Last Updated: February 13, 2022
The Site is owned and operated by Digital Asset Redemption, LLC (“DAR”). DAR is referred to as “us”, “we” or “our” throughout this policy. When we refer to “you” and “your” in this policy, we are referring to you as a visitor to and user of the Site.
1. HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION
A. What Is Personal Information? Personal information refers to information that we can use to personally identify a specific individual. Different states and countries define personal information (and similar terms, such as personal data and personally identifiable information) to include different things, but it generally includes information like your name, mailing address, email address, and phone number. It may also include your computer or mobile device IP address, if that IP address can be linked to a particular person, or geo-location information, again if that information can be used to pinpoint a specific person.
B. Providing Personal Information Is Your Choice. You are in control of whether you provide us with your personal information – you can visit and view the Site without disclosing any personal information about yourself. However, if you choose to make use of DAR’s features or services, you likely will need to provide certain personal information to us. For example, if you retain DAR to perform ransomware victim support services, you will be required to provide information about you to enable DAR to perform customer due diligence. Although DAR is not a financial institution and only acts as an agent for victims of ransomware, it is nevertheless DAR’s policy to prohibit and actively prevent money laundering and any activity that facilitates money laundering or the funding of terrorist or criminal activities by complying with all applicable requirements under the Bank Secrecy Act (BSA) and its implementing regulations. As such, DAR collects customer information from all potential customers.
If you are not comfortable with providing information to us, you should not do so. Although that will affect your ability to use our ransomware victim support services, that is your choice. If you do provide us with any personal information, you agree that it will be accurate and complete, and you understand that it is your responsibility to update your personal information as necessary to keep it current.
C. The Personal Information We Collect, Why We Collect It, and How We Use It. The amount and type of personal information we collect from you depends on your activities and use of our Site and our ransomware victim support services. Below, we describe the types of personal information we collect, our reasons for collecting that information, and how we use it.
Device and Browsing Information. When you visit our Site, we may collect your device IP address, referring website(s), browser and device types, and the pages that you visit. Note that although this information may be considered personal information under some laws, we do not link it to other personal information about you.
Identification and Contact Information. This is information that identifies you as an individual (like your first and last name), that allows us to verify business customer’s identity, and enables us to contact you (like your email address, mailing address, or phone number).
We will collect this information if you utilize any DAR’s ransomware victim support services (the “Services”). We will also be provided with your name and email address if you reach out to us using any “Contact Us” features of the Site.
We also collect and use this information for the purposes of (a) verifying your identity when you onboard with DAR; (b) transacting business with you, which includes receiving your payment instructions to fulfill your payment requests, contacting you about your digital asset wallet or payment instructions, conducting customer service, and seeking feedback on our products and Services; (c) responding to any inquiry you send to us; (d) conducting transaction monitoring required by applicable law or by our internal due diligence policy; and (e) subject to your right to opt out and subject to applicable law, sending you newsletters or other promotional materials.
Financial Account Information. If you utilize the Services, we will collect applicable financial information from you, to create your digital wallet, facilitate payments, and conduct transaction monitoring. We also collect account and other information that you provide about intended payment recipients to facilitate your payment to those third parties and to notify the recipient of payments.
Other Credit and Personal Information. We may collect additional credit information and other personal information from third party vendors for the purpose of performing identify verification or transaction monitoring.
D. Certain Generally-Applicable Uses of Personal Information. In addition to the specific uses described above, the personal information we collect may be used for the following additional purposes, all of which are related to our operation of our business and our provision of services:
- Evaluating and improving our Site and our product and service quality;
- Complying with legal requirements; and
- Preventing and addressing fraud and breaches of our Site requirements and policies.
E. How Long We Keep Personal Information. We collect personal information for as long as we continue to have a business need to do so (which will be at least as long as you continue have an open reservation or, if applicable, an account on our Site), unless a longer period is required by law. Business needs include legal, taxation, accounting, risk management, and other business purposes.
2. HOW AND WHY WE SHARE PERSONAL INFORMATION
- DAR and its Service Providers receive and share information as necessary to conduct customer due diligence and to perform its Services.
- We may provide personal information to third-party service providers (“Service Providers”) who assist DAR with verifying customer identity, conducting transaction monitoring, performing other tasks necessary for customer due diligence.
- We may provide personal information to Service Providers who assist DAR with email marketing, analyzing DAR’s cloud consumption, and assist in customer relationship management.
- We will use personal information provided by you to notify you about your payment activity, verify your identity and account information, provide customer support, process transactions, and collect fees.
- To the extent third party analytics software is used to improve the functionality of the Site, the providers of the software may receive information about your use and interaction with the software in order to assist us with providing and improving the Site and our Services.
- If needed to perform its Services, we will provide personal information to our other trusted service providers who need to use that information to conduct business on our behalf.
