Privacy Policy

Last Updated: April 6, 2026

At Foundry, we value your privacy and strive to protect your personal data. Foundry Digital LLC and its subsidiaries (collectively, “Foundry”, “we”, “our”, and “us”) will only collect and use data in accordance with this Privacy Policy (“Policy”). By accessing and using our services, you signify acceptance to the terms of this Privacy Policy.

We may update this Policy from time to time to reflect changes in our technologies, business practices, legal requirements, or other factors. When we make material changes to our Policy, we will provide notice as required by applicable law, including the California Privacy Rights Act (“CPRA”) and the General Data Protection Regulation (“GDPR”), we will obtain your consent or provide you with the opportunity to exercise applicable rights before such changes take effect. Such notice may be provided by updating the “Last Updated” date at the top of this Policy, posting a notice on our website, or providing additional notice through our services or by other appropriate means. You can determine when this Policy was last revised by referring to the “Last Updated” legend at the top of this page. Any changes to this Privacy Policy will become effective upon our posting of the revised Privacy Policy on our website. Any dispute over our Policy is subject to this notice. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect personal information.

This Privacy Policy explains:

  • What data we collect.
  • How we collect, process, use and share your personal data.
  • The important security measures we maintain to secure your personal data.
  • What rights you have with respect to your personal data we collect.
  • Why and how we retain your personal data.

What data we collect.

To provide you with our products and services, or communicate with you, we may need to collect, process and in some cases, share personal data.

We may collect the following types of personal data. Note, this is not an exhaustive list.

  • Institutional information such as employer identification number (or comparable number issued by a government), proof of legal formation (e.g., Articles of Incorporation), personal identification information for all material beneficial owners.
  • Financial information such as your source of funds, wallet details.
  • Personal identification information such as your full name, date of birth, nationality, cellphone or mobile number, email address, place of residence, and/or national identification number or social security number.
  • Location data to ensure our services are used in permitted locations. We collect limited location information associated with cryptocurrency mining machines. This includes location indicators provided by the machines themselves and geofencing controls. We use this information only to confirm compliance with legal, regulatory, and contractual requirements.
  • National identity documentation such as information related to your national identity document, drivers’ license or passport (including any relevant visa information) and/or any other information deemed necessary to comply with our legal obligations under financial or anti-money laundering laws.
  • IP address, visitor identity, browser type, domain, session number, unique ID, operating system, advertisement performance metrics, referring URLs, pages viewed, and dates/time of your visits. This data helps us improve our website performance and user experience.
  • Additional information or documentation at the discretion of our Compliance team may be required for compliance with law, regulations, or internal policies.

How we collect, process, use, and share your data.

Data is collected in various ways, including:

  • When you provide it to us (e.g., when you sign up for or use our products and services or take part in customer surveys).
  • With your consent, when you visit or browse our website, through cookies and web beacons. You can update your cookie consent preferences through the cookie banner located on our website at any time.
  • When you communicate with us by email, chat, telephone, or any other means, we collect the communication and any personal data provided in it.
  • When we obtain information from third parties including but not limited to identity verification services, Google Analytics and Datadog. Note: some of these services may use cookies.

We will only collect, use, share or otherwise process your personal data where it is necessary for us to carry out our lawful business activities and subject to data protection laws. In doing so, we rely on one or more of the following lawful grounds for processing your personal data:

  • Commercial obligation: We may process your personal data where it is necessary in order for us to provide our products and services to you or to otherwise comply with our obligations under Foundry’s Terms of Use.
  • Consent: In some cases, we will only process your personal data where you provide us with your express consent for such processing.
  • Legal obligation: In some cases, we may need to process your personal data in order to comply with an obligation imposed by law.
  • Legitimate interest: In some cases, we may need to process your personal data where it is in our legitimate legal interests to do so.

Foundry may use your personal data for one or more of the following purposes:

  • Verify your identity.
  • Perform sanctions screening.
  • Detect and prevent fraudulent or unauthorized use of our products and services.
  • Better manage our business and your relationship with us.
  • Improve products and services.
  • Market products or services to you.
  • Respond to your inquiries and resolve disputes.

We may share your personal data with:

  • Trusted third-party identity verification services in order to prevent fraud. This allows Foundry to confirm your identity by comparing the information you provide us to public records and other third-party databases.
  • Trusted third-party service providers under contract who help with parts of our business operations such as professional advisers, consultants, technology services, and other similar services. Our contracts require these service providers to only use your information in connection with the services they perform for us and prohibit them from selling your information to anyone else.
  • Companies or other entities that we plan to merge, combine or consolidate with or be acquired by (whether in whole or in part). Should a merger, combination, or consolidation occur, we will require that the new combined and/or surviving entity (as the case may be) follow this Privacy Policy substantially with respect to your personal data.
  • Affiliates who require this information to provide the services you request. An affiliate is an entity that we own or control, or that is under common control with us.
  • Regulatory agencies, law enforcement, or other government authorities, including during routine regulatory examinations.

Data storage and international transfers.

Foundry is a global organization and, while providing our products and services to you in conjunction with our sub processors, your personal data may be transferred to, stored and processed outside of the jurisdiction in which you reside, and the laws of those countries may differ from the laws applicable in your own country. For example, data collected in the European Economic Area (EEA) may be transferred to, stored and processed at a destination(s) outside of the EEA (including the United States of America). When we do, we ensure that an adequate level of protection is provided for personal information by utilizing appropriate safeguards and terms in accordance with applicable law. By accepting this Privacy Policy, and then submitting your personal data, you expressly consent to the transfer, storing or processing of such personal data outside of your jurisdiction and subject to the laws of the applicable jurisdiction.

