Privacy Notice

Kraken Financial Privacy Notice

The following Kraken Financial Privacy Notice and GLBA Privacy Notice and Disclosure applies to you if you are an individual who resides in the United States and/or uses services of Payward Financial Inc. (d/b/a Kraken Financial)

 

Introduction

The Privacy Notice applies to all services offered by Kraken Financial to U.S. clients, potential U.S. clients, and U.S. website visitors, except where a product, service or jurisdiction has a separate privacy notice. Certain individuals may be provided with additional privacy notices as described below:

  • Kraken Financial Clients – When you sign up for an account with us, we may collect and use your information to facilitate the provision of banking services pursuant to our GLBA Privacy Notice as applicable. Federal law requires us to provide notice to certain customers to explain what personal information we collect, how we share it, and how consumers may limit information sharing. These privacy practices are subject to our GLBA Privacy Notice, which we strongly suggest you review.
  • Notice to California Residents – If you are a resident of California, please see our California Consumer Privacy Statement.
  • Notice to Virginia Residents - If you are a resident of Virginia, please see our Virginia Consumer Data Protection Notice
  • You may have other privacy protections under applicable state laws. To the extent these state laws apply, we will comply with them when we share information about you. Please see our State Specific Privacy Statement for more information on whether you have additional rights or protections under other state privacy laws.

 

As part of our daily business operations, we collect personal information from our clients and prospective clients in order to provide them with our products and services, and to ensure that we can meet their needs when providing these products and services, as well as when providing them with any respective information. When you visit our website, social media pages, or other online properties, collectively “Sites” or “Services,” we may collect and use certain information about you.

 

Your privacy is of utmost importance to us, and it is our policy to safeguard and respect the confidentiality of information and the privacy of individuals. This Privacy Notice explains how Kraken Financial collects, uses, and manages the personal information we receive from you, or a third party, in connection with our provision of services to you or which we collect from your use of our services and/or our website. The Privacy Notice also informs you of your rights with respect to the processing of your personal information and the choices you can make about what information you share.

 

Key Terms Used Throughout This Notice

The following terms are defined as follows:

“Kraken Account” means a user-accessible account offered via Payward Financial, Inc..

“We”, “Our”, and “Us” refers to Payward Financial, Inc. d/b/a Kraken Financial.

Payward, Inc. (“the Company”), is a Delaware, USA corporation and parent of a worldwide group of subsidiaries, collectively doing business as "Kraken," a global digital asset exchange ("Kraken Exchange" or “Exchange”).  “The Company” and "Group" refer to the Payward Group (i.e., Payward, Inc. together with its subsidiaries and affiliates).
 

“Personal information” or “personal data” or “your data” refers to any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural, or social identity of you as a natural person. 

“User”, and “You” refers to our clients, prospective clients, and individuals who visit our Site or use our Services.

GLBA Privacy Notice And Disclosure

Effective Date: June 6, 2023

 

Facts

What Does Kraken Financial Do With Your Personal Information?

  Why?

Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.

  What?

The types of personal information we may collect and share depend on the product or service you have with us. This information includes: 

  • Full legal name, date of birth and social security number
  • Information about your financial status
  • Account balance, assets and transaction history
  • A selfie for securing your account
  • Biometric data

When you are no longer our customer, we continue to share your information as described in this notice.

  How?

All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Kraken Financial chooses to share; and whether you can limit this sharing.

Reasons We Can Share Your Personal Information

Does Kraken Financial  share?

Can you limit this sharing?

For our everyday business purposes —

such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus

Yes

No

For our marketing purposes—

to offer our products and services to you

Yes

Yes

For joint marketing with other financial companies

No

N/A

For our affiliates’ everyday business purposes—

information about your transactions and experiences

Yes

No 

For our affiliates to market to you

Yes

Yes

For nonaffiliates to market to you

No 

N/A

Who We Are

Who is providing this notice?

Payward Financial, Inc.

What We Do

How does Kraken Financial protect my personal information?To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. We maintain many types of safeguards to protect against loss, misuse, and unauthorized access of your personal information.
How does Kraken Financial collect my personal information?