- We may share your personal information with our company affiliates and business partners for our and their legitimate business purposes, including so that we or they may provide you with improved service offerings and with promotional emails or other materials that may interest you. If you do not wish for us to share your information in this manner, please let us know by contacting us at email@example.com.
- We will release information, including personal information, if we believe that doing so is appropriate to (a) comply with law, regulations, legal process or governmental requests, (b) enforce any policies applicable to the Site or Services, (c) detect, prevent or otherwise address fraud, security or technical issues, or (d) otherwise protect the rights, property or personal safety of us, our employees, Site users, or others.
- We may share information, including personal information, in connection with, during negotiations of, or as a part of the closing of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company in which personal information about the users of our Site and Services is among the assets transferred.
We do not sell, rent, or lease any personal information that we collect about you through the Site or our Services to anyone for any purpose, other than as disclosed, unless you have given us your separate express permission to do so.
3. COOKIES AND OTHER TRACKING TECHNOLOGY
persistent cookies to store your email address and, subject to our Site features and your setting preferences, your account login information, so you don’t have to enter it more than once. We also use persistent cookies to store financial account information and payments-specific data and to monitor and analyze Site traffic.
Most web browsers automatically accept cookies and other tracking technologies, but you can usually change your settings to prevent that, such as by having your device warn you each time a cookie is being sent or choosing to turn off all cookies. On our Site, you will be able to disable all cookies other than persistent cookies that are required when you make a payment. This can be done through your web browser settings, and because each browser is different, you should look at your browser’s “Help” menu to learn how to modify your cookie settings.
If you do disable cookies from your browser, you may not be able to access certain Services or sections of the Site that use essential cookies, and this may make your experiences on the Site less efficient.
B. Third Party Tracking Technologies. We may allow third parties to set cookies during your visit to the Site. These are third parties that provide us with information about how you use the Site.
We cannot control any third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
C. Do Not Track Requests. Currently, certain browsers offer a “do not track” (“DNT”) option. This option, using a technology known as a DNT header, sends a signal to websites visited by the user about the user’s DNT preference, if any, set on the browser. We do not currently commit to responding to browsers’ DNT signals. We cannot make this commitment because there is not a common understanding among industry groups, technology companies, or regulators about how to interpret the DNT signal.
4. THIRD PARTY SITE AND SOCIAL SHARING FEATURES
5. Our Security Measures
We use a variety of industry-standard security measures to maintain the safety of your personal information, including measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure.
Unfortunately, no electronic data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we believe that we use reasonable measures to protect personal information, we cannot ensure or warrant the security of any information transmitted or otherwise provided to us or received from us.
6. YOUR RIGHTS REGARDING YOUR INFORMATION
A. General Rights.
Providing Personal Information Is Your Choice, You can browse the Site without providing any personal information, other than browsing data (which we will not attempt to link to any other personal information). However, if you choose to use DAR’s Services, you will be required to provide us with the necessary information. If you do not want to provide us with any information, you should not use our Site.
Your Rights to Opt Out of Certain Communications, You can always opt out of receiving promotional communications such as our newsletters by selecting the “unsubscribe” link included in any email communications, or by contacting us at firstname.lastname@example.org. Please note that despite your email preferences, we may need to contact you regarding payments instructions, as required by law, or regarding legal matters. However, we will not send you marketing communications after you have opted out of receiving them.
at email@example.com. Please note that we may not be able to completely remove personal information from the Site or our systems in certain circumstances. This will be true if the data is not in a searchable format or if it is retained in backup systems or cashed or archived pages. Once we no longer need it to provide you with requested services, we will retain and use your information only as necessary to comply with our legal obligations, resolve disputes, prevent fraud or future abuse, and enforce our agreements, including any Site terms.
B. Certain Rights of California Residents. If you are a California resident, please see the Additional Information for California Residents, below.
C. Certain Rights of Nevada Residents. If you are a Nevada resident, please note that we do not sell information as defined in and for purposes of Nevada’s online privacy law.
7. A Note about Children
Our Site is not targeted to, and we have no interest in collecting information from, children. We do not knowingly gather any personal information from children under the age of 13. If you are a parent or legal guardian who believes that your child has provided us with any personal information, please contact us at firstname.lastname@example.org.
8. INTERNATIONAL USERS
Additional Information for California Residents
1. APPLICABILITY OF AND GENERAL INFORMATION ABOUT THIS CALIFORNIA PRIVACY NOTICE
This Additional Information for California Residents (this “California Privacy Notice”) applies solely to residents of California (who are referred to as “you” or as “consumers”
This California Privacy Notice has been adopted to comply with the California Consumer Privacy Act of 2018, referred to as the “CCPA”, so any terms defined in the CCPA (such as “personal information,” “consumer,” “service provider,” “third party,” and “sale/sell”) will have the same meaning when used in this California Privacy Notice. For example, a “consumer” refers to a natural person that is a resident of the state of California.
