Last Updated: March 15, 2016
Our commitment to your privacy
Attn: General Counsel
275 Grove Street, Suite 2-320
Newton, MA 02466
Choice and Consent
You may also decline to submit Personal Information through the Paydiant Mobile Commerce Platform, in which case Paydiant and our customer issuers of Paydiant mobile applications may not be able to provide certain services to you. You may update or correct your account information at any time by logging in to your account. Any questions, comments or complaints about access to or update of your Personal Information collected by our customers for whom Paydiant services through the Mobile Commerce Platform should be directed to that customer.
You can review and correct information about you that Paydiant collects through our Website by contacting us as described above.
Collection of Your Personal Information
We collect your information from you in the following ways:
Registration. When you register for or use a Paydiant account, we collect the following information:
- When you register: we collect your name, location, phone number, email address and other related information.
- When you register to make payments: we collect bank account and payment card numbers, and information about financial institutions where you conduct business.
- When you use our Mobile Commerce Platform: we record your account transactions, transaction location, and we may collect information about your computer or access device.
Additional information from or about you may also be collected in other ways, including responses to user surveys or your communications with our customer service team or the customer service team of the issuer of your Paydiant mobile wallet application. If you decide not to share certain information, you may not receive the full benefit of being a Paydiant user or have access to any or all of the features and functionality of the Paydiant Mobile Commerce Platform.
Site Usage. When you visit our Website, our servers automatically record information that your browser sends whenever you visit a website. This information may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to our site and information you search for on our site. We may also collect information about the fact that you use certain features and functionality of our Mobile Commerce Platform and your responses to our surveys and research initiatives.
Cookies. Like most websites, we use “cookies” and web log files to collect information to track site usage and trends, to improve our service, and to deliver a customized experience. A cookie is a small data file that resides in the memory of your computer, mobile phone or other device and enables us to recognize you when you return to our site or log into our service. We may use “persistent cookies” to save your registration ID and login password for future logins to the site. We may also use “session ID cookies”, which expire after a short period of time or when you close your browser. Session ID cookies are used to identify a particular visit and are used to enable certain features of the site or service, to better understand how you interact with the site and service, and to monitor aggregate usage and web traffic routing on the site. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Website, receive the full benefit of being a Mobile Commerce Platform user or have access to all of the features and functionality of the Mobile Commerce Platform.
Log Files, IP Addresses and Information About Your Computer and Mobile Device. When you visit our Website or use our Mobile Commerce Platform, the communications standards on the Internet result in our automatically receiving the URL of the site from which you came from and the site to which you are going when you leave our site or service. We also receive the IP address of your computer, your computer or mobile device operating system, the type of web browser you are using, and the name of your ISP or mobile carrier.
California Do Not Track Notice. Although Paydiant does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your web browser allows you to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked.
Review of Collection Practices . Paydiant regularly reviews applicable laws, rules and regulations to ensure that your Personal Information is collected by Paydiant (i) fairly, without intimidation or deception and (ii) lawfully. To the extent Paydiant collects Personal Information of a user from a third party, Paydiant ensures that such information was collected fairly and lawfully. Paydiant may collect Personal Information about you from its customers and partners and will inform you if it develops or acquires additional Personal Information about you for Paydiant’s use.
Use of Your Information
Paydiant Communications . Paydiant may use your Personal Information to communicate with you through email and text messages and notices posted at the Paydiant Website or your Paydiant account. If you decide at any time that you no longer wish to receive any such communications, please follow the “unsubscribe” instructions provided in any of the communications sent to you, or update your “account settings” information.
Improvements and Customization. We may also use the information provided by you or obtained through your use of our Website or Mobile Commerce Platform to improve our Website, Mobile Commerce Platform, products, services, features and content, to customize your user experience, and to better understand your needs and interests.
Location-Based Services. To provide location-based services via our Mobile Commerce Platform, Paydiant and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your mobile device. This location data is used by Paydiant and our partners and licensees to provide and improve location-based products and services.