We collect your personal information, for example, when you

  • Interact with support, Kraken Financial's website or we communicate with you;
  • Apply for any Kraken Financial product or service; 
  • Open an account; 
  • Make deposits or withdrawals from your account;
  • Give us your income information;
  • Provide employment information or your employment history; 
  • Give us your contact information;
  • Show your government-issued ID or your driver's license.
     

We also collect your personal information from third parties, such as credit bureaus, affiliates, or other companies.

Why can’t I limit all sharing?

Federal law gives you the right to limit only

  • sharing for affiliates’ everyday business purposes - information about your creditworthiness
  • affiliates from using your information to market to you
  • sharing for non-affiliates to market to you
     

State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.

Definitions

Affiliates

Companies related by common ownership or control. They can be financial and non-financial companies.

  • Kraken Financial does share with our affiliates

Non-affiliates

Companies not related by common ownership or control. They can be financial and nonfinancial companies.

  • Kraken Financial does not share with non-affiliates.
Joint marketing

A formal agreement between non-affiliated financial companies that together market financial products or services to you.

  • Kraken Financial does not jointly market with non-affiliated financial companies.

Other Important Information

You may have other privacy protections under applicable state laws. To the extent these state laws apply, we will comply with them when we process your personal information.

 

For California residents: In accordance with California law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example, with your consent or to service your account. We will limit sharing among our companies to the extent required by California law. 

 

For Vermont residents: In accordance with Vermont law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example, with your consent or to service your account. We will not share information about your creditworthiness within our corporate family except with your authorization or consent, but we may share information about our transactions or experiences with you within our corporate family without your consent.



 

Children's Personal Information And Online Privacy (COPPA)

The Children's Online Privacy Protection Act (COPPA) is intended to provide parents increased control over what information is collected from their children online and how such information is used. The law applies to websites and services directed to, and which knowingly collect information from, children under the age of 13. 

Our products and services are not directed to persons under the age of 18, hereinafter “Children” or “Child,” and we do not knowingly collect personal information from Children. If we learn that we have inadvertently gathered personal information from a Child, we will take legally permissible measures to remove that information from our records. The Company will require the user to close his or her account and will not allow the use of our products and services. 

If you are a parent or guardian of a Child, and you become aware that a Child has provided personal information to us, please contact us at [email protected] and you may request to exercise your applicable access, rectification, cancellation, and/or objection rights. If you are under the age of 18, please do not provide any personal information through the Sites or Services.

For additional information on COPPA protections refer to the Federal Trade Commission's website.

State Privacy Notices

If you are a California or Virginia resident, your state’s laws may provide you with additional rights regarding our processing of your personal information. Please see the state-specific sections below:

California Consumer Privacy Notice

Last updated: May 2023

This California Privacy Notice (“California Notice”) is for California residents, and describes how Kraken Financial collects, uses, and shares your personal information. The information on this page provides details on how we respond to and implement processes to uphold applicable state laws. The laws on this page give individuals certain rights regarding the personal information that Kraken Financial or our affiliates have collected from or about them. This notice may be superseded by the Global Privacy Notice, if applicable. Any terms defined in the California Consumer Privacy Act (as amended by the California Privacy Rights Act of 2020) (“CCPA”) have the same meaning when used in this California Notice. The CCPA does not apply to personal information we collect as part of our current or former client relationship with you pursuant to other privacy laws such as the federal Gramm-Leach-Bliley and Fair Credit Reporting Acts, and the California Financial Information Privacy Act. For more information about what information is exempt from disclosure, see the section titled ‘Exemptions’ below. 

Definitions.

“Personal Information” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. This information may also be referred to in this California Notice as “Personal Data.”

“Shine the Light” and “Eraser” Laws: Residents of the State of California may request a list of all third parties to which we have disclosed certain information during the preceding year for those third parties’ direct marketing purposes.

Customers” are defined as individuals who access or use our services

Sources Of Personal Information.

We gather various types of personal information from our customers from a range of sources, such as:

  • information you give us when you sign up for, or otherwise use our Services;
  • information we receive from our Affiliates and third parties; and
  • information we collect automatically through cookies and similar technologies (see our Cookie Policy for more information on this type of information).

