Trustly privacy policy

Effective date:  07-04-2021

 

Trustly, Inc.

 

Trustly

PRIVACY POLICY

 

Trustly, Inc. and its subsidiaries and affiliated entities (collectively, “Trustly”, “we”, “us” or “our”) provide certain online banking payment solutions.  Trustly, Inc. is a subsidiary of Trustly Holding AB, a Swedish limited liability company. 

 

We respect your privacy and are committed to protecting it.  This privacy policy (“Privacy Policy”) applies to end users and consumers who use our services, visitors to our website, and representatives of our merchants and other companies who may provide their personal information to us (“consumers” or “end users” or “you”).  This Privacy Policy describes how we protect, collect, use, store, and disclose your information.  Unless indicated otherwise, this Privacy Policy applies to your personal information collected through your access to or use of our products, web sites, mobile applications, services, and other products or programs (collectively, the “Trustly Services”).

 

This Privacy Policy is incorporated into and is subject to Trustly’s Terms of Use located at https://www.trustly.net/us/terms-of-use/ (“Terms of Use”).  Capitalized terms used but not defined in this Privacy Policy have the meaning given to them in the Terms of Use.  By using the Trustly Services, you agree to the term and conditions of the Terms of Use, this Privacy Policy, and the collection and use of information in accordance with the Terms of Use and this Privacy Policy.

 

About Trustly:  We enter agreements with merchants and other types of businesses who provide goods or services to end users and consumers online.  We refer to these businesses as “Merchants”.  These Merchants use the Trustly Services to collect information and/or obtain payment from you in connection with goods and services you have purchased from the Merchant.  We provide an easy way for you to connect to your bank and other financial accounts to make payments to these Merchants for the goods and services you purchased and to provide information to these Merchants so that they may provide the services you requested from them. 

 

1.         YOUR CONSENT TO THIS PRIVACY POLICY

 

                        (a)        Consent.  When using the Trustly Services or interacting with Trustly, you consent to the collection, transfer, storage, processing, disclosure, and use of your information as described in this Privacy Policy.  The type of information about you that is collected, stored, processed, disclosed, and used depends upon the type of Trustly Services with which you interact and the type of goods and services the Merchant is providing to you.  Some Trustly Services depend entirely upon information about you which you provide to us while others depend upon information about you which is collected, with your consent, by the Trustly Services.

 

If you do not agree to the terms of this Privacy Policy, you should not use the Trustly Services or access or interact with the Trustly Services or any other aspect of Trustly’s business.

 

(b)       Updates; Amendments.  At Trustly, your trust is one of our most important assets.  We frequently review our Privacy Policy and will continually work to protect your privacy.  From time to time we will update this Privacy Policy as we adopt new practices and procedures related to your personal information.  This web site will always contain the most current version of our Privacy Policy and we encourage you to check it regularly.  If we make any changes to this Privacy Policy, we will revise the “Effective Date” above.  We may also provide notice of changes through a pop-up or banner on our website(s) located at www.trustly.net/us.  It is your responsibility to read this Privacy Policy carefully and review any changes that have been made.  Your continued use of the Trustly Services after a revised Privacy Policy has become effective indicates your consent to the terms of the updated Privacy Policy.

 

            2.         APPLICABILITY OF THIS PRIVACY POLICY

 

This Privacy Policy applies to information you provide to us, or which we obtain about you when you, (i) access or use our web sites, mobile or embedded applications, networks or other services; (ii) access or use the Trustly Services made available to you by a Merchant; (iii) use third-party web sites, applications, networks, or other services, such as a Merchant or a Merchant’s services, with which you have a relationship and which are linked to or used within the Trustly Services; or (iv) contact Trustly support.

