Privacy Policy

Last modified December 21, 2020

1.Purpose

Thank you for visiting a website owned by Atomic FI, Inc. (“Atomic”, “we”, “us” and “our”). Your privacy is important to us. In order to better protect your privacy, we have developed this website privacy policy (“Website Privacy Policy”). The Website Privacy Policy explains our information practices and the choices you can make about the way your information is collected and used at this website. The Website Privacy Policy is based on these principles:

We will disclose how we use the information we collect;
We will give you an opportunity to correct the information in our records when it has been erroneously recorded.

These principles and our Website Privacy Policy apply when we collect the information online on our website. This Website Privacy Policy (together with our Product Privacy Policy, Terms of Service, agreements we may have entered into with you, disclosures made at the time we collected your information, and any other policies published on our websites or apps) sets out the basis on which any personal or business data (“Personal Data”) we collect from you, or that you provide to us, will be used by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

By visiting Atomic websites or apps or otherwise submitting information to us, you consent that your data may be used in accordance with the terms of this Website Privacy Policy.

2.Atomic’s Commitment to Privacy

Atomic takes privacy very seriously and knows that consumers care about how their Personal Information is used and shared. Atomic is committed to maintaining the privacy and confidentiality of its consumers’ personal information in full accordance with privacy best practices.

2.1 Roles and Responsibilities

Atomic’s Compliance Department will coordinate with Operations, Customer Service, IT, and any other areas as deemed necessary to ensure that all departments are aware of and have taken the necessary steps to implement this policy. Atomic’s CEO, or qualified designee is responsible for ensuring that this policy is properly adopted, implemented, and updated as often as required.

The CEO will report at least annually to the Board of Directors the overall status of the information security program and Atomic’s compliance with privacy best practice guidelines. The report will discuss material matters and provide updates on the Risk assessment, service provider arrangements, results of any testing, security breaches and violations, management responses, and recommendations for changes.

All business activities associated with privacy and security related matters will be reviewed and approved by the Atomic CEO or qualified designee.

2.2 Applicability

1.This Website Privacy Policy applies to all information collected by Atomic through Atomic websites (for purposes of this Website Privacy Policy, “websites” includes https://www.atomic.financial and Atomic mobile websites (collectively “websites”. This Website Privacy Policy applies to information related and retrieved in connection to any information provided or collected while using our websites. Terms used but not defined in this Website Privacy Policy have the meanings assigned to them in Atomic User Agreement. You should read this Website Privacy Policy in its entirety as certain sections may apply differently to residents of different jurisdictions.

3.The Information We Collect

The types of information we collect is related to your browsing activity while on our websites. Atomic has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers’ nonpublic personal information under privacy best practices. Nonpublic Personal Information (“NPI”) means personally identifiable financial information; and any list, description, or other grouping of consumers (and publicly available information pertaining to them) that is derived using any personally identifiable financial information that is not publicly available.

Non-public Personal Information (“NPI”) includes:

Contact information, such as name and email address.
Computer and mobile device information, such as the domain and host you use to access the Internet, your computer’s IP address, mobile device geolocation, number and other information from and about your device (such as device properties, settings, applications, stored information and usage) and carrier, the browser and operating system software you use, websites you have visited or later visit, social profile and network information, the date and time you access our website, the internet address used to link to our website when you visit us, and cookie information; and
Any and all additional information that you choose to provide to us while browsing on our websites.

You consent to our collection, storage and transfer of information by computers or storage devices in the United States and elsewhere.

4.How Do We Process Your Information?

We may Process your information for the following purposes:

to verify your identity;
to comply with applicable laws, regulations, and rules, such as those relating to “know-your- customer” and anti-money laundering requirements;
to detect and prevent fraud and other illegal uses of the Atomic products or services;
to send you marketing notices, service updates, and promotional offers on our website;
to provide you with advertising, search results, and other content based on your location, when you provide us access to location services; and
to respond to your requests.

5.When Do We Collect Your Information?

We collect your personal information, for example, when you:

use or visit our websites such as https://www.atomic.financial
enter a promotion, register for email alerts or marketing communications, or join a loyalty program; and

We also collect and aggregate data to corroborate information about you from a variety of sources, including without limitation, computer systems and mobile devices while using our websites. We may collect, track and combine information across devices, platforms and transaction channels. We may retain Personal Information for a time period longer than that required by law as part of our business needs and if doing so is not prohibited by law.

6.Do We Share Information?

Atomic does not sell or rent the information we collect to third parties for their promotional purpose.