Purpose For Collection And Disclosure Of Personal Information. 

We’ve collected and disclosed the below categories of personal information to create, develop, operate, deliver, and improve our services, to communicate with you, to ensure the safety, security and integrity of our Services, and for business and commercial purposes. Kraken Financial does not collect, use, or disclose sensitive personal information for purposes other than those specified in this California Notice, to provide the Services, or as permitted under applicable law. Kraken Financial does not sell personal information. For more information about how Kraken Financial may use your personal information, please refer to other potentially applicable notices, such as, the U.S. Privacy Notice and the Global Privacy Notice

Collection And Disclosure Of Personal Information.  

In the past 12 months, we’ve collected the below categories of personal information, and disclosed the specific types of personal information below with the following categories of third parties:

 

Category of Personal Information as outlined in the CCPA

Information Collected and Disclosed

Categories of Recipients

Identifiers

Real Name, 

Postal Address, 

Unique Personal Identifier, Such As:

  • A Device Identifier; Cookies, Beacons, Pixel Tags, Mobile Ad Identifiers And Similar Technology; Customer Number, Unique Pseudonym, Or User Alias; Telephone Number And Other Forms Of Persistent Or Probabilistic Identifiers),

Online Identifier, 

Internet Protocol Address, 

Email Address, 

Account Name, 

Social Security Number, 

Driver’s License Number,

 Passport Number, And 

Other Similar Identifiers;

Third Party Identity Verification Services

Financial Institutions

Service Providers

Professional Advisors

Our Affiliates

Protected Classifications Under California And Federal Law, Including Gender, Age, And Citizenship

Supplemental Identification Information

Electronic Identification Information 

Characteristics Of Protected Classifications Under California Or Federal Law, Such As:

  • Race, Color, National Origin, Age, Sex, Gender, Marital Status, Citizenship Status, And Military And Veteran Status;

Third Party Identity Verification Services

Professional Advisors

Commercial Information Such As Records Of Services Purchased, Obtained, Or Considered

Transaction Information,

Records Of Personal Property, 

Products Or Services Purchased, 

Obtained, Or Considered, And 

Other Purchasing Or Consuming Histories Or Tendencies;

Third Party Identity Verification Services

Financial Institutions

Service Providers

Professional Advisors

Our Affiliates

Biometric Information

Electronic Identification Information

Third Party Identity Verification Services

Financial Institutions

Professional Advisors

Internet Or Other Electronic Network Activity Information

Product Usage Information

App, Browser, And Device Information

Information From Cookies And Similar Technologies

Internet And Other Electronic Network Activity Information, Including, But Not Limited To:

  • Browsing History, Search History, And Information Regarding Your Interaction With Websites, Applications, Or Advertisements;

Third Party Identity Verification Services

Service Providers

Professional Advisors

Our Affiliates

Geolocation Data

App, browser, and device information

Third Party Identity Verification Services

Service Providers

Professional Advisors

Audio, Electronic, Visual, Thermal, Olfactory, Or Similar Information

Call And Video Recordings

Communications

Audio, Electronic, Visual, Or Similar Information


 

Third Party Identity Verification Services

Service Providers

Professional Advisors

Our Affiliates


 
Professional Or Employment Related Information

Institutional Information

Direct deposit

Salary

Third Party Identity Verification Services

Service Providers

Professional Advisors

Our Affiliates

Inferences About Preferences, Characteristics, Predispositions, Etc.Inferences Drawn From Any Of The Information Identified Above To Create A Profile About You Reflecting Your Preferences, Characteristics, Psychological Trends, Predispositions, Behavior, Attitudes, Intelligence, Abilities, And Aptitudes.

Service Providers

Professional Advisors

Our Affiliates


 
Additional Data Subject to Cal. Civ. Code § 1798.80Signature, Physical Characteristics Or Description, State Identification Card Number, Education, Bank Account Number, Credit Card Number, Debit Card Number, And Other Financial Information; 

Collection and Disclosure of Sensitive Personal Information.

