Thor Technologies, Inc. Privacy Policy

Last updated: June 21, 2018

Thor Technologies, Inc, ("Thor", "we", "us" and "our") respects and protects the privacy of visitors to our websites and our customers who use our services. To ensure transparency this Privacy Policy describes our information handling practices when you access our website located at www.thorpayments.com and/or when you use the Thor mobile app or third party applications relying on such an API, and related services (referred to collectively hereinafter as "Services").

Please take a moment to read this Privacy Policy carefully. If you have any questions about this Privacy Notice, please contact us at support@thortoken.com.

ACCEPTANCE OF PRIVACY POLICY

By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described below. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time, and when required by law, we will notify you of changes to this Privacy Policy. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our Services prior to the change becoming effective.

Thor may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify Thor's privacy practices or may provide you with additional choices about how Thor processes your personal information.

THE PERSONAL INFORMATION WE COLLECT

Personal information is data that can be used to identify you directly or indirectly, or to contact you. Our Privacy Policy covers all personal information that you voluntarily submit to us and that we obtain from our partners. This Privacy Policy does not apply to anonymized data as it cannot be used to identify you.

Except as described in this Privacy Policy, Thor will not give, sell, rent or loan any personal Information to any third party.

We collect personal information to provide you with our Services. When we require certain personal information from users it is because we are required by applicable law to collect this information or it is relevant for specified purposes. Any information you provide to us that is not required is voluntary. You are free to choose whether to provide us with the types of personal information requested, but we may not be able to serve you as effectively or offer you all of our Services when you do choose not to share certain information with us.

For example, we collect personal information which is required under the law to open an account, add a payment method, or execute a transaction. We also collect personal information when you use or request information about our Services, subscribe to marketing communications, request support, complete surveys, or sign up for a Thor event. We may also collect personal information from you offline, such as when you attend one of our events, or when you contact customer support. We may use this information in combination with other information we collect about you, as set forth in this Notice.

Here are some specific examples of the types of personal information Thor may collect and how we may use it:

  • When you create an account or use Thor Services, we, or our affiliates vendors acting on our behalf may collect the following types of information to meet our legal obligations: your name, date of birth, social security number, driver number ID, personal ID, address, phone, email, full bank account details and/or credit card numbers that you link to your Thor account or input when you use Thor Services. Thor will use this information to fulfill your requests and provide the relevant Services.
  • If you seek permissions to raise Digital Currency buy and sell limits associated with your Thor Account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. This information may include your date of birth, taxpayer or government identification number, a copy of your government-issued identification, or other personal information. We may also obtain information about you from third parties such as credit bureaus and identity verification services.
  • Whenever you contact us or respond to our communications (e.g., email, telephone, written), we receive your contact information and any other personal information you choose to provide us. Thor will use such information to fulfill your requests or to provide services.
  • You may choose to provide us with access to certain personal information stored by third parties such as social media sites (such as Facebook and Twitter). The information we have access to varies by site and is controlled by your privacy settings on that site and your authorization.

 

In addition, we may collect personal information disclosed by you on our message boards, chat features, blogs and our other services to which you are able to post information and materials. Any information that is disclosed in those forums becomes public information and may therefore appear in public ways, such as through search engines or other publicly available platforms, and may be "crawled" or searched by third parties. It could also be read, collected or used by other users to send you unsolicited messages. Please do not post any information that you do not want to reveal to the public at large.

HOW YOUR PERSONAL INFORMATION IS USED

Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customized experience. In general, we use personal information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes. Examples of how we may use this information include:

  • To comply with our legal obligations.
  • To prevent and investigate potentially prohibited or illegal activities, and/or violations of our posted user terms.
  • To process transactions and send notices about your transactions.
  • To verify your identity by comparing your personal information against third-party databases.
  • To send administrative or account-related information to you.
  • To enforce our agreements with third parties.
  • To resolve disputes, collect fees, and troubleshoot problems.
  • For quality control and staff training.
  • To enhance security, monitor and verify identity or service access, combat spam or other malware or security risks.
  • To provide you with Thor Services and customer support that you request.
  • To better understand our customers and end-users and the way they use and interact with Thor Services.
  • To provide a personalized experience, and implement the preferences you request.
  • To communicate with you about our events or our partner events.
  • To customize, measure, and improve Thor Services and the content and layout of our website and applications.
  • To deliver targeted marketing, service update notices, and promotional offers based on your communication preferences (where this in accordance with the law).

