Last Updated: October 3, 2025
We at Thrust Inc., a Delaware corporation ("Thrust," "us," "we," or "our") recognize the importance of protecting privacy rights and information relating to an identified or identifiable natural person ("Personal Information" or "PII") collected about you and other visitors and users (collectively, "Users") through our website(s), application(s), crypto launchpad, tools, smart contracts and related features (collectively, the "Site") and any services made available through or in connection with the Site (together, the "Service"). We are committed to ensuring that your privacy is protected. This Privacy Policy ("Policy") discloses our practices regarding the collection, use, and disclosure of PII we receive through your use of the Site and Service.
Unless otherwise expressly agreed to in writing, your Personal Information will be processed according to the terms of this Policy. Defined terms used but not defined herein have the meaning set forth in our Terms of Service at legal@thrust.com.
This Policy is drafted to comply with the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA"), with the E.U. General Data Protection Regulation (EU) 2016/679, the U.K. GDPR (collectively, "GDPR"), the Swiss Federal Act on Data Protection ("FADP"), and applicable comprehensive U.S. state privacy laws. However, the application of these laws depends on each individual case.
Users of the Site are under no statutory or contractual obligation to provide PII to us. For purposes of compliance with the GDPR and the FADP, we are the data controller of information we collect from data subjects through the Site. For the purposes of this Policy, "data subject" means an identified or identifiable natural person.
This Policy applies to legal@thrust.com, its subdomains, the Thrust Platform and launchpad, and all websites and internet properties that we own or operate, regardless of how Users access the Site (e.g., via a web or mobile browser). This version replaces and supersedes any prior privacy policies applicable to the Site.
The information we collect depends on your interactions with us, the choices you make, the products and features you use, your location, and applicable laws. We may collect or receive information directly from you (e.g., your name and email address when you or your organization sign up for our Service or for marketing communications). We may also receive information through your use of our Service (e.g., IP addresses, telemetry data, wallet addresses, and blockchain interactions). We are the sole owner of information collected on the Site, subject to the disclosures herein.
We collect several types of information from and about Users of the Site, including:
We may collect PII when you complete forms, participate in surveys, navigate web pages, submit support requests, use our wallet-connection features, interact with staking features, and in connection with other activities, services, features, or resources made available on the Site. We do not knowingly collect Sensitive PII about you unless you provide it or it is required by law for compliance (e.g., as part of optional third-party on-ramp KYC performed by the on-ramp provider). Sensitive PII, if collected, is handled in accordance with applicable law.
The types of PII we have collected, used, stored, and disclosed in the last twelve (12) months may include the following categories of information: 1
Identifiers: First name, last name, email address, username or account name, phone number, IP address, device identifiers, online identifiers, and similar identifiers.
Internet or Other Similar Network Activity: Interactions with our Service and Site, pages viewed, referring/exit pages, timestamps, clickstream data, feature usage, and traffic data.
Financial and Transactional Information: Public blockchain wallet addresses, transaction hashes, token and staking activities on the Thrust Platform, activity metadata, and related on-chain event data. We do not take custody of your private keys.
Payment Information: If you purchase any paid features from us directly, limited payment details necessary to process transactions with our payment processor(s). We do not store full payment card numbers; such data is handled by our payment processors.
Support and Communications: Content of messages you send to us, feedback, bug reports, and responses to surveys.
We may collect deidentified information and aggregate information that does not reasonably identify you ("Deidentified Information"). This may include device type, device operating system, browser type, internet service provider, referring/exit pages, date/time stamps, clickstream information, general geolocation, telemetry, and analytics data. We take reasonable measures to ensure Deidentified Information is not personally identifiable and is not reidentified, except as permitted by law.
Our Service and Site are not directed to, and we do not knowingly collect PII from, anyone under the age of 18. If we learn that a child under 18 has provided PII, we will promptly delete such information. Parents or guardians who believe their child has provided PII should contact us at legal@thrust.com.
Blockchain and Wallet Data: When you connect a self-custody wallet or interact with smart contracts, we may collect your public wallet address and transaction-related information that is publicly available on blockchains you use. On-chain transactions are recorded on public, immutable ledgers not controlled by Thrust. See "Blockchain and Immutability" under Security and Data Retention.
Compliance Information: Where applicable law or third-party providers require, we may process information necessary for fraud prevention, sanctions screening, anti-money laundering and counter-terrorist financing (AML/CTF) compliance (often performed by independent third-party providers like fiat on-ramp partners). We may also receive compliance status confirmations from such providers.
