PayWithMyBank privacy policy

Effective date:  10/19/2020

Trustly, Inc.

 

PayWithMyBank

PRIVACY POLICY

 

Trustly, Inc. and its subsidiaries and affiliated entities (collectively, “Trustly”, “we”, “us” or “our”) provide certain services under the name “PayWithMyBank.  We respect your privacy and are committed to protecting it.  This privacy policy (“Privacy Policy”) applies to end users and consumers who use our services, visitors to our website, and representatives of our merchants and other companies who may provide their personal information to us (“consumers” or “end users” or “you”).  This Privacy Policy describes how we protect, collect, use, store, and disclose your information.  Unless indicated otherwise, this Privacy Policy applies to your personal and other information collected through your access to or use of our PayWithMyBank product, web sites, mobile applications, services, and other products or programs (collectively, the “PayWithMyBank Services”).

 

This Privacy Policy is incorporated into and is subject to Trustly’s Terms of Use located at https://www.paywithmybank.com/terms-of-use/ or https://www.trustly.net/us/terms-of-use/ (“Terms of Use”).  Capitalized terms used but not defined in this Privacy Policy have the meaning given to them in the Terms of Use.  By using the PayWithMyBank Services, you agree to the term and conditions of the Terms of Use, this Privacy Policy, and the collection and use of information in accordance with the Terms of Use and this Privacy Policy.

 

1.         YOUR CONSENT TO THIS PRIVACY POLICY

 

                        (a)        Consent.  When using the PayWithMyBank Services or interacting with Trustly, you consent to the collection, transfer, storage, processing, disclosure, and use of your information as described in this Privacy Policy.  

 

If you do not agree to the terms of this Privacy Policy, you should not use the PayWithMyBank Services or access or interact with the PayWithMyBank Services or any other aspect of Trustly’s business.

 

(b)       Updates; Amendments.  At Trustly, your trust is one of our most important assets.  We frequently review our Privacy Policy and will continually work to protect your privacy.  From time to time we will update this Privacy Policy as we adopt new practices and procedures related to your personal and other information.  This web site will always contain the most current version of our Privacy Policy and we encourage you to check it regularly.  If we make any changes to this Privacy Policy, we will revise the “Effective Date” above.  We may also provide notice of changes through a pop-up or banner on our website(s) located at www.paywithmybank.com or www.trustly.net/us.  It is your responsibility to read this Privacy Policy carefully and review any changes that have been made.  Your continued use of the PayWithMyBank Services after a revised Privacy Policy has become effective indicates your consent to the terms of the updated Privacy Policy.

 

            2.         APPLICABILITY OF THIS PRIVACY POLICY

 

This Privacy Policy applies to information you provide to us, or which we obtain about you when you, as an end user, (i) access or use our web sites, mobile or embedded applications, networks or other services; (ii) access or use the PayWithMyBank Services made available to you by a participating merchant (a “participating merchant” (a “Merchant”) is an organization that provides goods or services to you and uses the PayWithMyBank Services to collect information and/or obtain payment from you in connection with the provision of the Merchant’s goods or services to you);  (iii) use third-party web sites, applications, networks, or other services with which you have a relationship and which are linked to or used within the PayWithMyBank Services; or (iv) contact Trustly support.

 

3.         EXCEPTIONS

 

  1. Merchants.  This Privacy Policy does not apply to Merchants accessing the Merchant-related portions of our web sites, applications, networks or the PayWithMyBank Services, but it does apply to representatives of those Merchants.  Please see Section 15 below.  This Privacy Policy does not apply to, and we have no responsibility for, information or data obtained by a Merchant independently of the PayWithMyBank Services, including as a result of your access to or use of a Merchant’s web sites, applications, networks, or other services.  The collection, use and disclosure of your information by a Merchant independently of the PayWithMyBank Services is governed by the legal agreement, if any, between you and such Merchant and we are not responsible for the content or privacy and security practices of such Merchant.  Services or products provided to you by a Merchant are subject to such Merchant’s privacy policy and not this Privacy Policy.

