FAQ & Information

THRON is natively designed to automatically manage unexpected peak loads. It has been natively designed on elastic cloud architectures. This means that the platform automatically manages to increase and reduce resources based on the load request. Imagine that news is spreading locally and that, therefore, a large number of users will begin to arrive at your site in search of a specific video or gallery. Or imagine an advertising campaign that unexpectedly goes viral. Thanks to THRON, you can forget about scalability problems and focus exclusively on the success of the campaign.

THRON has all the state-of-the-art features to allow your content to reach users in the best possible way. Integrated content distribution networks, adaptive bitrate streaming, ability to alter images in real time, lazy loading of assets and other optimizations will always guarantee optimal performance with the minimum impact possible on customers’ devices (we know how important it is to preserve your smartphone’s battery!). The “China Delivery” additional module ensures optimal performance within Chinese territory. Technical Documentation »

THRON’s platform is equipped with public APIs that are recorded and can be consulted directly from the Help portal. They are able to facilitateintegration with third-party systems both for digital assets (CMS and applications) and for Content Intelligence data integration (with CRM, PIM, DMP).
Developers Portal »

No. For large organizations with different locations and multiple users who need to access the Intelligent DAM’s content, THRON allows internet bandwidth to be saved using Multimedia Proxy. This additional module ensures that intranet users are able to benefit from all THRON services without blocking the network itself. Furthermore, you can optimize intranet bandwidth consumption during the use of live and on-demand multimedia content on your company’s network.

No. THRON uses the best global Content Delivery Networks and manages them automatically, China included. You therefore do not have to worry about managing CDN configurations, clearing the cache, etc.: THRON does all that.
Technical Documentation »

THRON has been designed for cloud architecture. It uses self-provisioning components that are able to dynamically adapt and scale in order to combat certain service interruptions and unexpected loads. Each infrastructure component is in excess or makes up part of a cluster with automatic "master promotion". This means that service continuity is always followed automatically. THRON’s Terms and Conditions define the SLA that we guarantee to our customers, proof of our commitment to operational continuity.
Technical Documentation ».

THRON manages two different kinds of data subjects: contacts (who access content) and platform users (who access the THRON control panel). The term “personally identifiable information” (PII) generally refers to the identifiability of information relating to a user, such as name, address, phone number and email address. THRON does not collect contacts’ PII unless users intentionally choose to divulge such information, providing it through customer interfaces or applications, for example, filling in forms or text boxes. Being Data controller, THRON’s customers must inform users and manage consent to collect PII to comply with General Data Protection Regulation.
THRON collects information which is not personally identifiable (“Non-PII”), to identify computers with which it has already had prior interaction. For example, by using Non-PII, THRON can identify a computer that has previously viewed content. Through the collection and use of Non-PII, we offer a range of services that allow our customers to show their users the most useful and relevant content on their websites, and to avoid showing the same content on too many occasions to the same people.
THRON collects user’s first names, surnames and email addresses used in the console in order to execute the THRON service delivery.

We may disclose a user’s Non-PII to a third party where we are legally obliged to do so and in order to investigate, prevent or take action against suspicious or prohibited activities (including, for illustrative purposes but not limited to, fraud and situations involving potential threats to any individual’s physical safety). Furthermore, if permitted by applicable law, we may also divulge and provide access to a user’s PII and Non-PII to our service providers and partners who work with us. However, such providers and partners are not authorized to use the information for purposes beyond the provision of services to THRON.

• THRON’s customers: THRON’s customers (who are the “owners of the data”) have access to data relating to contacts for the purposes indicated in the Privacy Policy. The “parties responsible for their processing” are authorized to access such data in order to carry out their duties.
• THRON authorized staff: THRON’s technical and qualified staff have access to Content Intelligence data, but only for software and platform maintenance.
• Public authorities: all data may be handed over to public authorities should it be required by law.
• Circulation: users’ personal information is not circulated. However, some details such as nicknames and/or profile images, and any other information published by users on their profiles, or through other service communication channels, will be accessible to other users. This occurs as soon as the user concerned decides to take part in the blog or access the community. Some personal information provided by the user may also be circulated during certain events, for example, online competitions or promotions.