Electronic marketing.

Where you have opted-in to receive marketing communications and news, we may share information about our products, services, news and promotions with you. If you have opted-in to receive marketing communications, you may always opt out at a later stage by clicking on the “Unsubscribe” option included in every marketing communication sent to you. Please note that unsubscribing from marketing content will not stop you from receiving important communications from Foundry in relation to the security or operation.

Sale of personal information.

We do not sell, rent, or purchase personal information. We do not disclose personal information to third parties for monetary or other valuable consideration.

Children’s Privacy.

Our services are not directed to children, and we do not knowingly collect, use, or disclose personal information from children.

  • In the United States, we do not knowingly collect personal information from children under the age of 13, in compliance with the Children’s Online Privacy Protection Act (“COPPA”).
  • In the European Economic Area (“EEA”), the United Kingdom, and other jurisdictions where applicable, we do not knowingly collect personal information from individuals under the age of 16 (or the applicable age of digital consent).

If we become aware that we have inadvertently collected personal information from a child below the applicable age, we will take appropriate steps to delete such information as soon as practicable.

If you are a parent or legal guardian and believe that a child has provided us with personal information without your consent, please contact us so that we can take appropriate action.

How we protect your personal data.

We place great importance on ensuring the security of your personal data. We are SOC 1 type 2 and SOC 2 type 2 certified, which requires us to regularly review and implement appropriate and reasonable technical and organizational security safeguards to keep your personal data safe. Our employees are trained to handle personal data securely and with the utmost respect, failing to do so may be subject to disciplinary action. Although we take steps to secure your personal data, we cannot guarantee that your personal data will always remain secure and, in the event of a data breach, we will notify you and, where applicable, the relevant supervisory authority, of any data breach in accordance with local law. Importantly, you are responsible for securing the login credentials and otherwise complying with the Account Security section of our Terms of Use.

If at any time you choose to purchase a product or service offered by another company, any personal data you share with that company will be subject to the privacy policies of the applicable third-party companies and will not be controlled by our Privacy Policy. We are not responsible for the privacy policies or the content of third-party sites and/or services (each, a “Third-Party Service”) we link to and have no control of the use or protection of information provided by you or collected by those Third-Party Services.

We have security standards and procedures in place designed to prevent unauthorized access to your personal data. A key part of this process helps ensure that the personal data we have about you is accurate and up to date. You are responsible for helping us to maintain the accuracy and completeness of your personal data. If you would like to review your personal data or if you believe that any of your information is incorrect, or if you have any questions regarding your information, or this Policy, please contact us at [email protected].

What rights you have with respect to your personal data we collect.

  • You may submit a request that we disclose the following:
  • What information did we collect?
  • Why did we collect that information?
  • What types of information is requested?
  • With whom did we share the information?
  • How long did we share it?

 

How long we retain your personal data.

We will retain your personal data, in compliance with our internal data retention policy for the duration of your relationship with us, and afterwards for such a period as may be necessary for our legitimate business purposes (including compliance with our legal obligations, preventing fraud, resolving disputes and enforcing agreements), to protect the interests of us and our customers, and as required by applicable law. We may retain and use information in anonymized and aggregated form for purposes such as analytics, research, product improvement, and operational analysis. Anonymized and aggregated information does not identify you and cannot reasonably be used to identify you. Once personal information has been anonymized or aggregated in this manner, it is no longer subject to our data retention timeframes applicable to personal information, and we may retain and use such information for as long as necessary for the purposes described above, subject to applicable law. We maintain reasonable technical and organizational measures designed to ensure that anonymized and aggregated information cannot be re-identified.

Privacy rights for California residents.

California law permits residents of California to request certain details about how their personal information is shared with third parties or affiliated companies for direct marketing purposes. California consumers have the right to know what personal information is being collected. As a California resident, you may also submit a request that we:

  • Delete your personal information, provided that the information is not required to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation; and
  • Honor your request to opt out of the sale of your personal information. Under no circumstances do we sell your personal data without your consent.

If you wish to exercise any of the rights set out above, please contact [email protected].

Privacy rights for EU / EEA residents.

If you are located in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, you have certain rights under applicable data protection laws, including the General Data Protection Regulation (“GDPR”), with respect to your personal information.
Subject to applicable law, these rights include:

  • The right to access your personal information and obtain a copy of the personal information we hold about you
  • The right to rectification of inaccurate or incomplete personal information
  • The right to erasure (the “right to be forgotten”) in certain circumstances
  • The right to restrict processing of your personal information in certain circumstances
  • The right to data portability, allowing you to receive your personal information in a structured, commonly used, and machine-readable format
  • The right to object to our processing of your personal information, including processing based on legitimate interests or for direct marketing purposes
  • The right to withdraw consent at any time, where processing is based on your consent (without affecting the lawfulness of processing prior to withdrawal)

To exercise any of these rights, please contact us in the manner provided below. We may need to verify your identity before responding to your request.
You also have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where an alleged infringement of data protection law has occurred.

Contact Us

If you have any questions our Privacy Policy does not address, or wish to exercise your privacy rights under applicable law, please contact us at: [email protected].
We will respond to your request in accordance with applicable privacy laws, including the GDPR and the California Privacy Rights Act (CPRA).