 

3.         EXCEPTIONS

 

  1. Merchants.  This Privacy Policy does not apply to Merchants accessing the Merchant-related portions of our web sites, applications, networks or the Trustly Services, but it does apply to representatives of those Merchants.  Please see Section 15 below.  This Privacy Policy does not apply to, and we have no responsibility for, information or data obtained by a Merchant independently of the Trustly Services, including as a result of your access to or use of a Merchant’s web sites, applications, networks, or other services.  The collection, use and disclosure of your information by a Merchant independently of the Trustly Services is governed by the legal agreement, if any, between you and such Merchant and we are not responsible for the content or privacy and security practices of such Merchant.  Services or products provided to you by a Merchant are subject to such Merchant’s privacy policy and not this Privacy Policy.

 

(b)       Third Parties.  This Privacy Policy does not apply to any third-party web sites, applications or software that integrate with the Trustly Services, or any other third-party products, services, or businesses, including Merchants.

 

            4.         INFORMATION WE MAY COLLECT

 

(a)        Information You Provide.  When you use the Trustly Services, we may ask you for, or give you the opportunity to provide, certain information about you, including, but not limited to, your name, a bank name; a face, fingerprint or other biometric information; a bank login ID, a password, a PIN number, answers to security questions, the location where you opened your bank account or other authentication information (i.e. online banking access credentials); a bank account number/IBAN and bank routing transit number, a bank account type, other bank account information; and other personal information, such as your name, driver’s license number and the state where issued, passport information, and taxpayer identification number.  The type of information requested from you or provided by you depends upon the Trustly Services that you use and the type of goods and services the Merchant is providing to you.   

 

  1. Information We Collect Automatically.  When you use or interact with the Trustly Services made available to you by a Merchant, we may gather or collect from you, the Merchant, your bank, and/or third parties additional information about you to facilitate your use of, and/or enhance, the Trustly Services, including, but not limited to, your purchase/order or bill amount and reference, your name, physical address, email address, phone number, bank account number, bank routing transit number, bank account balance, bank transactions, and other personal, risk or technical information such as an end-user ID, and “Order Identifying Information” (such as order ID number, message ID, notification ID and the time when the transaction was made).  While you access or use the Trustly Services, we may use a variety of technologies that collect information about you or how you access or use the Trustly Services (“Device Information”), including data that may indirectly identify you (such as your browser or application’s cookies, fingerprints, geo-location data, and your internet protocol (“IP”) or media access control (“MAC”) address), and data that may not identify you (such as user agent (client software) data, network connection type and provider, language, time zone, and connection speed).  Please see the section below on Browsing and Cookies for additional information we may collect through the use of technologies.  We may also collect behavioral information regarding your use of the Trustly Services, including the Merchants with which you use the Trustly Services and when, where, how often, etc. you use the Trustly Services, as well as your clicks, keyboard, voice, image, video and other device interactions while using the Trustly Services.

 

5.         HOW WE USE YOUR INFORMATION

 

(a)        To Provide the Trustly Services to You.  We use the information that we collect to provide the Trustly Services to you, including to facilitate and process transactions between you and our Merchants on your and the Merchants’ behalf.  For example, while you are accessing or interacting with the Trustly Services, we may use your information to fulfill your inquiries; to generate, process and otherwise manage your transactions; to administer any problems that may arise in effecting the transactions; to better understand and manage our ongoing relationship with you; to assure good service to you; to prevent fraud and abuse; to verify your identity; to manage risk; to monitor and analyze use and trends; to provide and improve the Trustly Services; to protect the rights, property or safety of the Trustly Services or any other person; to enforce the terms of this Privacy Policy, our Terms of Use and other terms to which you have agreed; and to communicate with you in support the preceding situations, if needed.  If you choose to provide us with biometric information (such as a faceprint or fingerprint), we use that information solely to process your transaction by matching up this information with the same types of information collected by your bank in order to authenticate your account.  We delete your biometric information once your transaction has been processed. 

