Contact
Ecosystem Tools
ToruScan Torus Fuse Torus BuyGate Toric Wallet
Learn
Docs Whitepaper
Stake Community
Discord Twitter
Discord Twitter
Contact

Privacy Policy

Last update: 20 November 2023

General Information

This Privacy Policy (“Policy”) describes how TORUS CHAIN Verein (also “TORUS CHAIN”, “we”, “our” or “us”) collects, protects, and processes your personal data on https://toruschain.com and https://torusassociation.org (“Websites”). This Policy is not necessarily a comprehensive description of our data processing. It is possible that other privacy policies, terms and conditions, forms or other notices may apply to specific circumstances. We use the word “data” here interchangeably with “personal data”.

If you provide information to us about any person other than yourself, contact person of your organization, your employees, counterparties, your advisers or your suppliers, you must ensure that the data is accurate and that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

This Policy is aligned with the EU General Data Protection Regulation (“GDPR”) and the Swiss Data Protection Act (“FADP”). However, the application of these laws depends on each individual case.

Controller

The responsible person for processing your data under this Policy (“Controller”) unless we tell you otherwise in an individual case is:

TORUS CHAIN Verein
c/o MJP Partners AG
Bahnhofstrasse 20
6300 Zug
Switzerland

You may contact us regarding data protection matters and to exercise your rights at: dataprotection@torusassociation.org.

Collection and Procession of Personal Data

We collect personal data from you, our clients, business partners, and individuals with whom we have a business relationship. We also collect personal data from users while operating our Websites.

The processing of personal data is limited to the data required for the functioning of our Websites. We process personal data based on agreed purposes or legal grounds. The specific data we process about you depends on the reason and purpose of the processing.

The categories of data you provided us directly and the categories of data we receive about you from third parties include, but are not limited to:

  1. Technical Data: IP address; information about the operating system of your terminal device; cookies; name and URL of any visited page; amount of data transferred; date and time of access; websites that are accessed via our Websites; websites from which any access takes place; type of browser; name of your internet provider; logs etc.;
  2. Master Data: name; title; address; email address; telephone number; gender; date of birth; nationality; copies of ID cards; details of the employer or company on whose behalf you are contacting us; role and function; details of your relationship with us; details of interactions with you; official documents; consent forms (e.g. newsletter or online contact form); blockchain address and transaction information etc.;
  3. Communication Data: data transmitted via a contact form, by email, telephone, letter or other means of communication; the manner, place and time of the communication and usually also its content (i.e. the content of emails, letters, etc.); details of your request if you use an online contact form; details if you wish to make an appointment with us, etc.;
  4. Contract Data: information about the conclusion of the contract; information about the contract itself; information about the performance and administration of the contracts; information about deficiencies, complaints and changes of a contract; customer satisfaction information that we may collect through surveys; financial data etc.;
  5. Behavioural and Preference Data: information about user behaviour on our Websites; information about user engagement with our Websites; information about your response to electronic communications; information about your location; information about your interaction with our social media profiles (Twitter, Reddit, Instagram, Telegram) etc.;
  6. Applicant Data: Contact details and personal details (e.g. name, address, e-mail, telephone number, date of birth, nationality/citizenship); details from your application form (e.g. motivation, position applied for, workload, etc.); application documents (e.g. CV, cover letter, details of previous employers, references and job references, data on professional experience, details of training and further education, certificates, other qualifications), expected salary, LinkedIn profiles etc.
  7. Other Data: data received in connection with administrative or court proceedings; information about compliance with legal requirements such as those relating to fraud prevention and the combating of money laundering and terrorist financing; information from banks, sales and other contractual partners of us; information from the media and the Internet about you etc.

    As part of our business relationship, it is necessary for you to provide us with information that is necessary for the establishment and performance of the contractual relationship. In general, there is no legal obligation to provide us with this information. However, without this information we may not be able to enter into or continue the contract with you or the entity/person you represent. In addition, certain information, such as an IP address, is required to enable traffic on the Websites.

    If you contact us to apply for a job with us, we will process the information you provide solely for the purpose of conducting an application process. If we are unable to consider you for a position, we will generally delete your application materials unless we wish to keep them for future consideration, and you agree to this.

Purposes of the Processing

The main use of the collected data is to ensure the functionality of our Websites and to conclude and process contracts with you, clients and business partners. We also process data to fulfil our legal obligations, both domestically and internationally.

