from this one.

Maxturbine is not responsible for the privacy practices, content, security, or data handling of any third-party websites or services. We do not endorse and have no control over the privacy policies of any external site. Clicking a third-party link from the Maxturbine platform means you are leaving our environment and entering one that Maxturbine does not control.

Recommendation

Before providing any personal information to a third-party website, we encourage you to review its privacy policy carefully. Maxturbine accepts no liability for any data shared with, or collected by, third-party services you access via links from our platform.

Section 10

Policy Updates

Maxturbine may update this Privacy Policy from time to time in response to changes in applicable law, our business practices, regulatory requirements, or the services we offer. All changes will be reflected in the updated document, which will indicate the revised effective date at the top of the page.

How we notify you. Where changes are material meaning they affect how your data is used in a way that is meaningfully different from what was previously disclosed we will notify you via email to your registered address and through a prominent notice on the platform prior to the changes taking effect. We will provide a reasonable period (typically 14–30 days) between notification and the effective date of material changes.

Continued use. Continued use of the Maxturbine platform after the effective date of any revised Privacy Policy constitutes acceptance of those revisions. If you do not agree with the changes, you should cease using the platform and may request account closure.

We recommend reviewing this Privacy Policy periodically, even when you have not received a notification of changes. The "Last Updated" date at the top of this document indicates when the most recent revision was made.

Section 11

Contact Information

If you have questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact Maxturbine through any of the following channels:

Privacy inquiries: privacy@Maxturbine.com
General support: support@Maxturbine.com
Contact form: Maxturbine.com/contact
Registered entity: Maxturbine Energy Inc., Missouri, United States

Maxturbine aims to respond to all privacy-related inquiries within 10 business days. For formal data subject access requests or deletion requests, please include your full name, registered email address, and a clear description of your request to assist us in processing it promptly.