Privacy Policy

Orum – Privacy Policy

Updated:  February 7, 2023

1. Who We Are

Project Midas, Inc., d/b/a “Orum” (hereafter, “Company,” “we,” “us,” and/or “our”) is a company based in New York, U.S.A., that acts as a technology service provider for banks and non-bank financial institutions.

We welcome your questions, comments, and concerns about privacy. If you have any questions or comments about this Privacy Policy or our practices, or wish to make a request regarding your Personal Information, please contact us as follows: privacy@orum.io

2. What is Covered by this Privacy Policy?

This Privacy Policy describes how Orum uses and/or shares Personal Information. “Personal Information” means any information relating to an identified or identifiable individual that is protected as personal data or personally identifiable information under any applicable data protection laws.

This Privacy Policy applies to the our online and offline information gathering and dissemination practices in connection with this website (collectively, the “Site”) and also Personal Information we may receive through other means. We understand that you care about your own personal privacy interests, and we take that seriously. This Privacy Policy describes the Company’s policies and practices regarding its use of your personal data and sets forth your privacy rights.

In our capacity as a service provider to financial institutions, we process a variety of forms of data.  We do not use this data for any uses other than those for which it has been provided to us to perform, and we do not sell this data to any third parties.  Instead, the uses of this data are set out by the financial institutions that provide the data to us for processing.

3. Who is Covered by this Privacy Policy?

If you have arrived at this Privacy Policy by “clicking” on an authorized link directing you to a Site operated by the Company, then this Privacy Policy applies to you and such Site. This Privacy Policy does not apply to any website owned and/or operated by or on behalf of any third party, even if we provide a link to such website on our own Site.

When you use the Site, you consent to the use of your information in the manner specified in this Privacy Policy.

We do not knowingly attempt to solicit or receive information from minors or from persons residing outside of the U.S.A. Use of our Site is strictly limited to persons who are of legal age in the jurisdictions in which they reside. You must be at least eighteen (18) years of age to use our Site. If you are not at least 18 years of age, please do not use or provide any information through this Site. Please also review our Terms of Use governing the use of this Site.

4. Updates to Privacy Policy

We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies, so please check back from time to time for updates to the policy posted here. Updates become effective immediately upon posting unless otherwise stated. By your continued use of the Site, you consent to the terms of the most recently revised and posted policy.

5. Personal Information We Collect

The following is a description of: (i) the categories of Personal Information we may have collected in the preceding 12 months; (ii) the sources from which we may have collected it; and (iii) the business purposes for which we may have collected it. We do not knowingly solicit, collect, or receive information from or about minors under the age of 18 or from persons residing outside of the U.S.A., through the Site or otherwise.

6. Information You Provide Directly.

If you voluntarily choose to submit or otherwise disclose Personal Information to us, including through the Site, or by regular mail, telephone, fax, e-mail or other electronic means of communication, that information is governed by this Privacy Policy.

The Personal Information we may collect directly from you from these sources includes your:

  • First and last name
  • E-mail Address
  • Physical Address/Mailing Address
  • Home Phone Number
  • Cell Phone Number

If you contact or correspond with us by phone or email, we may keep a record of your contact information and correspondence, and we reserve the right to use your contact information, and any other information that you provide to us in your message, to respond thereto. If you wish to change or correct any information you have voluntarily submitted to us, please do so by contacting us at the email address listed in Section I.

7. Information From Third Parties Acting On Your Behalf.

The Company may receive and maintain Personal Information (e.g., name, address, email address, telephone number, date of birth, social security number, account information, financial information, attorney information, court records, etc.) contained in communications with someone other than you, such as your spouse, power of attorney, attorney, or other authorized representative, in connection with the servicing or management of your account.

8. Information Provided To Us By Others.

Orum acts as a Service Provider for various financial institutions, such as national banks and non-bank financial institutions (“Clients”). In its role as a Service Provider, the Company receives Personal Information regarding customers of the Company’s Clients. The Personal Information received by Orum may include:

  • customer information, including User ID, IP address, mobile device identifier, and type of browser;
  • customer account information, including account ID, account number, account type, balance history, transaction history, and transfer history;
  • user information, including IP address, mobile device identifier, date/time of login, and type of browser;
  • information regarding account transfers, including transfer balance, date/time of transfer, status of transfer, transfer ID, transfer method, direction of money movement, days funds were held, and NACHA code if transfer was returned;
  • information regarding recipient information, including external financial institution ID, type of account, routing number, transfer balance, date/time of transfer, status of transfer, transfer ID, transfer method, direction of money movement, and balance history;
  • KYC or fraud score, date/time that score was received, and name of institution providing the score;
  • customer service engagement, including date/time of customer service contact, means by which customer service was contacted, and customer satisfaction score; and
  • collections engagement, including date/time of customer service contact and means by which customer service was contacted.