2. THE CATEGORIES OF PERSONAL INFORMATION WE COLLECT
For purposes of the CCPA, the table below describes the categories of personal information we have collected within the last 12 months and the categories of third parties with whom we have shared that information for a business or commercial purpose.
Categories of Information We Collect
Categories of Sources of this Information
Purposes of Collection
Categories of Third Parties to whom Information is Disclosed
Identifiers - includes your name, mailing address, unique personal identifier (account ID), email address, phone number, and other, similar, identifiers
·Directly from you
·Verifying a user’s identity
Personal information categories listed in the California Consumer Records statute (Cal. Civ. Code §1798.80(e)) – includes your name, postal address, telephone number, and credit card or similar account information
·Directly from you
·Verifying a user’s identity
Commercial information – records of payments
·Directly from you
·Providing our users with services, including digital wallet and ransomware victim support services
3. INFORMATION ABOUT SALES OF PERSONAL INFORMATION
In the past 12 months, we have not sold any personal information.
While the CCPA has a broad definition of what constitutes a sale of information, many types of transfers of information do not qualify as “sales” under the CCPA. We have carefully evaluated the manner in which we share information to determine that we do not sell your personal information.
As noted above, we share information with our certain of our Service Providers who need the information in order to perform contracted services for us. This may include transfers necessary to enable the creation of digital wallets or facilitate payments. We enter into agreements with each Service Provider that limit the purposes for which the personal information may be used and that require the third party to keep that personal information confidential. With these protections, these transfers are not considered “sales” under the CCPA.
4. YOUR RIGHTS AND CHOICES REGARDING YOUR PERSONAL INFORMATION UNDER THE CCPA
The CCPA provides California residents with certain specific rights regarding their personal information. This section describes your CCPA rights, and explains how to exercise them. Please note that your rights are subject to limitations and exceptions described in the CCPA.
- Right to Access Certain Information – You have the right to ask us to provide you with information about our collection and use of your personal information over the past 12 months.
- Right to Data Portability – You have the right to ask us to provide you with copies of personal information that we have collected about you, in a portable and readily-usable format.
- Right to Request Deletion of Certain Information – You have right to ask us to delete personal information about you that we have collected and retained.
- Right to Non-Discrimination – You have the right not to be discriminated against for exercising any of your CCPA rights.
If you make a request to delete your personal information, we can deny that request if we or our Service Providers need to keep the information to:
- Complete the transaction for which we collected the personal information, provide you with a product or service you have requested, take other actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract with you;
- Detect security incidents, protect against illegal or fraudulent behavior, or engage in legal actions with persons responsible for such activities;
- Debug products to identify and repair errors impacting the functionality of our Site or services;
- Exercise free speech or ensure other consumers’ rights to free speech, or otherwise exercise rights provided by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code §1546);
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation; or
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
To exercise any of the rights described above, you must submit a verifiable consumer request to us. You can do so by:
- Sending us an email with the subject heading “California Privacy Rights” at email@example.com; or
- Calling us at 312-600-5846.
Only you, or a person registered with the California Secretary of State that you expressly authorize to act on your behalf, can make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. If you contact us to exercise your California privacy rights, you must attest to the fact that you are a California resident, and provide us with a current California address. We cannot respond to your request or provide you with information if we cannot identify you or confirm your authority to make the request, so any request will require you to provide sufficient information to allow us to reasonably verify your identity and/or the identity and authorization of your agent (if applicable). We will only use any personal information provided in a verifiable consumer request to verify the requesting party’s identity or authority to make the request, by matching that information with the personal information we already have about you.
If you contact us to exercise your California privacy rights, you must attest to the fact that you are a California resident, and provide us with a current California address. We cannot respond to your request or provide you with information if we cannot identify you or confirm your authority to make the request, so any request will require you to provide sufficient information to allow us to reasonably verify your identity and/or the identity and authorization of your agent (if applicable). We will only use any personal information provided in a verifiable consumer request to verify the requesting party’s identity or authority to make the request, by matching that information with the personal information we already have about you.
We will respond to any verifiable consumer request in the manner and within the timeframes required by the CCPA.
You may only make a verifiable consumer request for access or data portability twice within any 12-month period.
5. OTHER CALIFORNIA RIGHTS
In addition to the CCPA, California’s “Shine the Light” law permits California residents to request certain details about our disclosure of their personal information to third parties for those third parties’ own direct marketing purposes. If you are a California resident and you would like to make such a request, please contact us at firstname.lastname@example.org. Please note that there are legal limits on how often you can make such a request, and we are only obligated to respond to one information request per customer per year.