Global Privacy & Data Protection | TriTrust Legacy Enterprises (TTLE)

GLOBAL PRIVACY POLICY & DATA PROTECTION FRAMEWORK

TriTrust Legacy Enterprises (TTLE) | Effective February 1, 2026 | Last Reviewed: April 2026

Next Scheduled Review: No Later Than April 2027 | Corporate Governance Standard

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

TTLE operates at the high-stakes intersection of absolute professional value and forensic

integrity. This Global Privacy Policy & Data Protection Framework ensures that every

engagement is protected by world-class security protocols and administrative discipline.

CORPORATE DOMICILE & INTELLECTUAL PROPERTY

TriTrust Legacy Enterprises Inc. is a legally incorporated entity domiciled in the State of

Florida, United States of America. The enterprise executes global operations under the

registered trade names: TriTrust Legacy Enterprises, TriTrust Legacy, TTLE, TTLE Inc.,

TTLE Global Authentication, TTLE Executive Vanguard, and TTLE Private Client

Solemnization. All proprietary architecture, frameworks, and digital content are strictly

protected intellectual property. "TriTrust Legacy Enterprises" and associated enterprise

marks are actively pending federal registration with the United States Patent and Trademark

Office (USPTO). Unauthorized reproduction, dissemination, or utilization of our marks or

methodologies is strictly prohibited.

ZERO-CUSTODY MANDATE:

The enterprise operates under an uncompromising Zero-Custody Fiduciary Model. At no

time does TriTrust Legacy Enterprises Inc. hold, control, or take title to client capital,

assets, or securities. No strategic directive, framework, or content provided herein shall

be construed as formal legal, tax, or financial counsel. Discerning clientele are required

to retain independent jurisdictional counsel prior to the execution of any corporate or

personal strategy.

GLOBAL ENTERPRISE & LEGAL DISCLAIMER:

TriTrust Legacy Enterprises Inc. is an elite professional integrity firm operating under a

strict Zero-Custody model; we do not hold or control client assets. We are not a law firm,

attorneys, chartered bank, trust company, or registered investment advisor. No

communication or information provided constitutes legal, tax, or financial advice, and

clients should consult independent counsel. Our corporate engagements, including

strategic advisory and administrative architecture, are strictly limited in scope.

Statutory Compliance Notice: While TriTrust Legacy's executive advisory and consulting

divisions operate by private invitation, all Florida Notary Public and Remote Online

Notarization (RON) services are executed in official capacity as a commissioned public

officer. These specific notarial services are provided to the general public in strict,

uncompromising adherence to Chapter 117 of the Florida Statutes, without bias or

exclusivity.

1. PREAMBLE & STRUCTURAL INTEGRITY

At TriTrust Legacy Enterprises Inc. (hereinafter referred to as "TRITRUST LEGACY

ENTERPRISES," "TriTrust," "TTLE," "We," "Us," or "Our"), privacy is not merely a

compliance requirement — it is a fundamental pillar of our professional integrity. As the

definitive bridge between time-honored values and the future of global commerce, we are

committed to safeguarding the personal sovereignty of our clients with forensic precision.

This Privacy Policy governs how we collect, utilize, secure, and retain Personal

Information through our digital platforms — specifically our website inquiry form and

related direct communications.

OPERATIONAL STRUCTURE:

All functions, operations, and personnel of TriTrust Legacy Enterprises Inc. are based

exclusively in Walton County, Florida, United States of America. TTLE is additionally

authorized to transact business in the State of Ohio as a registered foreign (non-Ohio)

corporation pursuant to Ohio Revised Code Chapter 1703; TTLE maintains no physical

location, employees, or operations in Ohio. All international telephone contact numbers,

including our London Central virtual line (+44 20 7846 0009), are virtual forwarding

numbers that route directly to our Florida-based operations. TTLE maintains no physical

offices, employees, or data infrastructure outside the United States.

TTLE provides services to clients throughout all U.S. states and territories, and globally

to clients located anywhere in the world where it is legally permissible to do so, provided

the underlying document has a United States legal nexus, in strict accordance with U.S.

federal law, Florida Statutes, and the laws of the client's applicable jurisdiction.

CORPORATE ADDRESSES:

Official Mailing Address:

TriTrust Legacy Enterprises Inc.