Without obtaining your consent, Atomic has the right to share information collected while using our websites for the following reasons:

for our everyday business purposes, such as to process your transactions; manage our consumer relationships; provide requested products and services; maintain your account(s); respond to court orders and legal investigations; gather information about website access, usage and performance; enhance your consumer experience; validate your creditworthiness or your identity; in connection with a merger, acquisition or sale of the company or any of its assets; make risk decisions; detect and prevent fraud and other illegal activity; or as otherwise permitted or required by law;
for our marketing purposes such as to offer our products and services to you or notify you about future events and promotions;
in the event of the sale, acquisition or merger of some or all of our assets, Personal Information about you might be a part of the transferred assets. We shall notify you in the event of such an occurrence and inform you of any choices you may have regarding your Personal Information, by placing a notice on our websites;
law enforcement, government officials or other third parties, but only in connection with a formal request, subpoena, court order, or similar legal procedure; or
when we believe in good faith that disclosure is necessary to comply with the law, prevent physical harm or financial loss, report suspected illegal activity, or to investigate violations.

Atomic does not have affiliates and does not share your personal information with non-affiliates and third-parties to market to you or to jointly offer products.

Our network of computers, servers, cloud-based storage and other technological infrastructure is maintained both on our premises and with third-party service providers. We and our third-party service providers store and process your NPI in the United States and elsewhere in the world. We will protect your information as described in this Website Privacy Policy if your NPI is maintained in or transferred to other countries. When you use our websites, you consent to your NPI being transferred to other countries, including countries that have different data protection rules than your country of residence or the country from which you are using our websites. We do not represent that our websites are appropriate or available for any particular jurisdiction.

7.Use of Your Information

To the extent Atomic collects certain NPI about the current and prospective consumers in the course of offering and facilitating financial services rendered, Atomic shall not disclose to any unauthorized individual or entity, except as permitted sections 313.14 and 313.15 of the Privacy Rule.

The section 14 exceptions apply to various types of information-sharing that are necessary for processing or administering a financial transaction requested or authorized by a consumer. This includes, for example, disclosing NPI to service providers who perform other administrative activities for a consumer’s account.

The section 15 exceptions apply to certain types of information-sharing, including disclosures for purposes of preventing fraud, responding to judicial process or a subpoena, or complying with federal, state, or local laws. Examples of appropriate information disclosures under this exception include those made to technical service providers who maintain the security of Atomic records; Atomic attorneys or auditors; and if applicable a consumer reporting agency, consistent with the Fair Credit Reporting Act.

Customers and consumers have no right to opt out of the above listed disclosures of NPI.

You may decline to provide NPI, such as name and email when so requested of you, however, certain related services may be unavailable to you.

You may also opt-out from promotional email messages to you by contacting Atomic Customer Service by email at support@atomicfi.com, or selecting the “Unsubscribe” function present in each promotional email message we send out and providing the required information.

8.How We Use Cookies, and Tracking Technologies

As most other websites, we gather certain information automatically and store it in log files. This information may include your internet protocol (IP) address, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. From time to time, we may combine this automatically collected data with other information we collect about you for analysis, security, content generation, or marketing purposes.

We may use the analytics tool in order to develop and analyze use of the websites. Analytics companies may access anonymous data (such as your identifier for advertising or device identifier) to help us understand how the websites are used. They use this data on our behalf and do not use this data for their own purposes, except in aggregate form. Moreover, they do not share data as to any individual user, except in limited circumstances.

We engage third parties, such as marketing or analytics partners, who may collect information about your online activities over time and across different websites when you use our websites. Atomic partners with third parties, to provide certain features on our websites or to display advertising based upon your Web browsing activity and to collect and store information.

Atomic and our third-party service providers, including our marketing partners and analytics providers, may also use cookies, web beacons, tags, scripts and similar technology (“Cookies”). Cookies are small data files that are placed on your computer or mobile device to, among other things, administer the website, track and analyze trends in your use of our websites, remember your preferences when you return to the website and gather information about our users as a whole. The information we store in the Cookies we place may include your email address in addition to other NPI. We may receive reports from third-party service providers based on their use of Cookies about our users on an individual or aggregated basis.

You are free to decline the Cookies we place if your browser permits but doing so may interfere with your use of our websites and the functionality thereof. The use of Cookies by our third-party service providers is not covered by this Website Privacy Policy. You are free to decline these Cookies if your browser permits. We do not have access or control over these Cookies.

9.How Do We Protect Your Personal Data?

