Privacy Policy

Last Updated: May 1, 2024

Tokenproof - Privacy Notice

Last Update: May 1, 2024

Please read this Privacy Notice carefully. It provides important information about how Tokenproof Inc. (“Tokenproof”, “we”, “our” or “us”) collects, uses, shares, and otherwise processes personal information and tells you about your rights under applicable privacy and data protection laws.

The term “personal information” or “personal data” means any information about an individual from which that person may be identified. For example, it may include a person’s name, telephone number, or email address. It does not include anonymous and aggregated data.

From time to time, we may update this Privacy Notice as described in the Changes to this Privacy Notice section below. If you have any questions, comments, or concerns regarding this Privacy Notice or our data practices, please contact us.

BY ACCESSING OR USING THE SERVICES (AS DEFINED IN SECTION 1 BELOW) OR ANY PART THEREOF, OR SUBMITTING INFORMATION IN CONNECTION WITH YOUR USE OF THE SERVICES, YOU ACKNOWLEDGE AND AGREE THAT YOU HAVE READ THIS PRIVACY NOTICE.

Table of Contents

1. Key Terms & Scope of Privacy Notice

Key Terms

  • Access Criteria” means the requirements and/or criteria set by a Verifier Client (for example, owning a specific NFT, having an email address registered with the Verifier Client, having purchased a valid ticket to the event, etc.) that an End User must meet to access, attend, and/or use the Verifier Client’s Gated Experience.
  • Authorized Users” means employees, contractors, and/or agents of a Verifier Client that access or use any Tokenproof Service on behalf of such Verifier Client.
  • End User” means any individual, person or entity who engages with a Verification Site and/or the Tokenproof App in connection with a Gated Experience.
  • Gated Experience” means an event (including, in-person and online events, conferences, concerts, art shows, etc.), giveaway, product-drop, website, service, product, application, and/or other experience that requires users to obtain Verified Credentials.
  • OA Product” means Tokenproof’s proprietary online authentication technology made available by Tokenproof to Verifier Clients in connection with Gated Experiences.
  • Services” means any support and other services provided by us as part of or in connection with the use and/or access of the Tokenproof Service.
  • Tokenproof App” means Tokenproof’s proprietary “Tokenproof” mobile application that enables End Users to obtain Verified Credentials and/or interact with certain Gated Experiences.
  • Tokenproof Service” means individually and collectively, the Tokenproof Website, Tokenproof App, Verifier App, the Services, the Verification Sites, and the OA Product.
  • Tokenproof Website” means Tokenproof’s corporate website located at www.tokenproof.xyz.
  • Users” means, collectively, any Visitors, End Users, Verifier Clients, and/or Authorized Users who access or use any part of the Tokenproof Service.
  • Verification Site” means any website, hosted either by a Verifier Client or byTokenproof on behalf of a Verifier Client, that enables visitors to verify they meet the Access Criteria and receive a Verified Credential, or to otherwise claim, enroll, register and/or purchase a ticket for Gated Experience, that otherwise utilizes the OA Product in connection with a Gated Experience.
  • Verified Credential” means the credential to access a Gated Experience issued through the Tokenproof App to an End User who has verified they meet the Access Criteria for the Gated Experience.
  • Verifier App” means Tokenproof’s proprietary “Verifier” mobile application that enables a Verifier Client of an in-person Gated Experience (e.g., conferences, concerts, art shows) to validate the Verified Credentials of an End User on-site prior to admission to the Gated Experience.
  • Verifier Client” means the person, entity, business, organization, and/or event organizer that has entered into a written agreement with Tokenproof (hereinafter, the “Verifier Client Agreement”) for the use of the Tokenproof Service by such person, entity, business, organization, and/or event organizer in connection with a Gated Experience.
  • Visitor” means a visitor or user of the Tokenproof Website.