 

We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission. From time to time we may request your permission to allow us to share your personal information with third parties. You may opt out of having your personal information shared with third parties, or from allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. If you choose to so limit the use of your personal information, certain features or Thor Services may not be available to you.

INFORMATION FROM THIRD PARTY SOURCES

From time to time, we may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms.

Public Databases, Credit Bureaus & ID Verification Partners

We obtain information about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you based on public interest grounds to ensure our Services are not used fraudulently or for other illicit activities.

Resellers, Channel Partners, Joint Marketing Partners, and Social Media Platforms

We collect information about your publicly available social media profile, interests or preferences, and page-view information from some business partners with which we operate co-branded services or joint offerings. There are multiple purposes for collecting this information. First, we process such information to better understand you and/or maintain and improve the accuracy of the records we hold about you as well as to position, promote or optimize our Services. In addition, we may also use this information in conjunction with your browsing habits / preferences (as obtained from our data partners) and your contact details, professional information and Thor transaction history to deliver targeted advertising and marketing to you, where permitted by applicable law and in accordance with your advertising / marketing preferences. Second, we also process such information to provide support to you as part of our contractual obligations to you. Lastly, we process such information in the public interest because it helps us monitor, prevent and detect fraud.

Once we obtain such information from third parties, we do not subsequently share it with any other third parties except as described in this Policy. This information is shared with Thor's processors and corporate group as necessary to perform the Services.

WHY WE SHARE PERSONAL INFORMATION WITH OTHER PARTIES

We take care to allow your personal information to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. Thor will never sell or rent your personal information. We will only share your information in the following circumstances: 

  • We share your information with third party identity verification services in order to prevent fraud. This allows Thor to confirm your identity by comparing the information you provide us to public records and other third party databases. These service providers may create derivative data based on your personal information that can be used solely in connection with provision of identity verification and fraud prevention services.
  • Thor may use Dwolla Inc., ("Dwolla") to verify your bank account and confirm your bank account balance prior to approving a transaction. Thor only shares your information with Dwolla in accordance with this Privacy Policy. Information shared with Dwolla is treated by Dwolla in accordance with its Privacy Policy, at https://www.dwolla.com/legal/privacy/.
  • We may share your information with service providers under contract who help with parts of our business operations such as bill collection, marketing, and technology services. Our contracts require these service providers to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.
  • We share your information with financial institutions with which we partner to process payments you have authorized.
  • We may share your information with companies or other entities that we plan to merge with or be acquired by. Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your personal information. You will receive prior notice of any change in applicable policies.
  • We may share your information with companies or other entities that purchase Thor assets pursuant to a court-approved sale under U.S. Bankruptcy law;
  • We may share your information with law enforcement, and officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our User Agreement or any other applicable policies..

If you establish a Thor account indirectly on a third party website or via a third party application, any information that you enter on that website or application (and not directly on a Thor website) will be shared with the owner of the third party website or application and your information will be subject to their privacy policies.

HOW PERSONAL INFORMATION IS SHARED WITH THIRD-PARTY SITES AND SERVICES

If you use your Thor Account to transfer Digital Currency in connection with the purchase or sale of goods or services, we or you may also provide the seller with your shipping address, name, and/or email to help complete your transaction with the seller. The seller is not allowed to use this information to market their services to you unless you have agreed to it. If an attempt to transfer Digital Currency to your seller fails or is later invalidated, we may also provide your seller with details of the unsuccessful transfer. To facilitate dispute resolutions, we may provide a buyer with the seller's address so that goods can be returned to the seller.

In connection with a Digital Currency transfer between you and a third party, including merchants, a third party may share information about you with us, such as your email address or mobile phone number which may be used to inform you that a transfer has been sent to or received from the third party. We may use this information in connection with such transfers to confirm that you are a Thor customer, that Digital Currency transfers are enabled, and/or to notify you that you have received Digital Currency. If you request that we validate your status as a Thor customer with a third party, we will do so. You may also choose to send Digital Currency to or request Digital Currency from an email address. In such cases, your user name will be displayed in an email message notifying the user of the designated email address of your action. 