To help protect your personal information from unauthorized access and use, we strive to use reasonable security measures. These measures can include physical, electronic, and procedural safeguards, such as computer safeguards and secured files and buildings, that comply with federal, state and local legal requirements. We also strive to limit access to personal information to only employees, and representatives that need to know. Atomic employees are trained in the proper handling of your information and are required to fully comply with our Privacy Policy. All of our service providers must implement appropriate measures to have a security program in place that complies with federal, state and local legal requirements as well as with our security procedures.

Despite our efforts, third parties may unlawfully intercept or access your personal information, transmissions to us, or may wrongly instruct you to disclose information to them. Always use caution and good judgment when providing sensitive information and data and when using internet and mobile technologies. Moreover, we are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorized.

10.Information from Children

Our websites are not directed to children under the age of 18. We do not knowingly collect information, including Personal Data, from children or other individuals who are not legally able to use our websites. If we obtain actual knowledge that we have collected Personal Data from a child under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. Contact us if you believe that we have mistakenly or unintentionally collected information from a child under the age of 18 and we promptly take steps to delete such information.

11.Third Party Sites

Our websites may be linked to or from third party websites. Atomic is not responsible for the content or privacy practices of websites that are linked to or that link from our websites.

12.Changes to this Policy

Atomic reserves the right to modify this Website Privacy Policy at any time to reflect changes to our business or applicable laws. If Atomic modifies this Website Privacy Policy, we will post the revised Website Privacy Policy to the website with an updated “effective date” in Section I above. If we make material changes in the way we use personal information, we will notify you by posting an announcement on our websites or by sending you an e-mail. It is your responsibility to periodically review this Website Privacy Policy as users are bound by any changes to the Website Privacy Policy by using the websites after such changes have been first posted. You can get an updated Website Privacy Policy by visiting our website at https://www.atomic.financial.

13.How to Contact Us

You may contact us if you have any general questions about our Website Privacy Policy, or any feedback pertaining to your privacy, by email at support@atomicfi.com, or clicking on the “Contact Us” link on the website.

GENERAL NOTE TO ALL CONSUMERS

Your NPI or Personally Identifiable Information (PII) is protected and safeguarded using various technological controls as described in Section 9 of this Privacy Policy. These sensitive details will not be shared, in accordance with the stipulations, as laid out in this Privacy Policy. In the unlikely event that your NPI/PII is compromised or there is a breach of our information systems which could affect you, you will be immediately notified provided that the notification does not interfere with a criminal investigation. You will be notified electronically via the email used on the Contact Us page on the websites.

Should you believe you have been the victim of Identity Theft/Fraud, Atomic will not object to you petitioning the court for a determination of factual innocence and will cooperate and provide relevant documentation and/or evidence from its systems as requested by the court or law enforcement authorities.

NEVADA CONSUMERS

If you prefer not to receive marketing calls, you may be placed on our internal opt-out list by calling us at 1-800-494-9407, or by writing or emailing us at the addresses below, or you may also contact the Nevada Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Ste 3900, Las Vegas, NV 89101; telephone 702-486-3132; email: BCPINFO@ag.state.nv.us

Email: support@atomicfi.com.

Mail: 2825 Cottonwood, Parkway, Suite 500, Salt Lake City, UT, 84121.

CALIFORNIA CONSUMERS

Purpose

This Privacy Policy for California Residents applies solely to the Personal Information (as defined below in Section 2) that we collect and use relating to consumers and users who reside in the State of California (“users,” “consumers” or “you”). This Privacy Policy is applicable to the businesses, websites and mobile applications operated by Atomic, including the Website from which you accessed this Privacy Policy (our websites and mobile applications are collectively referred to as “Websites”). It also applies to the related online services that we provide through our Websites (the “Services”). We provide this Privacy Policy to comply with California privacy laws, including the California Consumer Privacy Act of 2018 (CCPA).

Definition of Personal Information

For purposes of this Privacy Policy, except where a different definition is noted, “Personal Information” means information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device.

Personal Information does not include:
Publicly available information from government records.
De-identified or aggregated consumer information.
Other information excluded from the CCPA’s scope, such as:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

California “Shine the Light” Law / Your California Privacy Rights

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits consumers who are California residents, to request and obtain from us once a year, free of charge, information about the categories of personal information (as defined in the Shine the Light law), if any, that we disclosed in the preceding calendar year to third parties for those third parties’ direct marketing purposes. Our disclosure requirements apply only if we share our consumers’ personal information with third parties for them to directly market their own products to those consumers, instead of assisting us with our own business. If you are a California resident and would like to make such a request, contact us as provided in the “Contact Us” section below.

Collection and Use of Personal Information

We may have collected Personal Information in the following categories from consumers within the last twelve (12) months. The categories and examples provided in the chart below are those defined in the CCPA. This does not mean that all examples of that category of Personal Information were in fact collected but reflects our good faith belief to the best of our knowledge that some of that information may have been collected about consumers. We will update this disclosure from time to time as appropriate.