In the past 12 months, we’ve collected and disclosed the following categories of sensitive personal information, with the following categories of third parties:

 

Category of Sensitive Personal Information as outlined in the CCPA

Information Collected and Disclosed

Categories of Recipients

Government identifiers

Supplemental Identification Information

Electronic Identification Information

Third party identity verification services

Professional advisors

The contents of a resident’s mail, email, and text messages

Communications

Service Providers

Professional Advisors

Biometric information

Electronic Identification Information

Third party identity verification services

Financial institutions

Professional advisors

Selling or Sharing of Personal Information. 

In the past 12 months, we may have shared identifiers with third party analytics providers, advertising partners, and ad networks for analytics and advertising purposes. Kraken Financial does not sell your personal information.

Rights. 

As a California resident, you may have the rights listed below in relation to personal information that we have collected about you. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law.

Right to Know. 

You have a right to request the following information about our collection, use and disclosure of your personal information over the prior 12 months, and ask that we provide you with a copy of the following: 

  • Categories of personal information we have collected, sold, or shared about you; 
  • Specific pieces of personal information we collected about you;
  • Categories of sources from which we collect personal information; 
  • The business or commercial purpose for collecting, selling, or sharing the personal information;
  • Categories of third parties with whom we disclose that personal information.
  • Categories of personal information disclosed about you for a business purpose.  
  • Categories of personal information that each recipient received.

Twice within a twelve month period, you have the right to request the personal information we have collected, used, disclosed, and sold about you during the past 12 months.

Right to Correct.

You have a right to request that we correct inaccurate personal information maintained about you. 

Right to Delete.

You have a right to request that we delete personal information, subject to certain exceptions. 

Right to Opt out of Selling or Sharing.

You have the right to direct a business that sells or shares personal information about you to third parties to stop doing so. Kraken Financial  does not sell personal information.   

Right to Non-Discrimination.

We will not discriminate against you for exercising any of these rights

Right to Portability.

You have the right to receive this information in a format, where feasible, that is portable, usable, and allows you to transmit the personal information without impediment.

Exercising Rights. 

To exercise your rights described above, please submit a Request to us by:

By email, at [email protected]

By phone, at  +1 (888) 871-2573

Only you or an agent registered with the California Secretary of State who is authorized to act on your behalf may make a Request.

You may only make two Requests within a 12-month period. Each Request must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. We will make every effort to verify your identity using your email address, but we may request additional information. If an authorized representative is making the request on your behalf, we require documentation showing that the representative has such authority. Describe your Request with sufficient detail that allows us to properly evaluate and respond to it.

We will not respond to your request or provide you with personal information if we are unable to verify your identity, or to verify the authority for the person making the request as your agent. We will use personal information provided in a verifiable consumer Request to verify your identity or authority to make the Request, and not for any other purpose.

Verified Request 

To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request. We may require you to provide any of the following information: your name, date of birth, the last four digits of your Social Security number, the email and physical addresses associated with your Kraken Financial account, one or more recent transactions, and the last four digits of one or more of the cards associated with your account. If you have never had an account with us and you request access to or deletion of your personal information, there is no reasonable method by which we can verify your identity to the level of certainty required by the CCPA. The reason for this is that Kraken Financial does not maintain information about non-account holders in a way that is linked to named actual persons (and historically has not linked IP addresses, device identifiers or other information collected by automated means to named actual persons). In addition, if you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.

Authorized Agent.

Generally, if you are a California resident, you may designate an authorized agent to make a request to access or a request to delete on your behalf. To do so, you must: (1) provide that authorized agent written and signed permission to submit such a request; and (2) verify your own identity directly with us. Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf. We will respond to your authorized agent's request if they submit proof that they are registered with the California Secretary of State to be able to act on your behalf, or submit evidence you have provided them with power of attorney pursuant to California Probate Code section 4121 to 4130. We may deny requests from authorized agents who do not submit proof that they have been authorized by you to act on their behalf, or are unable to verify their identity.

For questions or concerns about our privacy policies and practices, please contact us as described in the Exercising Rights section above. 

Response Timing And Format

We will respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  

Kraken Financial will not charge a fee to process or respond to your verifiable consumer request, but reserves the right to request a fee if the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Other Rights That May Be Available

Right against automated decision making

A prohibition against a business making decisions about a consumer based solely on automated processing.

