Privacy – Safepaycorp.net

Last Modified: June 19, 2020

This Privacy Policy (“Policy”) discloses the privacy practices for www.SafePaycorp.net and www.SafePaycorp.net (including all sub-domains, the “Sites”), which are owned and operated by SafePay, Inc. (“SafePay,” “our,” “we” or “us”) as well as the use of any mobile device application created by SafePay (each, the “Mobile App”) and our web-based payment application and API (collectively, the “Web App”). The Sites, Mobile App, and Web App may be referred to as our “Services.” The online stores, payment pages, and customer portals hosted on safepaycorp.net on behalf of SafePay merchants, and the payments iFrame integrated into third party payment pages may be collectively referred to as our “Direct Payment Services.”

This Privacy Policy is intended to help you better understand how we collect, use and store your Personal Information—whether you are a merchant utilizing our Services, a customer of merchant utilizing our Services and/or Direct Payment Services, a user of any free SafePay Services, or a visitor to the Sites.

By using any of SafePay’s Services or by dealing with a merchant using SafePay’s Services or Direct Payment Services, you warrant and represent that you accept the data practices and terms detailed in this Privacy Policy and, as applicable, our Terms of Service and Buyer Terms. If you do not agree with this Policy, please discontinue your access or use of the Sites, Services, and/or Direct Payment Services immediately.

Please note that this Privacy Policy does not address the privacy practices of third parties, including those who incorporate our Services or Direct Payment Services into their own websites and including those with whom we may share information as set forth below. Please review the privacy policies of any third parties before you disclose information to them. Through your use of any of our Sites, Services, or Direct Payment Services, you consent to the practices described in this Privacy Policy.

Changes to this Privacy Policy

We may revise this Privacy Policy from time to time and without prior notice to you. Changes may apply to any Personal Information we already hold about you and any new Personal Information collected after the Policy is modified. If we make changes, we will notify you by revising the “Last Modified” date at the top of this Policy, which will always be at Safepaycorp.net. By continuing to access or use the Services after those changes become effective, you agree to be bound by the revised Privacy Policy.

In addition, we may provide you with “just-in-time” disclosures or additional information about the data handling practices of specific parts of our Sites, Services or Direct Payment Services. Such notices may supplement this Policy or provide you with additional choices about how we process your Personal Information.

Our Relationship to You

To understand SafePay’s data protection obligations and your rights to your Personal Information under this Policy, it is important that you identify which relationship(s) you have with SafePay.

“Merchants” refers to the registered users of the SafePay Services or Direct Payment Services, including Merchants with both paid and free or trial accounts, on whose behalf SafePay processes payments and collects certain Personal Information from individuals using a Merchant’s products or services. (Authorized users of a Merchant’s SafePay paid, free, and/or demo account are collectively and individually referred to as “Merchants.”)
“End Customers” refers to individuals doing business with a Merchant utilizing SafePay Services and/or Direct Payment Services. If you are an End Customer, SafePay will collect your Personal Information solely on behalf of a Merchant. Your agreement with the relevant Merchant should explain how the Merchant shares your Personal Information with SafePay and other third parties, and if you have questions about this sharing, then you should direct those questions to the Merchant.
“Visitors” refers to any individual accessing the Sites, as well as to any individual submitting Personal Information via the Sites for any reason, including but not limited to submitting a “contact us” or other online inquiry form, subscribing to a newsletter or blog, registering for a demo or webinar, or completing an online survey.

Hereinafter we may refer to Merchants, End Customers, and Visitors individually and collectively as “you.”

Collection and Use of Personal Information

For purposes of this policy, “Personal Information” refers to any information about an identified or identifiable individual, including financial account information, Protected Health Information (PHI/ePHI), and any device information that may be linked with an identifiable individual. Any information that is anonymized or aggregated is no longer Personal Information and we may use it and share it for any reason, including using anonymized PHI/ePHI as authorized by HIPAA.

We collect Personal Information from and about Visitors to our Sites, we collect Personal Information from and about Merchants through our Sites and Services, and we collect Personal Information from and about End Customers and other individuals who make purchases from Merchants that use our Services and Direct Payment Services for payment processing and customer management.

Parts of our Sites are public, such as our blog, and any information that is disclosed on such public parts of our Sites may appear on search engines or other publicly available platforms, and may be “crawled,” searched and used by other Visitors, Merchants, End Customers, or other third parties. Please do not post any information that you do not want to reveal publicly.

In all cases where we share Personal Information with third parties, we will use a “minimum necessary” standard to disclose only that information required for satisfying the purpose of or performing the service for which the information is disclosed.

We generally collect and use information as follows:

Information from Visitors to the Sites

Information we collect and when we collect it:

Information You Provide to Us: We collect the Personal Information you provide to us when you submit a “contact us” or other online inquiry form, when you comment to a blog, or when you email, call, write, fax or otherwise initiate contact with SafePay. We record your contact information (name, address, phone number, and email address, and any other information you provide) in our CRM (Customer Relationship Management) system. In some cases you are referred to an online inquiry form via a link on a third party referral website.
Performance and Log Data: When you visit the Sites our servers (which may be hosted by a third party service provider) automatically record information created by your use of our Sites, which may include information such as, but not limited to, your IP address, browser type, operating system, command line information, diagnostic information related to the Services (i.e., crash activity reports), the referring web page, pages visited, location, your mobile carrier, device and application IDs, and search terms. Please read the “Automated Data Collection Technologies” section of this Policy for more information.

Cookies and Similar Tracking Technologies: We use technologies like cookies, web beacons, pixel tags and other similar tracking technologies to gather information about how you are interacting with the Services, which may include identifying your IP address, browser type, and referring page. Please read the “Cookies and Similar Tracking Technologies” section of this Policy for more information.

