Date Last Revised: January 7, 2020
Collection and Use of Personal Information
By using or accessing the Service in any manner, you acknowledge that you accept and agree to the terms of this Policy and agree that we may collect, use, store, and share information submitted by you or collected on your behalf from a third-party as described in this Policy.
What Information We Collect
We collect several types of information from and about you in connection with your use of the Service, including but not limited to:
- Information by which you may be personally identified such name, postal address, email address, credit card information, telephone number, bank account information and credit information (such as credit scores).
- Information that is about you but individually does not identify you, such as demographic information, industry information, salary or revenue information.,
- Information provided by Mexico’s Tax Administration Service Information (Servicio de Administracion Tributaria - SAT, by its Spanish acronym)
- Mexican tax-related information such as your Mexican Federal Tax Identification Number (Registro Federal del Contribuyente - RFC, by its Spanish acronym)
Ways Information Is Collected
Paybook collects information you provide when visiting the Site and/or registering for and using the Services. When you visit the Site, we automatically log your operating system, Internet Protocol (IP) address, access times, browser type, language and the referring web addresses. We also collect information about your usage of and activity on the Site. Some of the ways in which we collect information are:
- Direct input by you, such as your registration information for the Site.
- Cookies, which are small files stored on your hard drive that help Paybook provide preferential offers and services. The content in the cookie is set by Paybook’s server and may be used by that server whenever you visit the Site. A cookie can be viewed as a user's virtual “identification card”, which tells a website when you have returned.
- Web Beacons, which are electronic images that capture user statistics and activities that allow Paybook to analyze site usage and improve services.
- Third-party service providers, which may be used to help Paybook analyze your online activities. All third party providers must comply with this Policy.
- Web storage or DOM Storage, which are software methods and protocols used for storing data on a web browser.
Any data you provide to Paybook is provided through the Site, mobile app or the Service, unless you initiate an email, phone, chat or other conversation with Paybook's Customer Care or other support staff, in which case Customer Care or support staff may collect your data via the other means by which you provided the information.
Information You Provide. When you either use the Service directly or connect to your financial accounts using an application developed by a third-party developer (a “Third-Party Developer”) that integrates or otherwise uses the Service (a “Third-Party Application”), you may provide, through the Service, any or all of the following information:
- Personal data, including your full name, email address, postal address, and contact details; and
- Login information required by your financial institution to access your financial account, such as your username and password, answers to security questions, or a security token.
When providing the information above, you give us and the Third-Party Developer the authority to act on your behalf to access and transmit your information from the relevant financial institution in connection with the Service.
Information Collected From Your Financial Institutions. The information we collect from the financial institutions that maintain your accounts varies depending on the type of Paybook Service you use (e.g., when you use the Service directly) or the Third-Party Developer uses with the Third-Party Application (e.g., when use the Service integrated into a Third-Party Application).
The information we collect from your financial institutions may include, but is not limited to:
- Account information, including financial institution name, account name, account type, and account and routing number;
- Information about account balances, including current and available balance;
- Information about credit accounts, including statement due dates and balances owed, payment amounts and dates, transaction history, and interest;
- Information about loan accounts, including due dates, balances, payment amounts and dates, interest, loan type, payment plan, and term;
- Information about the account owner(s), including name, address, email address, and telephone number;
- Information about account transactions, including amount, date, type, and a description of the transaction;
- Demographic information, industry information, salary or revenue information; and
- For portions of the Service used with Mexican financial institutions: (i) information provided by Mexico’s Tax Administration Service Information (Servicio de Administracion Tributaria - SAT, by its Spanish acronym); and (ii) Mexican tax-related information, such as your Mexican Federal Tax Identification Number (Registro Federal del Contribuyente - RFC, by its Spanish acronym).
Information We Receive From Other Sources. We may receive information about you from the Third-Party Developer or other third parties, including service providers and identity verification services.
HOW WE USE YOUR INFORMATION
We use the information we collect to operate, provide, maintain, improve, and protect the Service for you and Third-Party Developers, as well as to develop new services. In addition, we use your information for the following purposes:
- To enhance, modify, add to, and further develop the Service;
- To analyze usage of the Service;
- To protect you, Third-Party Developers, our partners, and Paybook from fraud, malicious activity, and other privacy and security-related concerns;
- To provide customer support to Third-Party Developers, including to help respond to your questions about the Service or Third-Party Applications;
- To provide information about events, news about other Paybook services;
- For any other purpose to which you consent.
