Commitment to Privacy and Security
Chase Paymentech Solutions, LLC and its operating entities Paymentech, LLC and Chase Alliance Partners, LLC (collectively, “Chase Paymentech”) are committed to safeguarding the privacy and security of the information we collect. This statement explains the policies we follow with respect to the handling of customer information collected by Chase Paymentech.
Information We Collect
Chase Paymentech’s customers (“Merchants”) are businesses and other legal entities desiring to accept credit or debit cards or other payment methods, as payment for goods or services. Chase Paymentech does not have direct relationships with, or collect information directly from, individual consumers other than in their capacity as owners or operators of a commercial enterprise. Chase Paymentech does not provide services for consumer, personal, family or household purposes. The information we receive and collect is strictly related to our business customers and the payment transactions that we assist them in executing, as well as from prospective or potential business customers who may be interested in learning more about our services. The transaction information we receive from our Merchants may include personal financial information about their customers (e.g., credit or debit card account numbers) who may be individual consumers. Chase Paymentech understands that such information is sensitive and takes appropriate steps to protect the confidentiality and security of all information collected by Chase Paymentech in accordance with this Privacy Statement.
Use and Disclosure of Information
Use and disclosure of the information collected by Chase Paymentech varies based on the information source and type, as set forth below:
- Browsing the Website. When you browse Chase Paymentech’s website, we may collect information regarding the domain and host from which you access the Internet, the Internet Protocol address of the computer or Internet Service Provider you are using, and anonymous site statistical data. In addition, we may collect information that you voluntarily provide us via online forms and questionnaires, including information you may provide about your business in order to apply to become a Merchant, or thereafter if you use any of our online Merchant services. Chase Paymentech’s website is intended for commercial use only, and we collect, retain and use information about visitors to our websites only for specific business purposes, including: (i) to respond to requests for information about our products and services (see “Your Inquiries” below), (ii) to administer the website or improve site performance, (iii) to provide customer support (e.g., to allow a prospective Merchant to complete an online account application, to allow a Merchant to view and manage records, accounts and funds, or to help enhance our products and services); (iii) for security purposes and to combat fraud (e.g., to protect against unauthorized access to Chase Paymentech systems, or Merchant accounts and information), (iv) to generate broad statistical and demographic information, and (v) to comply with certain laws, regulations, and card association rules and regulations. In addition, when you link to Chase Paymentech’s website from the website of any third-party advertiser, we may receive information about you from such third-party, including your contact information and information stored in “cookies” on such third-party’s website. Please check the privacy policy of these websites concerning what information may be collected by the third-party and shared with Chase Paymentech. Such information is used by us only for the purposes set forth above with respect to information collected directly from you at our own website.
- Your Inquiries. When you complete and submit a form on our website, send us an e-mail, send us a fax, or contact us by telephone to solicit information about our services or the company in general, Chase Paymentech may store the inquiries and their contents. Information you submit via an inquiry is collected only with your knowledge and active participation, and may be used by Chase Paymentech to respond to your inquiries, to contact you, to inform you of services of Chase Paymentech or its partners that may be of use to you, and for similar business purposes. Information collected during the course of an inquiry will not be disclosed to any third party; provided that such information may be shared internally with our affiliated entities for the business purposes set forth above.
- Opening an Account or Using Chase Paymentech Services. When you submit an application to obtain a Merchant account and become a Merchant, you will be required to provide us with certain information about your business, and its owners and officers, which may also act as guarantors of the Merchant’s obligations. Chase Paymentech may also obtain and store information about the Merchant, and its officers, owners and guarantors, from consumer reporting agencies, credit bureaus, relevant financial institutions, and other entities. Chase Paymentech may use, retain and disclose this information to (i) comply with any applicable federal legislation requiring Chase Paymentech to obtain, verify, and record information that identifies each entity with which it establishes a Merchant relationship, (ii) evaluate your eligibility for a Merchant account, which may involve disclosure to consumer reporting agencies, commercial credit bureaus, and relevant financial institutions. Chase Paymentech may also use your information to contact you about other Chase Paymentech offerings and services. If you are, or become a Merchant, Chase Paymentech may disclose your information during the course of providing such services to card associations, banks and other financial institutions that are involved in the course of processing or screening the transaction, and to third parties that have contracted with Chase Paymentech to perform certain functions of our services on our behalf. In addition, Chase Paymentech may use, or disclose your information to third parties for the additional purposes of facilitating and completing merchant-initiated or authorized transactions, complying with federal, state and local laws, including credit reporting laws and card association rules, assisting in preventing fraud, or informing you about general company news, product updates and developments, card association rules, and industry trends, offering you products and services that may be of interest to you, or as otherwise may be permitted or required by applicable law.