How we use the information we collect:

To Provide Customer Service: When you contact us with information requests, newsletter subscriptions, questions, concerns, disputes, feedback, or any for other reason, we use your Personal Information to respond to you.
To Engage in Marketing and Promotional Activities: We want to keep you updated about our products and services and we may use your Personal Information to send you promotional products and information about SafePay, the Services, and, as permitted by applicable law, on behalf of our partner companies, subsidiaries and affiliates. We may engage with you through marketing and promotional activities, including: sending you marketing communications; online surveys; alerting you about events, webinars, or other materials, including those of our partners, subsidiaries, and affiliates; and updating you about our relevant products and Services. You can opt-out of our marketing activities at any time.
YOU CONSENT TO RECEIVE AUTODIALED CALLS FROM OR ON BEHALF OF SafePay AT ANY NUMBER PROVIDED TO SafePay, WHETHER SUCH NUMBER IS DIRECTED AT A RESIDENCE, A BUSINESS, A WIRELESS TELEPHONE, OR OTHERWISE. YOU UNDERSTAND THAT THIS CONSENT IS NOT A CONDITION OF PURCHASING THE PRODUCTS AND SERVICES OFFERED BY SafePay.

For Research and Development: We typically use information collected via Automated Data Collection Technologies for functional purposes, to improve the performance and usability of our Sites, and to analyze how users interact with the Services, as described in “Automated Data Collection Technologies” (below). We may also create anonymous records from Personal Information for certain business purposes of SafePay or its subsidiaries or affiliates, including but not limited to, reporting, directing future development efforts, and analyzing usage patterns so that we may enhance our Sites and Services.

How we share the information we collect:

Please read the “How We Share Information with Third Parties” section of this privacy policy for detailed information on how we share your Personal Information. We may share anonymized information with any third party for any reason.

Generally, we share a Visitor’s Personal Information as follows:

Consent: When we have your consent to do so, we share your Personal Information as you have agreed.

Referral Partners: When you complete an online inquiry form to which you were referred by a third party, any information collected on the SafePay hosted online inquiry form may be shared with the referring party, and that referring party may use it for their own, non-SafePay related, marketing communication programs.

Service Providers: We share your Personal Information with our trusted service providers who provide certain services on our behalf. Our contracts dictate that these service providers only use your information in connection with the Services they perform for us and in accordance with this Privacy Policy.
Business Transfers: If we are involved in a merger or acquisition or some or all of our assets are acquired by another company, any Personal Information we possess may be a part of the assets transferred, and that company will possess any rights granted to us under this Privacy Policy. We will require that your Personal Information is protected in accordance with this Policy.

Compliance, Safety, and Protection: Personal information we collect may be shared with law enforcement, public authorities, or other third parties for purposes of: compliance with the law.

From Merchants Utilizing the Services

Information we collect and when we collect it:

Account Information: We collect certain information from you when you register for an account with us, including registering for a free or demo account, such as your name, business name, phone number, e-mail address and business industry. To obtain a SafePay paid account, we collect additional Personal Information, including but not limited to, your social security number (we may use the last 4 digits provided to obtain and store the full social security number), driver’s license state and number, Employer Identification Number (Tax ID), and billing information. We also collect information about your business (such as payment types accepted, products and services offered, business hours, staff names and contact information, etc.) as part of the account configuration process that enables you to use the Services.
Financial Information: When you obtain a SafePay paid account we collect information about your or your business’ payment methods, such as credit or debit card numbers, bank account numbers, merchant account identifiers, and billing address.

Third Party Public Databases, Credit Bureaus & ID Verification Partners: When you sign up to use our paid Services, we may obtain information about you from public databases, credit bureaus, and ID verification partners as part of determining eligibility for a SafePay account and underwriting for merchant processing accounts with third parties. We may obtain information about your current and past name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data.

Transaction Information: We collect information when you engage in transactions via our Services, such as when you process payments and refunds, configure recurring payment schedules, send and configure invoices, schedule appointments, and other transaction-related information.

User Information: When user accounts are created that enable individual employees to utilize the Services as Merchants we collect Personal Information for that user including name, phone number, email address, position, User ID and other required account security information.
Customer Information: We collect information about your customers when you enter it into our systems as part of using the Services for processing payments, configuring recurring payment schedules, processing orders, securely vaulting credit card and bank account numbers for future payments, sending invoices to your customers, booking appointments, and other uses and activities relating to our provision of and your use of the Services. We also collect Personal Information directly from your End Customers when they enter it into our systems as part of using the Direct Payment Services associated with your account.
In cases where Merchants enter a consumer’s Personal Information into our systems, they certify that they have received any required authorization to do so from the consumer, and that the disclosure does not violate the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (“HIPAA”), the Personal Information Protection and Electronic Documents Act (PIPEDA), the EU General Data Protection Regulation (GDPR), or any other law or regulation.
Device Information: When you download and use a Mobile App we may collect certain information automatically, such as the type of mobile device you use, your unique device ID, the IP address of your mobile device, your mobile phone number, your mobile operating system, the type of mobile internet browsers you use, and information about the way you use the Mobile App.

Geolocation Data: If you provide us with permission while accessing the Services via a web browser or downloading and installing a Mobile App we may also collect precise information about the location of your computer or device.

Information You Provide to Us: We collect information that you provide to us, such as when you create an account, submit a support ticket, engage in an online Chat, email or call our sales or service team, when you comment to a blog, or when you email, call, write, fax or otherwise initiate contact with SafePay regarding our Sites and/or Services. We record your contact information (name, address, phone number, email address, account name and number, User ID, and any other information you provide) in our CRM (Customer Relationship Management) and support ticketing system.
Performance and Log Data: When you visit the Sites and/or utilize the Services our servers (which may be hosted by a third party service provider) automatically record information created by your use of our Sites and Services, which may include information such as, but not limited to, your IP address, browser type, operating system, command line information, diagnostic information related to the Services (i.e., crash activity reports), the referring web page, pages visited, location, your mobile carrier, device and application IDs, and search terms. Please read the “Automated Data Collection Technologies” section of this Policy for more information.