Retention and Disposal of Your Information. We will retain your Personal Information for as long as your account is active or as needed to provide you services or as may otherwise be required by law or regulation. We will retain and use your Personal Information as we in good faith believe it necessary to (1) comply with the law or with legal process including court orders or subpoenas; (2) protect and defend our rights and property; (3) protect against misuse or unauthorized use of our Website or Mobile Commerce Platform; or (4) protect the personal safety or property of our users or the public. Personal Information is disposed of in a secure manner designed to prevent loss, theft, misuse or unauthorized access.
Requests to close your account on the Mobile Commerce Platform or requests to dispose of your Personal Information collected by our customers should be directed to that customer.
Requests to dispose of your Personal Information that Paydiant collects through our Website should be directed to the Paydiant contact information described above.
Sharing of Your Personal Information
General. We do not sell, rent or otherwise provide your Personal Information to third parties for marketing purposes. Further, we only share your Personal Information with third parties, including our customer issuer of the Paydiant mobile wallet application, to carry out your instructions or to provide the Mobile Commerce Platform and its related services. We may provide aggregated anonymous data about the usage of the Paydiant service to third parties for purposes that we deem, in our sole discretion, to be appropriate, including to prospective advertisers.
Payment Transactions. Processing payment transactions requires that we share your Personal Information and Cardholder Data with third parties, including but not limited to:
- Service providers who provide us a range of essential operational services including fraud prevention, transaction processing, collections, direct marketing, and managed technology services.
- Financial institutions that allow us to offer your payment processing services, and partner with us to develop new offerings for you and other Paydiant members.
- Retailers and merchants who may accept payments initiated by you using Paydiant’s Mobile Commerce Platform.
- Law enforcement authorities or government representatives who may require us to share information in order to comply with court order and other legal mandates, or when we believe that disclosure is necessary to report suspicious activities, prevent physical harm, financial loss, or violations of our agreements and policies.
- Other third parties, subject to your prior consent or direction. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and are bound by confidentiality agreements that limit the use of your Personal Information.
Service Providers, Business Partners and Others. We may employ third party companies and individuals to facilitate our Mobile Commerce Platform and its related services, to provide the Mobile Commerce Platform on our behalf, to perform related services (including but not limited to data storage, maintenance services, database management, and web analytics) or to assist us in analyzing how our Website and Mobile Commerce Platform are used. These third parties have access to your Personal Information only for purposes of performing these tasks on our behalf and are bound by confidentiality agreements that limit the use of your Personal Information.
Business Transfers. Paydiant may sell, transfer or otherwise share your information to a third party in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy of Paydiant and you agree that any such third party will have the right to continue to use your Personal Information and other information that you provide to us or which we obtain through your continued use of the Mobile Commerce Platform.
Accessing Your Information
Any notifications, whether such notifications are required by law or are for marketing or other business related purposes, will be provided to you via email notice, written or hard copy notice, or through conspicuous posting of such notice on our website, as determined by Paydiant in its sole discretion. We reserve the right to determine the form and means of providing notifications to you.
Security of Your Personal Information
Although Paydiant uses industry standard security measures, the Internet is not a 100% secure environment and Paydiant cannot, and does not, ensure or warrant the security of any information you transmit or store using the Paydiant Website or Mobile Commerce Platform. There is no guarantee that your information may not be accessed, disclosed, altered or destroyed by breach of any of Paydiant’s physical, technical or managerial safeguards and we are not responsible for third party circumvention of your privacy settings or Paydiant’s security measures. You are responsible for maintaining the secrecy of your unique password and account information and for controlling access to your account.
Policy with Respect to Children
Children are not eligible to use our Mobile Commerce Platform and children under the age of 13 should not submit any personal information to us or use the Mobile Commerce Platform. Also, our Website is not directed to children under 13 years of age.
As set forth above, Paydiant will take reasonable steps to ensure that Personal Information is accurate, complete, and current to its intended use. Paydiant will only use Personal Information in ways that are compatible with the purposes for which it was collected or subsequently authorized by you.