755 Grand Blvd, Ste B105-143, Miramar Beach, FL 32550

Florida Registered Agent:

7901 4th St N, STE 300, St. Petersburg, FL 33702

Ohio Registered Agent (Authorized Non-Ohio Corporation):

6545 Market Ave. N, STE 100, North Canton, OH 44721

Email: Admin@TriTrustLegacy.com

Subject: PRIVACY COMPLIANCE INQUIRY

Phone: +1 (448) 488-7811

CRITICAL NOTICE REGARDING RON IDENTITY VERIFICATION & SESSION DATA:

Identity verification data collected during Remote Online Notarization (RON) sessions —

including Knowledge-Based Authentication (KBA), credential analysis, biometric identity

proofing, audio-visual session recordings, and all associated session data for clients

located anywhere in the world — is collected, processed, stored, and retained exclusively

by our approved third-party RON platform provider, BlueNotary. TTLE does not collect,

store, process, or control this identity verification or session data.

RON session recordings are created and retained as required by Florida Statutes Chapter

117 and are governed exclusively by BlueNotary's platform policies, privacy policy, and

applicable Florida law. BlueNotary's own privacy policy and data protection practices

govern all RON session data. Clients engaging RON services are directed to review

BlueNotary's privacy policy at bluenotary.us prior to initiating any session.

2. WHAT PERSONAL INFORMATION WE COLLECT & WHY

TTLE's direct collection of personal data is strictly limited to information voluntarily

submitted through our website inquiry form and related direct communications. We collect

only what is necessary to respond to your inquiry and facilitate service delivery.

A. Website Inquiry Form Data:

We collect your first name, last name, email address, phone number (optional),

the nature of the service you are requesting, and any message you voluntarily

provide. This information is used solely to respond to your inquiry, route your

request to the appropriate TTLE service division, and facilitate any subsequent

service engagement you choose to initiate.

B. Direct Communications Data:

If you contact us directly by email or telephone, we may retain a record of

that communication for service delivery, quality assurance, and administrative

recordkeeping purposes.

C. Technical & Platform Data:

Our website is hosted on the Wix platform. Wix may automatically collect

standard technical data including IP address, browser type, device type, and

page interaction data for website security, analytics, and platform maintenance.

This data is collected and governed by Wix's own privacy policy. TTLE does not

independently operate behavioral tracking or advertising analytics on our website.

D. What We Do NOT Collect Directly:

TTLE does not directly collect, store, or process government-issued

identification, biometric data, Social Security numbers, financial account details,

payment card numbers, RON session recordings, or any sensitive personal

information through our website or inquiry forms. All identity verification and

session data required for RON services is handled exclusively by BlueNotary.

Payment processing is handled through fintech banking platforms and PCI-DSS

compliant third-party processors, as described in Section 5 of this Policy.

3. LAWFUL BASIS FOR PROCESSING

We process personal data submitted through our inquiry form and communications on

the following lawful bases:

Pre-Contractual & Service Delivery: Processing your name and contact

information is necessary to respond to your inquiry and take steps at your

request prior to or in connection with a service engagement.

Legitimate Interests: We have a legitimate interest in maintaining records of

client and prospective client communications for service delivery, quality

assurance, legal compliance, and the administration of our business operations,

where these interests are not overridden by your individual rights.

Consent: By voluntarily submitting our inquiry form, you consent to our use of

the information provided to respond to your request. You may withdraw consent

at any time by contacting Admin@TriTrustLegacy.com. Withdrawal does not

affect the lawfulness of processing prior to withdrawal.

Legal Obligation: We may process and retain certain data as required by

applicable U.S. federal law, Florida law, Ohio law, and other applicable

regulatory requirements governing our licensed operations.

4. DATA RETENTION

We retain personal data only for as long as necessary to fulfill the purposes for which

it was collected and to comply with applicable legal and regulatory obligations.

Active client and inquiry correspondence is retained for 7 years from the date

of last engagement, consistent with standard business recordkeeping practices

and applicable legal requirements.

Inquiries that do not result in a service engagement are retained for no longer

than 2 years, after which records are securely deleted or anonymized.

Website technical and platform data is retained in accordance with Wix's

data retention policies.

Notary journal records are maintained by TTLE in its capacity as a commissioned

Florida Notary Public and are retained in accordance with Florida Statutes Chapter

117, which establishes statutory retention requirements independent of this Policy.

RON session recordings and identity verification records are retained by

BlueNotary in accordance with Florida Statutes Chapter 117 and BlueNotary's

platform retention policies. TTLE does not control the retention of this data.

You may request information about specific retention periods applicable to data we

directly hold by contacting Admin@TriTrustLegacy.com.

5. DATA SHARING, DISCLOSURE & PAYMENT PROCESSING

TriTrust Legacy Enterprises does not sell personal data. We do not share personal data

for cross-context behavioral advertising or any commercial purpose unrelated to service

delivery. We disclose information only under the following circumstances:

Internal Service Delivery: Inquiry and client information may be shared among

authorized TTLE personnel solely for the purpose of responding to and fulfilling

your service request.