 

                        (b)       To Enhance Your Experience.  We may use your information to provide a more tailored or seamless experience while using the Trustly Services.  For example, if you use the Trustly Services for ongoing and repeated transactions, we may use your information to make such transactions more seamless by automating such transactions or completing some of the required information for you.  We may also use the information we collect to verify accounts and activity, combat harmful conduct and fraud, maintain the integrity of the Trustly Services, and promote safety and security.  We may use your information to communicate with you regarding your use of the Trustly Services, to answer your questions, obtain your feedback, and to provide disclosures and other information which we deem advisable or which we, or our service providers, are required to provide to you pursuant to applicable law.

 

  1. To Manage the Trustly Services and Business.  Trustly will not store or share with any third party (other than the bank to which such credentials relate) your online banking access passwords, including alphanumeric passwords, PIN numbers, security questions and answers, or any other confidential information that you must provide to be granted access to your online banking account (“Online Banking Access Credentials”).  Trustly may however store and use other personal information we consider necessary to provide the Trustly Services (including, but not limited to, information verification, information transmission and payment services), to comply with applicable laws or regulations, and to meet our obligations to you, our Merchants, business partners, and others.  We may also store and use such information to conduct, manage, and administer our business and operations and our ongoing relationship with you.  As permitted by applicable law, Trustly may merge your personal information with information from others who use the Trustly Services and/or with information received from reputable vendors in order to enhance the Trustly Services and our Merchants’ services (including, but not limited to, information verification, information transmission and payment services).  We may use your information, such as location-related data, to ensure the availability of the Trustly Services to you in compliance with applicable law.  Trustly may use the information we collect about you to develop, test, and improve the Trustly Services or to provide additional features and services to a Merchant or to you.  Trustly will retain your information for as long as necessary to fulfill the purposes contemplated in this Privacy Policy or as required by applicable law.

 

  1. Non-Personal or De-Identified Information.  We may create non-personal, de-identified records or data from the information we collect by excluding the information that makes the data identifiable to you, such as your name or address (“Anonymized Data”).  Any Anonymized Data we create is our property.  This Anonymized Data may be used for any purpose.  For example, we may build non-personally-identifiable statistical profiles, databases, and analyses  regarding the Trustly Services as well as transaction trends, habits, and usage patterns.  We may create reports and analytics to assist our, and our Merchants’, understanding of the Trustly Services, enhance the Trustly Services and our Merchants’ services, or improve our security.  We may use the Anonymized Data for business purposes and for various reporting obligations.  Trustly reserves the right to use the Anonymized Data, and to disclose the Anonymized Data to Merchants and other third parties, in Trustly’s sole and absolute discretion, as permitted by applicable law.  We will not “re-identify” any Anonymized Data.

 

6.         HOW WE MAY SHARE INFORMATION

 

Except for your Online Banking Access Credentials, which we never store in central databases or share with any third party other than your bank, we may share, as permitted by law, some or all of your personal information with Merchants, banks, service providers, agents, and/or affiliates, including other subsidiaries of Trustly Holding AB, for the purposes of effecting, processing, administering, or delivering the Trustly Services or transactions initated by you and to enable us and our Merchants to better understand your use of the Trustly Services.

 

(a)        Merchants and Banks.  You may access or use the Trustly Services via or through the web site, network, embeddable or mobile applications, SMS, instant message or other notifications or other services of a Merchant or other service provider with whom you have an existing relationship to obtain or receive goods and services these parties provide to, or perform for, you in connection with that relationship.  We may share your personal information with such Merchants, and also with banks and other service providers, in connection with the goods or services to be provided to, or performed for you, by these Merchants or other service providers.  The personal information which we may share includes, but is not limited to, your bank name, bank account name, numbers and associated information (such as whether your bank account is in good standing, your bank balance, and your bank transactions), information required to verify your identity and that you are the holder of the applicable bank account (such as your name, address, driver’s license number, or taxpayer identification number), and information required to authenticate that you have all necessary rights and authority to use such bank account.  The Merchants, banks, service providers, agents, and affiliates with whom we may share such information include, but are not limited to, those with whom you have an existing relationship and who utilize the Trustly Services and those with whom we have a relationship to enable us to deliver the Trustly Services to you.  We may also share your information with Merchants to enable Merchants to better understand your use of the Trustly Services.