 

(b)       Third Parties.  This Privacy Policy does not apply to any third-party web sites, applications or software that integrate with the PayWithMyBank Services, or any other third-party products, services, or businesses, including Merchants.

 

            4.         INFORMATION WE MAY COLLECT

 

(a)        Information You Provide.  When you use the PayWithMyBank Services, we may ask you for, or give you the opportunity to provide, certain information about you, including, but not limited to, a bank name; a face, fingerprint or other biometric information; a bank login ID, a password, a PIN number, answers to security questions, the location where you opened your bank account or other authentication information (i.e. online banking access credentials); a bank account number and bank routing transit number, a bank account type, other bank account information; and other personal information, such as your name, driver’s license number and the state where issued, and taxpayer identification number.

 

  1. Information We Collect.  When you use or interact with the PayWithMyBank Services made available to you by a Merchant, we may gather or collect from you, the Merchant, your bank, and/or third parties additional information about you to facilitate your use of, and/or enhance, the PayWithMyBank Services, including, but not limited to, your purchase/order or bill amount and reference, your name, physical address, email address, phone number, bank account number, bank routing transit number, bank account balance, bank transactions, and other personal, risk or device information.  While you access or use the PayWithMyBank Services, we may use a variety of technologies that collect information about you or how you access or use the PayWithMyBank Services, including data that may indirectly identify you (such as your browser or application’s cookies, fingerprints, geo-location data, and your internet protocol (“IP”) or media access control (“MAC”) address), and data that may not identify you (such as user agent (client software) data, network connection type and provider, language, time zone, and connection speed).  Please see the section below on Browsing and Cookies for additional information we may collect through the use of technologies.  We may also collect behavioral information regarding your use of the PayWithMyBank Services, including the Merchants with which you use the PayWithMyBank Services and when, where, how often, etc. you use the PayWithMyBank Services, as well as your clicks, keyboard, voice, image, video and other device interactions while using the PayWithMyBank Services.

 

(c)        Information We Share.  We share information you provide to us (except your online banking access credentials or we collect about you with Merchants to support their provision of goods or services to you.  In addition, we partner with third-party service providers to deliver portions of the PayWithMyBank Services, and share information you have provided to us or we collect about you with such partners on an as-needed basis, as set forth in this Privacy Policy.

 

5.         HOW WE USE YOUR INFORMATION

 

(a)        To Provide the PayWithMyBank Services to You.  We use the information that we collect to provide the PayWithMyBank Services to you, including to facilitate and process transactions between you and our Merchants on your and the Merchants’ behalf.  For example, while you are accessing or interacting with the PayWithMyBank Services, we may use your information to fulfill your inquiries; to generate, process and otherwise manage your transactions; to administer any problems that may arise in effecting the transactions; to better understand and manage our ongoing relationship with you; to assure good service to you; to prevent fraud and abuse; to verify your identity; to manage risk; to monitor and analyze use and trends; to provide and improve the PayWithMyBank Services; to protect the rights, property or safety of the PayWithMyBank Services or any other person; to enforce the terms of this Privacy Policy, our Terms of Use and other terms to which you have agreed; and to communicate with you in support the preceding situations, if needed. 

 

                        (b)       To Enhance Your Experience.  We may use your information to provide a more tailored or seamless experience while using the PayWithMyBank Services.  For example, if you use the PayWithMyBank Services for ongoing and repeated transactions, we may use your information to make such transactions more seamless by automating such transactions or completing some of the required information for you.  We may also use the information we collect to verify accounts and activity, combat harmful conduct and fraud, maintain the integrity of the PayWithMyBank Services, and promote safety and security.  We may use your information to communicate with you regarding your use of the PayWithMyBank Services and to provide disclosures and other information which we deem advisable or which we, or our third party service providers, are required to provide to you pursuant to applicable law.

