Privacy Policy.

How Go Maestro Inc. collects, uses, and protects information on the Maestro Treasury Platform.

Last modified July 13, 2026

Introduction

Go Maestro Inc. ("Company" or "we" or "us") respects your privacy and we are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website https://treasury.gomaestro.org ("Website") or use our mobile or desktop applications ("Applications") and our practices for collecting, using, maintaining, protecting, and disclosing that information. This Website and our Applications are collectively referred to as our "Services."

This policy applies to information we collect:

  • Our Services.
  • In email, text, and other electronic messages between you and our Services.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries); or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or through the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using our Services, you acknowledge this privacy policy applies to information you provide or we obtain. This policy may change in the future. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children Under the Age of 16

Our Services are not intended for children under 16 years of age. No one under age 16 may provide any information to or on the Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on our Services. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at support@gomaestro.org.

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. See the "Your Privacy Rights" section below for more information.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of our Services. What information we collect depends on what you voluntarily provide us and how you choose to use the Services. The information we collect includes:

  • Personal Information: information that personally identifies you, such as name, physical (mailing) address, email address, telephone number, and employer;
  • Entity Information: for institutional users, information about your organization, including entity name, jurisdiction of formation, authorized representative details, and entity verification documentation;
  • Blockchain and Wallet Data: your cryptocurrency wallet address(es), blockchain network identifiers, on-chain transaction hashes, vault interaction records, allocation histories, and digital asset balance information;
  • Non-Identifying Information: information that is about you but does not identify you individually, such as the company you work for, your role, or your settings within the Services; and/or
  • Technical Information: information about your internet connection, the equipment you use to access our Services, and usage details.

We collect this information:

  • Directly from you when you provide it to us, including during onboarding, account registration, and identity or entity verification.
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
  • From public blockchain networks when you interact with DeFi protocols, vaults, or yield strategies through the Maestro Treasury Platform.

Information You Provide to Us

The information we collect on or through our Services may include:

  • Information that you provide by filling in forms on or through our Services. This includes information provided at the time of registering to use our Services (such as creating an account, completing onboarding, or connecting a wallet), or requesting further services or information. We may also ask you for information when you report a problem with or make a suggestion or comment about our Services.
  • Records and copies of your correspondence, if you contact us.
  • Your responses to surveys that we might ask you to complete.
  • Details of transactions you carry out through our Services, including vault allocations, strategy selections, yield optimization configurations, and related on-chain interactions.
  • Entity verification documentation, including corporate formation documents, authorized signatory information, and beneficial ownership disclosures, where required for compliance or access-control purposes.
  • Portfolio tracking data derived from on-chain blockchain transactions, including indexed transaction histories, balance information, vault positions, and yield metrics calculated from public blockchain records and third-party data providers. Such indexed data is retained for the duration of your account. After account deletion, retention is governed by the data retention policy set forth in the Data Security section of this policy. This data is based exclusively on on-chain transaction records and does not include independently collected personal information about your financial situation, income, or assets beyond what is directly reflected in on-chain transactions.

Note that because of the nature of the services we provide, some information is publicly available on blockchain networks. This includes, without limitation, cryptocurrency wallet addresses used to interact with the Maestro Treasury Platform, transaction hashes, vault deposit and withdrawal records, and token transfer histories. Once recorded on a public blockchain, this information cannot be removed, deleted, or amended by us or any other party. Please use caution and take time to consider when and how you disclose personal information that will be publicly accessible.

Identity Verification

Certain features of our Services may require identity verification or Know Your Customer ("KYC") checks to comply with applicable laws and regulations. Where identity verification is required, you may be directed to a third-party verification provider to complete the verification process. The collection and use of your personal data by such third-party providers is governed by their own privacy policies. We encourage you to review the privacy policy of any third-party verification provider before submitting your information.

We may receive confirmation of your verification status and limited identity information from such providers as necessary to grant or restrict access to our Services.