 

(b)       Consumer Reporting and Collection Agencies.  If you use our payment processing services, we may share your personal information with those Merchants and other service providers who are consumer reporting agencies or collection agencies so that they may manage their risks, prevent fraud, perform the activities of a consumer reporting agency under the Fair Credit Reporting Act and otherwise as may be allowed by applicable law.  If you authorize a payment to a Merchant via the Trustly Services which is returned by your bank, we, or our Merchants and other service providers, may use such information, or share your information with collection agencies and others, as necessary to collect the funds from you.  Trustly and Merchants may also engage consumer reporting agencies, collection agencies, and other service providers, to perform functions and provide services to enable or enrich the Trustly Services as well as other services and businesses related to, or working in conjunction with, the Trustly Services.    

 

(c)        Affiliated Companies.  We may share your personal information with companies that are also subsidiaries of our parent company, Trustly Holding AB, to provide the Trustly Services and customer support to you, to manage and maintain the Trustly Services, and to understand and improve the Trustly Services. 

 

(d)       Service Providers.  We also use a variety of service providers to help us provide the Trustly Services, including providing customer support to you, and to understand and improve the use of the Trustly Services.  We may share your personal information with such service providers.  Such service providers may use, store, and share your information to conduct, manage, or administer their business, including, without limitation, enforcing payment of transactions, performing risk analysis, and preventing fraud, all in compliance with applicable law and this Privacy Policy.  We may also share your personal information with our service providers to improve your user experience (including providing customer support to you); to perform business support functions on our behalf; and to manage risk and prevent fraud. 

 

(e)        Legal Requirements; Other.  We may preserve or disclose your information as necessary or advisable to comply with applicable laws and regulations, legal processes and investigations, or governmental requests; to protect the safety of any person; to address fraud, security, or technical issues; or to protect your or others’ rights or property.  Disclosures of your information may be made to law enforcement or governmental regulators as part of a criminal or government investigation.  We may also disclose your information in response to a court order or subpoena.  If Trustly is involved in any merger, acquisition or sale of all or substantially all of its assets or business, or bankruptcy, your information may be transferred, sold, or disclosed as part of that transaction.  We may disclose your information to our corporate affiliates, including corporate affiliates located outside the United States, in order to help provide, understand, or improve our and our affiliates’ products and services.  In addition, we may share your personal information as directed by you with your express consent.

 

(f)        Restrictions.  Our agreements with Merchants, banks, service providers, agents, and/or affiliates contain confidentiality provisions, appropriate data safeguarding obligations and restrictions on use of your information for any purpose other than as provided in this Privacy Policy.  While Trustly may share your personal information with Merchants, banks, and others in connection with providing the Trustly Services to you and understanding how you use the Trustly Services, we are not in the business of selling your personal information to third parties. 

 

By accepting this Privacy Policy, you expressly authorize Trustly to use and share with other affiliates of Trustly, as well as certain trusted business partners and service providers, the information provided by you to Trustly and collected by Trustly about you.  You acknowledge and agree to the importance of sharing such information for the provision of the Trustly Services to you.  This consent is given for the duration of your relationship with Trustly.

 

7.         OPT-OUT; ACCESSING OR AMENDING YOUR INFORMATION

 

Trustly is committed to ensuring that the information we obtain from you is obtained with your consent and that it is only used for its intended purpose as set forth in this Privacy Policy and the Terms of Use. 