Private right of action

The right for a consumer to seek civil damages from a business for violations of a statute.

Other California Privacy Rights

The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.

Exemptions

Please note that certain types of personal information collected or maintained by a covered business are exempt from the CCPA. For example, a covered business has limited obligations, or in some cases, no obligations, under the CCPA with regard to the following types of personal information:

  • Personal information collected, processed, sold, or disclosed pursuant to the federal Gramm-Leach-Bliley Act (Public Law 106-102) and implementing regulations, or pursuant to the California Financial Information Privacy Act (Division 1.4 [commencing with Section 4050] of the California Financial Code)
  • Medical information governed by the Confidentiality of Medical Information Act or protected health information that is collected by a covered entity or business associate pursuant to the Health Insurance Portability and Accountability Act of 1996.

Please note that the description of the CCPA set forth in this California Notice is a summary of only certain aspects of the CCPA and is not and should not be considered a complete description of the CCPA. In addition to what is described above, the CCPA includes other exemptions that apply to particular types of personal information and particular businesses, as well as additional situations where a covered business is not required to honor a consumer’s request to delete the consumer’s personal information.

Virginia Consumer Data Protection Notice

This Virginia Privacy Notice (“Virginia Notice”) section supplements the Kraken Global Privacy Notice and the U.S. Privacy Notice and applies to the personal data of Virginia residents in order to comply with the Virginia Consumer Data Protection Act (“VCDPA”). This Virgina Notice applies to natural persons who are residents of Virginia acting only in an individual or household context. It does not apply to natural persons acting in a commercial or employment context. Kraken Financial endeavors to protect the privacy and confidentiality of the personal data with which we are entrusted This Virginia Notice outlines the personal data we collect or process about Virginia residents in connection with the services we provide or offer specifically to you as a consumer, including through any site, application, or product that links to this Virginia Notice (the “Service”), how we use, share, and protect that personal data, and what your rights are with respect to your personal data that we gather and process. The VCDPA has several exemptions which are outlined below in the section entitled “exceptions.”

Definitions

"Biometric data" means data generated by automatic measurements of an individual's biological characteristics, such as a fingerprint, voiceprint, eye retinas, irises, or other unique biological patterns or characteristics that are used to identify a specific individual.

"Consent" means a clear affirmative act signifying a consumer's freely given, specific, informed, and unambiguous agreement to process personal data relating to the consumer. 

"De-identified data" means data that cannot reasonably be linked to an identified or identifiable natural person, or a device linked to such a person.

"Identified or identifiable natural person" means a person who can be readily identified, directly or indirectly.

"Personal data" means any information that is linked or reasonably linkable to an identified or identifiable natural person. "Personal data" does not include de-identified data or publicly available information.

"Precise geolocation data" means information derived from technology, including but not limited to global positioning system level latitude and longitude coordinates or other mechanisms, that directly identifies the specific location of a natural person with precision and accuracy within a radius of 1,750 feet.

"Pseudonymous data" means personal data that cannot be attributed to a specific natural person without the use of additional information, provided that such additional information is kept separately and is subject to appropriate technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

"Publicly available information" means information that is lawfully made available through federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public through widely distributed media, by the consumer, or by a person to whom the consumer has disclosed the information, unless the consumer has restricted the information to a specific audience.

"Sale of personal data'' means the exchange of personal data for monetary consideration by the controller to a third party. "

Categories Of Personal Data Kraken Financial May Collect About You:

  • Identifiers: identifiers such as a real name, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers;
  • Signature, physical characteristics or description, state identification card number, education, bank account number, credit card number, debit card number, and other financial information;
  • Protected Classifications: characteristics of protected classifications under Virginia or federal law, such as race, color, national origin, age, sex, gender, marital status, citizenship status, and military and veteran status;
  • Commercial Information: commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;
  • Biometric Information;
  • Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications, or advertisements;
  • Geolocation Data;
  • Sensory Information: audio, electronic, visual, and similar information;
  • Employment Information: professional or employment-related information; and/or
  • Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Purposes For Processing Personal Data

  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services;
  • Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance;
  • Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction;
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
  • Debugging to identify and repair errors that impair existing intended functionality;
  • Undertaking internal research for technological development and demonstration; and/or
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.