The information we collect depends on what Users do when they visit or use the Site and Service. We collect PII and Deidentified Information in various ways, including:
We collect PII when you voluntarily submit it while using the Site and Service and in connection with activities, services, features, or resources made available on the Site, such as account sign-up, newsletter subscriptions, surveys, support requests, bug reports, feedback, developer or partner inquiries, and marketing opt-ins.
We may collect PII and Deidentified Information that your browser or device transmits when you visit or use the Site. We also collect information about how you access and interact with the Site and Service through automated tracking technologies:
Cookies: Small data files placed on your device to remember settings and preferences and to understand usage.
Web Beacons/Pixels: Electronic images used to help deliver cookies and gather analytics on usage.
We use session cookies (expire when you close your browser) and persistent cookies (remain on your device until deleted). You can control cookies through your browser settings. Disabling cookies may limit certain Site features. For more information about cookies, and how to disable them, see your browser's help section or visit https://www.allaboutcookies.org.
We may use analytics tools (e.g., Google Analytics) to help analyze Site usage. To opt out of Google Analytics, you may install the Google Analytics opt-out browser add-on.
We may receive PII about you from third parties whose privacy practices may differ from ours, including: (i) wallet and infrastructure providers used to enable on-chain interactions (e.g., Turnkey for wallet infrastructure); (ii) fiat on-ramp providers (e.g., Swapped or other providers) that may perform their own KYC/AML processes and share limited status data with us (e.g., verification success) to enable functionality; (iii) cloud hosting, customer support, analytics, email marketing, and fraud prevention service providers; and (iv) public sources, including public blockchain data, public websites, and social media you choose to interact with.
We do not control third-party privacy practices and are not responsible for their actions. Your use of third-party services is governed by those third parties' terms and privacy policies. We encourage you to review those policies.
We and our third-party marketing partners may use your Personal Information for marketing purposes as permitted by law. You can opt out of direct marketing as described in this Policy. We do not sell your Personal Information or share it for cross-context behavioral advertising as defined by the CCPA/CPRA. We do not share data with data brokers.
We may use Users' PII for lawful business purposes: (i) as necessary for the performance of our contract with Users, (ii) for our legitimate interests, so long as they are not overridden by Users' rights and interests, or (iii) as required by law. These purposes include:
To operate, administer, provide, maintain, and deliver our Site and Service (including the Thrust Platform, staking features, and related tools), including troubleshooting, system maintenance, upgrades, security, and availability.
To respond to and fulfill your requests, e.g., customer support inquiries, feature requests, or feedback.
To communicate with you regarding the Site and Service, including updates, notices, and responses to your inquiries.
To send you promotional materials and other marketing communications, subject to your opt-out rights at any time. We may personalize marketing to align with your preferences and Site usage. We comply with applicable anti-spam laws and will include opt-out instructions in marketing communications.
To analyze browsing and usage activities and patterns in aggregate to understand interests and preferences and to optimize your experience on the Site and within the Service.
To improve content, features, layout, and performance; to assess and enhance the Service; and to support everyday business needs, including analytics, quality assurance, and research and development. We may use deidentified or aggregated information for these purposes.
To protect the Site, Service, our users, and third parties; to detect, investigate, prevent, and respond to fraud, abuse, unauthorized access, illegal activities, and security incidents; to authenticate users; to enforce our Terms of Service; to comply with legal obligations; and to respond to lawful requests from regulators or law enforcement.
To process and complete transactions you initiate with us (if any) and send related information such as confirmations or notices. Note that on-chain transactions are executed by you from your self-custody wallet; Thrust does not take custody of your assets or private keys.
We will not collect additional categories of PII or use PII for materially different, unrelated, or incompatible purposes without providing you notice (and obtaining consent where required by law).
We do not sell, rent, lease, or share PII, and we will not disclose Users' PII to third parties without your permission, except as described in this Policy or as otherwise required or permitted by law. For purposes of the CCPA/CPRA, we do not sell or "share" Personal Information for cross-context behavioral advertising, and we do not disclose Personal Information to data brokers.
We may disclose Users' PII to third parties for a business purpose as described below:
We may disclose your PII to our affiliates. Our affiliates will treat such PII in accordance with this Policy.
We may disclose your PII to third-party service providers that require access to information to support our operations and delivery of the Site and Service, such as: (i) wallet infrastructure providers (e.g., Turnkey: subject to Turnkey's terms and privacy policy) providing self-custody wallet functionality; (ii) fiat on-ramp providers (e.g., Swapped or other providers) that are independent third parties and may collect and process PII for KYC/AML and compliance under their own terms and privacy policy; (iii) hosting, cloud, security, DDoS protection, analytics, email, customer support, error monitoring, logging, tag management, and content delivery networks (CDNs); (iv) payment processors for any direct purchases from us (if applicable); and (v) professional advisors (e.g., auditors, legal counsel) subject to confidentiality obligations.
