Privacy Notice

Effective July 18, 2019

Table of Contents


LAST UPDATED: July 18, 2019

TokenEx (“TokenEx,” “we,” “us,” or “our”) takes privacy and data protection issues seriously. Our most important asset is our relationship with our user community. We are committed to maintaining the confidentiality, integrity, and security of information about our users and their organizations.

By this Privacy Notice, We have published and made available to you our Privacy Policy (“Policy”), set forth on the following pages, to explain how we handle personally identifiable information collected from merchants, including from within the EU and the United Kingdom, who are clients, register to receive services from TokenEx and submit information to TokenEx through the Internet. This Policy also describes our privacy practices regarding other consumer information that we may receive and other information that we collect on this Web site (, together with any replacement site (the “Site”).

TokenEx complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States, respectively. TokenEx has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

Please read, familiarize yourself with, and fully understand, to your satisfaction, the provisions of our Privacy Policy. By checking the opt-in box at the end of our Privacy Policy, and by thereafter submitting or making available personally identifiable information about you and your business through the Site or TokenEx’s services, you agree to the terms of our Privacy Policy and you expressly consent to the processing of personally identifiable information in accordance with this Policy. We do not share your personally identifiable information with any third party and use the information you submit solely to contact you and/or provide information about us that you either request or that we believe you may find useful in dealing with us. Your personally identifiable information may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of personally identifiable information may be less stringent than the laws in your country. TokenEx strives to comply with the applicable laws and regulations protecting the privacy of personally identifiable information in the jurisdictions in which TokenEx operates. Where appropriate, specific jurisdictions may require supplemental terms to this Policy in order to comply with local laws.

Thanks for taking the time to review our Notice and Policy.


Scope of this Privacy Policy

This Privacy Policy covers TokenEx’s treatment of personally identifiable information collected from any merchant or person (hereafter, a “merchant” or “you”) who uses TokenEx’s tokenization and payment gateway services, as well as our treatment of any other consumer information that we acquire in the course of our business and any other information that we collect on or through the Site. This Policy also covers TokenEx’s treatment of personally identifiable information that TokenEx’s business partners may share with TokenEx.

This Policy does not apply to the practices of companies or Web sites that TokenEx does not own or control, or to people whom TokenEx does not employ or manage; this Privacy Policy is specific to TokenEx. We encourage you to seek out and read the privacy policy of each Web site that you visit or use.

By checking the opt-in box at the end of this Privacy Policy, and by thereafter submitting or making available personally identifiable information about you and your business through the Site or TokenEx’s services, you agree that you have read and understood this Privacy Policy and you accept and consent to the privacy practices (and any uses and disclosures of information) that are described in this Privacy Policy.

Information Collection and Use

TokenEx collects personally identifiable information about you and your business when you register for a TokenEx merchant account. For example, when you register with TokenEx, we ask for your contact information (such as your name, street address, and e-mail address), as well as certain information pertaining to your business and certain billing information (such as your or your business’s bank account number or credit card number). TokenEx may also receive personally identifiable information from its resellers and other business partners.

In the course of processing a payment transaction, TokenEx typically receives information related to the transaction from the applicable merchant or financial institution. This normally includes personally identifiable information relating to the payment that the relevant consumer has separately furnished to the merchant or financial institution in requesting or initiating the transaction. As a merchant, you are solely responsible for obtaining all necessary and appropriate consent and authorization from each consumer and other person about whom you share personally identifiable information with TokenEx. Please only share with us personally identifiable information for which you have obtained appropriate consent and authorization from the applicable consumer. Any personally identifiable consumer information shared with us from the applicable merchant or financial institution is treated with the utmost care and security. TokenEx systems are certified as a Level 1 PCI Compliant, and all data retention and credit card information is fully encrypted, and data security is maintained at the PCI standards as determined by the PCI Security Standard Council. Please see more details about our security practices in the “Information Security” section below.

TokenEx uses the payment-related information that it receives as necessary and appropriate to fulfill requests to process payment transactions, to facilitate billing, and to otherwise deliver payment services. Personally identifiable information about consumers is used by TokenEx to process payment transactions and (except as provided in the next section of this Privacy Policy) for no other purpose. We may use information that we receive about you (as a merchant) and your business to send you service announcements, newsletters, and periodic notices about specials and new products. In addition, we may retain the content of, and metadata regarding, any correspondence you may have with our representatives or us, regardless of the subject matter or the mode of communication by which such correspondence is made. This information helps us to improve our products and services, as well as the Site and the content, materials, opportunities, and services that we feature or describe on the Site, and to more effectively and efficiently respond to both current and future inquiries.

We do not acquire any personally identifiable information directly from consumers on the Site. Our Web site is not directed at persons under the age of 18 and TokenEx does not collect or maintain information on our Web site from persons we actually know are under the age of 18. As with many other Web sites, the Web servers used to operate the Site may collect certain non-personal data pertaining to users of the Site and the equipment and communications method that they use to access the Internet and the Site. Without combining these data with other sources of information, they do not readily or personally identify individuals. They may reveal such things as the Internet protocol (“IP”) address assigned to an individual’s computer, specific pages that an individual accessed on the Site or immediately prior to visiting the Site, and the length of time spent in a visit to the Site. The purposes for which this information is collected and used include facilitating Site operation and system administration, the generating of aggregate, non-identifiable statistical information, monitoring and analyzing Site traffic and usage patterns, and improving the content and content delivery of the Site and the content, materials, opportunities, and services that we describe or make available on the Site.