Category	Examples
A. Identifiers.	A name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
G. Geolocation data.	Physical location or movements.
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.
I. Professional or employment-related information.	Current or past job history or performance evaluations.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Sources of Personal Information

We obtain the categories of Personal Information listed above from the following categories of sources:

Directly from you. For example, during account registration from forms you complete, subscriptions you purchase or comments you provide on our Websites.

Indirectly from you. For example, from observing your actions on our Website. From third parties. For example, service providers who provide services or information to us. From publicly available sources. For example, online database searches.

Use and Disclosure (“Sale”) of Personal Information

We may disclose your PI for the following purposes, which are not a sale: (i) if you direct us to share PI; (ii) to comply with your requests under the CCPA; (iii) as part of a merger or asset sale; and (iv) as otherwise required or permitted by applicable law. Atomic has not sold (as that term is defined in the CCPA) Personal Information in the following categories from consumers within the last twelve (12) months.

Use of Personal Information for Business Purposes or Commercial Purposes

We may use or disclose Personal Information we collect for “business purposes” or “commercial purposes” (as defined under the CCPA), which may include the following examples. The examples provided are illustrative and not intended to be exhaustive.

Auditing Interactions with Consumers. For example: monitoring traffic to our Websites, counting ad impressions, and auditing legal and regulatory compliance.
For example, maintaining the safety, security, and integrity of our Website, products and Services, databases and other technology assets and our business, including preventing fraud, detecting security breaches and prosecuting violators, and responding to law enforcement requests and meeting requirements of applicable law, court order, or governmental regulations.
(e) Performing Services. For example, creating, maintaining, customizing and securing your account with us, processing your purchases, transactions, and payments, hosting our Websites, fulfilling subscription orders, managing databases, performing analyses, billing, and marketing services such as managing promotions and contests.
(f) Internal Research for Tech Development. For example, testing, research, analysis, and product development, including to develop and improve our Website, products, and Services.
(g) Quality and Safety Maintenance and Verification. For example, improving, upgrading or enhancing our products, Services or Websites, and verifying the quality or safety of our Websites or Services.

Your CCPA Privacy Rights and Choices

The CCPA provides California residents with specific rights regarding their Personal Information as described below.

Information Rights

You have the right to send us a request, no more than twice in a twelve-month period, for any of the following for the period that is twelve months prior to the request date:

The categories of PI we have collected about you.
The categories of sources from which we collected your PI.
The business or commercial purposes for our collecting or selling your PI.
The categories of third parties to whom we have shared your PI.
The specific pieces of PI we have collected about you.
A list of the categories of PI disclosed for a business purpose in the prior twelve months, or that no disclosure occurred.
A list of the categories of PI sold about you in the prior twelve months, or that no sale occurred. If we sold your PI, we will explain:
- The categories of your PI we have sold.
- The categories of third parties to which we sold PI, by categories of PI sold for each third party.

Right to Request Deletion of Personal Information

You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions, including if we need the Personal Information for a reason related to our business, such as:

providing goods or Services to you;
detecting and resolving issues related to security or functionality;
complying with legal obligations;
conducting research in the public interest;
exercising free speech or ensuring another’s exercise of free speech; or
using the information for internal purposes that a consumer might reasonably expect.

After we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records within the time period required by the CCPA, unless an exception applies.

Exercising Your Rights

To exercise the rights described above, please submit a verifiable consumer request to Atomic using the information in the Contact Us section below.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: providing your email and phone verification, known customer information, and/or account sign-up authentication or other information needed to verify your identity depending on the sensitivity of the Personal Information in question.

Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

We use good faith efforts to respond to a verifiable consumer request within forty-five (45) days after its receipt. If we need more time (up to 90 days), we will inform you of the reason and the needed extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by email used at registration.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. If we cannot comply with any portion of a request, the response we provide will also explain why, if applicable. For data portability requests, we will select a commercially reasonable format to provide your Personal Information that is commonly usable and should allow you to transmit the information from one entity to another entity without hindrance, but we do not guarantee that all formats are usable in all media. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination for the Exercise of CCPA Privacy Rights

We will not discriminate against you for exercising any of your CCPA rights. In particular, we will not:

Deny you goods or services
Charge you different prices for goods or services, whether through denying benefits or imposing penalties
Provide you with a different level or quality of goods or services
Threaten you with any of the above

Contact Us

Phone: 1-800-494-9407

Email: support@atomicfi.com