 

  1. To Manage the PayWithMyBank Services and Business.  Trustly will not store or share with any third party (other than the bank to which such credentials relate) your online banking access passwords, including alphanumeric passwords, PIN numbers, security questions and answers, or any other confidential information that you must provide to be granted access to your online banking account (“Online Banking Access Credentials”).  Trustly may however store and use other personal information we consider necessary to provide the PayWithMyBank Services (including, but not limited to, information verification, information transmission and payment services), to comply with applicable laws or regulations, and to meet our obligations to you, our Merchants, business partners, and others.  We may also store and use such information to conduct, manage, and administer our business and operations and our ongoing relationship with you.  As permitted by applicable law, Trustly may merge your personal information with information from others who use the PayWithMyBank Services and/or with information received from reputable vendors in order to enhance the PayWithMyBank Services and our Merchants’ services (including, but not limited to, information verification, information transmission and payment services).  We may use your information, such as location-related data, to ensure the availability of the PayWithMyBank Services to you in compliance with applicable law.  Trustly may use the information we collect about you to develop, test, and improve the PayWithMyBank Services or to provide additional features and services to you.  Trustly will retain your information for as long as necessary to fulfill the purposes contemplated in this Privacy Policy or as required by applicable law.

 

  1. Non-Personal or De-Identified Information.  We may create non-personal, de-identified records or data from the information we collect by excluding the information that makes the data identifiable to you, such as your name or address (“Anonymized Data”).  Any Anonymized Data we create is our property.  This Anonymized Data may be used in many ways.  For example, we may build non-personally-identifiable statistical profiles, databases, and analyses  regarding the PayWithMyBank Services as well as transaction trends, habits, and usage patterns.  We may create reports and analytics to assist our, and our Merchants’, understanding of the PayWithMyBank Services, enhance the PayWithMyBank Services and our Merchants’ services, or improve our security.  We may use the Anonymized Data for business purposes and for various reporting obligations.  Trustly reserves the right to use the Anonymized Data, and to disclose the Anonymized Data to third parties, in Trustly’s sole and absolute discretion, as permitted by applicable law.  We will not “re-identify” any Anonymized Data.

 

6.         HOW WE MAY SHARE INFORMATION

 

Except for your Online Banking Access Credentials, which we never store in central databases or share with any third party other than your bank, we may share, as permitted by law, some or all of your personal information as set forth below:

 

(a)        Merchants, Banks, and Service Providers.  We may share your personal information with Merchants, banks, service providers, agents, and/or affiliates for the purposes of effecting, processing, administering, or delivering the PayWithMyBank Services or transactions initated by you.  For example, you may access or use the PayWithMyBank Services via or through the web site, network, embeddable or mobile applications, SMS, instant message or other notifications or other services of a Merchant or other third party service provider with whom you have an existing relationship to obtain or receive goods and services these parties provide to, or perform for, you in connection with that relationship.  We may share your personal information with such Merchants and other third party service providers in connection with the goods or services to be provided to, or performed for you, by these Merchants or other third party service providers.  The personal information which we may access and/or share includes, but is not limited to, your bank name, bank account name, numbers and associated information (such as whether your bank account is in good standing, your bank balance, and your bank transactions), information required to verify your identity and that you are the holder of the applicable bank account (such as your name, address, driver’s license number, or taxpayer identification number), and information required to authenticate that you have all necessary rights and authority to use such bank account.  The Merchants, banks, service providers, agents, and affiliates with whom we may share such information include, but are not limited to, those with whom you have an existing relationship and who utilize the PayWithMyBank Services and those with whom we have a relationship to enable us to deliver the PayWithMyBank Services to you. 

 

(b)       Consumer Reporting and Collection Agencies.  We may share your personal information with those Merchants and other third party service providers who are consumer reporting agencies so that they may manage their risks, prevent fraud, perform the activities of a consumer reporting agency under the Fair Credit Reporting Act and otherwise as may be allowed by applicable law.  If you authorize a payment to a Merchant via the PayWithMyBank Services which is returned by your bank, we, or our Merchants and other third party service providers, may use such information, or share your information with collection agencies and others, as necessary to collect the funds from you. 