In addition, in accordance with applicable law and where appropriate, we may process personal data, including that of third parties, for the following purposes, which are considered to be in our legitimate interest or in the legitimate interest of third parties:

  1. Product Development and Innovation: We process your data to develop and enhance our Websites, especially to improve user experience.
  2. Communication: We process your data for the purpose of communicating with you, in particular to respond to your requests, to enforce your rights and to contact you in the event of queries.
  3. Security: We process your information to protect our operations, our IT and other infrastructure, and our Websites.
  4. Marketing: We process your data for market, media and opinion research and to send updates, unless you have objected to the use of your data for these purposes
  5. Customer Relationship Management: We may use a customer relationship management system ("CRM") to store and process your data as described above
  6. Risk Management, Governance and Business Development: We process your data as part of our risk management and governance to protect against criminal or fraudulent activity. As part of our business development, we may sell or acquire businesses, parts of businesses or companies to others or enter into partnerships which may involve the sharing and processing of data based on your consent.
  7. Litigation: We process your information to enforce legal claims and to defend against litigation and regulatory proceedings.
  8. Compliance: We process your information to comply with legal requirements (e.g. preventing and investigating crime and other misconduct; conducting internal investigations; analysing data to combat fraud).
  9. Applications: We process your data as part of the application process in order to respond to your contact, to check your profile and to prepare and process your application with a view to a future employment relationship and, where applicable, if you agree, as mentioned above, that we may retain your data for a longer period for possible future vacancies.

Legal Basis for Processing Personal Data

Where we asked for your consent, we process your data based on such consent. You may withdraw your consent at any time with effect for the future by providing us written notice (email sufficient). Withdrawal of your consent does not affect the lawfulness of the processing that we have carried out prior to your withdrawal, nor does it affect the processing of your data based on other processing grounds.

Where we did not ask for your consent, we process your data on other legal grounds, such as a contractual obligation, a legal obligation, a vital interest of the data subject or of another natural person, to perform a public task or a legitimate interest, which includes compliance with applicable law, the interest in better understanding our markets and in managing and further developing our company, including its operations, safely and efficiently.

Cookies

Our Websites use “cookies” to help personalise your online experience. Cookies are small pieces of data stored in text files that are saved on your computer or other devices when websites are loaded in a browser. They are widely used to remember you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). Session cookies are temporary cookies that are used during your visit to the Websites, and they expire when you close the web browser. Persistent cookies are used to remember your preferences within our Websites and remain on your desktop or mobile device even after you close your browser or restart your computer. They ensure a consistent and efficient experience for you while visiting the Websites.

Cookies may be set by the Websites (“first-party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the Websites (“third party cookies”). These third parties can recognize you when you visit our Websites and also when you visit certain other websites.

We use the following types of cookies:

  1. Necessary Cookies: Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our Websites and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account to access the content
  2. Functionality Cookies: Functionality cookies let us operate the Websites in accordance with the choices you make. For example, we will recognize your username and remember how you customized the Websites during future visits.
  3. Analytical Cookies: These cookies enable us and third party services to collect aggregated data for statistical purposes on how our visitors use the Website. These cookies do not contain personal information such as names and email addresses and are used to help us improve your user experience of the Websites.

    However, depending on the purpose of these cookies, we may ask for your express prior consent before they are used. You can access your current settings by clicking on the “Change Your Cookies”-button at our Websites and you can withdraw your consent under the same link at any time. You can also set your browser to block or deceive certain types of cookies or alternative technologies, or to delete existing cookies. You can also add software to your browser that blocks certain third-party tracking.

Tracking Tools

Based on your consent we use tracking tools to ensure a tailored design and the continuous optimization of our website. We also use the following tracking tools to statistically record the use of our website and evaluate it for the purpose of optimizing the content we show you:

Google Analytics: Google Ireland (based in Ireland) is our provider of “Google Analytics” and acts as our processor. Google Ireland relies on Google LLC (based in the USA) as a processor for its services (both “Google”). Google uses performance cookies (see above) to track the be-haviour of visitors to our website (duration, frequency of pages viewed, geographic origin of access, etc.) and compiles reports for us on the use of our website on this basis. We have configured the service so that the IP addresses of visitors are shortened by Google in Europe before being forwarded to the US and thus cannot be traced. We have turned off the "Data Forwarding" and "Signals" settings. Although we can assume that the information we share with Google is not personal data for Google, it is possible that Google can draw conclusions about the identity of visitors from this data for its own purposes, create personal profiles and link this data to the Google accounts of these persons. If you consent to the use of Google Analytics, you explicitly agree to such processing, which also includes the transfer of personal data (in particular usage data for the website and app, device information and individual IDs) to the US and other countries not offering adequate data protection from a Swiss/EU perspective. Information on the data protection of Google Analytics can be found here https://support.google.com/analytics/answer/6004245 and if you have a Google account, you can find further details on processing by Google here https://policies.google.com/technologies/partner-sites?hl=de.