Scope of this Privacy Notice:

This Privacy Notice applies to all Users, and covers personal information that we collect, use, share, and otherwise process when you:

  • Visit, browse, or interact with the Tokenproof Website
  • Download and/or use the Tokenproof App.
  • Download and/or use the Verifier App.
  • Visit any Verification Site.
  • Interact with and/or use any Services.
  • Access or use any other websites, products, applications, and/or services that include an authorized link to this Privacy Notice.

2. Important Note Regarding Information Controlled by our Verifier Clients

If you are an Authorized User of a Verifier Client, or you are an End User that accesses and/or uses the Tokenproof Service in connection with a Gated Experience hosted, organized and/or offered by a Verifier Client, please be aware that certain personal information you provide to, or that is collected by, Tokenproof in connection with your use of the Tokenproof Service, is collected and processed by Tokenproof on behalf of the applicable Verifier Client as the “data processor” or “service provider” for such Verifier Client who is the “data controller” or “business.”


Each Verifier Client determines its own policies for handling personal information. Please review any privacy notice provided by the Verifier Clients with whom you interact or where you are an Authorized User of such Verifier Client. If you have inquiries regarding how a Verifier Client process your personal information or if you wish to submit a data rights request, as applicable under relevant data protection law, please contact the applicable Verifier Client.

3. Changes to this Privacy Notice

If you are an Authorized User of a Verifier Client, or you are an End User that accesses and/or uses the Tokenproof Service in connection with a Gated Experience hosted, organized and/or offered by a Verifier Client, please be aware that certain personal information you provide to, or that is collected by, Tokenproof in connection with your use of the Tokenproof Service, is collected and processed by Tokenproof on behalf of the applicable Verifier Client as the “data processor” or “service provider” for such Verifier Client who is the “data controller” or “business.”


Each Verifier Client determines its own policies for handling personal information. Please review any privacy notice provided by the Verifier Clients with whom you interact or where you are an Authorized User of such Verifier Client. If you have inquiries regarding how a Verifier Client process your personal information or if you wish to submit a data rights request, as applicable under relevant data protection law, please contact the applicable Verifier Client.

If you do not agree to any updates or modifications to the Privacy Notice, you may stop accessing and using the Tokenproof Service.  Your continued use of the Tokenproof Service after the applicable effective date of the revised Privacy Notice, signifies to us that you acknowledge and agree to be bound by the revised Privacy Notice.

4. Information We Collect

The personal information we collect directly from you depends on how and why you use the Tokenproof Service. For instance, the information that we process when you are a Visitor just browsing the Tokenproof Website or requesting to receive marketing materials, is more limited than the information you provide if you are an End User or an Authorized User accessing and using the Tokenproof App, Verifier App, Verification Sites and/or related Services.  We have provided a section for Visitors, End Users, and Verifier Clients and their Authorized Users, in order to better explain the circumstances where personal information may be collected, as well as the types of data collected:

  • Information from Visitors;
  • Information from End Users;
  • Information from Verifier Clients and their Authorized Users;

Please be advised that we may ask you to update your information from time to time in order to keep it accurate.

If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us and that, without us taking any further steps required by data protection laws, we may collect, use and disclose such information for the purposes described in this Privacy Notice. For example, you should ensure the individual concerned is aware of the terms detailed in this Privacy Notice.


You may choose not to provide information directly to us or to not use the Tokenproof Service. However, some personal information is necessary so that we can provide you with the Tokenproof Service you have requested or, where you are an End User of a Verifier Client, Tokenproof Service related to the Gated Experience you wish to participate in. Failure to provide this information may prevent us from providing you with access to our Tokenproof Service.

a. Information Collected from Visitors

Information Visitors Provide Directly to Us

If you are a Visitor, Tokenproof collects the following types of information directly from you:

  • Contact Information.  We collect contact information, such as your email, your first name, last name and company name), if you contact us through the Website, or if you sign-up to receive our marketing communications and/or newsletters.
  • Verifier Request Information.  If you submit a request to use the Tokenproof Service as a verifier, we collect your name, email, organization, your organization’s website or social media account, how you would like to work with us, and any additional information you share with us in the request form.
  • Communication and Feedback Content: We collect the information you may provide by filling out forms or by contacting us (such as your feedback or other communications with us).