Cookies and Similar Tracking Technologies: We use technologies like cookies, web beacons, pixel tags and other similar tracking technologies to gather information about how you are interacting with the Services, which may include identifying your IP address, browser type, and referring page. Please read the “Cookies and Similar Tracking Technologies” section of this Policy for more information.

How we use the information we collect:

Generally, we collect and use information from you to provide, protect, and improve our Services, and to provide you with a personalized experience when using our Services. Some specific examples of how we may use your Personal Information include:

To Provide You with the Services: We process your Personal Information when you sign up for and use our Services. For example, we use your Personal Information to facilitate payments through the SafePay system and collect fees, to configure user accounts, to provide requested location services, to configure your account for sending invoices to your customers, to configure your appointment booking service, and other system related functions. Additionally, we use Personal Information about your customers, whether entered by you or directly by an End Customer via our Direct Payment Services, for sending invoices, processing orders, collecting payments, configuring and executing recurring payment schedules, reporting, and other system functions. We share this Personal Information with our service providers and partners to the extent necessary to provide you with the Services.
To Qualify and Underwrite You for Paid Services: When you register for a paid account, we use your Personal Information to verify your identity, perform a credit check (if we obtain any necessary consents), ensure that you are not on any sanctions lists maintained by public authorities, and to otherwise qualify you to use SafePay’s paid services. We may share this information with our service providers as part of the process of underwriting you for a payment processing merchant account.
For Payment Processing: For paid Merchant account holders, we use billing and financial information (bank account numbers/credit card numbers) to facilitate the payments you process via the Services, and to collect monthly subscription and usage fees as applicable. We use vaulted credit card and bank account numbers to process authorized one-time transactions and to automatically process payments as part of recurring payment schedules and plans.
To Enforce Our Terms, Agreements and Policies: We process your Personal Information to actively monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities on our Services or violations of our terms and agreements with you. In addition, we may process your Personal Information to enforce our agreements with third parties and partners, and/or collect fees based on your use of our Services.

To Maintain Legal/Regulatory Compliance and to Prevent Fraud: We process your Personal Information, and your customers’ Personal Information, whether entered by you or directly by an End Customer via our Direct Payment Services, to comply with certain legal obligations, such as the PCI-DSS, tax law, or as otherwise necessary to fulfill our other business obligations; identify, prevent, and mitigate fraud on our Services; and/or to manage risk as required under applicable law.
To Provide You with Service-related Communications: We will contact you to keep you updated about your account and the Services, such as to provide account-specific technical support, to send notifications of orders, transactions, and other system activity, to email you any reports to which you subscribe, to notify you of changes to the Services and our policies, to provide security updates, or to provide other service-related information to you.
For Security Purposes: We process your Personal Information to enhance the security of our Services and to combat spam, malware or other security risks. Our processing includes monitoring your activities on our Services and verifying your identity and access to the Services.
To Provide Customer Service: When you contact us with information requests, newsletter subscriptions, questions, concerns, disputes, feedback, or any for other reason, we use your Personal Information to respond to you.
To Engage in Marketing and Promotional Activities: We want to keep you updated about our products and services and we may use your Personal Information to send you promotional products and information about SafePay, the Services, and, as permitted by applicable law, on behalf of our partner companies, subsidiaries and affiliates. We may engage with you through marketing and promotional activities, including: sending you marketing communications; online surveys; alerting you about events, webinars, or other materials, including those of our partners, subsidiaries, and affiliates; and updating you about our relevant products and Services. You can opt-out of our marketing activities at any time.

For Research and Development: To offer you new, customized, or improved features on our Services, we process your Personal Information for research and development purposes. Your Personal Information helps us better understand how Merchants and End Customers use and interact with our Services. Additionally, we typically use information collected via Automated Data Collection Technologies for functional purposes, to improve the performance and usability of our Sites and Services as described in “Automated Data Collection Technologies” (below). We may also create anonymous records from Personal Information for certain business purposes of SafePay or its subsidiaries or affiliates, including but not limited to, reporting, directing future development efforts, and analyzing usage patterns so that we may enhance our Sites and Services.

How we share the information we collect

Generally, we share a Merchant’s Personal Information as follows:

Consent: When we have your consent to do so, we share your Personal Information as you have agreed.

Service Providers: We share your Personal Information with our trusted service providers who provide certain services on our behalf, including but not limited to, identity verification, credit checks, fraud prevention, business intelligence, customer relationship management, bill collection, payment processing, marketing, hosting, and other common technology services. Our contracts dictate that these service providers only use your information in connection with the Services they perform for us and in accordance with this Privacy Policy.
Business Partners: We may share your Personal Information with our parent company, subsidiaries, joint ventures, or other companies under common control with us (collectively, “Affiliates”) as permitted by applicable law. We will require our Affiliates to comply with this Privacy Policy.
Referral Partners: We may provide information, including a Merchant’s Personal Information, to third party referral partners that work on behalf of or with us to provide some of the aspects of our services, to help us communicate with you, or to provide Merchants with ancillary services offered by such referral partners. We may also receive information about you, including Personal Information, from our third party referral partners. However, these service providers and referral partners do not have any independent right to disclose this information (except to the same extent we would have a right to disclose that information under this Privacy Policy).
Business Transfers: If we are involved in a merger or acquisition or some or all of our assets are acquired by another company, any Personal Information we possess may be a part of the assets transferred, and that company will possess any rights granted to us under this Privacy Policy. We will require that your Personal Information is protected in accordance with this Policy.

Compliance, Safety, and Protection: Personal information we collect may be shared with law enforcement, public authorities, or other third parties for purposes of: compliance with the law; cooperation with law enforcement or national security requirements; responding to lawful requests; compliance with law or credit card rules; participation in a lawful federal, state or local government investigation; protecting the rights of SafePay, other SafePayMerchants or End Customers, and third parties; or to investigate violations of or to enforce our Terms of Service, Buyer Terms or Acceptable Use Policy, or other policies or procedures.