Please note that merchants you interact with may have their own privacy policies, and Thor is not responsible for their operations, including, but not limited to, their information practices. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.

If you authorize one or more third-party applications to access your Thor Account, then information you have provided to Thor may be shared with those third parties. Unless you provide further authorization, these third parties are not allowed to use this information for any purpose other than to facilitate your transactions using Thor Services.

HOW WE PROTECT AND STORE PERSONAL INFORMATION

We understand how important your privacy is, which is why Thor maintains (and requires its service providers to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the personal information you entrust to us.

We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the United States and elsewhere in the world where our facilities or our service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfill their job responsibilities. Full credit card data is securely transferred and hosted off-site by a payment vendor in compliance with Payment Card Industry Data Security Standards (PCI DSS). This information is not accessible to Thor's staff.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy.

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

As a global entity, Thor may store, transfer, and otherwise process your personal information in countries outside of the country of your residence, including the United States and possibly other countries.

Thor participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Thor is committed to subjecting all personal information received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.

Thor is responsible for the processing of personal information it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Pursuant to the Privacy Shield Principles, Thor will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take all reasonable steps to ensure that personal information we process is limited to only what is relevant to the purposes for which it was collected and that it is accurate, complete, and up-to-date.

Thor complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions. Consequently, before Thor shares your information with any third party that is not also certified under the E.U.-U.S. Privacy Shield Framework, Thor, Inc. will enter into a written agreement that the third party provides at least the same level of privacy safeguard as required under those Frameworks, and assures the same level of protection for the personal information as required under applicable data protection laws.

Thor, Inc. commits to resolve European data subjects' complaints about their privacy and our collection, use or disclosure of their personal information in compliance with the EU-U.S. Privacy Shield Principles. European data subjects with inquiries or complaints regarding this Privacy Policy should first contact Thor at support@thortoken.com.

If you are a European data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. Our independent dispute resolution mechanism is the International Centre for Dispute Resolution ("ICDR"), operated by the American Arbitration Association ("AAA"). For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor.

We are also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with respect to the Framework. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel. In certain situations, Thor may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

HOW YOU CAN ACCESS OR CHANGE YOUR PERSONAL INFORMATION

You are entitled to review, correct, or amend your personal information, or to delete that information where it is inaccurate. You may do this at any time by logging in to your account and clicking the Profile or My Account tab. This right shall only be limited where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.

If you close your Thor account, we will mark your account in our database as "Closed," but will keep your account information in our database for a period of time described above. This is necessary in order to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account. However, if you close your account, your personal information will not be used by us for any further purposes, nor sold or shared with third parties, except as necessary to prevent fraud and assist law enforcement, as required by law, or in accordance with this Privacy Policy.

RETENTION OF PERSONAL INFORMATION

We store our customers' personal information securely throughout the life of the customer's Thor Account. Thor will retain your personal information for a minimum of five years or as necessary to comply with our legal obligations or to resolve disputes.

COLLECTION & USE OF INFORMATION COLLECTED AUTOMATICALLY

We receive and store certain types of information automatically, such as whenever you interact with the Sites or use the Services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.

For example, we automatically receive and record information on our server logs from your browser, including how you came to and used the Services; your IP address; device type and unique device identification numbers, device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL), broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser. We may also collect information about how your device has interacted with our website, including pages accessed and links clicked. We may use identifiers to recognize you when you arrive at the Site via an external link, such as a link appearing on a third party site.

Please refer to the Thor Cookie Policy for more information about our use of cookies.

CHILDREN'S PERSONAL INFORMATION

We do not knowingly request of collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, Thor will require the user to close his or her account and will not allow buying or selling digital currencies. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.

California Privacy Rights

If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your personal information with third parties for the third parties' direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information: (a) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.

You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing support@thortoken.com.

HOW TO CONTACT US

If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, you should first contact us either by emailing us at support@thortoken.com, via our support page or by writing to us at Thor Technologies, Inc., 1161 Mission Street, San Francisco, CA 94104, USA, or by calling us at 1-617-515-5067.