Visitor Information Collected Automatically

We may automatically collect information about the actions Visitors take when interacting with the Website, as described in the Information Collected Indirectly section below.

Visitor Information Provided to Us by Third Parties

We may collect, receive or otherwise access information about our Visitors from certain third parties. This may include:

  • Service Providers: We may receive information from our Service Providers (as described in Section 10.a below).
b. Information Collected from End Users

Information End Users Provide Directly to Us

If you are an End User, Tokenproof collects the following types of information directly from you:

  • Account Information: If you register an account to use the Tokenproof App, we collect your email address and/or your public blockchain wallet address, and login credentials.
  • Additional Information Collected on Behalf of our Verifier Clients.  We may collect additional information from you if you use the Tokenproof Service in connection with a Gated Experience, for example:
    • If you use the Tokenproof App to obtain Verified Credentials for a Gated Experience, we will collect the information required by the Verifier Client to verify that you meet the Access Criteria, such as (by way of example only), the unique ID number associated with the NFT where the Access Criteria requires you to own a specific NFT, or we may ask you to connect your social media account, and collect information to verify you have made the required post, where the Access Criteria requires that you submit a social media post.  
    • We may also collect other information as requested by and on behalf of a Verifier Client through a Verification Site hosted and operated by us on behalf of the relevant Verifier Client, which may be a part of, or in addition to, the Access Criteria, such as contact information (e.g., your email or phone number).
    • We may facilitate the purchase of tickets or access to a Gated Experience through a Verification Site hosted and operated by us on behalf of the relevant Verifier Client.  In such case, we enable our Verifier Clients to connect their accounts with our integrated third party payment processors to facilitate the collection of payment information byVerifier Clients associated with such purchase. This information is collected and processed by third-party payment processors. Please review the Third-Party Payment Processors section below for more information.
  • Communication and Feedback Content: We collect the information you may provide by filling out forms or by contacting us (such as your feedback or other communications with us in connection with customer support requests).

End User Information Collected Automatically

We may automatically collect information about the actions End Users take when interacting with the Tokenproof Service, including, Geolocation Information when using the Tokenproof App, as described in the Information Collected Indirectly section below.


End User Information Provided to Us by Third Parties

We may collect, receive or otherwise access information about End Users from certain third parties. This may include:

  • Service Providers: We may receive information from our Service Providers (as described in Section 10.a below).
  • Third Party Integrations: We may receive information from Third Party Integrations (as defined below) that you connect and/or use in connection with the use of the Tokenproof Service.
  • Verifier Clients:  We may receive information from Verifier Clients that share End User information with us.
c. Information Collected from Verifier Clients and their Authorized Users

Information Verifier Clients & Authorized Users Provide Directly to UsIf you are a Verifier Client, or an Authorized User of a Verifier Client, Tokenproof collects the following types of information directly from you:

  • Account Information: We will collect contact and account profile information of our Verifier Clients and/or their Authorized Users, such as name (first and last), business or company name, email address, phone number, mailing address, and login credentials.
  • Payment Information: We facilitate the collection of payment information associated with a Verifier Client’s purchase of access to the Tokenproof Service, such as payment card information. This information is collected and processed by third-party payment processors. Please review the Third-Party Payment Processors section below for more information.
  • Communication and Feedback Content: We collect the information you may provide by filling out forms or by contacting us (such as your feedback or other communications with us in connection with customer support requests).

Verifier Client & Authorized Users Information Collected Automatically

We may automatically collect information about the actions Verifier Clients and Authorized Users take when interacting with the Tokenproof Service, including, Geolocation Information when using the Verifier App, as described in the Information Collected Indirectly section below.