These providers may use PII only as instructed by us and in a manner consistent with this Policy and applicable law.
We may disclose your PII to law enforcement or other government officials if it relates to a criminal investigation or alleged criminal activity. We may also disclose your PII: (i) if required or permitted by law; (ii) for fraud protection and credit risk reduction; (iii) to protect our rights, interests, or property; (iv) to protect the safety of you, others, or the public; or (v) to comply with a judicial proceeding, court order, subpoena, regulatory request, or similar legal, arbitration, or administrative process.
If we become involved in a transaction involving the sale or transfer of our business or assets (e.g., merger, acquisition, reorganization, financing, or bankruptcy), we may disclose and/or transfer your PII as part of the transaction, subject to applicable law. The successor entity may use your PII pursuant to its own privacy policies.
We may disclose your information to other third parties with your consent.
The security and confidentiality of your PII is important to us. We use commercially reasonable administrative, technical, and physical security measures designed to protect your PII from unauthorized or unlawful access, use, modification, destruction, loss, alteration, and/or disclosure. However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your PII, we cannot guarantee absolute security.
We require third parties acting on our behalf or with whom we disclose your information to implement security measures in accordance with industry standards and applicable law and to comply with contractual confidentiality and security obligations. We are not responsible for the privacy and security practices of such third parties outside the information we receive from or disclose to them.
You are solely responsible for safeguarding your wallet credentials, private keys, seed phrases, passcodes, devices, and recovery mechanisms. Thrust does not have access to your private keys and cannot recover them for you.
Never share your private keys, seed phrases, or two-factor authentication codes. Thrust will never ask you for them. You should maintain up-to-date security software and device protections.
Public blockchains are distributed ledgers intended to immutably record transactions across decentralized networks. On-chain data (including public addresses and transaction hashes) may be open to forensic analysis and can potentially be combined with other data to re-identify individuals. Because blockchains are not controlled by Thrust, we cannot modify, delete, or erase on-chain data once it is published. Your rights to deletion or correction under applicable laws may not be fully realizable with respect to data stored on public blockchains.
We retain Users' PII while you maintain an account or profile with us or for as long as necessary to provide the Site and Service and to satisfy the purposes described in this Policy. Thereafter, we retain PII for as long as reasonably necessary: (i) to respond to inquiries; (ii) to demonstrate that we treated Users within fair legal practice; (iii) for ordinary business continuity and backup procedures; (iv) to comply with legal, regulatory, tax, accounting, or reporting obligations; and (v) to enforce our rights and agreements.
When we no longer have an ongoing legitimate business need to process your PII, we will delete or anonymize it within a reasonable period. If deletion is not feasible (e.g., backups), we will securely store and isolate it from further processing until deletion is possible. Deletion of blockchain data is not possible; on-chain records are immutable and beyond Thrust's control.
Depending on applicable law, you may have the following rights:
Right to Access: Request a copy of your PII.
Right to Rectification: Request correction of inaccurate PII.
Right to Erasure: Request deletion of your PII, subject to legal exceptions and technological limitations (e.g., public blockchain data).
Right to Restrict Processing: Request restriction of processing in certain circumstances.
Right to Object: Object to our processing based on legitimate interests and to direct marketing at any time.
Right to Data Portability: Receive your PII in a structured, commonly used, and machine-readable format, where technically feasible.
Right Not to be Subject to Automated Decision-Making: Not be subject to a decision based solely on automated processing that produces legal or similarly significant effects.
To exercise your rights, please submit a Verifiable Consumer Request as described below. These rights are subject to legal restrictions and may affect our ability to provide the Service.
Depending on your state of residence, you may have some or all of the following rights:
Right to Access: Request the categories and specific pieces of PII collected in the preceding 12 months, the sources of that PII, the business or commercial purpose for collection, and the categories of third parties to whom we disclose PII.
Right to Data Portability: Receive your PII in a portable, readily usable format.
Right to Correct: Request correction of inaccurate PII we maintain about you.
Right to Deletion: Request deletion of PII we collected from you, subject to legal exceptions.
Right to Opt Out of Sales or Sharing for Cross-Context Behavioral Advertising: We do not sell or share PII as defined under the CCPA/CPRA. If our practices change, we will update this Policy and provide required mechanisms to exercise your rights, including recognition of opt-out preference signals where required by law.
Right to Limit Use of Sensitive Personal Information: We do not use Sensitive PII for purposes requiring a limitation right under the CCPA/CPRA.
Right to Be Free from Discrimination: We will not discriminate against you for exercising your rights.
To exercise your rights, please submit a Verifiable Consumer Request as described below. Your rights may be limited as permitted by applicable law.