 

(c)        Service Providers.  Trustly and Merchants may engage consumer reporting agencies, collection agencies, and other service providers, to perform functions and provide services to enable or enrich the PayWithMyBank Services as well as other services and businesses related to, or working in conjunction with, the PayWithMyBank Services.  We also use a variety of service providers to help us provide the PayWithMyBank Services and to understand and improve the use of the PayWithMyBank Services.  We may share your personal information with such service providers, including but not limited to consumer reporting agencies and collection agiences.  Such service providers may use, store, and share your information to conduct, manage, or administer their business, including, without limitation, enforcing payment of transactions, performing risk analysis, and preventing fraud, all in compliance with applicable law and this Privacy Policy.  We may also share your personal information with our service providers to improve your user experience; to perform business support functions on our behalf; and to manage risk and prevent fraud. 

 

(d)       Legal Requirements; Other.  We may preserve or disclose your information as necessary or advisable to comply with applicable laws and regulations, legal processes and investigations, or governmental requests; to protect the safety of any person; to address fraud, security, or technical issues; or to protect your or others’ rights or property.  Disclosures of your information may be made to law enforcement or governmental regulators as part of a criminal or government investigation.  We may also disclose your information in response to a court order or subpoena.  If Trustly is involved in any merger, acquisition or sale of all or substantially all of its assets or business, or bankruptcy, your information may be transferred, sold, or disclosed as part of that transaction.  We may disclose your information to our corporate affiliates, including corporate affiliates located outside the United States, in order to help provide, understand, or improve our and our affiliates’ products and services.  In addition, we may share your personal information as directed by you with your express consent.

 

(e)        Restrictions.  Our agreements with Merchants, banks, service providers, agents, and/or affiliates contain confidentiality provisions, appropriate data safeguarding obligations and restrictions on use of your information for any purpose other than as provided in this Privacy Policy.  While Trustly may share your personal information in connection with providing the PayWithMyBank Services, we will never sell your personal information.  Use of your personal information for marketing by Trustly and/or our agents or service providers will always be with your express consent and in compliance with applicable laws regarding consent for such use.  If you ever opt in to receive marketing communications from us, and/or our agents or service providers, you may at any time opt out of receiving such marketing communications from us and/or our agents or service providers by contacting us at: privacy@paywithmybank.com.

 

By accepting this Privacy Policy, you expressly authorize Trustly to use and share with other affiliates of Trustly, as well as certain trusted business partners and service providers,  the information provided by you to Trustly and collected by Trustly about you.  You acknowledge and agree to the importance of sharing such information for the provision of the PayWithMyBank Services to you. This consent is given for the duration of your relationship with Trustly.

 

7.         OPT-OUT; ACCESSING OR AMENDING YOUR INFORMATION

 

Trustly is committed to ensuring that the information we obtain from you is obtained with your consent and that it is only used for its intended purpose as set forth in this Privacy Policy and the Terms of Use. 

 

(a)        Opt-Out.  Trustly will not use or share your personal information in ways or for purposes that are incompatible or inconsistent with those described in this Privacy Policy and the Terms of Use without first informing you and providing you a choice.  You may opt-out of certain sharing of personal information, including information you may have previously authorized or consented to be shared as described in this Privacy Policy by contacting us at privacy@paywithmybank.com.  Separately, to the extent that applicable law requires express consent or “opt-in” for the collection and use of personal information, Trustly will maintain processes and procedures to ensure such information is collected with your express consent.  Your physical address, email address, and phone number will not be used to market Trustly products or services, including the PayWithMyBank Services, unless that use has been disclosed and a choice provided to you. 

 

(b)       Decline to Share.  You may, of course, decline to share certain personal information with us.  However, please be aware that if you decline to share your personal information with us, it may be impossible for us to provide some of the features and functionality of the PayWithMyBank Services to you.  For example, if you decline to share your Online Banking Access Credentials with us, we may not be able to facilitate a Bank account verification or a Bank payment from you to a Merchant via the PayWithMyBank Services.  

