Privacy Policy

Last Updated: December 1, 2024

In order to ensure transparency and give you more control over yourpersonal information, this privacy policy (“Privacy Policy”) governs howwe, Token Security Inc. and our subsidiaries (collectively, “Token Security”,“we”, “our” or “us”) use, collect and store personalinformation that we collect or receive from or about you (“you”) inconnection with https://token.security and the services provided by us.

Please read this Privacy Policy carefully, so you can fully understandour practices in relation to personal data. “Important note:Nothing in this Privacy Policy is intended to limit in any way your statutoryrights, including your rights to a remedy or other means of enforcement.

Table of contents:

1.  What personal information we collect,why we collect it, and how it is used

2.  How we protect and retain yourpersonal information

3.  How we share your personal information

4.  Your privacy rights

5.  International transfers of personalinformation

6.  Use by children

7.   Interaction with third party products

8.   Analytic tools/ Cookies

9.   Specific provisions applicable underCalifornia privacy law

10.  Contact us

This Privacy Policy can be updatedfrom time to time and, therefore, we ask you to check back periodically for thelatest version of this Privacy Policy.  If we implement material changesin the way we use your information, in a manner that is different from thatstated at the time of collection, we will notify you by posting a notice on ourWebsite or by other means and take any additional steps as required byapplicable law.

1. WHAT PERSONAL INFORMATION WE COLLECT, WHY WE COLLECTIT, AND HOW IT IS USED

(i) We Process the Following Personal Information:

  1. Information provided through our services. We collect personal information that you     voluntarily provide, such as your full name, email address, password, as     well as any other information that you decide to provide us. We also     collect the contact and billing information of our customers.  
  2. Information provided through the Website. When you use the Website, we collect and process full     name, email address, phone number, job title, country/region and any other     information provided when you interact with the Website, for example, when     you send us a request for a demo or contact us.
  3. Information automatically collected. We automatically collect certain information     through your use of Token Security's     Website, such as cookie, pixels, tracking technologies and similar     identifiers (“Technologies”), your     Internet protocol (IP) address, and other device identifiers that are     automatically assigned to your device, browser type and language,     geo-location information, hardware type, operating system, internet     service provider and other information about actions taken through the use     of the Website.
  4. Information from Other Sources. Token Security also obtains information about you from other     sources, including publicly - or commercially- available information, and     through third-party data platforms, partners and service providers.
  5. Information you provide to us in person. For example, when you visit one of our     exhibition booths or attend one of our events and you provide us with your     contact details. We will use this information to answer your enquiries or     provide additional information to you.
  6. Information we collect from online interactions. For example, if you     attend a webinar, contact us via social media or otherwise interact with     our business, including as a representative of a current / prospective     customer, supplier or partner, we track and make a record of those     interactions, which may contain your contact details, such as full name,     email address, messages and any other information that you decide to     provide us with.

(ii) We process information for the following purposes:

  1. To     provide you with our services. We will use the information,     including, without limitation, for the following purposes: (i) allow you     to create an account; (ii) to provide you the services and to process your     requests; (iii) communicate with you about your use of the services and     for support purposes;  (iv) send you     push notifications and/or emails and notifications regarding your account     or certain features of our services, including, updates pertaining to your     subscription, and related to the services we provide you with; (v) to     personalize your experience with our services; (vi) to allow you to create     more users and administrate your users; and (vii) to generally administer     and improve the services.
  2. To allow you to make use of our Website. We will use your information to allow you to make     use of our Website, including, (i) if you request a demo, we will use your     personal data to process and answer your request for a demo; (ii) to     answer your questions and to allow you to communicate with us (e.g., by     using the Website chat); (iii) to analyze your use of our Website and to     improve our Website; and (iv) to customize your experience.
  3. For Administrative Purposes. Token Security     use your information (i) to respond to your questions, comments, and other     requests for customer support, or information, including information about     potential or future services; (ii) to provide you with the Token Security services;     (iii) for internal quality control purposes; (iv) to establish a business     relationship; and (v) to generally administer the Token Security services.
  4. To     Market our Website and services. Token Security use information to market the Token Security services.     Such use includes (i) notifying you about offers and services that may be     of interest to you; (ii) tailoring content, advertisements, and offers for     you, including, targeting and re-targeting practices; (iii) conducting     market research; (iv) developing and marketing new products and services,     and to measure interest in Token Security's services; (v) other purposes     disclosed at the time you provide information; and (vi) as you otherwise     consent.
  5. Security     purposes. Some of the     abovementioned information will be used for detecting, taking steps to     prevent and prosecuting fraud or other illegal activity; to identify and     repair errors; to conduct audits; and for security purposes. Information     may also be used to comply with applicable laws, with investigations     performed by the relevant authorities, law enforcement purposes, and/or to     exercise or defend legal claims.
  6. De-identified     and Aggregated Information Use. In certain cases, we may or will anonymize or de-identify your     Information and further use it for internal and external purposes,     including, without limitation, to analyze and improve Token Security     services (including through the use of artificial intelligence) and for     research purposes. We will use this anonymous or de-identified information     and/or disclose it to third parties without restrictions (for example, in     order to improve our services and enhance your experience with them and/or     to develop new product features and improve existing offerings).
  7. Cookies     and Similar Technologies. We, as well as third parties that     provide content, advertising, or other functionality on the Token Security Website and services, use Technologies to     automatically collect information through the Website and services. We use     Technologies that are essentially small data files placed on your device     that allow us to record certain pieces of information whenever you visit     or interact with the Website and services. If you would like to opt out of     the cookies and similar technologies we employ on the Website and services,     you may do so by blocking, deleting, or disabling them as your browser or     device permits or by changing your setting and preferences.