Verifier Client & Authorized Users Information Provided to Us by Third PartiesWe may collect, receive or otherwise access information about our Verifier Clients and Authorized Users from certain third parties. This may include:

  • Service Providers: We may receive information from our Service Providers (as described in Section 10.a below).
d. Information Collected Indirectly
  • Geolocation.  Certain features and functionalities of the Tokenproof App and Verifier App are based on your location.  In order to provide these features and functionalities while you are using your mobile device, we may, with your consent, automatically collect geolocational information from your mobile device or wireless carrier and/or certain third-party service providers (collectively, “Geolocational Information”). Collection of such Geolocational Information occurs only when the Tokenproof App or Verifier App is running on your device. You may decline to allow us to collect such Geolocational Information, in which case we will not be able to provide certain features or functionalities to you.
  • Usage Information.  We and/or our authorized third-party Service Providers or agents automatically collect technical and/or analytics information, using the cookies and similar technologies as described in Section 5 below, and in our Cookie Policy, about how Users use and/or interact with the Tokenproof Service (collectively, “Usage Information”), which may include (but is not necessarily limited to) identifiers, commercial information, and internet activity information such as IP address (or proxy server), information about the device and/or platform (e.g., iOS or Android) used by you to interact with and/or access the Tokenproof Service, mobile device number, device and application information, device event information, crash data, and log files and data, identification numbers and features, your approximate location (as determined through your IP address), browser type, plug-ins, integrations, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, websites, apps and/or ads that referred you to the website, advertising and language preferences, operating system type and version, system configuration information, date and time stamps associated with your usage, and frequency of visits to the websites, and details of which of our products and product versions you are using, the version of the Tokenproof App or Verifier App you have downloaded.
e. Aggregated Data

With the personal information and other data (including, Usage Information) collected by us, we process “Aggregated Data”, such as statistical or demographic data.  Aggregated Data may be derived from personal information, but is not considered personal information under the law if it does not directly or indirectly reveal an individual’s identity.  If we combine or connect Aggregated Data with personal information so that it can directly or indirectly identify an individual, we treat the combined data as personal information, which will be processed in accordance with this Privacy Notice.

5. Cookies & Similar Technologies

We or authorized third parties may collect certain information by automated means using cookies and/or similar technologies such as, web beacons, embedded scripts, pixels, and browser analysis tools (collectively, “Cookies”). Cookies collect information such as Usage Information. For more information on our use of these technologies, see our Cookie Policy.


We do not currently engage in any targeted advertising, however, we may in the future use third party advertising partners (e.g., Google, Inc., LinkedIn, Inc. and Facebook, Inc.) who use targeting/advertising cookies and similar technologies to advertise the Tokenproof Service.  These cookies and similar technologies are typically used to help measure the effectiveness of advertising campaigns.  We will update and notify you of any future changes in the use of targeted advertising in accordance with this Privacy Notice.

6. Third Party Payment Processors

If you’re a Verifier Client, when you purchase access to the Tokenproof Service, our third party payment processors may collect certain payment information, such as your credit card, bank account information.  Note that we do not directly collect or store any payment information, the information provided to Tokenproof only includes partial payment or credit card information, and limited transaction information via our payment processors’ portals.  Payment transaction information is processed and stored exclusively by our third-party, PCI-compliant, payment processors, on our behalf.

If you are an End User that purchases a ticket to a Gated Experience through a Verification Site that we host on behalf of a Verifier Client, we integrate with third party payment processors to facilitate our Verifier Client’s collection of fees.  Such integrated third party payment processors may collect certain payment information, such as your credit card, bank account information on behalf of the Verifier Client.  Note that we do not directly collect or store any payment information related to the purchase of tickets via the Verification Sites.  The Verifier Client may however collect or receive certain payment or transaction information related to your purchases.  In addition to the payment processor policies linked below, please consult directly with the Verifier Client if you have any questions regarding their collection, use and processing of payment information.