- Customers of Our Merchants. If you purchase a product or service from a Merchant using a credit or debit card, or any other method of payment for which we provide the Merchant with transaction processing services, you will likely provide that Merchant with certain personal information which may include, for example, your name and credit card number. Our Merchants may transmit certain of this information (“Order Information”), to Chase Paymentech for the purpose of processing the transaction. We will use Order Information during the course of providing processing services to such Merchant. During the course of providing processing services to our Merchants, we may disclose Order Information to banks, processors, credit and debit card organizations and associations, and other financial institutions that are involved in the course of effecting the transaction represented by the Order Information. In addition, we may disclose some or all of the information we collect, to our affiliated companies or to non-affiliated third parties (subject to contractual confidentiality provisions to protect such information) such as a vendor or service company that we hire to prepare our Merchants’ account statements or to provide support or services for one or more of our products. We will not disclose Order Information to any third party, except to facilitate and complete transactions submitted to us by Merchants, or otherwise in the course of providing services to our Merchants, or to comply with federal, state and local laws or the rules and regulations of the respective card organizations or other payment entities (e.g. Visa, MasterCard, American Express, NACHA, etc.).
In addition, Chase Paymentech may share information related to its Merchant customers or applicants with its affiliated entities for the purposes allowed by this Privacy Policy.
Protection of Cardholder and Customer Data
Chase Paymentech has implemented various measures, including appropriate administrative, technical and physical safeguards, designed to ensure the security and confidentiality of cardholder and customer data, protect against anticipated threats or hazards to the security or integrity of such information, and protect against unauthorized access to or use of such information. Such measures may include, among others, encryption, physical access security and other appropriate technologies. Chase Paymentech continually reviews and enhances its security systems, as necessary. Chase Paymentech is subject to the detailed rules and regulations of the various credit and debit card organizations and networks (i.e. VISA, MasterCard, American Express, NYCE, Star, etc.), relating to the security and safeguarding of cardholder information, including the Payment Card Industry Data Security Standards (“PCI”), VISA U.S.A.’s Cardholder Information Security Program (“CISP”) and MasterCard International’s Site Data Protection Program (“SDP”). Chase Paymentech endeavors to comply with all such rules at all times. Pursuant to such rules and regulations, Chase Paymentech is required to undergo periodic third-party assessments and periodic network scans to ensure that, among other things, Chase Paymentech has installed and maintains a firewall configuration to protect data; does not use vendor-supplied defaults for system passwords and other security parameters; protects stored data; encrypts transmission of cardholder data and sensitive information across public networks; uses and regularly updates anti-virus software; develops and maintains secure systems and applications; restricts access to data to those with a business need-to-know; tracks and monitors all access to network resources and cardholder data; regularly tests security systems and processes; assigns a unique ID to each person with computer access; restricts physical access to cardholder data; and maintains a policy that addresses information security. Additional information regarding the requirements of VISA’s CISP and Mastercard’s Site Data Protection program (SDP) can be found on the VISA USA and MasterCard International Web sites.
Responsibility of Merchants
Merchants are also required to comply with various rules and regulations of the various credit and debit card organizations and networks relating to the security and safeguarding cardholder information, including PCI, CISP and SDP. Merchants may be required to undergo periodic third-party data security assessments and periodic network scans to ensure that appropriate security measures are in place.
Additional Internet Privacy Policies
Cookies. The Chase Paymentech website may create a small data file, or “cookie”, on the hard drive of your computer in order to retain information that is used by our website. Chase Paymentech uses cookies for a number of purposes, including to:
- Access your information when you "sign in", so that we can provide you with customized content in online areas such as Chase Paymentech Online.
- Display the most appropriate banners to Chase Paymentech and third party offerings based on your activity while on Chase Paymentech's site.
- Conduct research to improve Chase Paymentech content and services.
- Require you to re-enter your Chase Paymentech password after a certain period of time has elapsed to protect you against others accidentally accessing your account contents or otherwise accessing your account contents without authorization.
Third-Party Web Sites. Chase Paymentech may create links to third-party Web sites. In addition, Chase Paymentech may authorize third-parties to create links to Chase Paymentech websites. Chase Paymentech is not responsible for the content or privacy practices employed by third-party Web sites. Neither does Chase Paymentech control or warrant the utility, merchantability or workmanship of the products or services offered at third-party Web sites.
Online Advertising. Chase Paymentech also may use cookies to track advertising leads and campaigns from banner advertisements and third party advertisement services. Chase Paymentech may hire third party companies such as advertising services to track and report performance of advertising and marketing campaigns to and from Chase Paymentech and third party web sites. These companies may also set cookies and use related technology, such as tracking pixels.
These tracking pixels (also known as action tags, web beacons, or transparent GIF files) and other similar tracking technologies may be used to collect and store information about user visits, such as the user's anonymous cookie ID, page visits and duration, and the specific ad or link(s) that the user clicked on to visit the site. No personally identifiable information is stored on these cookies or web pixels. This user activity information is reported to us in aggregate and is anonymous. We use this information in aggregate to understand, for example, the effectiveness of our advertising and marketing.
Children. Chase Paymentech does not solicit or knowingly accept information from persons under the age of eighteen (18). Our web sites are not designed with the intent to attract or encourage viewing by children.
Modifications to Privacy Policy
We continue to review our policies and procedures to assure that they are effective in meeting our commitments to our customers. Chase Paymentech reserves the right to change this privacy policy without notice at any time and from time to time, including as needed to comply with the rules and regulations of the various debit and credit card organizations, or to comply with applicable local, state and federal laws and regulations.
Inquiries
If you have a question or comment regarding this Privacy Statement, please contact:
Chase Paymentech Solutions
Chief Compliance Officer
14221 Dallas Parkway
Dallas, Texas 75254
(Last modified September 17, 2007)
|
|
|