(iii) The lawful bases we rely on for processing personal information are (ifand when applicable):

  1. The data subject has given consent to the processing of his or her personal data;
  2. Processing is necessary for the performance of a contract to which the data subject is     party or in order to take steps at the request of the data subject prior     to entering into a contract;
  3. processing is necessary for compliance with a legal obligation to which the controller     is subject; and/or
  4. Processing is necessary for the purposes of the legitimate interest.

2. HOW WEPROTECT AND RETAIN YOUR PERSONAL INFORMATION

2.1. Security. We have implemented and maintain reasonable technical, organizationaland security measures designed to protect your information. However, pleasenote that we cannot guarantee that the information will not be compromised as aresult of unauthorized penetration to our servers. As the security ofinformation depends in part on the security of the computer, device or networkyou use to communicate with us and the security you use to protect your userIDs and passwords, please make sure to take appropriate measures to protectthis information.

2.2. Retention of your information. Your information will be storeduntil we delete our records, and we proactively delete it, or if you send avalid deletion request. Please note that in some circumstances we store yourinformation for longer periods of time, for example (i) where we are requiredto do so in accordance with legal, regulatory, tax oraccounting requirements, or (ii) for us to have an accurate record of yourdealings with us in the event of any complaints or challenges, and/or (iii) ifwe reasonably believe there is a prospect of litigation relating to yourinformation or dealings.

3. HOW WE SHARE YOUR PERSONAL INFORMATION  

We share your information as follows:

3.1. The information Token Security gathersis shared with our partners and other third parties.

3.2. We also shareinformation with our affiliated companies about you.

3.3. We use third party service providersto process your information for the purposes outlined above, including, withoutlimitation:

3.3.1. With cloud service providers for hosting purposes;

3.3.2. With websites and web content creation platforms in order to help usmanage our Website;

3.3.3. With email providers, marketing, CRM, other similar tool providers;

3.3.4. With analytic companies, in order to help us understand and analyzeinformation we collect in accordance with this policy; and

3.4. To the extent necessary, withregulators, courts, banks or competent authorities, to comply with applicablelaws, regulations and rules (including, without limitation, federal, state orlocal laws), and requests of law enforcement, regulatory and other governmentalagencies or if required to do so by court order, as well as for internalcompliance procedures and to protect the safety, security, and integrity of TokenSecurity, our services, customers, employees, property, and the public..

3.5. If, in the future, we sell ortransfer, or we consider selling or transferring, some or all of our business,shares or assets to a third party, we will disclose your information to suchthird party (whether actual or potential) in connection with the foregoingevents (including, without limitation, our current or potential investors). Inthe event that we are acquired by, or merged with, a third party entity, or inthe event of bankruptcy or a comparable event, we reserve the right totransfer, disclose or assign your information in connection with the foregoingevents.