We may also use “cookies” (small text files stored on users’ computers) to help track and customize access and use of the Site. Cookies store and retain information that helps us recognize individuals when they return to the Site following a previous visit. Most popular Internet browser packages allow one to configure the browser so as not to accept cookies. Setting your browser to reject cookies may, however, in certain instances, prevent you from taking full advantage of the Site and the materials, products, and services that we make available on the Site.

Information Sharing and Disclosure

Protecting personally identifiable information about merchants and consumers is an important part of our business. We do not sell, share, or rent client information to third parties except as described below.

TokenEx will disclose personally identifiable information about you, as a merchant, to third parties (whether other companies or individuals) when: (1) we have your consent to share the information with such third parties; (2) we need to share the information with such third parties to provide the product or service you have requested; or (3) such third parties work on behalf of TokenEx to provide a product or service to you (unless we tell you differently, these third parties do not have the right to use or disclose any personally identifiable information that we provide to them beyond what is necessary for them to perform their duties for us).

We share personally identifiable information about specific consumers with third parties (such as, for example, banks and credit card processors) to the extent necessary for TokenEx to deliver tokenization and payment processing services that are requested regarding such consumers.

We also may disclose personally identifiable information to third parties only when we believe disclosure is required or appropriate: (1) to comply with applicable laws, regulations, subpoenas, court orders, and the like; (2) to enforce or give effect to written agreements that we are party to (such as, for example, the Merchant Agreement that you, as a merchant, have executed with us); or (3) to protect the rights, property, or safety of TokenEx, its other users, or others. If TokenEx receives an order or subpoena for some or all of the personally identifiable information or determines that it is bound by law to disclose such information, TokenEx shall immediately notify you of such receipt or determination and provide to you a copy thereof. If you request, TokenEx shall cooperate with you in any lawful proceeding to prevent or limit such disclosure. These disclosures may include, for example, exchanging information with other companies and organizations for fraud protection and risk reduction purposes. In cases of onward transfer to third parties of data of EU and United Kingdom individuals received pursuant to the EU-US Privacy Shield, TokenEx is liable for appropriate onward transfers of personal data to third parties.

Transfer of Personal Information in the Event of Sale of TokenEx or Its Assets

In the event that TokenEx is sold or transfers some of its assets to another party, your personal information could be one of the transferred assets. If your personal information is transferred, use of your personal information will remain subject to this Privacy Policy. Your personal information will be passed on to a successor in interest in the event of a liquidation or administration of TokenEx.

What Choices Do You Have?

When corresponding with TokenEx or our representatives, or when making a request for information, submitting information, or otherwise interacting with us through the Site, you choose what information to supply, what questions to pose and comments to make, whether you wish to receive further information, and by what method of communication that information should be delivered to you. Please take care to share only such information as is needed or that you believe appropriate. You may choose not to disclose certain personally identifiable information to TokenEx. However, in doing so, we may not be able to provide you the services that you are requesting. Also, you may request, by contacting TokenEx, that any and all personal information that TokenEx has gathered through your submission of a form to TokenEx be removed or corrected. You may also request that TokenEx provide you with a hard-copy printout of any personal information that you have submitted to TokenEx.

Information Security

Information security is critical to our business. We use proprietary software, firewalls, and industry-standard security technology, as well as industry-standard security practices, to protect personal and confidential information that we receive and to prevent that information from being accessed by unauthorized persons. For example, we work to protect the security of personal and confidential information submitted through the Site during transmission by using Secure Sockets Layer (“SSL”) software, which encrypts information. The information that you submit through the Site is gathered on computers and stored in a data center, protected by proprietary and industry-standard security practices. The number of employees that have physical access to our data center, and to the computer on which personal information is stored, is limited. TokenEx systems are certified as a Level 1 PCI Compliant, and all data retention and credit card information is maintained at the PCI standards as determined by the PCI Security Standards Council (

We also require that any personally identifiable information about consumers that is sent to us through or in connection with the Site be encrypted using SSL encryption.

You are responsible for the use and safeguarding of any login ID that we issue to you regarding the use of the Site and any associated passwords. It is important for you to protect against unauthorized access to your login ID and password, to other sensitive data regarding your account with us, and to your computer. Be sure to appropriately safeguard the login ID and password that you use to access TokenEx’s services, and be sure to sign off of your account when you are finished using it if you are using a shared computer to access the Site.


In compliance with the Privacy Shield Principles, TokenEx commits to resolve complaints about our collection or use of your personal information. European Union and United Kingdom individuals with inquiries or complaints regarding our Privacy Shield policy should first contact TokenEx at or by mail at TokenEx, P.O. Box 521068, Tulsa, Oklahoma 74152-1068, Attn: Legal Department.

TokenEx has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit the American Arbitration Association at for more information or to file a complaint. The services of the American Arbitration Association are provided at no cost to you.

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information, see

Regulatory Jurisdiction

The Federal Trade Commission has jurisdiction over TokenEx’s compliance with the Privacy Shield.

Changes to this Privacy Policy

TokenEx reserves the right to modify or amend this Privacy Policy at any time and for any reason. Please note the date at the top of this document to determine the latest revision date of this Privacy Policy. Any changes to this Privacy Policy will become effective immediately when posted on the site. By checking the opt-in box at the end of this Privacy Statement means that you accept the revised Privacy Policy.

If you have additional questions about this Policy, please contact TokenEx by email at or by mail at TokenEx, P.O. Box 521068, Tulsa, Oklahoma 74152-1068, Attn: Legal Department.

This Privacy Policy describes in detail how and to what extent TokenEx may use your data, which, briefly restated, is solely to enhance further communication with you. In order to submit this form, please check the box below. By submitting this form, you agree that TokenEx may process your data in the manner described above.