 

(a)        Opt-Out.  Trustly will not use or share your personal information in ways or for purposes that are incompatible or inconsistent with those described in this Privacy Policy and the Terms of Use without first informing you and providing you a choice.  You may opt-out of certain sharing of personal information, including information you may have previously authorized or consented to be shared as described in this Privacy Policy by contacting us at amer-privacy@trustly.com or via our consumer portal. Separately, to the extent that applicable law requires express consent or “opt-in” for the collection and use of personal information, Trustly will maintain processes and procedures to ensure such information is collected with your express consent.  Trustly may communicate with you regarding your use of the Trustly Services, but you will always have the right to opt out of receiving these communications as set forth in Section 8 below. 

 

(b)       Decline to Share.  You may, of course, decline to share certain personal information with us.  However, please be aware that if you decline to share your personal information with us, it may be impossible for us to provide some of the features and functionality of the Trustly Services to you.  For example, if you decline to share your Online Banking Access Credentials with us, we may not be able to facilitate a bank account verification or a bank payment from you to a Merchant via the Trustly Services.  

 

(c)        Accessing; Amending Your Information.  If you wish to access or amend any personal information we have about you, or to request that we delete any information about you that we have, you may contact us a amer-privacy@trustly.com  or via our consumer portal.  Please note that while any changes you make will be reflected in Trustly’s active user databases within a reasonable period of time, we may be obligated to retain some or all information we have collected from or about you to satisfy our legal obligations, comply with applicable laws, regulations and regulatory requirements, prevent fraud and abuse,complete a transaction with you, perform analytics or standard archiving, or where we otherwise reasonably believe that we have a legitimate reason to do so. 

 

8.         MARKETING EMAIL COMMUNICATIONS

 

You may unsubscribe from our marketing communications by clicking the “unsubscribe” link found in every commercial email we send, or by sending us a request to unsubscribe at amer-privacy@trustly.com.  If you opt-out of receiving marketing email communications, we may still send you email messages related to your account with us or your use of the Trustly Services.  Unsubscribing yourself from our marketing communications will not affect the quality of service we provide you.

 

9.         TEXT/SMS MESSAGING

 

You have the choice to opt-in to receiving text messages and alerts on the mobile phone number(s) you have shared with us.  Once you have opted-in, we may send you text messages (i) regarding your use of the Trustly Services, or, if applicable, your account with us; (ii) to investigate or prevent fraud; and (iii) to alert you in the event of an emergency. We may send these text messages and alerts using autodialed technology. We will not contact you via text messages or alerts for marketing purposes without your prior express written consent.  You do not have to opt-in to text messages and alerts to use and enjoy our websites and services.  If you opt-in, standard text messaging charges may apply.  For more information regarding our text messaging and alerts, please contact us at amer-privacy@trustly.com.

 

You may choose to opt-out from our text messages and alerts at any time using any reasonable means.  To directly opt-out, send us a text message from your mobile phone with the word STOP, STOP ALL, END, QUIT, CANCEL or UNSUBSCRIBE, and we will unsubscribe you from text communications.  Once you opt-out, you will not receive any additional text messages via your mobile phone.  Please keep in mind that if you opt-out of receiving text messages and alerts we may not be able to contact you with important messages regarding your account.  However, if there is an emergency or account question, we will make every attempt to contact you in other ways, such as by email or on a landline phone.

 

10.       DATA SECURITY

 

(a)        Data Protection and Security.  Trustly utilizes technical and organizational security measures, including physical, electronic, and procedural security measures, to protect against loss, destruction, unauthorized access or processing, misuse and alteration of information under our control.  Trustly employs reasonable practices and security measures to safeguard and secure the personal information we collect, and our data center is compliant with certain standards such as  SSAE-18, SOC1/SOC2 promulgated by the American Institute of Certified Public Accountants.

 

(b)       Encryption; Access.  When you provide sensitive information to us via the Trustly Services, we will encrypt that information.  We also encrypt all personal information when stored in our databases and during transmission.  Access to personal information is restricted to employees, Merchants, banks, service providers, agents, and affiliates who need to have access to that information as contemplated in this Privacy Policy.  Trustly requires such third parties to observe standards equivalent to ours with respect to the security, collection, use, and sharing of personal information, and to comply with applicable laws, regulations, and regulatory requirements.

