Last Updated: June 27, 2023
1. What This Privacy Notice Covers
“Personal Information” means any information that identifies or relates to a particular individual. Personal Information does not include information that is aggregated or deidentified such that the information cannot be reasonably linked to you. When we collect deidentified data, we maintain it in deidentified form and do not attempt to reidentify the information.
2. Changes to Our Privacy Notice
We may change our Privacy Notice from time to time. If we make material changes to this Privacy Notice, we will revise the ‘last updated’ date, post the updated version on our website, use reasonable efforts to notify you, and take any other steps necessary to comply with applicable law.
3. How We Collect Information About You
a. Information You Provide.
i. When you interact with our Services, you may provide us with certain Personal Information, such as your name, employer information, job title, payment information (such as bank account, credit or debit card information), social security number, date of birth, postal address, email address and/or phone number. You may provide this information to us when you contact us, request information about our Services, or apply for/enter into a merchant agreement with us.
ii. We also collect information you may provide when you complete online forms (including call back requests), take part in surveys, or download information such as white papers or other publications.
iii. To the extent applicable, our Services that allow you to share information with third party social media sites. If you link your account or engage with our Services through third-party social media sites, you understand that you may be allowing us to have access to certain information stored on those social media sites.
b. Information Automatically Collected. We automatically collect certain types of technical and usage information when you use our Services or engage with us through our website or otherwise (“Usage Data”). We typically collect this information through a variety of technologies, including cookies, web beacons, file information and similar technology (“Cookies and Similar Technologies”). For example, Usage Data may include the device identification number and type, location information and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad identifier, your IP address, your browsing history and your web log information). Usage Data may also include information about the way you use our Services, for example, the site from which you came and the site to which you are going when you leave our website, the pages you visit, clickstream data, whether you access the Services from multiple devices, and other actions you take on the Services.
4. How We Use Your Information
a. To the extent permissible under applicable law, we may use your Personal Information to:
5. Disclosing Your Information
a. We may disclose your Personal Information to the following third parties under certain circumstances, which may include
i. our corporate family, affiliates and subsidiaries;
ii. our service providers and agents (including their sub-contractors) or third parties which process information on our behalf (e.g. internet service and platform providers, online advertising service providers and other organizations we engage to help us send communications to you) to provide you with the Services and information you have requested or which we believe is of interest to you;
iii. partners, including system implementers, resellers, value-added resellers, independent software vendors and developers that may help us to provide you with the Services and information you have requested or which we believe is of interest to you;
iv. third parties used to facilitate payment transactions, for example clearing houses, clearing systems, financial institutions and transaction beneficiaries;
v. third parties where you have requested us to send certain information (for example, a reseller with whom you have an existing relationship);
vi. credit reference and fraud prevention agencies;
vii. any third parties to enforce our legal rights and satisfy our legal obligations, including without limitation any reporting or disclosure obligations under applicable law or regulations or subpoena, court order or other judicial or administrative process, or when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others;
viii. third parties to comply with the rules, regulations and guidelines of the payment networks in which transactions are processed;
ix. our professional advisors and auditors for the purpose of seeking professional advice or to meet our audit responsibilities;
x. third parties to transfer information and/or assets in the event of a merger, acquisition, sale, bankruptcy filing, or other corporate restructuring; another organization to whom we may transfer our agreement with you; and
xi. third parties for any other purpose permitted under applicable law and regulation or agreed to in this Privacy Notice or disclosed at the time the information is collected.
b. We may disclose non-personally identifiable information about the use of our Services publicly or with third parties but this will not include information that can be used to identify you.
6. Your Information and Your Rights
a. From time to time, we may send you emails regarding updates to our Services, notices about our organization, or information about promotional offers from third parties that we think may be of interest to you. If you wish to unsubscribe from such emails, simply click the “unsubscribe link” provided at the bottom of the email communication. Note that you cannot unsubscribe from certain Services-related email communications (e.g., account verification, confirmations of transactions, technical or legal notices).
b. You can manage your privacy settings within your browser or our Services (where applicable).
c. If you are a California resident, you may have additional rights in relation to personal information we have collected about you. Please see Section 14 for “California Residents” for more information.
7. Security and Storage of Information
a. Please be aware that despite our endeavors to keep your information secure by taking appropriate technical and organizational measures against its unauthorized or unlawful processing and against its accidental loss, destruction or damage and commercially reasonable steps to protect your Personal Information, no measures can guarantee the security of your information which is transmitted to us. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
8.Data Storage and Transfer
Your information may be stored and processed in the United States or any other country in which Paya or its subsidiaries, affiliates or service providers maintain facilities. If you are located in other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which we or our parent, subsidiaries, affiliates or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Notice.