 

(c)        Accessing; Amending Your Information.  If you wish to access or amend any personal information we have about you, or to request that we delete any information about you that we have, you may contact us at privacy@paywithmybank.com or via our user data permission management portal at https://paywithmybank.com/user-portal/.  Please note that while any changes you make will be reflected in Trustly’s active user databases within a reasonable period of time, we may be obligated to retain some or all information we have collected from or about you to satisfy our legal obligations, comply with applicable laws, regulations and regulatory requirements, prevent fraud and abuse,  perform analytics or standard archiving, or where we otherwise reasonably believe that we have a legitimate reason to do so. 

 

8.         DATA SECURITY

 

(a)        Data Protection and Security.  Trustly utilizes technical and organizational security measures, including physical, electronic, and procedural security measures, to protect against loss, destruction, unauthorized access or processing, misuse and alteration of information under our control.  Trustly employs reasonable practices and security measures to safeguard and secure the personal information we collect, and our data center is compliant with certain standards such as  SSAE-18, SOC1/SOC2 promulgated by the American Institute of Certified Public Accountants.

 

(b)       Encryption; Access.  When you provide sensitive information to us via the PayWithMyBank Services, we will encrypt that information.  We also encrypt all personal information when stored in our databases and during transmission.  Access to personal information is restricted to employees, Merchants, banks, service providers, agents, and affiliates who need to have access to that information as contemplated in this Privacy Policy.  Trustly requires such third parties to observe standards similar to ours with respect to the security, collection, use, and sharing of personal information, and to comply with applicable laws, regulations, and regulatory requirements.

 

(c)        Notifications; Communications  Despite our efforts, we cannot guarantee that personal information may not be accessed, disclosed, altered, or destroyed by breach of our administrative, managerial, and/or technical safeguards.  If Trustly learns of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps.  By using the PayWithMyBank Services, you agree that we may communicate with you electronically or via Merchant communication (such as email notifications) for this purpose.  Trustly may post a notice on our web site or within the PayWithMyBank Services if a security breach may occur or has occurred.  Depending on where you live, you may have a legal right to receive notice of a security breach in writing.  To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice of a security breach) you should notify us at privacy@paywithmybank.com.

 

            9.         PREVENTING IDENTITY THEFT

 

            We will never initiate a request for personal information from you by phone, email, or website, except (i) in response to communications initiated by you, or (ii) to attend to a quality of service issue, acting as an authorized agent of the Merchant with which you used the PayWithMyBank Services. Please do not send confidential, personal information such as Social Security number, government identification numbers, online banking access credentials, or bank account numbers to Trustly without first specifically confirming that you are sending such information to Trustly (and not to an unauthorized third party) and unless agreed between you and Trustly.  The agreement should include method of transmission, such as registered mail, secure or encrypted email, or some similar secure method of communication.  Do not be misled by emails or other communication that appear to be from us and request personal information.  If you receive any suspicious email requesting your personal information, please immediately forward the email to: privacy@paywithmybank.com.

 

10.       BROWSING AND COOKIES

 

When you browse our web sites, applications, or access or use the PayWithMyBank Services, we automatically collect certain technical information about your visit.  Examples of this information include: which type of Internet browser you use, your IP address, browser headers, operating system, screen resolution, the clicks you make, the pages you browse, and the domain name and country from which you request information.  We use this type of technical information to improve the Trustly web sites or applications and the PayWithMyBank Services.  As part of our efforts to protect end users from fraud, this information is also used to assist in authenticating who you are when you access our web sites, applications or use the PayWithMyBank Services.  Some of our web or mobile pages and applications may use “cookies,” fingerprints, or data that is sent to your web or mobile browser or application and stored on your device.  The purpose of these “cookies” is to allow our, or a third party, server to recognize you as an end user returning to our web sites, applications or the PayWithMyBank Services using the same device and browser.  In the event you do not wish to receive such cookies, you may configure your web browser to not accept cookies or to notify you if a cookie is sent to you.  If you choose to decline cookies you may not be able to use all the features and functionalities of our web sites, applications and the PayWithMyBank Services. 