From End Customers (Consumers) Using our Direct Payment Services

Any Personal Information we collect about a consumer or other individual, whether entered directly into our systems by the consumer as an End Customer or entered by an authorized Merchant, is used solely for the purpose of providing our Services and Direct Payment Services and is not shared with third parties for any reason other than providing our Services and Direct Payment Services, unless otherwise set forth herein.

We may share anonymized information with any third party for any reason, including sharing anonymized PHI/ePHI as authorized by HIPAA.

Information we collect and when we collect it:

All collection of Personal Information from and about consumers is performed on behalf of the Merchant with which the consumer does business via our Services and Direct Payment Services. Generally, we collect End Customer Personal Information as follows:

Transaction/Order Information: When you use our Direct Payment Services to submit a payment, initiate an order, authorize a recurring payment plan or schedule, or otherwise make a purchase from a Merchant, we collect information necessary to process that transaction, that may include your name, address, zip/postal code, email address, phone number, credit card or financial account number, IP address, and any other information necessary to process or authenticate the transaction. We securely store credit card and bank account information you enter via the Direct Payment Services so that it may be used for authorized future one-time transactions or to discharge automated payments as part of recurring payment schedules and plans. In some cases the combination of data we collect, may be classified as Protected Health Information (PHI/ePHI) under HIPAA. Furthermore, we may collect information about you and your purchase, as well as any Personal Information or demographic data that you provide at the time of purchase, including (without limitation) your email address, contact information, and other information related to the products/services purchased.
Appointment Information: When you utilize our Direct Payment Services to schedule an appointment with a Merchant, we collect information necessary to process that request including your name, address, phone number, email address, and details related to the specific appointment.
User Information: When you create an account via a Merchant’s implementation of our Direct Payment Services we collect your Personal Information in order to enable you to access your stored payment account information. This Personal Information may include your name, phone number, address, email address, User ID and credit card and bank account information.
Geolocation Data: If you provide us with permission while accessing the Direct Payment Services via a web browser we may collect precise information about the location of your computer or device.

Information You Provide to Us: While an End Customer’s direct relationship is with the Merchant, and all questions or concerns should be directed to that Merchant, in the event an End Customer does contact SafePay directly we collect information that you provide to us, such as when you engage in an online Chat, email or call our sales or service team, when you comment to a blog, or when you email, call, write, fax or otherwise initiate contact with SafePay regarding our Sites and/or Services. We record your contact information (name, address, phone number, email address, account name and number, User ID, and any other information you provide) in our CRM (Customer Relationship Management) and support ticketing system.
Performance and Log Data: When you visit the Sites and/or utilize the Direct Payment Services our servers (which may be hosted by a third party service provider) automatically record information created by your use of our Sites and Direct Payment Services, which may include information such as, but not limited to, your IP address, browser type, operating system, command line information, diagnostic information related to the Services (i.e., crash activity reports), the referring web page, pages visited, location, your mobile carrier, device and application IDs, and search terms. Please read the “Automated Data Collection Technologies” section of this Policy for more information.

Cookies and Similar Tracking Technologies: We use technologies like cookies, web beacons, pixel tags and other similar tracking technologies to gather information about how you are interacting with the Direct Payment Services, which may include identifying your IP address, browser type, and referring page. Please read the “Cookies and Similar Tracking Technologies” section of this Policy for more information.

How we use the information we collect:

Generally, we collect and use information from End Customers on behalf of our Merchants to provide, protect, and improve our Services and Direct Payment Services. Some specific examples of how we may use your Personal Information include:

To Provide You with the Direct Payment Services: We process an End Customer’s Personal Information when they use the Direct Payment Services as part of a business relationship with a SafePay Merchant. For example, we use your Personal Information to facilitate payments through the SafePay system, to enable online invoice payments, to enable orders from a Merchant’s online store, to enable online appointment scheduling, and other system related functions performed on behalf of Merchants.
To Send Receipts and Notifications: We use the email address you provide when placing an order or scheduling an appointment via a Merchant’s instance of the Direct Payment Services to send you, on behalf of the Merchant, payment receipts, payment schedule confirmations and notifications, invoices and invoice notifications, appointment confirmations and reminders, password reset emails, and other system notifications as required and as directed by the Merchant.
To Enforce Our Terms, Agreements and Policies: We process your Personal Information to actively monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities on our Services and Direct Payment Services or violations of our terms and agreements with you. In addition, we may process your Personal Information to enforce our agreements with third parties and partners, and/or collect fees based on your use of our Services.
To Maintain Legal/Regulatory Compliance and to Prevent Fraud: We process your Personal Information to comply with certain legal obligations, such as the PCI-DSS, tax law, or as otherwise necessary to fulfill our other business obligations; identify, prevent, and mitigate fraud on our Services; and/or to manage risk as required under applicable law.
For Security Purposes: We process your Personal Information to enhance the security of our Services and Direct Payment Services and to combat spam, malware or other security risks. Our processing includes monitoring your activities on our Direct Payment Services and verifying your identity and access to the Services.
To Provide Customer Service: While an End Customer’s direct relationship is with the Merchant, and all questions or concerns should be directed to that Merchant, in the event an End Customer does contact SafePay directly with information requests, questions, concerns, disputes, feedback, or any for other reason, we use your Personal Information to respond to you.
For Research and Development: To offer new, customized or improved features on our Services and Direct Payment Services, we process your Personal Information for research and development purposes. Your Personal Information helps us better understand how Merchants and End Customers use and interact with our Services. Additionally, we typically use information collected via Automated Data Collection Technologies for functional purposes, to improve the performance and usability of our Sites and Services as described in “Automated Data Collection Technologies” (below). We may also create anonymous records from Personal Information for certain business purposes of SafePay or its subsidiaries or affiliates, including but not limited to, reporting, directing future development efforts, and analyzing usage patterns so that we may enhance our Sites and Services.