Eligibility verification for vault access, as required by the Terms of Service Section 5(k) and applicable Vault-Specific Terms, is conducted by the designated third-party verification provider. Maestro receives only confirmation of your verification status (pass/fail) and limited identity information necessary to grant or restrict vault access. Maestro does not independently verify accreditation status, residency, or other eligibility criteria beyond what is confirmed by the third-party provider.

Third-Party Wallet Services

Our Services allow you to connect a cryptocurrency wallet in one of two ways: (1) by creating a wallet through an optional third-party wallet service provider integrated with the Platform, such as Privy; or (2) by connecting your own independently managed external wallet.

Wallets Created Through Third-Party Providers

When you create a wallet through a third-party wallet service provider, the wallet creation and management service is provided by that third party and is subject to its own terms of service and privacy policy. We may receive information from the wallet provider, including your wallet address, email address, and authentication status, as necessary to provide our Services. Our current integrated wallet provider's privacy policy is available at: https://www.privy.io/privacy-policy

Independently Connected Wallets

When you connect your own external wallet, the only information we receive is your public wallet address and associated on-chain transaction data. We do not receive email addresses, authentication credentials, or other personal information from your external wallet.

Regardless of wallet type, we do not have access to your private keys or seed phrases. Neither we nor any integrated wallet service provider maintains the ability to recover, reset, or restore your private keys or access credentials.

Platform Display Metrics and Data Sourcing

The Platform displays certain yield and performance metrics derived from on-chain data and third-party data providers, including 7-day trailing annualized percentage yields, strategy total value locked (TVL), and token holder realized and unrealized earnings information. These metrics are calculated by Maestro from publicly available blockchain records and, where applicable, data feeds provided by third-party data providers. The display of these metrics does not involve the collection of additional personal information beyond the blockchain and wallet data described in this policy.

Bridge Services

The Platform may provide a client interface for accessing third-party bridge services, including Garden Finance protocol, that facilitate conversions between digital asset formats. When you use bridge services through the Platform, you transact directly with the bridge operator — Maestro provides the interface for convenience only and is not a party to the bridge transaction. Maestro does not collect, receive, or process personal data from bridge operators on your behalf. Any data generated by bridge transactions is recorded on the applicable public blockchain networks and is subject to the blockchain data permanence disclosures in this policy.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we collect automatically is only statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Services according to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our Services.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
  • Web Beacons. Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Do Not Track

Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a "Do Not Track" ("DNT") or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser's user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including our Services, do not respond to DNT signals. If we do respond to DNT signals in the future, we will update this Privacy Policy to describe how we do so.

Cookies Set by Third Party Sites

To enhance our content and to deliver a better online experience for our users, we sometimes embed images and videos from other websites on the Services. You may be presented with cookies from these third-party websites. Please note that we do not control these cookies. The privacy practices of these third parties will be governed by the third parties' own privacy statements or policies. We are not responsible for the security or privacy of any information collected by these third parties, using cookies or other means. You should consult and review the relevant third-party privacy statement or policy for information on how these cookies are used and how you can control them.

We also use Google, a third-party analytics provider, to collect information about Services usage and the users of the Services, including demographic and interest-level information. Google uses cookies in order to collect demographic and interest-level information and usage information from users that visit the Services, including information about the pages where users enter and exit the Services and what pages users view on the Services, time spent, browser, operating system, and IP address. Cookies allow Google to recognize a user when a user visits the Services and when the user visits other websites. Google uses the information it collects from the Services and other websites to share with us and other website operators' information about users including age range, gender, geographic regions, general interests, and details about devices used to visit websites and purchase items. We do not link information we receive from Google with any of your personally identifiable information. For more information regarding Google's use of cookies, and collection and use of information, see the Google Privacy Policy (available at https://policies.google.com/privacy?hl=en). If you would like to opt out of Google Analytics tracking, please visit the Google Analytics Opt-out Browser Add-on (available at https://tools.google.com/dlpage/gaoptout).