3.6. Where you have otherwise provided yourconsent to us for sharing or transferring your information.

4.     YOUR PRIVACY RIGHTS

4.1. Thefollowing rights (which may be subject to certain exemptions or derogations)shall apply to certain individuals (some of which only apply to individualsprotected by specific laws):

i. Youhave the right to withdraw consent to the processing, where consent is thebasis of processing.

ii. Youhave the right to access the personal information that we hold and requestfurther details about how we process it, under certain conditions.

iii. Youhave the right to demand rectification of inaccurate personal information aboutyou. We will promptly correct any information found to be incorrect.

iv. Youhave the right to object to unlawful data processing under certain conditions.

v. Youhave the right to the erasure of past data about you (your “right to beforgotten”) under certain conditions.

vi. Youhave the right to demand that we restrict the processing of your personalinformation, under certain conditions, if you believe we have exceeded thelegitimate basis for processing, the processing is no longer necessary, or ifyou believe your personal information is inaccurate.

vii. Youhave the right to data portability of personal information concerning you thatyou provided us in a structured, commonly used, and machine-readable format,subject to certain conditions.

viii. Thepersonal information we collect is not used for automated decision-making andprofiling, except for automated processes in the context of marketing. Asstated above, you can opt out of direct marketing by TokenSecurity by contacting Token Security directlyor by following the instructions through the unsubscribe options in our email messages.

 

4.2. You can exercise your rights by contacting us at privacy@token.security.You may use an authorized agent to submit a request on your behalf if youprovide the authorized agent written permission signed by you. To protect yourprivacy, we may take steps to verify your identity before fulfilling yourrequest. Subject to legal and other permissible considerations, we will makeevery reasonable effort to honor your request promptly in accordance withapplicable law or inform you if we require further information in order tofulfil your request. When processing your request, we may ask you foradditional information to confirm or verify your identity and for securitypurposes, before processing and/or honoring your request. We reserve the rightto charge a fee where permitted by law, for instance if your request ismanifestly unfounded or excessive. In the event that your request wouldadversely affect the rights and freedoms of others (for example, would impactthe duty of confidentiality we owe to others) or if we are legally entitled todeal with your request in a different way than initial requested, we willaddress your request to the maximum extent possible, all in accordance withapplicable law.

 

4.3. Deleting your account:Should you ever decide to delete your account, you may do so by emailing support@token.security. If youterminate your account, any association between your account and personal datawe store will no longer be accessible through your account. However, given thenature of sharing on certain services, any public activity on your accountprior to deletion will remain stored on our servers and will remain accessibleto the public.

 

4.4. Marketing emails – opt-out: You may choose not to receivemarketing email by sending a single email with the subject "BLOCK" tounsubscribe@token.security. Please note that the email must comefrom the email account you wish to block OR if you receive an unwantedemail from us, you can use the unsubscribe link found at the bottom of theemail to opt out of receiving future emails, and we will process your requestwithin a reasonable time after receipt.                                                              

5. INTERNATIONALTRANSFERS OF PERSONAL INFORMATION

a)We store the personal data with the followingstoring companies: AWS,  – NorthVerginia, US.

b)In order to run our business and provide our Websiteand services to you, we transfer personal data to certain countries around theworld, including to our affiliates and service providers, many of whom arelocated outside of your jurisdiction. Therefore, your personal data may beprocessed in countries with privacy laws that are different from privacy lawsin your country. Whenever we make such transfers, we will use commerciallyreasonable efforts to implement an appropriate level of protection to yourpersonal data by implementing at least one of the following safeguards:

i. making sure the destination country has been deemedto provide an adequate level of protection for personal data; and/or

ii. by executing implement data onward transferinstruments such as data processing and protection agreements.

6.USE BY CHILDREN.

We do not offer our products orservices for use by children and, therefore, we do not knowingly collectinformation from, and/or about children under the age of 18. If you are underthe age of 18, do not provide any information to us without the involvement ofa parent or a guardian. In the event that we become aware thatyou provide information in violation of applicable privacy laws, we reserve theright to delete it. If you believe that we might have anysuch information, please contact us at privacy@token.security.

7. INTERACTIONWITH THIRD PARTY PRODUCTS.

We enable you to interact with thirdparty websites, mobile software applications and products or services that arenot owned, or controlled, by us (each, a “Third Party Service”). We arenot responsible for the privacy practices or the content of such Third PartyServices. Please be aware that Third Party Services can collect informationfrom you. Accordingly, we encourage you to read the terms and conditions andprivacy policies of each Third Party Service.