HOW WE STORE YOUR INFORMATION
We take reasonable measures to protect your information in an effort to prevent loss, misuse, disclosure, unauthorized access, alteration and destruction. We use a combination of firewall barriers, encryption techniques and authentication procedures to maintain the security of your information and to protect Paybook accounts and systems. These measures are regularly evaluated for effectiveness against industry-standards internally and by independent security auditors.
We retain information we collect about you for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted under applicable law, regulation, or contract. Even after you stop using the Service or a Third-Party Application or terminate your account with Paybook or a Third-Party Developer, we may still retain your information (e.g., if there is residual information within our databases or systems) to the extent permitted by applicable law. In all cases, your information will only be used and shared as required by law or in accordance with this Policy.
HOW WE SHARE YOUR INFORMATION
We do not sell or rent the information of our end-users to marketers or other third parties. However, we do share end-user information with third parties as described in this Policy. For example, we share your information with the Third-Party Application you are using and as directed by the Third-Party Developer. We may also share your information as follows:
- With your consent;
- With our service providers, partners, or contractors in connection with the services they perform for us or Third-Party Developers;
- If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena);
- In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy);
- Between Paybook and our current and future parents, affiliates, subsidiaries and other companies under common control and ownership; or
- As we believe reasonably appropriate to protect the rights, privacy, safety, or property of you, our developers, our partners, or Paybook.
We may collect, use, and share information we collect in an aggregated or de-identified manner (i.e., that does not identify you personally) for any purpose permitted under applicable law. This includes creating or using aggregated or de-identified data based on the collected information to develop new services and to facilitate research.
Additional Terms for Paybook Sync Services
If you are a customer of a third-party application or other service that uses Paybook’s Sync Service (“Sync Service”) or if you are a trial or paid user of Paybook’s Sync Service, including Sync Service APIs, the privacy provisions set forth below, in addition to the other terms in this Policy, govern Paybook’s use of data related to you, your Customer Application (as defined in your Sync Service Agreement) and your End Users (as defined in your Sync Service Agreement) (collectively, “Protected Information”). If there is any conflict between the terms of this Section “Additional Terms for Paybook Sync Services” and the terms of this Policy, the terms of this Section control.
You acknowledge and agree that Paybook, its employees, agents and third party subcontractors may: (i) use the Protected Information internally to offer and improve the APIs, the Service or any other Paybook product or service; (ii) use and disclose the Protected Information, to the extent permitted by law, in any way that: (A) does not divulge any personally identifiable information about you or your End Users; and (B) does not disclose that the Protected Information is obtained from Paybook’s contractual relationship with you. Paybook may use anonymized and aggregated Protected Information for any purpose, including research and service improvement, and may use, display, distribute or authorize such anonymous aggregate research information to improve the Service (or offer or improve any additional Paybook products or services), to improve Paybook’s user experience, and to help provide customer support. If you are a trial or paid user of Paybook’s Sync Service, Paybook may also use your company or organization’s name for marketing purposes as set forth in your Sync Service Agreement.
Using the Service from Outside the United States
This Policy is intended to cover collection of information by the Service from residents of the United States and Mexico. If you are visiting the Site or using the Services from outside of the United States or Mexico, please be aware that your information may be transferred to, stored, and processed in the United States where the Service is located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Service, you understand that your information may be transferred to our facilities and those third parties with who we share it as described in this Policy.
This paragraph applies to European Union data subjects. The European Union’s General Data Protection Regulation (Regulation (EU) 2016/679) gives certain rights to European data subjects in relation to their personal information. We will only process your personal information when we have a legal basis to do so. When we do process your personal information, we will do so with your consent or because the processing is necessary: (i) for the performance of a contract with you; (ii) to comply with our legal obligations; (iii) to pursue our legitimate interests; or (iv) to establish or defend a legal claim. In some circumstances, data subjects in the European Union have certain rights regarding their personal information. These rights may include the right to: (x) request access to and rectification or erasure of their personal information; (y) obtain restriction of processing or to object to processing of their personal information; and (z) the right to data portability. If you are a European data subject and wish to exercise one of the above-mentioned rights, please send us your request via email to: firstname.lastname@example.org. We may ask you to provide personal information about yourself so that we can verify your identity. We will respond to your request within 30 days from the date we receive the request. We may not be able to accommodate your request in every situation, and if that is the case, we will let you know why. We may charge you an administrative fee for subsequent requests. Data subjects in the European Union may also have the right to file a complaint about the processing of their personal information with their local data protection authority.
Periodic updates to this Policy will be posted on our website. Changes take effect immediately upon posting. The date last update appears at the top of this as the effective date of this Policy.
If you have any questions or concerns about this Policy, please contact us at:
8026 Baxter Springs Road
Austin, Texas 78745