Privacy Policy



Effective Date:  May 1, 2020


This Privacy Policy describes how RegoToken collects, uses, shares and safeguards information about users who access the website (together with any content or services available through it, the “Site”).


By using the Site, you agree to the collection, use and disclosure of your information as described in this Privacy Policy, as well as to the Terms of Service posted on the Site.  If you do not agree to this Privacy Policy or any of the other Terms of Service, you are not authorized to use the Site and should not provide any of your information to or through it.  RegoToken reserves the right to revise this Privacy Policy at any time and for any reason.  Any revisions will be incorporated into an updated version of the Privacy Policy, which will be posted on the Site along with the applicable effective date.  By your continued use of the Site after the date on which any such revised Privacy Policy is posted, you will be deemed to have been made aware of, and to have agreed to be subject to, that updated version.


1.       Collecting Your Information.  RegoToken may collect information from or about you in a number of ways.  The types of information which may be collected via the Site could include, but are not limited to, the following:

§  Demographic and other personal information (such as your name, age or gender) which you choose to provide when completing an online form, posting a comment, or engaging in other activity on the Site;

§  Contact information (such as your mailing address, email address or telephone number) which you choose to provide when you send an email, subscribe to a newsletter or create an account through the Site;

§  If you arrive at the Site by “clicking through” from an email or other website, certain data that was made available to that email sender or other website host, such as the terms you were searching for that may have led you to the Site, directly or otherwise;

§  Data which RegoToken’s servers automatically collect when you visit, browse or use the Site, such as your Internet Protocol (“IP”) address, device information (including your operating system and browser versions), any referring website address (or “URL”) through which you arrive at the Site, the page(s) you visit on the Site, the date(s) and time(s) you visit the Site, usage information (including your language preferences), and information about how, when and from where you use the Site’s services and other technical information – all in order to maintain the security and operation of RegoToken’s services, and/or for internal analytics and reporting purposes;

§  Information collected via cookies, web beacons and other tracking technologies, as discussed in more detail below;

§  If you access the Site using a mobile device, data about or from that device; and

§  Information about you that is available from third-party sources, such as public databases, data aggregators, and partners who help verify the contact information provided on the Site.


  1. Using Your Information.  RegoToken may use any information collected from or about you via the Site for the following purposes:  to help increase the efficiency and operation of the Site; to facilitate your use of the Site; to deliver and improve products and services; to optimize business management; to monitor and analyze usage and trends in order to ehance the user experience; to generate a personal profile of you so that your future visits to the Site can be more personalized; to perform any functions or services requested by you; to send you confirmations, updates, alerts and administrative messages; to request feedback and contact you about your use of the Site; to respond to any emails from you; to compile anonymous statistical information and analyses, which RegoToken may use internally and/or provide to third parties; and to deliver information requested by you or that may be of interest to you (such as news items, articles or information about promotions).


3.       Sharing Your Information.  RegoToken may share your information as follows:

§  With third parties that perform services for or on its behalf;

§  With third parties that purchase or rent your information for advertising, marketing or promotional purposes;

§  As required or permitted by applicable law, such as in response to a subpoena or other legal process, or as RegoToken deems necessary or appropriate to investigate or remedy any actual or potential violation of its policies or to protect the rights, property or safety of RegoToken or others;

§  With selected third parties that are allowed to use tracking technologies on the Site, thereby enabling them to collect and analyze information about how you and others use the Site over time (for example, to gauge the popularity of certain online content and to gain insights about your and others’ online behavior); and

§  With any organization to which RegoToken transfers some or all of the Site and/or other assets (such as in the course of a merger, dissolution or liquidation); provided, however, that RegoToken would request that any such transferee honor this (or a substantially similar) Privacy Policy.


  1. Securing Your Information.  While RegoToken will take reasonable steps to protect against unauthorized access to any personally identifiable information you choose to provide through the Site, please be aware that such security measures are not always foolproof and no method of data transmission can be completely immune to possible interception or other types of misuse.  As such, any information you share online has the potential to be accessed by unauthorized parties, so please keep this in mind when disclosing any personal or personally identifiable information via the Site.  To help maximize security on the Internet, RegoToken recommends that you keep your browser current with automatic security updates enabled.