How we share the information we collect

Generally, we share an End Customer’s Personal Information as follows:

Consent: When we have your consent to do so, we share your Personal Information as you have agreed.

Merchants: If you make a purchase, schedule an appointment, or otherwise interact with a Merchant via our Direct Payment Services, we may grant access to or share with the Merchant any and all information we collect as part of that transaction or interaction, including credit card and other financial account information and Protected Health Information (PHI/ePHI), except where that disclosure is prohibited by law, regulation or other obligations (e.g. for data security).

Service Providers: We share your Personal Information with our trusted service providers who provide certain services on our behalf, including but not limited to fraud prevention, business intelligence, customer relationship management, payment processing, hosting, and other common technology services. Our contracts dictate that these service providers only use your information in connection with the Services they perform for us and in accordance with this Privacy Policy.
Business Partners: We may share your Personal Information with our parent company, subsidiaries, joint ventures, or other companies under common control with us (collectively, “Affiliates”) as permitted by applicable law. We will require our Affiliates to comply with this Privacy Policy.
Business Transfers: If we are involved in a merger or acquisition or some or all of our assets are acquired by another company, any Personal Information we possess may be a part of the assets transferred, and that company will possess any rights granted to us under this Privacy Policy. We will require that your Personal Information is protected in accordance with this Policy.

Compliance, Safety, and Protection: Personal information we collect may be shared with law enforcement, public authorities, or other third parties for purposes of: compliance with the law; cooperation with law enforcement or national security requirements; responding to lawful requests; compliance with law or credit card rules; participation in a lawful federal, state or local government investigation; protecting the rights of SafePay, other SafePay Merchants or End Customers, and third parties; or to investigate violations of or to enforce our Terms of Service, Buyer Terms or Acceptable Use Policy, or other policies or procedures.

Automated Data Collection Technologies

When you access the Site, Services, or Direct Payment Services or open one of our HTML emails, we may automatically record certain information from your system by using cookies and other types of click-stream tracking technologies. This “automatically collected” information may include Internet Protocol address (“IP Address”), a unique user ID, device type, device identifiers, browser types and language, referring and exit pages, platform type, version of software installed, system type, the content and pages that you access on the Service, the number of clicks, the amount of time spent on pages, the dates and times that you visit the Service, and other similar information. Depending on the law of your country of residence, your IP address may legally be considered personally identifiable information.

We typically use these cookies and similar technologies for essential and functional purposes (e.g. to maintain an active session), to improve the performance and usability of our Sites, and to analyze how users interact with the Services (e.g. to understand how long users stay on a page, how often they return, and how they arrived at our Site). On certain portions of our Sites we may collect data through these technologies for advertising, remarketing, or other similar purposes. Click-stream and related data is typically used for purposes of system administration, to improve our Services, for marketing and advertising-related purposes, and other similar uses.

Cookies and Similar Technologies

Some tracking technologies on our Services and Direct Payment Services may be provided by a third party (which may collect information on its own behalf, or may provide such information to us). We may use these technologies to collect information about your online activities over time and across third party websites or other online services (behavioral tracking).

The technologies we use for this automatic data collection may include:

Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. Cookies can store information in different ways:
- Session cookies. A session cookie lasts while your browser is open and is automatically deleted when you close your browser.
- Persistent cookies. A persistent cookie lasts until you or your browser deletes the cookies or they expire.

We may place “first party cookies” or “third-party cookies” on our Sites. A first party cookie is a cookie that we set on our Sites, Services, and Direct Payment Services, while a third-party cookie is set by parties other than SafePay. A third-party cookie can recognize your computer both when it visits our Sites and when it visits other websites or applications. SafePay does not control how third-party cookies are used. A third-party cookie may collect information on its own behalf, or may provide such information to us. You should check the third party’s website for more information about how they use cookies.

Web Beacons. Pages of our Sites, Services, Direct Payment Services, and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email or opened a text message and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

Log Files. We may collect demographic information, such as postal code, age, gender, preferences, interests and favorites using log files. This information includes IP addresses, browser type, ISP provider, referring/exit pages, operating system, date/time stamp, and click stream data. This information is used to administer the Sites, Services, and Direct Payment Services and to track users’ movements around the Sites, Services and Direct Payment Services, and to gather information about users and visitors in the aggregate.

We do not intentionally collect personally identifiable information automatically, but we may tie this information to Personal Information about you that we collect from other sources or that you provide to us. It is possible at times when collecting non-personally identifiable information through automatic means that we may unintentionally collect or receive personally identifiable information that is mixed in with the non-personally identifiable information. While we will make reasonable efforts to prevent such incidental data collection, the possibility still exists. If you believe that we have inadvertently collected your Personal Information, please notify us at privacy@safepaycorp.net

We may use analytics services that use cookies, javascript and similar technologies to help us analyze how users use the Sites, Services, and Direct Payment Services. The information generated by these services about your use of the Sites and/or Services/Direct Payment Services (including your IP address or a truncated version of your IP address) is transmitted to and stored by analytics service providers on their servers. Those service providers will use this information for the purpose of evaluating your and other users’, use of the Sites, compiling reports for us on website activity and providing other services relating to website activity and Internet usage.

For example, in our email programs, SafePay employs some tracking methods (e.g. “targeting, performance, and functionality cookies”). We track “opens” via a tracking pixel in the email- meaning we track who opens our e-mail messages and when you open our e-mail messages; and we track “clicks” via encoded URLs-meaning we track whether you click on the links contained in our e-mail messages.

Additionally, we use Google Analytics on our Sites and in conjunction with our Services and Direct Payment Services. Google Analytics is a web analytics service provided by Google. Google Analytics uses cookies to collect anonymous traffic data to help us analyze how users use the website. The information generated by a cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Sites, compiling reports on Site activity for us and providing other services relating to Site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. By using the Sites, you consent to the processing of data about you by Google in the manner and for the purposes described in this Privacy Policy.