 

11.       DO NOT TRACK

 

Do Not Track (“DNT”) is a privacy preference that you can set in your web browser.  When you use the DNT signal, the browser sends a message to web site operators requesting them not to track your web site navigation activities.  Trustly does not track you over time or across third party web sites to provide targeted advertising and does not respond to Do Not Track (DNT) signals.  For more information about DNT, visit https://allaboutdnt.com.

 

12.       PRIVACY PRACTICES OF THIRD PARTIES

 

Trustly is not responsible for the content or information practices employed by third parties or other web sites that are linked to or from the Trustly web sites, applications or the PayWithMyBank Services.  In most cases where links are provided, they are provided as pointers to information about services that may be useful to you.  You are encouraged to review the privacy statements of these other web sites before providing them with your personal information.  The use of cookies by our Merchants, banks, service providers, agents, and other affiliates is not covered by our Privacy Policy.  We do not have access to or control over these cookies or any information gathered or collected by them.  Our Merchants, banks, service providers, agents and other affiliates may use session ID cookies to make it easier for you to navigate our web sites, applications or the PayWithMyBank Services.

 

13.       USE BY CHILDREN

 

The PayWithMyBank Services are not directed to children under the age of 18 and we do not knowingly collect personal information from children under the age of 18 without parental consent. If you are under 18 years of age, then please do not access or use the PayWithMyBank Services at any time or in any manner.  If we learn that personal information has been collected on the PayWithMyBank Services from persons under the age of 18 and without verifiable parental consent, then we will take the appropriate steps to delete this information.  If you are a parent or guardian and discover that your child under 18 years of age has accessed or used the PayWithMyBank Services, then please alert us at privacy@paywithmybank.com so that we may delete that child’s personal information from our systems.

 

            14.       RIGHTS OF CALIFORNIA CONSUMERS

 

Beginning January 1, 2020, California consumers have certain rights under the California Consumer Privacy Act of 2018 (“CCPA”).   Please see the Privacy Notice for California Residents.

 

15.       MERCHANT REPRESENTATIVES

 

If you are a representative of one of our Merchants or another company entering an agreement with us, you may provide us with information about you.  Please see the Privacy Notice for Company Representatives.

 

16.       TRUSTLY GROUP; SHARING INFORMATION OUTSIDE THE UNITED STATES.

 

(a)        Trustly Group.  Trustly is part of the Trustly Group.  The Trustly Group includes companies in Europe and other parts of the world.  Certain of the PayWithMyBank Services may be provided by another company in the Trustly Group under the laws of the jurisdiction in which such company operates and subject to the terms of use, terms and conditions, and/or privacy policy of such company (collectively, “Other Terms”).  The protection of your personal information under the laws of another country or under any Other Terms may be different from that provided in these Terms of Use and Privacy Policy.  

 

(b)       Sharing Information Outside the United States.  Trustly may share your personal information with other companies in the Trustly Group located outside the United States to provide the PayWithMyBank Services or to fulfill the purpose for which such personal information was collected.  We may share this information based on our legitimate interest in sharing data within the Trustly Group for commercial, compliance, and organizational reasons.  Your personal information may also be shared with Merchants and/or other third parties located outside the United States.  If your personal information is shared with, transferred to, or processed by a Merchant, another company in the Trustly Group, or a third party, outside the United States, we will take all reasonable measures to ensure that your personal information is shared, transferred, and/or processed with a high level of security and in accordance with the requirements of applicable law.  However, please note that applicable law in other countries may not offer the same level of protection for personal information as the United States. 

 

17.       HOW TO CONTACT US

 

Should you have further questions regarding this Privacy Policy or how your personal information is used, please contact us via e-mail at privacy@paywithmybank.com or by mail at:

 

Trustly, Inc.

555 El Camino Real, Suite 200

San Carlos, California 94070.