 

(c)        Notifications; Communications.  Despite our efforts, we cannot guarantee that personal information may not be accessed, disclosed, altered, or destroyed by breach of our administrative, managerial, and/or technical safeguards.  If Trustly learns of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps.  By using the Trustly Services, you agree that we may communicate with you electronically or via Merchant communication (such as email notifications) for this purpose.  Trustly may post a notice on our web site or within the Trustly Services if a security breach may occur or has occurred.  Depending on where you live, you may have a legal right to receive notice of a security breach in writing.  

 

            11.       PREVENTING IDENTITY THEFT

 

            Please do not send confidential, personal information such as Social Security number, government identification numbers, online banking access credentials, or bank account numbers to Trustly without first specifically confirming that you are sending such information to Trustly (and not to an unauthorized third party) and unless agreed between you and Trustly.  The agreement should include method of transmission, such as registered mail, secure or encrypted email, or some similar secure method of communication.  Do not be misled by emails or other communication that appear to be from us and request personal information.  If you receive any suspicious email requesting your personal information, please immediately forward the email to: amer-privacy@trustly.com.

 

12.       BROWSING AND COOKIES

 

When you browse our web sites, applications, or access or use the Trustly Services, we automatically collect certain technical information about your visit.  Examples of this information include: which type of Internet browser you use, your IP address, browser headers, operating system, screen resolution, the clicks you make, the pages you browse, and the domain name and country from which you request information.  We use this type of technical information to improve the Trustly web sites or applications and the Trustly Services.  As part of our efforts to protect end users from fraud, this information is also used to assist in authenticating who you are when you access our web sites, applications or use the Trustly Services.  We and our service providers also use this type of information to identify you and show you relevant advertisements as you browse the internet or use social media.  Some of our web or mobile pages and applications may use “cookies,” fingerprints, or data that is sent to your web or mobile browser or application and stored on your device.  The purpose of these “cookies” is to allow our, or a third party, server to recognize you as an end user returning to our web sites, applications or the Trustly Services using the same device and browser.  In the event you do not wish to receive such cookies, you may configure your web browser to not accept cookies or to notify you if a cookie is sent to you.  If you choose to decline cookies you may not be able to use all the features and functionalities of our web sites, applications and the Trustly Services.

 

For more detailed information about our use of cookies, please review our Cookie Policy

 

13.       DO NOT TRACK

 

Do Not Track (“DNT”) is a privacy preference that you can set in your web browser.  When you use the DNT signal, the browser sends a message to web site operators requesting them not to track your web site navigation activities.  Trustly does not track you over time or across third party web sites to provide targeted advertising and does not respond to Do Not Track (DNT) signals.  For more information about DNT, visit https://allaboutdnt.com.

 

14.       PRIVACY PRACTICES OF THIRD PARTIES

 

Trustly is not responsible for the content or information practices employed by third parties or other web sites that are linked to or from the Trustly web sites, applications or the Trustly Services.  In most cases where links are provided, they are provided as pointers to information about services that may be useful to you.  You are encouraged to review the privacy statements of these other web sites before providing them with your personal information.  The use of cookies by our Merchants, banks, service providers, agents, and other affiliates is not covered by our Privacy Policy.  We do not have access to or control over these cookies or any information gathered or collected by them.  Our Merchants, banks, service providers, agents and other affiliates may use session ID cookies to make it easier for you to navigate our web sites, applications or the Trustly Services.

 

15.       NO USE BY CHILDREN

 

The Trustly Services are not directed to children under the age of 18 and we do not knowingly collect personal information from children under the age of 18 without parental consent. If you are under 18 years of age, then please do not access or use the Trustly Services at any time or in any manner.  If we learn that personal information has been collected on the Trustly Services from persons under the age of 18, then we will take the appropriate steps to delete this information.  If you are a parent or guardian and discover that your child under 18 years of age has accessed or used the Trustly Services, then please alert us at amer-privacy@trustly.com so that we may delete that child’s personal information from our systems.