To learn more about cookies and similar tracking technologies, and how they can affect your privacy, visit allaboutcookies.org. To learn more about how to opt out of Google’s use of cookies, visit the Google Ads Settings page. Alternatively, you can opt out of certain pieces by visiting the Network Advertising Initiative opt out page or permanently using the Google Analytics Opt Out Browser add on. If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp. You may control Facebook’s use of interest-based ads through your Facebook account settings, or may visit the customer support page.

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser. Further, due to differences in international laws regarding use of cookies, when the system identifies an IP address originating from outside North America accessing a Direct Payment Services page on the domain it will not deploy any third-party or marketing- related cookies.

Third-Party Integrated Services

SafePay provides the ability to integrate the Services with select third party accounting and marketing systems (“Integrated Service(s)”). When a Merchant elects to establish a SafePay connection with an Integrated Service, all data in your account may be shared with the Integrated Service including personally identifiable information about your consumer and non-consumer customers and prospects. SafePay does not control the policies or procedures of these Integrated Services, even though the integrations are provided through our Services, and SafePay is not responsible for and has no control over how these third party Integrated Services function.

This Policy does not cover the collection or use of information, including consumer End Customer data, by Integrated Services, and Merchants acknowledge that use and access to these Integrated Services is solely at their own risk; and Merchants should consult the Terms and Privacy Policy for any Integrated Services accessed via a SafePay account to determine how they store, process, transmit, and otherwise utilize and protect personally identifiable information and the personally identifiable information Merchants provide about their customers, prospects, and other consumers. Merchants ultimately can control which Integrated Services they choose to use with their SafePay account, and are responsible for making sure that they do so in compliance with relevant privacy and data protection requirements.

SafePay may provide the Personal Information we have collected from and/or about Merchants to Integrated Services for the purpose of enabling them to market their products or services to you, if you have not opted out of these disclosures.

How we Share Information with Third Parties

Except as otherwise set forth in this Privacy Policy or in accordance with any request or consent you provide, SafePay does not sell, share, or in any other way transmit Personal Information (names, address, phone numbers, financial account information, Protected Health Information (PHI/ePHI), etc.) submitted by non-registered users to any other persons or companies. We reserve the right, however, to use and disclose anonymous information to third parties, at our discretion. Except as limited below, third parties may use information we share with them for any purpose for which we may use such information.

Personal information we collect may be shared with service providers who provide certain services on our behalf, including but not limited to, identity verification, credit checks, fraud prevention, business intelligence, customer relationship management, bill collection, payment processing, marketing, hosting, and other common technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and in accordance with this Privacy Policy, and you consent to our sharing with these parties by using our Services and/or Direct Payment Services and accepting the terms of this Privacy Policy.

We may provide information, including Personal Information of registered users to third party service providers and referral partners that work on behalf of or with us to provide some of the aspects of our services, to help us communicate with you, or to provide Merchants with ancillary services offered by such service providers and referral partners. We may also receive information about you, including Personal Information, from our third party service providers and referral partners. However, these service providers and referral partners do not have any independent right to disclose this information (except to the same extent we would have a right to disclose that information under this Privacy Policy).

If you make a purchase from a Merchant using our Direct Payment Services, we may grant access to or share with the Merchant any and all information we collect as part of that transaction, including credit card and other financial account information and Protected Health Information (PHI/ePHI), except where that disclosure is prohibited by law, regulation or other obligations.

You hereby agree that we may share some or all of your Personal Information with a parent company, subsidiaries, joint ventures, or other companies under common control with us (collectively, “Affiliates”). We will require our Affiliates to comply with this Privacy Policy. If our company or some or all of our assets are acquired by another company, any personal or other information we possess may be a part of the assets transferred, and that company will possess any rights granted to us under this Privacy Policy.

Finally, in extraordinary circumstances, we may share any personal or other information we possess, including but not limited to credit card and other financial account information and Protected Health Information (PHI/ePHI) when necessary or appropriate to: comply with the law; cooperate with law enforcement or national security requirements; respond to lawful requests; comply with law or credit card rules; participate in a lawful federal, state or local government investigation; protect the rights of SafePay, other SafePay Merchants or customers, and third parties; or to investigate violations of or to enforce our Terms of Service, Buyer Terms or Acceptable Use Policy. However, in doing so, we may: (i) dispute demands for release to the extent we believe, in our sole discretion, are unwarranted, illegitimate or overbroad; and (ii) when we determine that it is necessary or appropriate, we will notify you of any requests for release.

In all cases where we share Personal Information with third parties, we will use a “minimum necessary” standard to disclose only that information required to perform the service for which the information is disclosed.

Data Retention Policy, Managing Your Information

We will retain Personal Information for as long as you remain an active use of our Services (e.g., SafePay Paid Account Holder, Mobile App user, SafePay Free Account user, etc.) and for a reasonable time thereafter, to serve the purpose(s) for which your Personal Information was processed, or as necessary to comply with our legal obligations, to resolve disputes, or to enforce our agreements to the extent permitted by law. We generally apply the retention periods noted below.

End Customer Personal Information: We may store on behalf of Merchants, for as long as a valid business reason exists, which may be indefinitely, any Personal Information, including but not limited to credit card and other financial account information and Protected Health Information (PHI/ePHI), collected about a consumer or other individual, whether entered directly into our systems by the End Customer via our Direct Payment Services, or whether entered by an authorized Merchant via the Services.
Note that Merchants control any consumer data we collect and process on their behalf, whether that Personal Information is entered by a consumer End Customer via the Direct Payment Services or whether it is entered by a Merchant via the Services, and it is up to the Merchant to determine how long they will store their customers’ Personal Information in our systems.
Your Interactions on Our Services: We may store any information about your interactions on our Sites, Services or Direct Payment Services or any content created, posted or shared by you on our Sites, Services, or Direct Payment Services (e.g., pictures, comments, support tickets, and other content) for a period of time after the closure your account, which may be indefinitely, where a valid business reason exists for such storage such as to maintain the integrity of our systems and logs, for the establishment or defense of legal claims, audit and crime prevention purposes.
Marketing: We store information used for marketing purposes indefinitely until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request.
Anonymized and Aggregate Data: We may retain anonymized and aggregate data indefinitely.