We may also, from time-to-time, use personal information provided by you through your use of the services and/or through client surveys to help us improve our products and services. It is our legitimate interest to use your personal information in this way to try to ensure the highest standards when providing you with our products and services and to continue to be a market leader within the cryptocurrency financial service industry. 

This may include:

  • To tailor specific promotions according to your preferences;
  • To provide you with access to the services;
  • To serve the functions of the sites;
  • To manage everyday business needs, such as administering and improving the sites;
  • To analyze the performance and functioning of the sites;
  • To analyze how you use the sites and to perform other market research;
  • For internal operations, including troubleshooting, testing, and analytics; and
  • To assist us in developing new products and improving our services.

Purpose for Collection and Disclosure of Personal Information.

Kraken Financial may also use or share de-identified information that is not reasonably likely to identify you for commercially legitimate business purposes. When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connections with an investigation or suspected or actual illegal activity;

  • If necessary to protect the vital interests of a person;
  • If there is a duty to disclose; 
  • If our legitimate business interests require disclosure; 
  • To protect our property, services, and legal rights;
  • To enforce our Terms of Service; 
  • To prevent fraud against Kraken Financial, our affiliates, business partners, or authorized users;
  • To support auditing, compliance, and corporate governance functions; or
  • At your request or with your consent or to those described in the Virginia Notice. 

Sharing Of Personal Data With Third Parties

Kraken Financial will make such disclosures on a “need-to-know” basis, unless otherwise instructed by a regulatory authority. Under such circumstances, Kraken Financial will notify the third party regarding the confidential nature of any such information. Kraken Financial will not disclose your confidential information to a third party, except: 

  • We are required to do so by law or legal process;
  • To the extent that it is required to do so pursuant to any applicable laws, rules, or regulations; 
  • To law enforcement authorities or other government officials, as necessary;

Categories Of Third Parties With Which Data Is Shared

As part of using your personal information for the purposes set out above, Kraken Financial may disclose your personal information to the following:

  • Any member of Kraken Financial, which means that any of our affiliates and subsidiaries may receive such information;
  • Any of our service providers and business partners, for business purposes, such as specialist advisors who have been contracted to provide us with administrative, financial, legal, tax, compliance, insurance, IT, debt-recovery, analytics, research, or other services.
  • If Kraken Financial discloses your personal information to service providers and business partners, in order to perform the services requested by clients, such providers and partners may store your personal information within their own systems in order to comply with their legal and other obligations. These third parties are not authorized by us to use or disclose the information, except as necessary to perform services on our behalf or comply with legal requirements. These third parties have no independent rights to the data.

Kraken Financial requires that service providers and business partners who process personal information to acknowledge the confidentiality of this information, undertake to respect any client’s right to privacy and comply with all relevant privacy and data protection laws and the Virginia Notice.

Selling Or Sharing Of Personal Information. 

Kraken Financial does not sell personal data to any third parties for monetary consideration and has not done so in the preceding 12 months. We do not sell personal information.

Rights. 

Your Right to Know.

Under the VCDPA, you have the ability to confirm whether we are processing personal information about you.

Your Right to Access and Portability. 

Under the VCDPA, you have the ability to obtain a copy of the personal information we maintain and process about you in a portable and, to the extent technically feasible, readily-usable format.

Your Right to Delete.

Under the VCDPA, you have the right to request that we delete the personal information we maintain or process about you.

Your Right to Correct.

Under the VCDPA, you have the right to request that we correct inaccuracies in the personal information we maintain or process about you, taking into consideration the nature and purpose of such processing.

Your Rights to Opt-Out. 

Under the VCDPA, you have the right to opt-out of certain types of processing of personal information, including:

  1. Opt-Out of the “sale” of personal information;
  2. Opt-Out of targeted advertising by us;
  3. Opt-Out of any processing of personal information for the purposes of making decisions that produce legal or similarly significant effects.