 

            16.       RIGHTS OF CALIFORNIA CONSUMERS

 

If you are a California consumer seeking to use your rights under the California Consumer Privacy Act of 2018 (“CCPA”), please see our Privacy Notice for California Residents.

 

17.       RIGHTS OF EU, UK, AND EEA PERSONS

 

This section provides additional information relating to our processing of personal data for persons in the European Union (“EU”), United Kingdom (“UK”), and European Economic Area (“EEA”).  Our legal basis for collecting and processing your personal data will depend upon the information collected and the context in which we collect or process it. 

 

Purpose of the processing

Legal basis

Personal data processed

To provide information about or verify your bank account.

Contractual obligation.

Identifying Information, Financial Information, Device Information.

To analyze how you use the Trustly Services, improve the Trustly Services and our user interface, and troubleshoot the Service in case of lack in performance.

Pursue our legitimate interest of improving and troubleshooting the Trustly Services.

Identifying Information, Order Information, Financial Information, Device Information, Behavior Information (information about how you interact with our websites and Services).

To communicate with you about the Trustly Services.

Pursue our legitimate interest of interacting with you.

Contractual obligations.

Identifying Information.

To set cookies on your device when you visit and interact with our website. We use the data generated from cookies for several purposes, such as to make the website work properly, to gather statistics of how you use and interact with our website in order to improve its functionality as well as for business to business marketing purposes.

With respect to strictly necessary cookies, to pursue our legitimate interest of providing you with a working and functional website as well as to gather web statistics for commercial reasons.

With respect to other cookies, based upon your consent.

For more information, please see please see Section 12 above and our Cookies Policy

Device Information, Behavior Information.

To verify your identity for the purpose of preventing fraud and/or similar illicit actions.

Comply with legal obligations and pursue our legitimate interest to prevent and detect crime such as fraud.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

To keep your personal data safe and to prevent the Trustly Services from being targeted by external cyber-attacks.

Pursue our legitimate interest of keeping your personal data safe as well as ensuring that the Trustly Services are working as intended in case of a cyber-attack.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

To fulfill our legal or contractual obligations to inform you of security incidents.

Comply with legal obligations.

Contractual obligations.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

To fulfill our legal obligations and reporting requirements.

Comply with legal obligation.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

To respond to your requests relating to your personal data.

Comply with legal obligations and pursue our legitimate interest of verifying your identity in order to prevent disclosure of personal data to the wrong person.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

To handle complaints, or establish, exercise and/or defend Trustly against legal claims.

Pursue our legitimate interest of establishing, exercising and/or defending legal claims.

Identifying Information, Order Identifying Information, Financial Information, Device Information.

 

Retention and Deletion of Personal Data

 

We will process your personal data for as long as we need to fulfill the purpose for which the data were collected.  Personal data about our end-users will in general not be stored for a longer period than seven (7) years to fulfill bookkeeping requirements.  Please note however that during this time, the data may not be used for all of the purposes set out above.  Shorter time periods apply depending on the purpose for which the data was collected.  Trustly has implemented various technical and organisation measures, such as automated deletion of data and access restriction to systems where personal data are stored, to ensure that the data are not used for a longer period than necessary to fulfil; the respective purpose for which the data were collected.

 

Where and How We Store EU, UK, and EEA Personal Data

 

When you use our Manually Enter Data Service, we store your personal data on servers located within the United States.  Regardless, when your personal data will be transferred to, and/or processed by, a Merchant, by Trustly or one of its affiliates, or a third party in a country outside the EU/EEA, we will take reasonable measures to ensure that your data is processed with a high level of security with an adequate level of protection maintained, and that suitable safeguards are adopted in line with applicable data protection legislation requirements, such as the GDPR. These safeguards consist of one of the following legal mechanisms: ensuring that the country outside the EU/EEA is subject to an adequacy decision by the European Commission or by implementing the European Commission’s standard contractual clauses. A copy of the relevant mechanism can be provided upon request, using the contact details provided at the end of this Privacy Policy.