5.       Cookies and Tracking Technologies.  The Site may use cookies, web beacons and/or other tracking technologies, depending upon the features offered.  Such technologies can be useful for tracking the number of visitors to the Site, gathering information about their browser types and operating systems, and understanding how they use the Site.  Cookies can also help RegoToken customize the Site and improve the user experience.  When you browse the Site, your personally identifiable information is not collected through the use of cookies.  However, if you previously provided personally identifiable information to RegoToken, a unique identifier in the cookie may tie the information collected via the cookie to that prior information.  Aggregate cookie and tracking information that does not directly identify you may be shared with third parties.  Also, some content on the Site may be provided by third parties that use cookies in conjunction with other tracking technologies to collect information about you, which could enable them to provide targeted advertising to you.  RegoToken does not control such third-party tracking technologies or how they may be used.  RegoToken may display certain advertising offers on the Site or allow service providers, advertisers, ad networks and/or other third parties to advertise on the Site.  Additionally, RegoToken may use third-party software to serve ads on the Site, to implement email marketing campaigns and/or to manage other interactive marketing initiatives.  Such third-party software may use cookies, web beacons and/or similar tracking technologies to help manage and optimize your online experience with RegoToken.  Most web browsers are set to accept cookies by default, but you can usually choose to set your browser to disable or reject cookies.  Be aware that disabling or rejecting cookies in that manner could affect the availability and functionality of the Site or certain portions of the Site.  Also, please note that RegoToken could still use information collected from cookies prior to your disabling them; however, it would not collect any further information from the disabled cookies.


6.       Minimum Age Requirement.  RegoToken does not use the Site either to market to or to solicit information from children under the age of eighteen.  By using the Site, you represent that you are at least eighteen years of age.  RegoToken encourages parents and legal guardians to monitor their children’s Internet usage and to instruct them never to provide personal information through any website (including the Site) without parental consent.  If you have reason to believe that an under-eighteen child has provided personal information via the Site, please notify RegoToken so that it can undertake reasonable efforts to locate and delete that information.


7.       Links to Other Websites and Third-Party Practices.  The Site may contain links to third-party websites.  It is the intent of RegoToken to include links only to other quality websites.  However, because RegoToken does not control such third-party websites, any information collected through them (and not the Site) is not covered by this Privacy Policy.  RegoToken is not responsible for the content or privacy and security practices of third-party websites, so you are encouraged to read their privacy policies before providing any of your personal information to or through them.


  1. Opt-Outs.  If RegoToken sends you any emails, you may indicate that you do not wish to receive such communications by clicking on the opt-out (or unsubscribe) link contained within RegoToken’s emails.


  1. Comments or Questions?  If you have any comments or questions about this Privacy Policy, you may send them via email to, or by U.S. mail addressed to RegoToken, 1 Kendall Square, Suite B2106, Cambridge, MA  02139.



California Consumer Privacy Act Notice


The California Consumer Privacy Act (“CCPA”) confers upon California Consumers certain rights regarding their Personal Information (“PI”), as those terms are defined in the law.  The statute became effective on January 1, 2020, but the California Attorney General’s office is still in the process of promulgating – and, in some respects, already modifying – proposed regulations that will help clarify the CCPA’s requirements.


For now, and based on its good-faith understanding of the new California law, RegoToken is providing you with notice of the personal information it collects and its purposes for that data collection – insofar as it may be subject to the CCPA.  This notice does not cover information outside the scope of the CCPA.  Nor does it apply to data collected from employees, applicants or contractors, or to data collected from individuals acting as representatives of another business in connection with business communications or transactions.