Hotjar: Hotjar Ltd. (based in Malta) is our provider of “Hotjar” and acts as our processor. Hotjar uses cookies to track the behaviour of visitors to our website (duration, frequency of pages viewed, geographic origin of access, etc.) and provides us with heat maps, session recordings and survey feedback on the use of our website on this basis. All data collected for this purpose is anonymised and does not contain any personally identifiable information. Information on the data protection of Hotjar can be found here https://www.hotjar.com/legal/policies/privacy/.

Our Presence on Social Media Platforms

We have several presences on social media platforms. We have a presence on the following providers: Twitter, Reddit, Instagram, Telegram.

We receive information from you and the platforms when you interact with us through our online presence. At the same time, the platforms analyse your use of our online presence and link this data with other data about you known to the platforms. They also process this data for their own purposes under their own responsibility, in particular for marketing and market research purposes and to control their platforms.

Please note that your use of our presence on social media platforms and their features is at your own risk. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating). For information on the collection and storage of your data as well as the nature, extent and purpose of its use by the operator of the respective social media platform, please refer to the data protection declarations of the respective operator.

Disclosure of Personal Data to Third Parties

In order to perform our contracts, fulfil our legal obligations, protect our legitimate interest and the other purposes and legal grounds set out above, we may disclose your data to third parties, in particular to the following categories of recipients:

  1. Group Companies: Group companies may use the information in accordance with this Policy for the same purposes as we do, including to promote their own range of products and services.
  2. Service Providers: We work with service providers in Switzerland and abroad who process data about you on our behalf or under joint responsibility with us or who receive data about you from us under their own responsibility (e.g. IT providers, banks, insurance companies, telecommunications companies, credit reference agencies, address verification providers, lawyers) or whom we instruct to process data for one of the above purposes on our behalf and only in accordance with our instructions.
  3. Contractors: Where required by the relevant contract, we will share your data with other contractors, merchant sub-contractors, etc.
  4. Business Acquirers: We may disclose your data to acquirers or parties interested in acquiring businesses or companies related to TORUS CHAIN.
  5. Authorities: We may disclose personal data to government agencies, courts and other authorities in Switzerland and abroad if we are required or permitted to do so by law or if it appears necessary to protect our interests. The authorities process the information about you that they receive from us on their own responsibility.

Transfer of Data Abroad

As we have explained in the Section above, we disclose data to other parties, not all of them located in Switzerland. Your data may be processed in the European Economic Area (EEA) and in exceptional circumstances also in countries outside the EEA and around the world, which includes countries that do not provide the same level of data protection as Switzerland or the EEA and are not recognized as providing an adequate level of data protection. We only transfer data to these countries when it is necessary for the performance of a contract or for the exercise or defence of legal claims, or if such transfer is based on your explicit consent or subject to safeguards that assure the protection of your data, such as the European Commission approved standard contractual clauses (adapted to Switzerland, if applicable).

Retention Periods for Data

We only process your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of complying with legal retention requirements and where required to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled. Upon expiry of the applicable retention period we will securely destroy your data in accordance with applicable laws and regulation

Data Security

We take appropriate organisational and technical security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. However, we and your personal data can still become victims of cyber-attacks, cybercrime, brute force, hacker attacks and further fraudulent and malicious activity including but not limited to viruses, forgeries, malfunctions and interruptions which is out of our control and responsibility. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your Rights

You have various rights in relation with our processing of your personal data, depending on the applicable data protection law: right of access, right to rectification, right to erasure, right to restriction, right to data portability, right to withdraw consent, complaints and the right to object.

Please be aware that we reserve the right to enforce statutory restrictions as required, for example if we are obliged to retain or process certain data, have an overriding interest (insofar as we may invoke such interests) or need the data for asserting claims. If exercising certain rights would entail expenses for you, we will provide advance notification. We have already mentioned the option to withdraw consent above. It is important to note that exercising these rights could potentially conflict with your contractual obligations and result in consequences such as early contract termination or associated costs. If this situation arises, we will inform you beforehand, unless it has already been agreed upon in the contract.

If you like to exercise the above-mentioned rights, please contact us at dataprotection@torusassociation.org or the contact details provided above unless otherwise specified or agreed. Please note that we need to identify you to prevent misuse, e.g. by means of a copy of your ID card or passport, unless identification is possible otherwise.

Furthermore, every data subject has the option to assert its in a court of law or file a complaint with the appropriate data protection authority. In Switzerland, the relevant data protection authority is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch).

Amendments of this Policy

Due to continuous development of our Websites/apps and the contents thereof, changes in law or regulatory requirements, we might need to change this Policy from time to time at our discretion. When we do, we will revise the updated date at the top of this page. We may also provide notice to you in other ways at our discretion, such as through the contact information you have provided.