Please review the following Privacy Policies of payment providers we use to learn more about how they collect, process and protect your personal information:

7. Children’s Privacy

Tokenproof does not target the Tokenproof Service to persons under the age of 16, nor does Tokenproof knowingly collect personal information from, persons under the age of 16 or the equivalent legal age as specified by law in the applicable jurisdiction.  Therefore, we ask you not to provide us with personal information of persons under the age of 16 or the equivalent age as specified by law in your jurisdiction.  If we learn that personal information of persons under the age of 16 or the equivalent age as specified by law in the applicable jurisdiction, has been collected on or through the Tokenproof Service, then we may deactivate the account or otherwise terminate access to the Tokenproof Service and/or make the user content inaccessible.

8. Sensitive Personal Information

Tokenproof does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic, and biometric data to use the Tokenproof Service.

9. Our Purpose for Collecting and Using Personal Information and Legal Basis

Generally, we process your personal data for one or more of the following legal bases:

  • In order to perform the Tokenproof Service under the contract we are about to enter into or have entered into with you, or if you an Authorized User or End User of a Verifier Client, the Verifier Client Agreement we have entered into with the relevant Verifier Client.  For example, when you register to use the Tokenproof Service, that’s a contract. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your use of the Tokenproof Service, such as hosting providers, and payment processors.
  • Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.
  • Where we need to comply with a legal or regulatory obligation.  For example, keeping records of our sales for tax compliance.
  • If we have obtained your prior consent (for example, when you subscribe to our newsletter or participate in our surveys or marketing campaigns). Please note that for this specific legal basis, you have the right to withdraw your consent at any time.

More specifically, and depending on the category of User you are and how you use the Tokenproof Service, we and/or our Service Providers process personal information for the purposes and on the legal bases (in italics) as follows:

  • To host and provide the Website (performance of a contract);
  • To host and provide the Service, Tokenproof App, and Verifier App (performance of a contract);
  • To perform and provide the Tokenproof Service to the Verifier Client pursuant to the Verifier Client Agreement (performance of a contract);
  • To perform and provide the Tokenproof Service to our End Users pursuant to Tokenproof App Terms of Service (performance of a contract);
  • To enable Third Party Integrations that End Users connect or use in connection with the Tokenproof Service (performance of a contract or sometimes necessary for our legitimate interests);
  • To personalize the Tokenproof Service and improve user experience, such as remembering information so that you will not have to re-enter it during your visit or the next time you visit the Tokenproof Service (necessary for our legitimate interests);
  • To provide customized advertisements, content, and information for Visitors, where and as permitted under applicable law (for our legitimate business purposes and with your prior consent where required by law);
  • Deliver direct marketing communications to you regarding our products and services that we may think are of interest to you (for our legitimate business purposes and with your prior consent where required by law when you are not an existing customer);
  • Respond to your queries and requests, or otherwise communicate directly with you (performance of a contract or sometimes necessary for our legitimate interests);
  • Detect any fraudulent or illegal activity against you, Tokenproof, or its other Verifier Clients and users of the Tokenproof Service (necessary for our legitimate interests);
  • To update, improve, and/or enhance the Tokenproof Service, and develop new features, functionality, and products and services (necessary for our legitimate interests);
  • To conduct analytics related to the Tokenproof Service, such as to understand how they are being used and where improvements may be needed (necessary for our legitimate interests);
  • For our business transfers (necessary for our legitimate interests);
  • To keep you updated about changes to policies related to the Tokenproof Service (including this Privacy Policy) (performance of a contract or sometimes necessary for our legitimate interests);
  • To comply with a legal or regulatory obligation (for example, keeping records of our sales for tax compliance) (necessary for compliance with a legal obligation); and
  • Provide information to regulatory bodies when legally required, and only as outlined below in Legal Obligations and Security (necessary for compliance with a legal obligation).