For the purposes listed below, RegoToken (referred to as “we,” “us” or “our”) may collect – and share with the types of third parties indicated – the following categories of PI that may be subject to the CCPA:


Category(ies) of PI

Purpose(s) for Collection

Category(ies) of Third Parties

1.      Identifiers & Personal Records (e.g., your name, address, phone number, email address, IP address, credit card number)

Providing our services, improving our services, quality assurance, marketing, security, internal analytics & reporting

Vendors, data analytics partners, advertising partners

2.      Consumer Characteristics (e.g., your age, race, gender)

Providing our services, quality assurance, marketing

Vendors, data analytics partners, advertising partners

3.      Customer Account Details & Commercial Information (e.g., details of your use of our services)

Providing our services, improving our services, quality assurance, marketing

Vendors, data analytics partners, advertising partners

4.      Internet Usage Information (e.g., information regarding your interaction with our services)

Security, internal analytics & reporting

Vendors, data analytics partners, advertising partners

5.      Geolocation Data

Security, internal analytics & reporting

Vendors, data analytics partners, advertising partners

6.      Inferences from PI Collected (e.g., your preferences, your likelihood of interest in certain of our services)

Providing our services, improving our services, marketing

Vendors, data analytics partners, advertising partners


In addition, RegoToken may collect, use and disclose your PI as required or permitted by applicable law, or as directed by you, in accordance with this Privacy Policy.


We do not knowingly “sell” (as that term is defined in the CCPA) the personal information that we collect from you, and we will treat any such PI as being subject to a do-not-sell request.


California Consumers have the right to exercise certain privacy rights under the CCPA, either directly or through authorized agents who meet the law’s agency requirements.  Any CCPA request you submit to RegoToken is subject to an identification and residency verification process.  We will not fulfill your CCPA request unless you have provided sufficient information for us to reasonably verify that you are the Consumer about whom we collected PI – i.e., that yours is a “Verifiable Consumer Request.”


RegoToken will make commercially reasonable efforts to identify Consumer PI that we collect, process, store, disclose and otherwise use, and to respond to your California Consumer privacy rights requests.  We will typically not charge a fee to respond to a Verifiable Consumer Request, but we may charge a reasonable fee – or decline to act upon a request – if it is excessive, repetitive, unfounded or overly burdensome.

If you are a California Consumer and would like to register a request under your “right to know about personal information collected, disclosed or sold,” your “right to request deletion of personal information” or your “right to opt out of the sale of personal information,” or to exercise any other privacy rights you may have under the CCPA, please contact us in writing and by email at  We will respond as and when we have sufficient regulatory guidance on how to properly verify and respond to such requests and are able to do so.


As a California Consumer, you would have the right to send us a request, no more than twice in a twelve (12)-month period, for any of the following (for the twelve (12)-month period preceding the date of your request):

§  The categories of PI we have collected about you;

§  The categories of sources from which we collected your PI;

§  The business or commercial purposes for our collecting or selling your PI;

§  The categories of third parties with whom we have shared your PI;

§  The specific pieces of PI we have collected about you;

§  A list of the categories of PI disclosed for a business purpose in the prior twelve (12) months, or that no disclosure occurred; or

§  A list of the categories of your PI sold in the prior twelve (12) months, or confirmation that no such sale occurred.  If we did sell your PI, we would explain in our response to your request:

§  The categories of your PI we sold; and

§  The categories of third parties to which we sold that PI, by categories of PI sold to each third party.


A California Consumer also has the right to make or obtain a transportable copy, no more than twice in a twelve (12)-month period, of her/his PI that we both collected during the twelve (12) months prior to the copy request date and are still maintaining as of the date of the request.


Please note that PI is retained by us for various time periods, so we may not always be able to respond fully to each request covering the full twelve (12) months – or even some lesser periods – prior to the date it is made.


Except to the extent we have a basis for retention under CCPA, a California Consumer may request that we delete her/his PI that we have collected directly from her/him and are maintaining.  Please note that we are not required to delete any PI that we did not collect directly from the California Consumer her/himself.


Alternatively, a California Consumer may exercise more limited control of her/his PI through one of the more limited opt-outs, including unsubscribing from email newsletters.


RegoToken will review – and, as appropriate, revise – this CCPA notice from time to time (such as when implementing regulations take effect and/or other interpretive guidance becomes available).