THRON’s terms and conditions state (paragraph no. 20) that THRON is Data processor appointed by the Data Controller (THRON’s Customer). This means that data intellectual property and ownership is THRON Customer’s but data is being stored in THRON to allow data processing. You can check the extended privacy policy and opt-out from device tracking at: https://[yourdomain]-cdn.thron.com/shared/assets/privacy/extendedprivacy.html
Data are stored in Ireland, Europe.

As far as development standards are concerned, we follow the most up-to-date best practices to protect consumer data.
Some key aspects:

• Data in transit: the transmission of data is encrypted (HTTPS protocol).
• Archived data: archives and databases use encrypted archiving thanks to the Key Management System.
• THRON is a multi-tenant system, which means that all customer information is logically divided within the same physical infrastructure.
• Access to data is protected by “access control” and features full inspection capabilities.
• Our processes and technologies comply with Italian regulations regarding privacy and security.

THRON complies with European General Data Protection Regulation (GDPR). You can explore details about which data is collected, processing purposes, where data is stored and how data is protected from unauthorized access and loss in the extended privacy policy available on each THRON instance.
Extended privacy policy is available on url like: https://[yourdomain]-cdn.thron.com/shared/assets/privacy/extendedprivacy.html , such as: https://contarini5-cdn.thron.com/shared/assets/privacy/extendedprivacy.html

In order to ensure maximum levels of security and data integrity, as well as allowing the customer to retrieve any lost data, THRON is equipped with the following features:

• Encryption of information: sent files and related automatically performed processing are stored with Advanced Encryption Standard (AES) 256, with a 256-bit symmetric key.
• Encryption of transmission (active by default): each customer is able to activate transmission channel encryption using the HTTPS protocol and restrict the distribution of information through this encryption protocol.
• Data redundancy: the data is stored and copied to multiple data centers that are physically distinct and configured in high availability.

THRON never stores its customer’s password (indeed, you will never be able to retrieve your password, but can only replace it). The password database contains one-way dashes, so that THRON can be aware of whether or not you have performed a correct authentication. However, a potential hacker would never be able to retrieve your password, should data be stolen from our database. We would like to remind you that databases are based on an encrypted archive. All authentication requests use only HTTPS protocol.

In accordance with the law, THRON must report any attack or threat detected to the local authorities. For this reason, it is mandatory to request authorization before performing any kind of test (vulnerability scanning or attempts to exploit the system) in order to differentiate tests from genuine attacks. The results of the assessments must be shared with THRON. We do not allow vulnerability assessments or penetration tests to be performed in our production environment so as to protect our customers. However, you can contact infosec@thron.com to arrange for a penetration test in a dedicated environment that is identical to the official one. The dedicated environment has the same architecture, the same software versions and the same configuration as that of the product, and will be created specifically to carry out the assessment. THRON is a SaaS cloud native. Therefore, all environments are managed through automation, and can be dynamically supplied and removed.

THRON has been developed on the basis of OWASP best practices.

Yes. THRON has full industrial and intellectual property rights over the entire platform. Where services are performed by third parties / technological partners, THRON has acquired the relevant rights for commercial use.

you will to erase or download your data we suggest you to direct your request to the Data Controller, so that you can have a complete scope of the data. You can exercise your rights regarding THRON data removal or collection by writing an email to support@thron.com, please note that to performing any action regarding your data we will require proof of your identity. You can also stop monitoring of your information at any moment. Please read the privacy statement and, subsequently, the extended policy, inserting the data requested in this example link: https://[yourdomain]-cdn.thron.com/shared/assets/privacy/extendedprivacy.html