10. Sharing Personal Information

Aside from disclosing personal information to those of our personnel who are authorized to process the information in order to provide the Tokenproof Service and who are committed to confidentiality, we disclose personal information only to the third parties as described below.

a. Third-Party Service Providers

We share personal information of all Users with third-party vendors, consultants, agents, contractors, and service providers that provide services to us that help us in the operation, provision, administration and management of the Tokenproof Service and to otherwise operate our business (“Service Providers”).  Depending on how you use the Tokenproof Service, the following categories of third parties collect data on our behalf or receive personal information:

  • Hosting services providers;
  • Analytics providers;
  • Payment processing providers;
  • Advertising and marketing providers;
  • Providers of business operations and communication tools;
  • Other third-party service providers that help us provide features and functions for the Tokenproof Service (e.g., customer support providers); and
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers.

For a list of all third-party service providers we use, please contact us. We require all third parties to respect the security of your personal information and to treat it in accordance with the law.

b. Disclosures Directed by Verifier Clients

We will share and disclose personal information of Authorized Users and End Users with the applicable Verifier Client and otherwise in accordance with the Verifier Client’s instructions, including any applicable terms in the Verifier Client Agreement, and in compliance with applicable law and legal process.  If you are an Authorized User or End User, please contact the relevant Verifier Client to learn more about how your information may be used, shared and/or disclosed by us on their behalf.

c. Third Party Integrations

When End Users interact with and/or use third-party services, platforms, or other online tools that integrate with the Tokenproof App (collectively, “Third Party Integrations”) in connection with the Tokenproof Service, certain information may be exchanged between Tokenproof and the provider of the applicable Third Party Integration.  For example, we integrate with certain Crypto wallet providers (which are deemed Third Party Integrations) to enable End Users to connect their Crypto wallet accounts with the Tokenproof App to verify ownership of an NFT or token held by such End User in its wallet.  Information that is shared with us through Third Party Integration is used by us as described in this Privacy Notice.  Note that the Third Party Integrations you choose to interact with and/or use are not our service providers. The applicable providers of Third Party Integrations may use personal information differently than we do and we do not control their use of your information.  Please review the privacy notices for the Third Party Integrations.

d. Business Transfers


We may also share data with third parties to whom we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this Privacy Notice.

e. Affiliates and Subsidiaries

Personal information that we collect about you through the Tokenproof Service may be shared with the employees, contractors, and agents of Tokenproof and our affiliated and subsidiary entities (“Affiliates”) who are involved in providing or improving the Tokenproof Service that we offer to you. We obligate the employees, contractors and agents of Tokenproof and our Affiliates to ensure the security and confidentiality of your personal information and to act on that personal information only in a manner consistent with this Privacy Notice.


f. Legal Obligations and Security

Regulatory and Government Bodies – Compliance with Law

We may disclose User personal information to regulatory agencies and official government bodies, as required to comply with or satisfy any laws, rules, or regulations applicable to Tokenproof.


Required Disclosures – Responding to Legal Orders

If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your personal information has been made in order to give you an opportunity to object to the disclosure.  We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual.  In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so.


If you are an Authorized User or End User, please consult with the relevant Verifier Client to learn more about how they respond to requests for information pursuant to legal orders.


Exigent Circumstances & Enforcement/Protection of Our Rights

User information, including the contents of all online communications in the Tokenproof Service and between you and Tokenproof may be accessed and monitored as needed to provide the Tokenproof Service and may be disclosed to law enforcement, regulatory agencies, official government bodies, and other third parties, as we, in our sole discretion, believe necessary or appropriate:

  • To enforce our rights under our Verifier Client Agreements, Tokenproof App Terms of Service, and/or any other terms and conditions applicable to the use of the Tokenproof Service;
  • In connection with an investigation of fraud, intellectual property infringement, piracy or other unlawful activity or activity that may expose us or our Affiliates, partners and/or agents to legal liability; and/or
  • If we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person.
g. With Your Consent

There may be situations where you are asked to consent to share personal information with third parties for additional reasons not included in this Privacy Notice.  In such event, we will only share such personal information if we have received your prior consent and only for the purposes as listed in the request to share such information.