Upon termination of a contract with a Covered Entity, we will remove any ePHI stored in our systems on behalf of that Covered Entity where required by applicable law or the Business Associate Agreement with the Covered Entity; any PHI that we continue to maintain, will be stored and protected per the terms of our Business Associate Agreement with the Covered Entity.

Security

SafePay has security measures in place designed to protect against the loss, misuse and alteration of the information under our control, as described in our security page. We protect your Personal Information by maintaining physical, technical and procedural safeguards to protect the confidentiality and security of your Personal Information. Such safeguards include use of secured socket layers (“SSL”), firewalls, data encryption, enforcing physical access controls to our buildings and files, and limiting access to Personal Information only to those employees, agents or third parties who need to know that information in order to process it for us. We are also a Level 1 PCI-DSS certified service provider.

However, you are also responsible for keeping your Personal Information confidential and secure. SafePay cannot guarantee that your Personal Information will be 100% safe while using its Services and Direct Payment Services. You should choose a password that is complex (e.g., special characters and numbers, sufficient length, etc.) and keep your password confidential. Do not leave your device unlocked so that other individuals may access your device or account. SafePay is not in control of your Internet or wireless connection or the devices you use to log into the Services, so you should make sure you trust the devices and connections you use to access the Services. If you believe that you have experienced unauthorized access or use of your account, please contact us immediately at care@safepaycorp.net

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted via our Sites or Services. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Sites or the Services/Direct Payment Services.

Choice/Opt-Out

You may opt-out of receiving marketing communications from us by following the opt-out instructions we include in such communications. Any communications from us that are not Service-related or transactional in nature will offer you an “unsubscribe” option so that you can opt out of receiving such messages.

You may opt-out of all of our information collection from your mobile device by uninstalling the Mobile App. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

To the extent required by law, you may choose to opt out of sharing with any other parties with whom we may share your Personal Information; however, you may be unable to use the Services or certain features if you wish to limit such sharing.

Accessing, Correcting and Deleting your Information

SafePay acknowledges the right of individuals to access their Personal Information. Note that SafePay will require you to verify your identity prior to releasing any Personal Information.

Generally, you may access, correct, and/or delete your Personal Information as follows:

Merchants may access and modify Personal Information and other account information using the account settings page. You may also access, change and modify information previously provided or collected by sending an email to SafePay at privacy@safepaycorp.net to initiate changes or modifications or to obtain a file for review.
Merchants may close their SafePay account by contacting SafePay Customer Care at 800-896-3450 or care@safepaycorp.net.
Merchants may request that their Personal Information be removed from all SafePay systems. To have any Personal Information permanently deleted from SafePay systems, you must make an official request in writing by emailing privacy@safepaycorp.net and include the specific information that you would like permanently deleted from SafePay systems. Note that if you request removal of your Personal Information you will no longer have access to any existing SafePay account and will not be able to use any SafePay product or service. SafePay reserves the right to retain certain account information for its recordkeeping or compliance purposes.
Visitors and any other individuals who have submitted Personal Information directly to SafePay via the Sites may request that their Personal Information be removed from all SafePay systems once per year. To have your Personal Information permanently deleted from SafePay systems, you must make an official request in writing by emailing privacy@safepaycorp.net and include specific information that you would like permanently deleted from SafePay systems. SafePay reserves the right to retain certain account information for its recordkeeping or compliance purposes.
End Customers and other consumers who do business with Merchants utilizing SafePay Services can request that the Merchant provide you with access to the Personal Information SafePay stores on its behalf, that it make changes to that Personal Information, and/or that the Personal Information be deleted from SafePay systems. SafePay cannot honor such requests directly from End Customers, but will assist Merchants with honoring them.
If you are a patient, customer, or otherwise do business with a Covered Entity that utilizes SafePay systems as part of providing service to you, you can request that the Covered Entity provide you with access to the Personal Health Information (PHI/ePHI) stored in SafePay systems on its behalf, that it make changes to that ePHI, and/or that the ePHI be deleted from SafePay systems. SafePay cannot honor such requests directly from End Customers, but will assist Merchants with honoring them.

Note that use of the system delete function by a Merchant to remove any data related to customers (such deleting a Customer Record or deleting a credit card or bank account from a Customer Record), or to remove any personal data about your company or its authorized users (such as deleting a Staff profile), only restricts viewing that data from any system interface and prevents utilizing that data for any system function. It does not permanently delete the data from SafePay systems. To have any personal data permanently deleted from SafePay systems, you must make an official request in writing, to the address provided below or by emailing privacy@safepaycorp.net that includes the specific information that you would like permanently deleted from SafePay systems. Note that SafePay will require you to verify your identity prior to executing any request to permanently delete data.

If you have any questions about your Personal Information or this policy, or if you would like to make a complaint about how SafePay processes your personal data, please contact SafePay by email at privacy@safepaycorp.net, or by using the contact details below.

A Note About Children

We do not intentionally gather information about visitors who are under the age of 18. If you are under the age of 18 you should not use our Sites or Services.

Dispute Resolution

If you have any questions or concerns, please contact SafePay by e-mail at privacy@SafePaycorp.net. We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation. If we are unable to reach a resolution to the dispute, you and SafePay will settle the dispute exclusively as set forth in the Terms of Service.

California Privacy Rights

If you are a California resident, you may request and obtain from us a list of what Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. California law provides that you have the right to receive the following information: (a) the categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.

You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing us at privacy@safepaycorp.net.