Website Platform — Wix: Our website and inquiry forms operate on the Wix

platform. Wix processes form submission data as a platform service provider

subject to its own privacy policy and security standards.

RON Platform — BlueNotary: All RON identity verification, session recordings,

and notarial session data is collected and processed exclusively by BlueNotary.

TTLE does not receive, store, or control this data. See the Critical Notice

preceding Section 2.

Fintech Banking & Payment Platforms: TTLE processes payments through

authorized financial technology (fintech) banking and payment platforms that

support U.S. and U.K. payment rails and multi-currency transactions (USD/GBP).

These platforms are subject to applicable U.S. banking regulations, FinCEN

guidance, Bank Secrecy Act (BSA) requirements, applicable U.K. Financial

Conduct Authority (FCA) regulations, and applicable international financial

compliance standards. TTLE does not store full payment card numbers or

financial account details. All payment data is governed by the privacy and

security policies of TTLE's fintech platform partners. No fiduciary, custodial,

or trust relationship is created by any payment transaction.

Legal Mandates: We will disclose personal information when required by

applicable U.S. federal or state law, court order, subpoena, or governmental

regulation, or where necessary to protect the rights, property, or safety of

TTLE, our clients, or the public.

OFAC & BIS Compliance: We adhere to U.S. Treasury OFAC sanctions programs

and U.S. Bureau of Industry and Security (BIS) export control regulations. We

may be required to screen and disclose information in connection with applicable

sanctions and export control compliance obligations. We do not provide services

to individuals, entities, or jurisdictions subject to U.S. federal sanctions or

export controls.

Corporate Transactions: In the event of a merger, divestiture, restructuring,

or sale of assets, client data may be transferred as a business asset subject

to the same protections outlined herein. Affected individuals will be notified

as required by applicable law.

6. NOTICE TO INTERNATIONAL & OUT-OF-STATE CLIENTS

TTLE is a Florida-based enterprise and all data processing occurs within the United

States. Our website is accessible globally and our inquiry form may be submitted by

individuals located in any U.S. state, territory, or country.

We serve clients throughout all U.S. states and territories. We also serve clients located

anywhere in the world where it is legally permissible to do so for documents with a United

States legal nexus. If you are located outside the United States and voluntarily submit

personal information through our inquiry form or direct communications, that information

will be received and processed in the United States.

All client data — regardless of the client's location — is handled with the same standard

of forensic precision and professional integrity that defines every TTLE engagement.

International clients retain the full rights described in Section 7 of this Policy.

7. YOUR RIGHTS & SOVEREIGNTY

We respect your authority over your personal data. To exercise any right listed below,

contact Admin@TriTrustLegacy.com with the subject line PRIVACY RIGHTS REQUEST.

We will acknowledge your request within 2 business days and provide a substantive

response within 30 calendar days of receipt of a verifiable request.

FOR ALL CLIENTS & INQUIRERS:

Right to Access: Request confirmation of whether we directly hold personal

data about you and, if so, a copy of that data in a readable format. Note: for

RON session data, requests must be directed to BlueNotary directly.

Right to Correction: Request correction of inaccurate or incomplete personal

data we hold about you.

Right to Deletion: Request deletion of your personal data, subject to any

applicable legal retention requirements (e.g., notary journal laws, business

records law, fintech compliance obligations).

Right to Object: Object to our processing of your personal data where that

processing is based on our legitimate interests.

Right to Withdraw Consent: Withdraw consent at any time without affecting

the lawfulness of prior processing.

FOR EU RESIDENTS (GDPR — WHERE APPLICABLE):

To the extent the EU General Data Protection Regulation applies to personal

data you voluntarily submit to TTLE through our inquiry form or direct

communications, you have the right to lodge a complaint with the data

protection supervisory authority in your EU member state of residence.

FOR UK RESIDENTS (UK GDPR — WHERE APPLICABLE):

To the extent the UK General Data Protection Regulation applies to personal

data you voluntarily submit to TTLE, you have the right to lodge a complaint

with the UK Information Commissioner's Office (ICO):

ico.org.uk | 0303 123 1113.

FOR CALIFORNIA RESIDENTS (CCPA/CPRA):

Right to Know: Request disclosure of categories and specific pieces of

personal information collected about you in the past 12 months.

Right to Delete: Request deletion of personal information, subject to

statutory exceptions.

Right to Correct: Request correction of inaccurate personal information.