9. Information Automatically Collected by Your Use of This Site.

You may use this Site without disclosing to us any personally identifiable information. We do not automatically collect any personally identifiable information from you (e.g., name, address, telephone number, email address, social security number, account numbers, or financial information) when you use the Site. The Site can only collect such information if it is affirmatively provided by you, such as through the “Contact Us” form.

Like most websites, however, the Site automatically collects certain non-personally identifiable information during a user’s visit. That information may include the internet protocol (IP) address of your device, the location where the device is accessing the internet, browser type and language, internet service provider, type of computer/operating system, date/time stamps, user interface interaction data (e.g., mouse clicks or navigation through the Site), and other information about the usage of the Site, including a history of pages viewed and or uniform resource locator (URL) information (showing where you came from or where you go to next). We use this information to improve the Site’s design, estimate user volume and usage patterns, speed up searches, and improve the user experience.  We may also use this information to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

More specifically:

(i) IP Address 

Each time a user visits the Site, we may automatically collect an internet protocol (IP) address and the web page from which the user was directed to the Site. In order to administer and optimize the Site and to diagnose and resolve potential issues or security threats to our Site or to the Company, we may use an IP address to help identify users and to gather broad demographic information about them.

(ii) Cookies, Pixel Tags, And Web Beacons

Cookies are small files that a site or its service provider transfers to a user’s device through the web browser (if you allow) that enables the site’s or service provider’s systems to recognize the browser and capture and remember certain information. We use cookies to optimize Site functionality and improve a user’s experience while navigating through the Site. Most or all browsers permit you to disable or reject cookies.  You can do this by adjusting your preferences in the browser.

Our Site may incorporate “pixel tags,” “web beacons,” or similar tracking technologies (collectively, “pixel tags”) that track the actions of Site users. Pixel tags are used to collect information, such as the internet service provider, IP address, the type of browser software and operating system being used, the date and time the Site is accessed, the website address, if any, from which a user linked directly to the Site and/or the website address, if any, to which the user travels from the Site and other similar traffic-related information.

We may aggregate information collected from Site visits by various users to help us improve the Site and the services that we provide through the Site.

(iii) Do Not Track

Our Site tracks when visitors enter through a marketing landing page. The Site also keeps a record of third-party websites accessed when a user is on our Site and clicks on a hyperlink. But we do not track users to subsequent sites and do not serve targeted advertising to them.

(iv) Analytics Information 

Web servers for the Site may gather anonymous navigational information about where visitors go on our Site and information about the technical efficiencies of our Site and services. Anonymous information does not directly or indirectly identify, and cannot reasonably be used to identify, a particular individual. Examples of anonymous information may include certain information about the internet browser, domain type, service provider and IP address information collected through tracking technologies and aggregated or de-identified data. We use anonymous analytics information to operate, maintain, and provide to you the features and functionality of the Site, improve our services, analyze trends and administer our web applications.

  • How We Use The Information We Collect or Receive
  • Information Received from the Company’s Clients

As a Service Provider, Orum receives Personal Information from its Clients as outlined in Section V.C., above. Orum does not retain, use, or disclose said Personal Information except:

  • For the specific purpose of performing the services specified in the contracts with each of its Clients;
  • To retain and/or employ another service provider as a subcontractor;
  • For internal use by the Company to build or improve the quality of its services;
  • To provide to Service Providers of the Company to build or improve the quality of the Company’s services;
  • To detect data security incidents and/or to protect against fraudulent or illegal activity;
  • To comply with federal, state, or local laws;
  • To comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities;
  • To cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith believes may violate federal, state, or local law; and/or
  • To exercise or defend legal claims.
  1. Who We Share Your Information With

(i) No Sale of Personal Information to Third Parties for their Own Use.

The term “Third Parties” does not include our affiliates, website hosting partners, and other Service Providers who assist us in operating our Site, conducting our business, or providing services to you, so long as those parties agree to keep this information confidential and not use or further disclose it for their own purposes.

