PayTrace collects personally identifiable information when you register for a PayTrace account, and when you use certain PayTrace products and services. When you register with PayTrace, we ask for your contact information (such as your name, street address and email address), as well as certain information pertaining to your business, along with billing information such as your bank account number. In the course of processing a payment transaction, we typically receive from the merchant or a financial institution information related to the transaction. This normally includes information about the payment that a consumer has furnished the merchant or financial institution in placing the order. We do not acquire any information directly from consumers through the PayTrace Web site. The personally identifiable information we acquire in processing payment transactions varies according to the nature of the transaction and the way in which merchants or financial institutions are using our payment services. It may include, for example, the amount of the transaction, the consumer's name, credit card number and expiration date, billing address, and shipping address. PayTrace uses the information collected to fulfill your requests for certain products and services, to process payment transactions, to facilitate billing, and otherwise deliver the payment processing services. We may also send merchants service announcements, newsletters, and periodic notices about specials and new products. Personally identifiable consumer information is used to process payment transactions and for no other purpose. PayTrace does not offer services or sell products to children. PayTrace does not request or knowingly collect personally identifiable contact information from anyone under the age of 13.
Like many websites, we use Google Analytics, a service that provides information about how many users visit our website, when they visit, and how they navigate the Site once they are here .
We also may use other Google Analytics tools, such as Demographics and Interest Reporting, which enables us to learn more about the characteristics and interests of the users who visit our website, and Remarketing with Google Analytics, which enables us to provide relevant advertising on different websites and online services.
Protecting personally identifiable information about merchants and consumers is an important part of our business. We share and disclose such information only as described below. PayTrace will only send personally identifiable information about you to other companies or people when: 1) we have your consent to share the information; 2) we need to share your information to provide the product or service you have requested. Personally identifiable consumer information is shared with third parties (such as banks and credit card processors) to the extent necessary for PayTrace to deliver payment processing services. We also may release personally identifiable information when we believe release is appropriate to: comply with law; enforce or apply our Merchant Agreement and other agreements; or protect the rights, property, or safety of PayTrace, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and risk reduction. In the unlikely event that PayTrace is acquired, merchant account information may be one of the transferred assets.
PayTrace uses session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. This information allows PayTrace to process your online transactions and requests. Session cookies help us make sure you are who you say you are and are required in order to use the PayTrace shopping cart. Standing alone, cookies do not identify you personally. They merely recognize your browser. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer.
Information security is critical to our business. We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. We store information gathered on secure computers located in a locked data center. The number of employees involved in the management of the data center that have physical access to these computers is limited. We use firewalls and other security technology to prevent our computers from being accessed by unauthorized persons. We also require that any personally identifiable consumer information sent to us by you be encrypted using SSL encryption. To learn more about SSL, go to: http://webopedia.internet.com/TERM/S/SSL.html. It is important for you to protect against unauthorized access to your Login ID/password and to your computer. Be sure to sign off when finished using a shared computer and otherwise protect the password used to access the PayTrace services.
PayTrace gives merchants the ability to edit PayTrace Account Information and preferences. Once merchants log into their account, they may make such changes through the Account Management menu.
The following provisions govern information collected in reliance on the EU-U.S. Privacy Shield Framework Principles for transfers of personal data from the EU to the United States. PayTrace adheres to the Privacy Shield Principles ("Principles") and is committed to subject to the Principles all personal data received from the EU in reliance on the Privacy Shield. Individuals from whom PayTrace collects personal information under the Privacy Shield have the right to access their personal data by contacting PayTrace at email@example.com. As a result of certification to the Privacy Shield, PayTrace is subject to the investigatory and enforcement powers of the FTC.
You may access the Privacy Shield List here https://www.privacyshield.gov/list.
PayTrace may be required to disclose personal information pursuant to lawful requests made by public authorities, including to meet national security or law enforcement requirements.
We take safeguarding your privacy very seriously. If you wish to verify, correct or delete any personal information we have collected, or if you have any questions or concerns, or if you have any complaints, please contact firstname.lastname@example.org
In compliance with the Privacy Shield Principles, PayTrace commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contactPayTrace at: email@example.com
PayTrace has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
If your claims as to data covered by the EU-U.S. Privacy Shield have not been remedied through dispute resolution directly with PayTrace or through independent dispute resolution as described above, such "residual claims" may be heard by a "Privacy Shield Pane" composed of one or three arbitrators as agreed upon by the parties. The Privacy Shield Panel may only award individual-specific, non-monetary equitable relief (e.g. access, correction, deletion of the individual's data in question) necessary to remedy the violation of the Principles only with respect to the individual. Damages, costs, fees and other remedies may not be awarded, and each party bears its own attorney's fees. This arbitration option is only available for an individual to determine for such "residual claims" whether PayTrace has violated its obligations under the Principles as to that individual and whether any such violation remains fully or partially unremedied.
When PayTrace collects personal information from individuals, it will inform the individual of the purpose for which it collects and uses the personal information and the types of non-agent third parties to which PayTrace discloses or may disclose that information. PayTrace shall provide the individual with the choice and means for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to PayTrace, or as soon as practicable thereafter, and in any event before PayTrace uses or discloses personal information for a purpose other than for which it was originally collected.
In instances in which PayTrace is not the controller or collector of the personal information, but only a processor, it has no means of providing individuals with the choice and means for limiting the use and disclosure of their personal information or providing notices when individuals are first asked to provide personal information to PayTrace. In such instances, PayTrace will comply with the instructions of the controller of such information; provide appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and to the extent appropriate, assist the controller in responding to individuals exercising their rights under the Principles.
In those instances in which PayTrace collects personal information from individuals, it will offer individuals the opportunity to choose (opt out) whether their personal information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
In those instances in which PayTrace collects personal information from individuals, prior to disclosing personal information to a third party, PayTrace shall notify the individual of such disclosure and allow the individual the choice to opt out of such disclosure. PayTrace shall ensure that any agent third party for which personal information may be disclosed subscribes to these principles or are subject to law providing the same level of privacy protection as is required by these principles and agree in writing to provide an adequate level of privacy protection.
To effectively process data on behalf of our clients, PayTrace may need to share data with certain third parties or sub-processors. PayTrace will remain liable for subsequent transfers to third parties acting as an agent on its behalf if its agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless PayTrace proves that it is not responsible for the event giving rise to the damage.
PayTrace shall take reasonable steps to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. PayTrace has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration or destruction. PayTrace cannot guarantee the security of information on or transmitted via the Internet.
PayTrace shall only process personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by those who provided the information. To the extent necessary for those purposes, PayTrace shall take reasonable steps to ensure that personal information is accurate, complete, current and reliable for its intended use.
In those instances in which PayTrace collects personal information directly from individuals, PayTrace shall allow those individuals access to their personal information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.