Right to Opt-In for Sensitive Data Processing 

The right for a consumer to opt in before a business can process their sensitive data.

Your Right to Non-Discrimination. 

You may exercise your rights under the VCDPA without discrimination. Unless the VCDPA provides an exception or permits us to do so, we will not: Deny you goods or services; Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; or Provide you a different level or quality of goods or services.

Exercising Rights. 

Pursuant to Virginia law, some Virginia residents may have specific rights regarding their personal data. These rights are subject to certain exceptions. When legally required, we will respond to requests without undue delay, within 45 days of receipt of a verified request, unless it is reasonably necessary for us to extend our response time.

To exercise your rights described above, please submit a Request to us by:

By email, at [email protected]

By phone, at  +1 (888) 871-2573

You may only make two requests within a 12-month period. Each request must: Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. We will make every effort to verify your identity using your email address, but we may request additional information. Describe your request with sufficient detail that allows us to properly evaluate and respond to it.

Verified Request.

To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request. We may require you to provide any of the following information: your name, date of birth, the last four digits of your Social Security number, the email and physical addresses associated with your Kraken Financial account, one or more recent transactions, and the last four digits of one or more of the cards associated with your account. If you have never had an account with us and you request access to or deletion of your personal information, there is no reasonable method by which we can verify your identity. The reason for this is that Kraken Financial does not maintain information about non-account holders in a way that is linked to named actual persons (and historically has not linked IP addresses, device identifiers or other information collected by automated means to named actual persons). In addition, if you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.

Response Timing And Format.

We will respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  

Kraken Financial will not charge a fee to process or respond to your verifiable consumer request, but reserves the right to request a fee if the request is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Other Rights That May Be Available.

Right to Appeal

If we deny your request in whole or in part, you may have the right to appeal the decision. In such circumstances, we will provide you with information regarding the appeals process. If we refuse to act on your request, you have the right to appeal our decision within a reasonable period of time after receipt of our initial decision.  We will inform you in writing, within 60 days of receipt of an appeal, of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions.

If your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney General’s website to complete an Online Consumer Complaint Form or by calling the Consumer Protection Hotline at 1-800-552-9963 (within Virginia) or 1-804-786-2042 (outside Virginia).

Right Against Automated Decision Making.

A prohibition against a business making decisions about a consumer based solely on an automated process without human input. 

Exemptions.

Situations where businesses are exempt from complying with consumer rights requests include:

  • When personal information has already been pseudonymized (and safeguards are in place), and
  • Compiling would be "unreasonably burdensome."

VCDPA cannot limit a controller or processor's ability to:

  • Comply with state or federal law
  • Cooperate with law enforcement
  • Defend legal claims
  • Provide a service or product, which a consumer requests
  • Perform a contract with the consumer
  • Detect or prevent security incidents

Specific datasets exempted from the VCDPA include:

  • Specific personal data regulated by the Family Educational Rights and Privacy Act (FERPA)
  • Particular kinds of data regulated by the Fair Credit Reporting Act (FCRA)
  • HIPAA personal health data
  • Data related to employment

The law also will not forbid controllers and processors from conducting: Internal operations that are reasonably aligned with the expectations of the consumer or reasonably anticipated based on the consumer's existing relationship with the controller or are otherwise compatible with processing data in furtherance of the provision of a product or service specifically requested by a consumer or the performance of a contract to which the consumer is a party.

 

Changes To The Privacy Notice

You may request a copy of this Privacy Notice from us using the contact details set out above. Where changes to this Privacy Notice will have a fundamental impact on the nature of our processing of your personal data or, otherwise, have a substantial impact on you, we will give you sufficient advance notice so that you have the opportunity to exercise any rights you may have under applicable law (e.g., to object to the processing).

We reserve the right to make changes to our Privacy Notice at any time consistent with applicable local laws. Such changes, as long as they do not have a fundamental impact on the nature of our processing of your personal data or, otherwise, have a substantial impact on you, will be posted on this page. We encourage you to review the web site and the Privacy Notice periodically for any updates or changes.

 

custody logo

© 2020-2023 Payward Financial, Inc.        Privacy Notice       Terms of Service