We are committed to protecting the privacy of your personal information.
Summary of the Ten Privacy Principles
Principle 1 - Accountability
Paymentech takes steps to maintain and protect personal information under its control, in accordance with applicable law. Paymentech has designated an individual or individuals that are responsible within our organization for compliance with the Ten Privacy Principles, as outlined below
Principle 2 - Identifying Purposes
Principle 3 - Consent
Principle 4 - Limiting Collection
Paymentech shall limit the collection of personal information to that which is necessary for the purposes identified by Paymentech. Paymentech shall collect personal information by fair and lawful means.
Principle 5 - Limiting Use, Disclosure and Retention
Paymentech will use or disclose your personal information for the purposes for which it was collected, except with your consent or as required or permitted by law. Paymentech will retain your personal information as long as necessary for the fulfillment of those purposes, subject to reasonable legal limitation periods, statutory or regulatory retention requirements and legitimate business requirements.
Principle 6 - Accuracy
Paymentech will use reasonable efforts to maintain your personal information in as accurate, complete and up-to-date form as is necessary for the purposes for which it is to be used, in compliance with applicable legislation.
Principle 7 - Safeguarding Merchant Information
Paymentech will put in place security safeguards appropriate to the sensitivity of the personal information in order to protect your personal information from unauthorized access, improper use and accidental destruction or loss.
Principle 8 - Openness
Paymentech shall make available to you, upon request, specific information about our policies and practices that apply to the management of your personal information.
Principle 9 - Merchant Access
Upon request, Paymentech shall inform you of the existence, use and disclosure of your personal information. You may verify the accuracy and completeness of your personal information, and may request that it be amended, if appropriate, as provided by applicable legislation.
Principle 10 - Handling Merchant Complaints and Suggestions
You may direct any questions or enquiries with respect to the privacy principles outlined above or about Paymentech's privacy practices by contacting:
Personal Information - Definition
Personal Information means information about an identifiable individual, as more particularly defined in applicable privacy legislation. Personal information does not include aggregate information that cannot be associated with a specific individual, and in certain jurisdictions, it may also exclude business contact information.
Affiliates and Third Party Contractors
Paymentech may also provide some information received from our merchants to outside organizations as necessary to provide requested services. Such organizations may include the various card associations (including without limitation Visa, MasterCard and Interac).
Our contracts with such third parties and affiliates require that (i) any information that we provide to them is held strictly confidential; and (ii) any information provided to them may be used solely for the purposes of providing the services that they have been contracted with to provide.
Paymentech may transfer personal information to outside agents, mandataries or service providers that perform services on our behalf (for example mailing houses or collection agents) in which case we use similar contractual or other means to ensure that your personal information is protected and not used or disclosed for any purposes other than as directed by Paymentech.
More generally, Paymentech collects, uses and discloses personal information as follows:
Paymentech typically seeks our merchant's consent to the use and disclosure of their personal information at the time that the information is obtained (i.e. the vast majority of which is obtained when the merchant completes an application to receive merchant services from Paymentech). Other information may be obtained when you change the nature of services you receive, when you call our Merchant Services Help Desk or otherwise when you have the need to contact Paymentech. Personal information may be obtained from you in person, over the phone or through e-mail, regular mail or facsimile correspondence.
Paymentech obtains your express consent in the Merchant Agreement to the collection, use and disclosure of certain sensitive information (social insurance numbers, dates of birth and driver's license numbers). Your provision of each of the social insurance number and driver's license number is optional and the information is used for credit matching and identity verification. Ultimately, it is up to you whether you want to provide any personal information to Paymentech. However, if enough personal information is withheld, Paymentech may be unable to provide services.
An individual may withdraw his or her consent at any time (subject to legal or contractual restrictions and reasonable notice) by notifying Paymentech. However, if enough personal information is withheld, Paymentech may be unable to provide services.
Faxing of information
If you phone into our Business Sales Centre, an application will be completed verbally over the phone. After completion, the application may be faxed to the fax number that you have provided to us so that the merchant can execute the application and return it to Paymentech.
Recording of calls
Paymentech may record incoming phone calls to our Business Sales Centre for quality monitoring and coaching purposes and, as necessary, to record the fact that verbal consent was obtained to use your personal information for an identified purpose (for example, obtaining a credit report from a credit reporting agency or credit bureau). Paymentech periodically records calls to our Merchant Services Help Desk for quality monitoring and coaching purposes.
Type of Information Collected
The type of information collected on our Merchant Application and Agreement includes the following:
Paymentech will use reasonable efforts to ensure that the personal information that it holds is accurate, complete and current and related to the identified purposes.
Retention of Information
Paymentech retains your personal information as long as necessary for the fulfillment of those purposes, subject to reasonable legal limitation periods, statutory or regulatory retention requirements and legitimate business requirements. Paymentech will use reasonable efforts to ensure that personal information which will no longer be retained by Paymentech will be disposed of or destroyed in a secure manner.
Paymentech may store your personal information in an electronic file or a physical file. Paymentech has implemented reasonable technological, organizational and physical security measures to protect your personal information from unauthorized access, improper use, and accidental destruction or loss. The physical file containing your personal information will be stored at Paymentech's premises, or if required, at an offsite storage facility. The electronic file containing your personal information will be stored on a secure network. Authorized employees, mandataries and agents of Paymentech who have a legitimate purpose for accessing the information and require it in the course of their duties will have access to your personal information. There is restricted access to Paymentech's offices and to the computer server room.
Paymentech employees, as a condition of their employment, are required to comply with confidentiality, merchant privacy and security obligations. Paymentech employees are also trained on the importance of privacy and maintaining the confidentiality of personal information.
From time to time, Paymentech reviews and updates its security measures in an effort to protect information in the most effective manner possible.
Access to Information
Subject to applicable legislation, Paymentech's merchants may access and verify any of their personal information by calling our Merchant Services Help Desk at 1-800-265-5158 and may request the correction of any inaccurate information. If there is any error, Paymentech will promptly amend and correct the information in its files.
Each website can send its own cookie to a browser if the browser's preferences allow it, but (to protect privacy), a browser only permits a website to access the cookies it has already sent to it, not the cookies sent to it by other sites.
A browser can be configured to accept all cookies, reject all cookies, or to provide notification when a cookie is set. (Each browser is different so check the "Help" menu of the browser to learn how to change the cookie preferences.)
If all cookies are rejected, a merchant will not be able to use Paymentech products or services that require the merchant to "sign in", and the merchant may not be able to take full advantage of all offerings. However, there may be some Paymentech products and services that do not require that cookies be accepted.
Paymentech may uses its own cookies for a number of purposes, including to:
2. Third Party Links
3. Online Security
From time to time, Paymentech reviews and updates its security measures (including its online security measures) in an effort to protect information in the most effective manner possible.