Legal

Privacy Policy

Last updated: April 13, 2026

Overview

Agora Labs Ltd., a British Virgin Islands business company (“Legion”, the “Company”, “we”, “us”, or “our”), describes in this Privacy Policy how we collect, use, share, store, and safeguard your personal information across our website at uselegion.com, the Legion platform, related events, and any associated services (collectively, the “Services”).

You must agree to this Privacy Policy, our Terms of Use, and any other policies referenced here to access the Services. If you do not agree, you must not use the Services. This Policy applies to all users and to any third-party service providers engaged by Legion to support the Services.

Key Definitions

Data Processing. Any operation performed on personal data including obtaining, recording, collecting, organizing, storing, altering, retrieving, disclosing, or destroying information.

Personal Data. Any information relating to an identified or identifiable individual, including name, contact details, government identifiers, social media usernames, IP addresses, wallet addresses, and transaction data.

User. Any individual, business, or project accessing the Services.

Data Collection

Direct collection. We collect information you provide to us, including identity and contact details (name, email, phone, address), government-issued identification and accreditation documents submitted for Know-Your-Customer (KYC) and investor verification, wallet addresses, financial and professional background, responses to eligibility questions, feedback, support inquiries, and marketing preferences.

Automatic collection. When you use the Services, we automatically collect technical information including browser type and version, operating system, device identifiers, pages viewed, referring URLs, session duration, and IP address, through cookies and similar tracking technologies.

Third-party analytics. We use Google Analytics and other analytics providers to understand how the Services are used. We do not sell your personal information to these providers.

Blockchain data. Any transactions or interactions you conduct on public blockchains are, by their nature, publicly accessible and we have no control over that public data.

Legal Bases for Processing

We process personal data on one or more of the following bases: your consent; the performance of a contract with you or to take steps at your request prior to entering a contract; compliance with our legal obligations; and our legitimate interests in operating, improving, and securing the Services, provided those interests are not overridden by your rights.

How We Use Personal Data

  • To verify your identity and eligibility, including KYC, AML, sanctions, and accredited-investor checks;
  • To operate, maintain, and improve the Services and develop new features;
  • To match qualified investors with private-market opportunities and facilitate your participation in transactions;
  • To communicate with you about your account, transactions, service announcements, and support requests;
  • To personalize content and the user experience;
  • To detect, prevent, and investigate fraud, security incidents, and other unlawful activity;
  • To comply with legal, regulatory, tax, and accounting obligations and to enforce our agreements;
  • To send marketing communications where permitted; and
  • To assess job applicants and administer employment relationships.

How We Share Personal Data

Affiliates. We may share information within our corporate group to provide the Services under this Policy.

Service providers. We share information with vendors and contractors who help us deliver the Services, including identity verification providers, custodians, banking and payment partners, cloud hosting, analytics, communications, and professional advisors. These providers are bound by confidentiality and data-protection obligations.

Deal counterparties. With your authorization and only to the extent necessary, we may share information relevant to a transaction with issuers, sponsors, other investors, or special-purpose vehicles in which you choose to participate.

Legal and compliance. We may disclose information when required by law, subpoena, or other legal process, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business transfers. In connection with a merger, acquisition, financing, reorganization, sale of assets, or bankruptcy, personal data may be transferred as part of the transaction.

Data Security

We implement commercially reasonable technical and organizational measures designed to protect personal data against loss, misuse, unauthorized access, disclosure, alteration, and destruction, including encryption, access controls, logging, and periodic security reviews. No system is perfectly secure, and we cannot guarantee absolute security.

Data Retention

We retain personal data only for as long as necessary to provide the Services, comply with our legal and regulatory obligations (including record-keeping obligations applicable to financial intermediaries), resolve disputes, and enforce our agreements.

Your Rights

Depending on your jurisdiction, you may have the right to access, copy, rectify, port, restrict, or delete your personal data, object to processing, and withdraw consent. To exercise these rights, contact us at [email protected]. We may need to verify your identity before responding and may retain information where we are legally required or permitted to do so.

California residents (CCPA/CPRA)

California residents may request disclosure of the categories and specific pieces of personal information we have collected, request deletion, correction of inaccurate information, and opt out of certain sharing. We do not “sell” personal information as that term is commonly understood. You may exercise these rights by contacting [email protected].

EU/EEA and UK residents (GDPR/UK GDPR)

Residents of the European Economic Area and the United Kingdom have the rights of access, rectification, erasure, restriction, objection, data portability, and to withdraw consent at any time. You also have the right to lodge a complaint with your local data protection authority.

Marketing Preferences

You may opt out of promotional communications at any time by following the unsubscribe link in our emails or by contacting us. Operational messages about your account, transactions, or the Services cannot be declined while you are a user.

International Data Transfers

Legion operates internationally, and your personal data may be transferred to, stored, and processed in countries other than the one in which you reside. Where required, we take appropriate safeguards to ensure that your personal data receives an adequate level of protection.

Children’s Privacy

The Services are not intended for, and we do not knowingly collect personal data from, children under the age of 18. If you believe we have collected information from a child, please contact [email protected] and we will take appropriate action.

Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page reflects the date of the most recent changes. Your continued use of the Services after an update constitutes acceptance of the revised Policy.

Contact

Agora Labs Ltd. (BVI), operator of Legion.
Privacy inquiries: [email protected]

Questions? Contact us at [email protected].

Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now
Private deals. Real liquidity. No 10-year lock-up.Apply Now