Privacy Policy

01Introduction

Redefining Brilliance FZ LLE, operating as Thor ("Thor", "we", "us", "our"), is committed to protecting the privacy and security of information processed through the Thor platform. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

This policy applies to all clients, users, and visitors interacting with the Thor platform at app.thoranalysis.com and thoranalysis.com.

02Information We Collect

2.1 Account Information

When a firm activates a Thor account, we collect:

• Firm name and contact information
• Administrator name and email address
• Analyst names and email addresses
• Billing and payment information

2.2 Deal Documents and Client Data

When users upload documents to Thor for analysis, we process:

• PDF, Word, Excel, and other document files uploaded by users
• Text, notes, and links submitted through the platform
• Extracted financial and operational data from uploaded documents

This data is used solely to provide Thor's analytical services and is not shared with any third party.

2.3 Usage Data

We collect anonymized, non-identifiable data about how the platform is used, including:

• Analysis completion rates and engine performance metrics
• Feature usage patterns
• System performance and error logs

This data contains no company names, deal names, personal information, or exact financial figures. It is used exclusively to improve platform performance and reliability.

2.4 Technical Data

Standard technical information collected when you access the platform:

• IP address (for security and fraud prevention)
• Browser type and version
• Access timestamps
• Session tokens

03How We Use Your Information

We use collected information to:

• Provide and operate the Thor platform
• Process and analyze documents you upload
• Generate analytical outputs and IC packages
• Manage your account and billing
• Provide customer support
• Improve platform performance through anonymized analytics
• Comply with legal obligations
• Protect the security and integrity of the platform

We do not use your information for advertising, marketing to third parties, or any purpose not described in this policy.

04Data Storage and Security

4.1 Storage Location

All Client Data is stored on Microsoft Azure infrastructure. Data is hosted within enterprise-grade Azure data centers with industry-leading physical and logical security controls.

4.2 Encryption

All data is encrypted in transit using TLS 1.3 and encrypted at rest using AES-256 encryption. This applies to all Client Data, including uploaded documents, extracted facts, analytical outputs, and user information.

4.3 Access Controls

Access to Client Data is strictly controlled:

• Firm-level isolation ensures no firm can access another firm's data
• Role-based access controls limit data access within firms
• Thor staff access to Client Data is restricted and logged
• All access is governed by the principle of least privilege

4.4 AI Processing

Thor uses large language models to process and analyze Client Data. These models are accessed through enterprise API agreements that prohibit the use of Client Data for model training. Your deal documents are never used to train AI models by Thor or its AI providers.

05Data Sharing

We do not sell, rent, or share your personal information or Client Data with third parties except:

• Service providers: Microsoft Azure for infrastructure hosting and OpenAI/Azure OpenAI for AI processing, both under enterprise data processing agreements
• Legal requirements: When required by applicable UAE law, court order, or regulatory authority
• Business transfers: In connection with a merger, acquisition, or sale of Thor, subject to the acquirer maintaining equivalent privacy protections

We do not share Client Data with other Thor clients under any circumstances.

06Data Retention

• Active accounts: Client Data is retained for the duration of the subscription
• Post-termination: Client Data is retained for 30 days following account termination, then permanently deleted upon written request
• Anonymized analytics: Retained indefinitely as they contain no identifiable information
• Billing records: Retained for 7 years as required by UAE commercial law

07Your Rights

As a Thor client, you have the right to:

• Access: Request a copy of your account information and Client Data
• Correction: Request correction of inaccurate account information
• Deletion: Request deletion of your Client Data upon termination
• Portability: Request your Client Data in a machine-readable format
• Objection: Object to specific processing activities

To exercise these rights, contact us at privacy@thoranalysis.com.

08Cookies

The Thor platform uses essential cookies for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. You cannot opt out of essential cookies as they are required for the platform to function.

09Children's Privacy

The Thor platform is designed for professional use by investment firms and their employees. We do not knowingly collect information from individuals under 18 years of age.

10Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active clients of material changes by email at least 30 days before the changes take effect. Continued use of the platform after the notice period constitutes acceptance of the updated policy.

11Contact

For privacy-related questions or to exercise your rights: