Effective Date: May 20, 2019
PayActiv, Inc. ("PayActiv," "we," "us," or "our") provides the PayActiv platform, this website, mobile applications, and related services (together, the "Services"). This Privacy Policy ("Privacy Policy"), which is incorporated into and is subject to the PayActiv Terms of Use, describes the information that we gather from you on the Service, how we use and disclose such information, and the steps we take to protect such information.
Policy Scope and Links to Other Services
This Privacy Policy addresses activities on the Service provided by PayActiv. The Service may contain features or links to websites and services provided by third parties, and other products and services that may be made available to you through a third-party website ("Third-Party Service"). Any information you provide to a Third-Party Service, is subject to the policies, if any, of their respective operators governing privacy and security, even if accessed through the Service. We have no control over the nature, content, availability, or privacy and security practices of any Third-Party Service or any third-party sites or services which are linked from, or can be accessed through the Service. This Privacy Policy does not cover the links within the Service that link to such other Third-Party Services. We encourage you to learn about third parties' privacy and security policies before providing them with information.
The Information We Collect and How We Use It:
PayActiv collects personal information about you in order to:
i. identify you each time you wish to have a Service provided;
ii. customize your experience;
iii. operate, maintain, enhance and provide all the features of the Service, to provide services and information that you request, to respond to comments and questions and otherwise to provide support to users;
iv. understand and analyze the usage trends and preferences of our users, to improve the Service, to develop new products, services, features, and functionality, and to perform and participate in studies and develop marketing materials; and
v. contact you for administrative purposes such as customer service, or to send communications, including updates on promotions and events, relating to products and services offered by us and by third parties.
When you use the Service or a Third-Party Service, we may collect information about you, either directly from you or from the entity that operates the Third-Party Service. Personal information we collect may include:
We collect and use the personal information described above in order to provide you with the Services in a reliable and secure manner. We also collect and use personal data for our legitimate business interests. To the extent we process your personal data for other purposes, we ask for your consent in advance.
Through the Service
As is true of most other services, the Service collects certain information automatically and stores it in log files. The information may include (i) internet protocol ("IP") addresses, (ii) the region or general location where your computer or device is accessing the internet, (iii) browser type, (iv) operating system, and (v) other usage information about the use of the Service, including a history of the pages you view.
We may use cookies and automatically collected information to: (i) personalize our Service, such as remembering information about you so that you will not have to re-enter it during your visit or the next time you visit the Service; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of the Service and third-party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions, and status in any promotions or other activities on the Service.
When you use the Service, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Service. Please review your web browser "Help" file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept cookies from the Service, you may not be able to utilize the features of the Service to their fullest potential. We may use third party cookies on our Service as well. PayActiv does not process or respond to web browsers' "do not track" signals or other similar transmissions that indicate a request to disable online tracking of users who visit our Site or who use our Service.
We may also automatically record certain information from your device by using various types of technology, including "clear gifs" or "web beacons." This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message. This information is gathered from all users, and may be connected with other information about you.
Aggregated Service Data
In an ongoing effort to better understand and service PayActiv's customers, at times PayActiv conducts research on its customer demographics, interests and behavior based on the personal information and other information provided to us. This research may be compiled and analyzed on an aggregate basis and PayActiv may share this aggregate data with its affiliates, agents, and business partners. This aggregate information does not identify you personally and is not considered to be personal information.
When and How We Share Information with Others
Except as described in this Privacy Policy, we will not disclose information about you that we collect on the Service to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
i. We share personal information with third parties who are facilitating the delivery of Services. These third parties, which may include financial institutions that process disbursements of funds or third-party web hosts, may have access to or process information about you as part of providing those services for us. Generally, we limit the information provided to these service providers to information that is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information. Such third parties must agree to use such personal data only for the purposes for which they have been engaged by PayActiv and they must either:
comply with the privacy principles or another mechanism permitted by applicable European Union data protection law(s) for transfers and processing of Personal Data; or
agree to provide adequate protections for the personal data that are no less protective than those set out in this Privacy Policy.
ii. We may disclose information about you to your employer in order to enable us to verify your identify and otherwise provide the Service to you.
iii. We may disclose information about you if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
iv. We also reserve the right to disclose information about you that we believe, in good faith, is appropriate or necessary to: (i) take precautions against liability; (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity; (iii) investigate and defend ourselves against any third-party claims or allegations; (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available; or (v) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others.
v. Information about our users may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
vi. We may make certain aggregated, automatically-collected, or otherwise de-identified information available to third parties for various purposes, including: (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users' interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Service.