Where applicable data protection laws require a legal basis for processing your personal data, we rely on the following:

Contract Performance

We collect and use your personal data as necessary to provide the Maestro Treasury Platform and perform our contractual obligations to you. This includes administering your account, facilitating vault allocations and yield strategy interactions, processing transactions you initiate, providing customer support, and managing your relationship with us.

Legal and Regulatory Obligations

We may process your personal data as necessary to comply with applicable laws and regulations. This includes, where applicable, undertaking identity verification and anti-money laundering checks, screening against applicable sanctions lists, complying with requests from regulatory, governmental, tax, or law enforcement authorities, carrying out audit checks, maintaining statutory records, and preventing and detecting fraud.

Legitimate Interests

We may process your personal data where necessary for our legitimate business interests, provided that such interests are not overridden by your rights and freedoms. Our legitimate interests include assessing and processing your requests, investigating complaints or disputes, managing our risk and operations, ensuring internal compliance with our policies and procedures, protecting the platform against fraud, unauthorized access, or theft of proprietary materials, seeking professional advice, monitoring communications where permitted by law, and protecting the security and integrity of our systems. We will only process your personal data in pursuance of our legitimate interests where we have considered that the processing is necessary and, on balance, your legitimate interests, rights, and freedoms are not overridden.

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information:

  • To present our Services to you.
  • To provide you with information, products, or services that you request from us.
  • To fulfill any other purpose for which you provide it.
  • To provide you with notices and updates about your account and the Services.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
  • To notify you about changes to our Services or any products or services we offer or provide through it.
  • To facilitate onboarding, identity verification, and entity verification processes.
  • To monitor and analyze usage of the Maestro Treasury Platform for security, compliance, and platform improvement purposes.
  • In any other way we may describe when you provide the information.
  • For any other purpose with your consent.

We may also use your information to contact you about our own and third-parties' goods and services that may be of interest to you. If you do not want us to use your information in this way, please check the relevant box located on the form on which we collect your data or opt-out using the information in the communication you have received.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction and without further notice.

We may disclose personal information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business, including infrastructure providers, security auditors, and analytics services.
  • To third-party wallet providers whose services you access through our platform, to the extent necessary to facilitate wallet creation and management.
  • To third-party identity verification providers, to the extent necessary to complete any required verification processes.
  • To DeFi protocol providers, vault operators, bridge operators, or other third-party services with which you interact through the Maestro Treasury Platform, to the extent necessary to facilitate the transactions you initiate.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about users of our Services may be among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your personal information:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our terms of use and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect our rights, property, or safety or those of our customers, or others.

Blockchain Data and Permanence

Interactions with blockchain networks through the Maestro Treasury Platform may result in the permanent recording of certain information on public, decentralized ledgers. This includes, without limitation, wallet addresses, transaction hashes, vault deposit and withdrawal records, and token transfer histories.

Blockchain technology operates independently and is not controlled or operated by us. Information recorded on a public blockchain cannot be altered, deleted, or removed by us or any other party. Many blockchains are open to forensic analysis, which can lead to deanonymization and the unintentional revelation of personal information, particularly when blockchain data is combined with other data.

Please use caution and take time to consider when and how you disclose personal information that may become publicly and permanently accessible through blockchain interactions.

Accessing and Correcting Your Information

You can review and change your personal information by logging into the Services and visiting your account settings.

You may also send us an email at support@gomaestro.org to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

Please note that on-chain transaction records and wallet addresses recorded on public blockchains cannot be erased by us or any other party. Upon account deletion, we will remove the association between your account and off-chain personal data, but on-chain records will remain on the applicable blockchain networks.