International Transfers

If you are accessing our Sites, Services, or Direct Payment Services from outside of the United States, any information provided will be transferred to us or our service providers in the United States and other locations outside of the country or jurisdiction where you are located. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. Some information may also be stored locally on devices you use to interact with our Sites, Services, or Direct Payment Services. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Services.

Please note, SafePay acts as a data processor on behalf of its Merchants and Merchants are responsible for obtaining your consents relating to the collection, use, transfer and other processing of your Personal Information and may provide additional notices affecting our processing of your Personal Information, and may provide for additional limitations or permissions with respect to our processing of your information in order to comply with applicable law.

With respect to EU Personal Data (as defined in our Terms of Service and Buyer Terms), SafePay (i) processes Personal Information provided in connection with a payment processed by SafePay as necessary to complete a contract or transaction requested by the data subject, and for the legitimate interests of SafePay and its Merchants, specifically in relation to fraud prevention, identity theft protection, and other security measures, and for internal/administrative purposes; (ii) may process Personal Information on behalf of the Merchant relating to an EU consumer’s use and interactions with the Merchant’s products and services as offered via the Services and Direct Payment Services; and (iii) processes Personal Information from automatic website collection (e.g. IP addresses), cookies and similar tracking technologies only in the case of essential and functional cookies and IP addresses which are processed for SafePay’s legitimate interests in analyzing, improving and administering the Service, e.g. by delivering a web page or analyzing aggregate web traffic to our Sites.

EU-U.S. Privacy Shield

SafePay, Inc. complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member countries. SafePay has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. Furthermore, we require third party recipients of EU citizens’ Personal Data to agree to respect these principles, and we accept liability for third parties’ processing of EU citizens’ data to the extent required by law.

If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov. You may view the list of Privacy Shield companies here.

We encourage EU (and U.S.) users to contact us if you have any concerns about our compliance with this Privacy Policy and the Privacy Shield Framework. In compliance with the EU-U.S. Privacy Shield Principles, SafePay commits to resolve complaints about your privacy and our collection or use of your Personal Information. European Union individuals with inquiries or complaints regarding this Privacy Policy should first contact SafePay at the address below. We will respond to complaints from EU citizens within 45 days.

SafePay has further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint.

Under certain circumstances, these dispute resolution processes may result in your ability to invoke binding arbitration. As a U.S. company, we are also subject to the investigatory and enforcement power of the FTC regarding our compliance with the Privacy Shield Framework and this Privacy Policy, and users may direct complaints to the FTC in the event the dispute resolution processes described above is unsatisfactory.

You also have a right to lodge a complaint with a competent supervisory authority situated in a Member State of your habitual residence, place of work, or place of alleged infringement.

Rights for Residents of the European Economic Area (“EEA”)

SafePay only provides Services to United States based Merchants. However these Merchants may utilize our Services and deploy our Direct Payment Services such that they are collecting information from EEA residents. In such cases SafePay is acting as a data processor and storing Personal Information on behalf of these Merchants. Thus if you are located in the EEA and utilize our Direct Payment Services, your Personal Information is processed by SafePay and transferred to our servers and the servers of our service providers located in the United States. In order to ensure that your information is protected when transferred out of the EEA, SafePay relies on the EU-U.S. Privacy Shield (described in more detail above), as well as inter-company agreements between our various third party service providers that may process your information on behalf of SafePay, Inc.

If you are located in the EEA, you have certain rights under European law with respect to your personal data, including the right to request access to, correct, amend, delete, port to another service provider, or object to certain uses of your personal data. You can learn more about these rights from

If you are a Merchant using or a Visitor to SafePay Sites and/or Services and wish to exercise these rights, please reach out to us using the contact information below. If you are a customer or End Customer of a Merchant who uses SafePay’s platform and wish to exercise these rights, please contact the Merchants you interacted with directly — we serve as a processor on their behalf, and can only forward your request to them to allow them to respond.

If you are unhappy with the response that you receive from us we hope that you would contact us to resolve the issue but you also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction at any time.

Additionally, if you are located in the EEA, note that we are generally processing your information on behalf of a Merchant in order to fulfill contracts they might have with you (for example if you make an order through the Direct Payment Services), unless we are required by law to obtain your consent for a particular processing operation. In particular we process your personal data to pursue the following legitimate interests, either for ourselves, our merchants, or other third parties (including our merchants’ customers):

To provide Merchants, End Customers and others with our services and applications;
To prevent risk and fraud on our platform;
To provide communications on behalf of Merchants;
To provide reporting and analytics;
To help Merchants find and integrate with Integrate Services;
To provide troubleshooting, support services, or to answer questions;
To test out features or additional services; and
To improve our services, applications, and websites.

When we process Personal Information to pursue these legitimate interests, we do so where we believe the nature of the processing, the information being processed, and the technical and organizational measures employed to protect that information can help mitigate the risks to the data subject. However, though we undertake to preserve the confidentiality of all information you provide to us, SafePay cannot be responsible for ensuring the security, accuracy, or privacy of your data once it leaves our environments (as directed by Merchants utilizing the Services).

Contacting Us

SafePay, Inc.
P: 800-896-3450
E: Contact@safepaycorp.net

Changes to this Privacy Policy

Our Relationship to You

Collection and Use of Personal Information

Information from Visitors to the Sites

From Merchants Utilizing the Services

From End Customers (Consumers) Using our Direct Payment Services

Automated Data Collection Technologies

Cookies and Similar Technologies

Third-Party Integrated Services

How we Share Information with Third Parties

Data Retention Policy, Managing Your Information

Security

Choice/Opt-Out

Accessing, Correcting and Deleting your Information

A Note About Children

Dispute Resolution

California Privacy Rights

International Transfers

EU-U.S. Privacy Shield

Rights for Residents of the European Economic Area (“EEA”)

Contacting Us

Solutions

Company

Support & Resources

Legal