8. ANALYTIC TOOLS

  • Google     Analytics. The Website uses a     tool called “Google Analytics” to collect information about use of     the Website. Google Analytics collects information such as how often users     visit this Website, what pages they visit when they do so, and what other     websites they used prior to coming to this Website. We use the information     we get from Google Analytics to maintain and improve the Website and our     products. We do not combine the information collected through the use of     Google Analytics with information we collect. Google’s ability to use and     share information collected by Google Analytics about your visits to this     Website is restricted by the Google Analytics Terms of Service, available     at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available     at http://www.google.com/policies/privacy/. You may learn more about how Google collects and     processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by     Google Analytics by downloading and installing the Google Analytics     Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.  
  • Hotjar. We use Hotjar in order to better understand our     users’ needs and to optimize this service and experience. Hotjar is a     technology service that helps us better understand our users’ experience     (e.g. how much time they spend on which pages, which links they choose to     click, what users do and don’t like, etc.) and this enables us to build     and maintain our service with user feedback. Hotjar uses cookies and other     technologies to collect data on our users’ behavior and their devices.     This includes a device's IP address (processed during your session and     stored in a de-identified form), device screen size, device type (unique     device identifiers), browser information, geographic location (country     only), and the preferred language used to display our website. Hotjar     stores this information on our behalf in a pseudonymized user profile.     Hotjar is contractually forbidden to sell any of the data collected on our     behalf.  For further details, please see the     ‘about Hotjar’ section of Hotjar’s support site.
  • Facebook Pixels and SDKs. We use Facebook pixels or SDKs, which are tools     that provide help to website owners and publishers, developers,     advertisers, business partners (and their customers) and others integrate,     use and exchange information with Facebook, as such the collection and use     of information for ad targeting. Please note that third parties, including     Facebook, use cookies, web beacons, and other storage technologies to     collect or receive information from your websites and elsewhere on the     internet and use that information to provide measurement services and     target ads. Facebook’s ability to use and share information is governed by     the Facebook Tools Terms, available at: https://www.facebook.com/legal/technology_terms/. You     can prevent your data from being used by Facebook Pixels and SDKs by     exercising your choice through these mechanisms: http://www.aboutads.info/ choices or http://www.youronlinechoices.eu/.

·      LinkedinPixel. We use LinkedIn pixels and Insight Tags,which are tools that allow us to send data to LinkedIn and its affiliates aboutactions that people take on our Website, in order to use LinkedIn's tool toassess the performance and effectiveness of our campaigns and to optimize ourcampaigns. The LinkedIn Insight Tag enables the collection of data regardingmembers’ visits to our Website, including IP address, device and browsercharacteristics, and timestamp. LinkedIn's ability to use and share yourinformation is governed LinkedIn's Ads Agreement, available here: https://www.linkedin.com/legal/sas-terms.You can opt-out of having your data used by LinkedIn through this link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out,or through these standard opt-out websites: www.networkadvertising.org/choicesor www.aboutads.info/choices.

  • HubSpot. We use a tool called “HubSpot”, a mobile     attribution and marketing analytics platform, to understand the use of our     services. HubSpot is exposed to unique identifiers and technical data,     such as IP address of the internet service provider. The use of this data     allows us to analyze our campaigns and performance, as well as your habits     and characteristics. HubSpot’s terms of use (available at: https://legal.hubspot.com/website-terms-of-use)     and privacy policy (available at: https://legal.hubspot.com/privacy-policy)     also apply to the use of HubSpot.
  • LogRocket. We     use LogRocket     in order to better understand your needs and to optimize the service.     LogRocket uses cookies and other technologies to collect data on your     behavior and devices (in particular device’s IP address, device screen     size, device type (unique device identifiers), browser information,     geographic location (country only) and preferred language used to display     our Website). LogRocket stores this information in a pseudonymized user     profile. Neither LogRocket nor we will ever use this information to     identify individual users or to match it with further data on an     individual user. For further details, please see LogRocket’s privacy     policy at https://logrocket.com/privacy/. You can opt-out to the creation of a user profile, more details at https://logrocket.com/privacy/     under “Data Subject Rights”.
  • We reserve the right to remove or add new analytic tools, cookies, pixels and     other tracking technologies.

9. DO NOT TRACK.

Do Not Track (“DNT”) is a privacy preference that users can set incertain web browsers.  Please note thatwe do not respond to or honor DNT signals or similar mechanisms transmitted byweb browsers        

10. CONTACT US.

If you have any questions,concerns or complaints regarding our compliance with this notice and the data protectionlaws, or if you wish to exercise your rights, we encourage you to first contactus at contact@token.security.

Book a Demo
©X Token Security. All rights reserved
Terms of UsePrivacy Policy