9.Third Party Websites and Social Media
b. Our Services may enable you to share information with social media sites, or use social media sites to create your account or to connect your social media account (“Social Features”). Use of Social Features may entail a third party’s collection and/or use of your data. If you use Social Features or similar third-party services, information you post or otherwise make accessible may be publicly displayed by the third-party service you are using. Both we and the third party may have access to information about you and your use of both the Services and the third-party service.
10. Cookies and Similar Technologies
b. We may use the following different types of cookies:
i. Strictly necessary cookies. These are cookies that are needed for our websites, applications or Services to function properly. For example, these cookies allow you to access secure areas of our Services.
ii. Performance cookies and analytics technologies. These cookies collect information about how visitors and users use our websites, applications and services. All information these cookies collect is aggregated and de-identified. We use these cookies to improve how our Services work.
iii. Functional cookies. These cookies allow our websites, applications and Services to remember choices you make (such as your user name, language or the region you are in), provide enhanced, more personalized features. , and provide Services you have asked for.
iv. Targeting or advertising cookies. These cookies are used to deliver advertisements that are more relevant to you and your interests, and measure the effectiveness of an advertising campaign. They may be placed by advertising networks with the website operators’ permission. Information collected by these cookies may be shared with other organizations such as advertisers, and may also be used for site functionality provided by the other organization.
c. How to Disable Cookies and Similar Technologies
ii. For more information about cookies and instructions on how to adjust your browser and device settings to accept, delete, or reject some of these technologies, visit www.youronlinechoices.com or allaboutcookies.org.
iii. We use Google Analytics to analyze how users use our Services. The information generated by the cookie about your use of the websites, applications or services may be shared with Google. To opt out of tracking by Google Analytics, you can do so here.
iv. Do Not Track. Your browser settings may allow you to transmit a “do not track” signal, “opt-out preference” signal, or other mechanism for exercising your choice regarding the collection of your information when you visit various websites. Like many websites, our website is not designed to respond to Do Not Track signals communicated by your browser. To learn more about “do not track” signals, you can visit http://www.allaboutdnt.com/.
11. Children’s Personal Information
Our website is not intended for or directed to children under the age of 13, and we do not knowingly collect personal information directly from children under the age of 13. If we become aware that a child under the age of 13 has provided us with Personal Information, we will take commercially reasonable steps to delete the information from our records. If you are the parent or guardian of a child under 13 years of age who has provided us with their personal information, you may contact us using the below information to request that it be deleted.
12. Your California Privacy Rights.
California Consumer Privacy Act (“CCPA”). For purposes of this section, “personal information” has the meaning given in the CCPA, but does not include information exempted from the scope of the CCPA.
The below table explains our practices over the past 12 months related to the categories and types of personal information that we collect about you and the categories of third parties that we disclose this information to for a business purpose.
|Category of Information
|Types of Information
|Categories of recipients
|Name, email address, unique personal identifier, postal address, phone number, IP address, password, social media handle
|Cloud storage providers, online advertising service providers, communications service providers, resellers, software vendors, clearing houses, financial institutions, transaction beneficiaries, credit reference and fraud prevention agencies, data analytics vendors, marketing partners, other parties to whom you request we send your information
|Personal information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
|Name, postal address, phone number
|Cloud storage providers, communications service providers, resellers, software vendors clearing houses, financial institutions, credit reference and fraud prevention agencies, other parties to whom you request we send our information
|Professional or employment-related information
|Employer information, role
|Cloud storage providers, clearing houses, financial institutions, credit reference and fraud prevention agencies, other parties to whom you request we send our information
|IP address, zip code
|Data analytics vendors, online advertising service providers, marketing partners
|Internet or other electronic network activity
|IP address, device ID, browsing and search history, information about your interaction with the Services
|Data analytics vendors, online advertising service providers, marketing partners
|Sensitive personal information
|Social security number
|Cloud storage providers, clearing houses, financial institutions, credit reference and fraud prevention agencies
The specific business purposes for which we collect your Personal Information, including sensitive personal information, are described above in Section 4, How We Use Your Information. We only use and disclose sensitive personal information for the purposes specified in the CCPA. The criteria we use to determine how long to retain your personal information is described in Section 7.b, Security and Storage of Your Information.
We do not “sell” or “share” (as those terms are defined under the CCPA) Personal Information.
As a California resident, you may have the rights listed below in relation to personal information that we have collected about you. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law.
13. Further Information