 

We undertake necessary measures to ensure that your personal data is protected with a high level of security that is appropriate to the risks associated with the processing and maintain physical, electronic, and procedural safeguards to protect it.

Your Data Privacy Rights as a Person in the EU, UK, or EEA

Persons in the EU, UK, and EEA have the following rights:

  1. The right to be informed about the collection and use of your personal data.  That right is satisfied by the information provided in this Policy.
  2. The right of access to your information.  You can get information from Trustly about what personal data we have gathered, why we have gathered it, etc.
  3. The right to rectification.  If any of your personal data that we process is inaccurate, you are entitled to have it corrected.
  4. The right to erasure (a/k/a the “right to be forgotten”).  You can request that Trustly erase personal data that we have gathered about you.  Trustly will, under certain circumstances, be obliged to remove it.
  5. The right to restrict processing.  You can request that Trustly restrict the processing of your personal data under certain circumstances, e.g. if you contest the accuracy of the personal data processed by us.  We must then restrict the processing while verifying the accuracy of your request.
  6. The right to data portability.  You can request that Trustly provide all the personal data that Trustly processes about you in a common, structured and machine-readable format.  In some cases, we are obliged to comply with that request and provide you with the personal data processed about you.
  7. The right to object to processing.  You can object to the processing of your personal data that Trustly carries out based on the legal basis of our legitimate interest as specified above , including profiling that we carry out on the basis of our legitimate interest.  If you object, we must assess if we can continue to process your personal data.  You also have the right to object to processing of your personal data for direct marketing purposes, which includes profiling to the extent that it is related to such direct marketing, whereby your personal data will no longer be processed for such purposes.
  8. Rights in relation to automated decision-making and profiling.  Trustly sometimes uses profiling and automated decisionmaking when providing its services.  You have the right to understand when and why we use these types of processing, which are described above.   

(i)        The right to lodge a complaint: If you are unhappy with our handling of your personal data, you can lodge a complaint with a supervisory authority (if you are in the EEA or UK, please refer to the following links for contact details: EEA - https://edpb.europa.eu/about-edpb/board/members_en and UK - www.ico.org.uk).

 

If you have questions or want to exercise your rights explained above, please do so by contacting us at us-privacy@trustly.net, or contacting our U.S. Data Protection Officer at us-dpo@trustly.com.

 

Trustly U.S. Data Protection Officer
Address: 555 El Camino Real, Suite 200, San Carlos, CA 94070
Email: amer-dpo@trustly.com

 

18.       MERCHANT REPRESENTATIVES

 

If you are a representative of one of our Merchants or another company entering an agreement with us, you may provide us with information about you.  Please see the Privacy Notice for Company Representatives

 

19.       SHARING INFORMATION INTERNATIONALLY.

 

Trustly is part of a group of companies which has offices and/or operations internationally.  As a result, we may transfer information we collect about you across international borders, including from the EU, EEA, the UK, or Australia to the United States for processing and storage.  Employees and representatives for Trustly in countries other than the United States may, if their job descriptions/tasks require it, access your personal data.  We restrict access to your personal data to those employees, Trustly representatives and third parties that need to know your information in order for us to be able to fulfill the purpose for which the data was collected.  Please see Section 17 regarding the measures taken to ensure any data about individuals in the EU, UK, or EEA is transferred consistent with applicable data protection legislation requirements such as GDPR. 

 

20.       HOW TO CONTACT US

 

Should you have further questions regarding this Privacy Policy or how your personal information is used, please contact us via e-mail at amer-privacy@trustly.com or by mail at:

 

Trustly, Inc.

555 El Camino Real, Suite 200

San Carlos, California 94070