11. Communications

Direct Marketing

If you have not otherwise opted out, or if you have opted in to receive direct marketing emails from us, we may use your personal information to send you marketing information about the Tokenproof Service, other Tokenproof products and services, new product releases, and new feature releases of the Tokenproof Service, and/or Gated Experiences of our Verifier Clients, that we think may interest you. We carry out direct marketing by email.


Push Notifications

If you have installed the Tokenproof App or Verifier App, we may send push notifications to your mobile device regarding your use of the Tokenproof Service, such as, service-related updates or reminders regarding Gated Experiences and/or prompts for interactive experiences while using or attending a Gated Experience.


If you no longer wish to receive marketing communications or push notifications, you have the right at any time to opt out as further explained in Your Choices.

12. Your Choices

Updating and Correcting Personal information

If you would like to correct or update certain personal information (such as your contact information) please contact us and we will use reasonable efforts to correct and/or update such information.  If you are an Authorized User or End User, please contact the relevant Verifier Client if you wish to request the removal of personal information under their control.


Please note that if you are an Authorized User or End User, we may forward your request to update or correct your information to the relevant Verifier Client with respect to the information controlled by such Verifier Client.


Direct Marketing

You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any of our marketing e-mails. We will use commercially reasonable efforts to process such requests in a timely manner. You cannot opt out of receiving transactional e-mails related to the Tokenproof Service (e.g., requests for support).


Please note that we do not control the direct marketing of our Verifier Clients.  If you wish to opt out of marketing communications from a Verifier Client, please contact the applicable Verifier Client.


Push Notifications

You may disable these by declining them or changing the notification settings for the Verifier App or Tokenproof App in your device settings.


Additional European and International Data Rights

If you are a resident of the European Economic Area, United Kingdom, or Switzerland, you may have additional rights you can exercise as described in Section 15.


Cookie Preferences

You can manage your cookie and tracking preferences as described in our Cookie Policy.


Do not Track (DNT) Preferences

The Tokenproof Service does not monitor for or behave differently if your browser or device transmits a “Do Not Track” or similar message.

Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. There is no consensus among industry participants as to what "Do Not Track" means in this context. Like many websites and online services, Tokenproof does not currently alter our practices when we receive a "Do Not Track" signal from a browser except as specifically required by law. For information about "Do Not Track" please visit All About DNT.


13. Data Retention

Personal information is processed for the period necessary to fulfill the purposes for which it is collected (for example, in connection with the Tokenproof Service provided to Verifier Client pursuant to the Verifier Client Agreement), to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.


In order to determine the most appropriate retention periods for your personal information, we consider the amount, nature and sensitivity of your such information, the reasons for which we collect and process your such personal information, and applicable legal requirements.


In some instances, we may choose to anonymize your personal information instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal information can be linked back to you or any specific individual.


If you are an Authorized User or End User, contact the relevant Verifier Client if you wish to request the removal of personal information under their control.


14. Data Protection and Security

We have put in place reasonable and appropriate security measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. For example, we use Transport Layer Security (TLS) encryption, firewalls, and password protection. In addition, we limit access to personal information to those employees, agents, contractors and the third parties who have a business need-to-know.


We also have procedures in place to deal with any suspected data security breach.  However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and while we take reasonable steps to provide secure services, by using the Tokenproof Service, you understand and assume the risks associated with your activities on the internet.


Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Tokenproof Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Tokenproof Service. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Tokenproof Service will not be viewed by unauthorized persons.