Right to Non-Discrimination: We will not deny services or treat you

differently for exercising your CCPA/CPRA rights.

Do Not Sell or Share: TTLE does not sell or share personal information

for cross-context behavioral advertising. No opt-out mechanism is required

as we do not engage in these practices.

FOR ALL OTHER U.S. STATES & TERRITORIES:

We honor verifiable privacy rights requests from residents of all U.S. states

and territories consistent with applicable state privacy law. Contact

Admin@TriTrustLegacy.com for jurisdiction-specific inquiries.

8. DIGITAL ARTIFACTS (COOKIES & TRACKING)

Our website is hosted and operated on the Wix platform. Wix may employ cookies and

similar tracking technologies for session management, website analytics, security, and

platform performance. These technologies and their data practices are governed by Wix's

cookie and privacy policies. TTLE does not independently operate behavioral advertising,

cross-site tracking, or third-party data sharing through our website beyond standard Wix

platform functionality. You may manage cookie preferences through your browser settings,

though disabling certain cookies may affect website functionality.

9. SECURITY

We implement appropriate organizational and technical safeguards to protect personal

data submitted through our website and communications, including:

Secure transmission of inquiry form data through Wix's encrypted platform.

Access controls limiting data access to authorized TTLE personnel only.

Reliance on fintech platforms and PCI-DSS compliant payment processors for all

payment transactions, ensuring TTLE does not store sensitive financial data.

RON session security is governed by BlueNotary's platform, which operates

with AES 256-bit encryption at rest, TLS 1.2+ encryption in transit, SOC 2

alignment, and X.509 digital certificate tamper-evident sealing.

Documented procedures for identifying, assessing, and responding to potential

data security incidents.

In the event of a qualifying data breach affecting personal data we directly control, we

will notify affected individuals and relevant regulatory authorities as required by applicable

law, including Florida's breach notification law (Fla. Stat. § 501.171) and any other

applicable federal or state notification requirements. While we implement industry-

appropriate security measures, no digital transmission can be guaranteed as entirely

impenetrable.

10. AI-GENERATED CONTENT

As disclosed in our Terms of Service, portions of our digital presence may utilize

AI-generated or AI-assisted content. No personal data submitted through our inquiry

form is used to train, feed, or inform any AI system. AI-generated content on our

platforms does not alter the data practices described in this Policy.

11. POLICY ON MINORS

Our services are designed exclusively for adults aged 18 and over. We do not knowingly

collect, process, or retain personal data from individuals under the age of 18. If we

become aware that we have inadvertently received data from a minor, we will promptly

delete it. If you believe we have received data from a minor, please contact us immediately

at Admin@TriTrustLegacy.com.

12. POLICY UPDATES & VERSION CONTROL

This Policy is reviewed no less than annually and updated whenever material changes

occur to our data practices, applicable law, or business operations. When we make

material changes, we will update the Last Reviewed date at the top of this document.

Continued use of our platforms following any update constitutes acknowledgement of

the revised Policy.

13. GOVERNING LAW & DISPUTE RESOLUTION

This Policy is governed by the laws of the State of Florida, United States of America.

Amicable Resolution: In the event of a privacy concern, you agree to first

contact Admin@TriTrustLegacy.com to allow us to resolve the matter through

good-faith negotiation within thirty (30) days.

Mediation: If the matter is not resolved through negotiation, it shall be

submitted to mandatory mediation, which may include the Better Business

Bureau (BBB) Dispute Resolution program, a mutually agreed private mediation

service, or a mediation center in Walton County, Florida. Mediation costs are

shared equally. Mediation is a condition precedent to any legal filing.

Jurisdiction: Any unresolved disputes shall be brought exclusively in the state

courts of Walton County, Florida, to the fullest extent permitted by law.

Supervisory Authority Rights: Nothing in this section limits the right of EU

or UK residents to lodge a complaint with their applicable data protection

supervisory authority.

14. CONTACT THE GLOBAL COMMAND CENTER

To exercise your rights, submit a privacy request, or for any inquiry regarding this

Policy, please contact our Compliance Officer:

TriTrust Legacy Enterprises Inc.

755 Grand Blvd, Ste B105-143, Miramar Beach, FL 32550 (Mailing)

Email: Admin@TriTrustLegacy.com

Subject: PRIVACY COMPLIANCE INQUIRY

Phone: +1 (448) 488-7811

This Policy integrates required legal notices and compliance measures. Continued use

of our platforms constitutes acknowledgement and acceptance of these terms to the

fullest extent permitted by applicable law.

TriTrust Legacy Enterprises

TM

Global Reach. Local Relevance. World-Class Integrity.