Your Choices About Your Information
We offer you choices regarding the collection, use, and sharing of your personal information and we'll respect the choices you make. Please note that if you decide not to provide us with the personal information that we request, you may not be able to access all of the features of the Services.
If you wish to access or amend any personal information you have provided to us, you may do so through the Service or through a Third-Party Service, or you may contact us at compliance@payactiv.com. In your request, please note you are writing about "personal information" in the subject or body of the email. Please note that while any changes you make will be reflected in active databases within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
California Civil Code Section 1798.83, also known as the "Shine the Light" law, permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please submit your request to compliance@payactiv.com. In your request, please attest to the fact that you are a California resident and provide a current California address for our response.
If you receive marketing email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt out from receiving marketing email from us by sending your request to us by email at compliance@payactiv.com or by writing to us at the address given at the end of this Policy. In your request, please note you are writing to "unsubscribe" in the subject or body of the email or correspondence.
Please be aware that if you opt out of receiving marketing email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten (10) business days for us to process your request, and you may continue receiving promotional communications from us during that period. After you opt out from receiving marketing messages from us, you will continue to receive administrative messages from us regarding the Service.
Security of Your Information
We maintain physical, technical and administrative safeguards to protect your personal information. Our servers are located in the United States and to provide you with the Services, we may store, process and transmit information in the United States. Personal information may also be stored locally on the device you use to access the Services.
When you submit information to us, your information is protected both online and offline. Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. The computers/servers in which we store personal information are kept in a secure environment. Only employees who need access to the information to perform a specific job (for example, in order to provide customer service) are granted access to personal information. In addition, we commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.
Compromise of Personal Information
In the event that personal information is compromised as a result of a breach of security, PayActiv will promptly notify those persons whose personal information has been compromised in accordance with the notification procedures set forth in this Privacy Policy and as required by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), or any other applicable law.
Data Retention
We only retain collected personal information for a limited period of time for as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law.
All data in the PayActiv platform is retained for 7 years as required by law. A customer may request deletion of their data, but certain transaction information must be retained for legal purposes. After 7 years, personal information is deleted but certain non-specific transactional information is retained.
If you would like to inquire as to what, if any, of your personal information we have or request deletion of any personal information you have submitted to us, please contact us at compliance@payactiv.com. In your request, please note you are writing about "personal information" in the subject or body of the email.
Privacy Shield
PayActiv complies with the EU-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. PayActiv has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
PayActiv is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield, PayActiv is potentially liable.
In compliance with the Privacy Shield Principles, PayActiv commits to resolve complaints about our collection or use of your personal information. EU residents with inquiries or complaints regarding our Privacy Shield policy should first contact PayActiv by email at compliance@payactiv.com and note you are writing about "Privacy Shield Inquiry" in the subject or body of the email or by postal mail sent to:
PayActiv, Inc.
Attn: Privacy Shield Inquiry
4880 Stevens Creek Blvd. Suite 102
San Jose, CA 95129
PayActiv has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States to assist with the complaint resolution process. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney's fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.
PayActiv is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield Principles outlined in this Privacy Policy.
Children
PayActiv does not knowingly collect personal information from children under the age of 13. If you are under the age of 13, please do not submit any personal information through the Services. If you have reason to believe that a child under the age of 13 has provided personal information to PayActiv through the Services, please contact us, and we will endeavor to delete that information from our databases.
Notification Procedures
It is our policy to provide notifications, whether such notifications are required by law or are for marketing or other business-related purposes, to you by (i) email notice, (ii) written or hard copy notice, or (iii) through conspicuous posting of such notice on this website, as determined by PayActiv in its sole discretion. We reserve the right to determine the form and means of providing notifications to you, provided that you may opt out of certain means of notification as described in this Privacy Policy.
Changes and Updates to the Privacy Policy
PayActiv reserves the right to amend the Privacy Policy at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy on this website. Changes to this Privacy Policy are effective when they are posted on this page. When we change the policy in a material manner we will let you know by updating the "Effective Date" at the top of this page.
If you have any questions or comments about this Privacy Policy please contact us by email at compliance@payactiv.com and please note you are writing about "Privacy Policy" in the subject or body of the email. or by postal mail at:
PayActiv, Inc.
4880 Stevens Creek Blvd. Suite 102
San Jose, CA 95129