California's "Shine the Light" law permits Users who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. We do not disclose PII to third parties for their direct marketing. To request more information, contact us at legal@thrust.com.
If you are a California resident or a data subject located in the EEA, the U.K., Switzerland, or any other jurisdiction who's privacy laws grant any of the above rights, you can exercise your legal rights by submitting a Verifiable Consumer Request to us by emailing legal@thrust.com.
Only you, or someone legally authorized to act on your behalf, may make a Verifiable Consumer Request related to your PII. You need not create an account with us. The request must: (i) provide sufficient information to reasonably verify you are the person about whom we collected PII or an authorized representative; and (ii) describe your request with sufficient detail to allow us to properly understand, evaluate, and respond.
We cannot respond to your request or provide PII if we cannot verify your identity or authority and confirm the PII relates to you. We will only use PII provided in a Verifiable Consumer Request to verify the requestor's identity or authority.
We will acknowledge receipt of your request within the timeframe required by applicable law and respond within the period required by applicable law (generally within one month for GDPR/FADP and 45 days for CCPA/CPRA, subject to permissible extensions). Any disclosures we provide will cover the period required by law prior to your request. If we deny your request in whole or in part, we will inform you of the reasons. We do not charge a fee to process or respond unless the request is excessive, repetitive, or manifestly unfounded; if we charge a fee, we will explain why and provide a cost estimate.
Where we process PII based on your consent, you may withdraw your consent at any time without affecting the lawfulness of processing before withdrawal. To withdraw consent, submit a Verifiable Consumer Request as described above or use applicable preference tools provided in the Site.
To deliver our Service, we may transfer PII outside your country of residence, including to the United States and other countries that may not provide the same level of data protection as your home jurisdiction. Where required, we implement appropriate safeguards for international transfers, such as European Commission (and U.K. ICO) Standard Contractual Clauses and, if applicable, Swiss-compliant clauses and supplementary measures. By using the Site and Service, you understand that your PII may be processed in jurisdictions outside your home country. For questions about our transfer mechanisms, contact us at legal@thrust.com.
The Site does not currently respond to Do Not Track signals. We may collect and use your browsing data as disclosed herein. You can disable cookies or use browser privacy settings and tools to manage tracking preferences.
We do not participate in bulk email solicitations that you have not consented to receiving. We do not sell or disclose customer lists or email address lists to unrelated third parties. Except as otherwise provided herein, we do not share PII with third-party advertisers. We may send you administrative or transactional messages related to the Service, as permitted by law.
The Site may contain links to websites or applications ("Linked Sites") not owned or controlled by Thrust. We do not control the collection or use of any information, including PII, on Linked Sites, and we are not responsible for their content, products, services, software, or privacy practices. Our platform and community channels may utilize functions from social networks including but not limited to Discord, GitHub, YouTube, Reddit, X, or StackExchange. When you use these, the operators of those platforms may process your PII according to their own policies. We encourage you to be aware of when you leave our Site and to read the privacy policies of Linked Sites and social platforms.
We may update this Policy from time to time in our sole discretion to reflect changes in laws, regulations, industry practices, our data practices, or Service updates. If our privacy practices change materially, we will post an updated version of the Policy to the Site and update the "Last Updated" above. Your continued use of the Site and Service after the "Last Updated" date constitutes acceptance of the updated Policy. If you do not agree with changes, you should stop using the Site and Service.
If you wish to access, update, change, delete, opt out of certain processing (including direct marketing), or otherwise control your PII, or remove or alter your user profile, contact us at legal@thrust.com. To help us process your request, please provide sufficient information to allow us to identify you in our records. We may request additional information to verify your identity before disclosing PII. Any verification data provided will be used only for verification and deleted when the process is complete.
You may opt out of promotional emails by following the instructions in the communication or contacting us at legal@thrust.com. Even if you opt out of marketing, we may still send you administrative or transactional emails related to your use of the Service.
We will make commercially reasonable efforts to respond to requests without undue delay and within the time periods required by applicable law. Requests may be limited as permitted by applicable law, including the GDPR and the FADP.
If you would like to file a complaint with us about our privacy practices, please contact us at legal@thrust.com. If you are a data subject located in the European Economic Area, the GDPR grants you the right to lodge a complaint with a competent supervisory authority. See: https://edpb.europa.eu/about-edpb/board/members_en. U.K. data subjects may contact the ICO: https://ico.org.uk/global/contact-us/. Switzerland: Federal Data Protection and Information Commissioner (FDPIC): https://www.edoeb.admin.ch/en/contact-2.
If you have questions about this Policy or wish to contact us with questions or comments, please contact us at: legal@thrust.com