Your Privacy Rights

The country or state in which you reside may have enacted privacy laws to provide residents with additional rights regarding their personal information. These laws include the General Data Protection Regulation ("GDPR") in the European Union and several laws in California, including the California Consumer Privacy Act ("CCPA"). Privacy laws providing individual rights also exist in Canada, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Oregon, Tennessee, Texas, Nevada, Virginia and Utah. We honor your rights and to exercise any rights you have, you should contact us using the following information:

Email: support@gomaestro.org

Physical Mail: 2025 Guadalupe Street, Suite 260 Austin, Texas 78705

The following are examples of the types of privacy rights provided in some jurisdictions. Depending on where you reside, you may have the same, more or fewer privacy rights.

  • To know from where we obtain personal information about you.
  • To know if we process your personal information and if so, what information.
  • To request to view or receive a copy of your personal information.
  • To have incorrect personal information about you corrected.
  • To request that we delete your personal information. Exercising this right may prevent you from engaging in certain Website-related activities. Please note that on-chain data recorded on public blockchains cannot be deleted by us or any other party.
  • To object to certain processing of your personal information and request limited processing of your personal information. Exercising this right may prevent you from engaging in certain Website-related activities.
  • To receive your personal data in a machine-readable format and have the data transferred to another party responsible for data processing.
  • To receive the same products and services at the same cost (if any), to the extent possible, regardless of whether you exercise your rights.
  • To know when automated decisions are made about you and to opt out of automated decision making. Currently, the Website does not perform automated decision making about individuals using personal information.

California "Shine the Light" Law

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information from us, once per calendar year, regarding our disclosure, if any, of personal information to third parties for their own direct marketing purposes. To make such a request, please send an email to support@gomaestro.org and write "Request for California Privacy Data" in the subject of your message or write us at: Go Maestro Inc., Attn: Website Administrator, 2025 Guadalupe Street, Suite 260 Austin, Texas 78705. We will send you a reply email or message within 30 days containing the requested data once we confirm your request. Not all of the shared personal information is covered by the Shine the Light law requirements and therefore only personal information which is covered will be included in our response.

California Consumer Rights Notice

Under California Civil Code Section § 1789.3, we are required to provide California residents with the following specific consumer rights information:

  • This Website is owned and operated by Go Maestro Inc.
  • Except where indicated, the Website is provided without charge.
  • To file a complaint regarding the Website or the Services or to receive further information regarding use of the Website or the Services, please contact us via email at support@gomaestro.org or write us at: Go Maestro Inc., Attn: Website Administrator, 2025 Guadalupe Street, Suite 260 Austin, Texas 78705. You also may contact the Complaint Assistance Unit of the Division of Consumer Services of California's Department of Consumer Affairs in writing at 400 R Street, Suite 1080, Sacramento, California 95814 or by telephone at (916) 445-1254 or (800) 952-5210.

Data Security

We have implemented certain technical and security commitments to keep your personal information safe and secure. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to us through our Website or otherwise. By using our Services, you agree that you are using the Services and transmitting personal information at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password or access credentials for certain parts of our Services, you are responsible for keeping this password confidential. We ask you not share your password with anyone. Additionally, you should only access the Services within a secure environment to limit threats.

We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested. After account deletion or service termination, we may retain personal data only as necessary to comply with applicable law, prevent fraud, resolve disputes, and enforce our agreements. We are required by law to keep some types of information for certain periods of time (e.g. statute of limitations). If your personal data is no longer necessary for the legal or business purposes for which it is processed, we will generally destroy or anonymize that information.

International Data Transfers

The Website is hosted in the United States and is governed by United States law. If you are using the Services outside the United States, please be aware that your personal information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

Due to the nature of our Services, your personal data may be transferred to jurisdictions that do not offer equivalent protection of personal data as under the data protection legislation applicable in your jurisdiction. In such cases, we will process personal data in accordance with applicable data protection law and take steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy Policy.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page with an updated effective date. If we make material changes to how we treat our users' personal information, we may also notify you by email to the email address specified in your account and/or through a notice on the Website home page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

Email: support@gomaestro.org

Physical Mail: 2025 Guadalupe Street, Suite 260 Austin, Texas 78705

Talk to the team

Tell us a little about you and we'll be in touch.

— We reply within one business day