15. Additional European and International Data Rights

The European Union’s General Data Protection Regulation and certain other countries’ data protection laws provide certain rights for data subjects. If you are a resident of the European Economic Area, the United Kingdom, Switzerland or another country with data protection laws that provide for certain data subject rights, you may submit a request to exercise your rights.

We respond to all requests we receive from individuals wishing to exercise their data rights in accordance with applicable data protection laws.


Depending on your country of residence, your rights may include:

  • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice);
  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;
  • The right to rectification – that’s a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your account if you have one);
  • The right to erasure (also known as the ‘right to be forgotten’) – that’s where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – that’s a right for you, in certain circumstances, to ask us to suspend processing personal data;
  • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
  • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.
  • Withdraw Consent—that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal data with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  • File a complaint—that’s the right to file a complaint with a supervisory authority about our collection and processing of your personal data.

Exercising Your Rights

These rights are subject to certain rules around when you can exercise them. If you are located in the European Economic Area and wish to exercise any of the rights set out above, please contact us.


You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.


We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.


We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

If you no longer wish to receive our marketing/promotional information, you may opt out as described in the Your Choices section above.


Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

Please note that if you are an Authorized User or End User, we may forward your request to exercise your rights to the relevant Verifier Client with respect to the information controlled by such Verifier Client.


16. International Transfers

Tokenproof is based in the United States. The personal information that we collect or receive is processed on servers located in the United States.  Additionally, Tokenproof operates globally and may transfer the personal information that we process to our other offices and to the third parties described above. These recipients may be situated outside of your country or regional area of residence and may process personal information outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our Affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence.


We rely on legally-provided mechanisms to transfer personal information across borders where and as required under applicable law.


17. California Shine the Light Disclosure

The California “Shine the Light” law gives residents of California the right under certain circumstances to opt-out of the sharing of certain categories of personal information with third parties for their direct marketing purposes. We do not currently share personal information with third parties for their own direct marketing purposes.


18. Nevada Privacy Rights

Under Nevada law, Nevada “consumers” (individuals who are seeking or acquiring goods/services for personal, family, or household purposes) may opt out of the sale of covered personal information (which includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online) to a person for that person to license or sell such information to additional persons.


Tokenproof does not currently sell covered information of Nevada consumers as defined under applicable Nevada law.


You may submit an opt-out request by sending your request to the email address or mailing address specified in the How to Contact Us Section; along with your full name, any user name, complete mailing address (including street address, city, state, and zip code), email address (so that we can contact you, if needed, in connection with the request) and confirmation that you are a Nevada resident.


19. Social Media “Share” Buttons

On or through the Tokenproof Service we may provide third-party “share” buttons or other integrated tools that enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn).  These “share” buttons may function as web beacons when you interact with the button.  Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing.  If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Tokenproof Service to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.


20. App Stores & External Websites

If you download the Tokenproof App or Verifier App, your app store (e.g., Apple App Store or Google Play) may collect certain information in connection with your use of the applications, including, without limitation, personal data, geolocational information, and other usage-based data. We have no control over the collection of such information by a third-party app store, and any such collection or use will be subject to that third party’s applicable privacy policies.


In addition, on or through the Tokenproof Service, we may provide or make available, for informational purposes only, links to other websites or resources, including, but not limited to, the websites of our Verifier Clients or Verification Sites that are hosted and controlled by the relevant Verifier Client, with which we do not have a contractual relationship and over which we do not have control (“External Websites”).  Such links are not paid advertisements, nor do they constitute an endorsement by Tokenproof of those External Websites, and are provided only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect personal information. We are not responsible for the content or data collection practices of those External Websites, and the use of External Websites is subject to their respective terms of use and privacy policies.


21. Contact Us

If you have any questions about this Privacy Notice, have additional questions, you can contact us as follows:

By email at: support@tokenproof.xyz; Subject Line: Privacy Request

By mail at: Tokenproof Inc.

Attn: Tokenproof Privacy Request

2019 E. 3rd St.

Austin, TX 78702, USA