We do not sell, trade, or otherwise transfer to Third Parties for their own use any of your Personal Information. We also do not disclose to Third Parties any personally identifiable information about your visits to our Site.

Accordingly, there have been no sales of Personal Information to Third Parties for their own use or further disclosure in the past twelve (12) months. Likewise, the Company does not knowingly collect and does not, and will not, sell Personal Information of minors under 16 years of age without affirmative authorization.

(ii) Sharing Personal Information with Service Providers That Help Us Perform Our Business Purposes.

We may share your non-public Personal Information to our Service Providers. Service Providers are persons and entities that we contract with to provide us a material service in connection with our business purposes, such as bank processing companies and technology companies. Service Providers assist us in maintaining, protecting, and enhancing our Site, our communication systems, and our services. In connection with providing these business services to us, one or more of our Service Providers may have access to your non-public Personal Information. This Personal Information will not be used for any purpose other than as reasonably necessary to perform a business purpose that we authorize, and it will not be further used by the Service Provider or disclosed to any Third Party. Any Service Providers agree to keep this information confidential and not use or further disclose it for their own purposes.

(iii) Sharing Information with Third Parties at Your Direction.

We may share your Personal Information with Third Parties to whom you or your agents authorize us in advance to intentionally disclose to or allow to use your Personal Information in connection with services that we provide.

(iv) Monitoring, Enforcement, and Legal Requests.

The Company may be required by law enforcement, federal or regulatory entities, or judicial authorities to provide your Personal Information, such as in response to an audit, investigation, or subpoena. The Company will only disclose information as legally required or necessary to demonstrate compliance with the law. The Company has no obligation to monitor the Site or the use of the Site or to retain the content of any user session. However, we reserve the right, at all times, to monitor, review, retain and/or disclose any information, including Personal Information, as may be necessary to satisfy any applicable law, regulation, legal process, or governmental request or to cooperate with law enforcement and other authorities.

We may also use IP addresses to identify a Site user when we feel it is necessary to protect the Site, our service, clients, potential clients or others.

(v) Sale of the Company or Assets.

In the event of a sale, assignment or transfer of our assets or of any portion of our business, we reserve the right to transfer any and all information that we collect to unaffiliated third-party purchasers in connection with that event.

(vi) Internal Use and Research.

The Company reserves the full and unrestricted right to use and disclose de-identified information; anonymized information; aggregated information; or publicly available information that has not been combined with non-public Personal Information for purposes including, but not limited to, the Company’s own internal use, data mining, and research.

Similarly, aggregated, de-identified and non-personally identifiable Site visitor information may be provided to other parties for marketing, advertising, or other uses.

(vii) Protection Of Your Personal Information

The Company is committed to protecting your privacy. Company takes reasonable security measures and seeks to implement the best practices and procedures in data collection, storage, processing and security, to protect personal information from loss, misuse, unauthorized access, disclosure, alteration or destruction. We maintain physical, electronic and procedural safeguards designed to protect against the unauthorized disclosure of Personal Information, and Personal Information is disposed of properly and securely utilizing industry standards. Our data security policies and practices are periodically reviewed and modified as necessary,

(viii) Other Sites/Third-Party Links

In an attempt to provide you with increased value, we may include third-party links on our Site. When you click on such links and visit such other websites, you need to be aware that we do not control such other websites or such other websites’ business practices, and that this Privacy Policy does not apply to such other websites. This Privacy Policy does not apply to any website owned and/or operated by or on behalf of any other entity, even if our Site posts a link to those other websites and you click through from our Site. We do not control the content or links that appear on these third-party sites, and are not responsible or liable for the practices employed by or activities of third-party websites linked to or from our Site. Those websites have separate and independent privacy policies. If you visit and/or disclose information through other sites, you are subject to the privacy policies, customer service policies, and practices of those websites. Browsing and interaction on any other website is subject to that website’s own terms and policies.

Changes to Our Privacy Policy

We reserve the right to change this Privacy Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our Privacy Policy will become effective upon posting of the revised policy on the Site. By continuing to use our Site and services following such changes, you will be deemed to have agreed to such changes.

Terms of Use

Please also visit our Terms of Use section establishing the use, disclaimers, and limitations of liability governing the use of our website. By using our Site, you consent to our Terms of Use.