Monitoring and Enforcement
Third Party Links
PAYDIANT MOBILE COMMERCE PLATFORM
The following information discloses how Personal Information and personal financial information such as credit or debit card account numbers, expiration dates, and security codes (“Cardholder Data”) is submitted to our Mobile Commerce Platform and our privacy practices with respect to our collection, use and disclosure of such Personal Information and Cardholder Data.
Paydiant processes Personal Information and Cardholder Data submitted by a user of a Mobile Wallet only when the user chooses to provide such information. For example, a user may be required to provide his/her name, address, phone number and e-mail address and Cardholder Data in order to create an account, register for service, complete a transaction or use functionality of the Mobile Commerce Platform. Paydiant may use and process such Personal Information to, among other things, provide account registration, authentication, transaction processing and similar services in connection with the provision of the Mobile Commerce Platform.
A user that uses a credit or debit card, or any other method of payment for which we provide our customers transaction processing services, is required to provide certain Cardholder Data in order to process the transaction, including the customer's name and credit card number. During the course of providing transaction processing services via the Mobile Commerce Platform, we may disclose such Cardholder Data to banks, processors, credit and debit card organizations and associations, and other financial institutions, some of which may include our customers, that are involved in the course of effecting the transaction represented by the Cardholder Data. In addition, we may disclose some or all of the information we collect, to our affiliated companies or to non-affiliated third parties (subject to contractual confidentiality provisions to protect such information) such as a vendor or service company that we hire to provide support or services for our Mobile Commerce Platform. We will not disclose Cardholder Data to any third party, except to facilitate and complete transactions submitted to us, or otherwise in the course of providing services to our customers and their users, or to comply with federal, state and local laws or the rules and regulations of the respective card organizations or other payment entities (e.g. Visa, MasterCard, American Express, etc.).
Paydiant may contract with third-party service providers to perform certain functions of the Mobile Commerce Platform on behalf of our customers and their users or to enhance our existing product and service offerings, such as product and service support. These third parties may have access to a user’s Personal Information and/or Cardholder Data as necessary to permit them to perform their functions. They are bound by confidentiality agreements or similar contractual restrictions with respect to any information that is provided to them and they are prohibited from using the information for other purposes.
Paydiant has implemented various measures, including appropriate administrative, technical and physical safeguards, designed to ensure the security and confidentiality of Cardholder Data and Personal Information, protect against anticipated threats or hazards to the security or integrity of such information, and protect against unauthorized access to or use of such information, including a variety of industry standard physical and logical access controls, firewalls, intrusion detection/prevention systems, network and database monitoring, and backup systems. We use SSL encrypted sessions when processing or transferring Personal Information and Cardholder Data through the Mobile Commerce Platform. Paydiant continually reviews and enhances its security systems, as necessary. Paydiant is subject to the detailed rules and regulations of the various credit and debit card organizations and networks (i.e. VISA, MasterCard, American Express, etc.), relating to the security and safeguarding of Cardholder Data, including, but not limited to, the Payment Card Industry Data Security Standards ("PCI DSS"). Paydiant endeavors to comply with all such rules at all times. Pursuant to such rules and regulations, Paydiant is required to undergo periodic third-party assessments and periodic network scans to ensure that appropriate security measures are in place. Paydiant’s customers may also be required to comply with various rules and regulations of the various credit and debit card organizations and networks relating to the security and safeguarding Cardholder Data, including, but not limited to, PCI DSS and may be required to undergo periodic third-party data security assessments and periodic network scans to ensure that appropriate security measures are in place.
We limit access to users’ Personal Information and Cardholder Data to those persons who have a specific business purpose for maintaining and processing such information. Paydiant employees and contractors who have been granted physical access to a users’ Personal Information and/or Cardholder Data have been made aware of their responsibilities to protect the confidentiality, integrity, and availability of that information and have been provided training and instruction on how to do so.