Last Updated: 12/20/2019
At TSYS Merchant Solutions, LLC (“TSYS”), we respect your concerns about privacy. This Privacy Notice (“Notice”) relates to the collection of personal information from users of our websites (“Sites”) and mobile applications (“Apps”) in the course of our business activities.
For the purpose of this Notice, TSYS, “we” and “us” refer to TSYS, Inc. and its subsidiaries and affiliates, as the context requires. Our privacy practices vary depending on the services we provide. For some products and services, where required, we will provide additional privacy notices before collecting your personal information. Please read this Notice carefully. If you have any questions, you may contact us at email@example.com or by the methods provided in the “Contact Us” section below.
TSYS provides payment processing and related ancillary products and services], (collectively referred to as the “Services”). For our Customers, information about disclosures, transfers and other processing of personal information as part of the Services is set out in the documentation provided to them at or before onboarding. This Notice is a supplement, not a replacement, to that documentation and relates specifically to information we collect through our Sites and Apps.
Please be aware that not all of the information in this Notice will be directly applicable to our handling of your personal information. This Notice provides an overview of the possible circumstances in which we may interact with your personal information. If you have any questions about our processing of your personal information, please contact us at firstname.lastname@example.org.
TSYS collects personal information from users of our Sites and Apps who might be our Customers, prospective Customers, and Customer end users who engage with our Sites and Apps as part of the Services we provide to our Customers.
Because TSYS’s relationship with Customer end users is indirect, we process such end user personal information only for the purposes of providing the Services, in accordance with our Customer’s instructions. If you are an end user who has a relationship with one of our Customers and you have a question about how your personal information is collected, used, or shared, or would like to exercise any rights you may have with respect to your personal information, please contact the Customer directly.
Select one of the links below to jump to the relevant section:
- Personal information we collect
- Sources of personal information
- How we use the personal information we collect
- How we share the personal information we collect
- Our relationship with affiliate companies (including sharing and cross-border transfers)
- Login details and your responsibility
- Managing your preferences
- Your Legal Rights
- Data anonymization and aggregation
- Commitment to security, privacy and standards
- Cookies and Other Tracking Technologies
- External links
- Changes & Updates
- Choice of Law
- Contact Us
- Region-specific information
Personal Information We Collect
Through our Sites and Apps, subject to your consent if required by law, we may collect the following personal information:
- Identifiers (including name and contact information including telephone number, email address, or postal address)
- Information protected against security breaches (such as social security number, financial account information and username and password)
- Commercial information (such as your access and purchase history, the products and services we provide to you, your marketing preferences, or information you provide in any communication with us or when you participate in any blog, community or forum on our Sites)
- Internet/electronic activity (see “Cookies and Other Tracking Technologies” for additional information)
- Professional or employment related information (such as your status with the organization with which you are affiliated or information you provide as a job applicant)
- Inferences from the foregoing such as your preferences, characteristics or predispositions
Data anonymization and aggregation. Subject to your consent if required by law, we may anonymize or aggregate your personal information in such a way as to ensure that you are not identified or identifiable from it, in order to use the anonymized or aggregated data. For example, we may use anonymized or aggregated data for statistical analysis including to analyze trends, for product development, and for risk assessments and cost analysis. We may share anonymized or aggregated data with our parent, subsidiaries, affiliates or with other third parties.
Sources of Personal Information
We collect personal information from several sources that we use to provide our Services to you, to analyze and improve our Services, and to communicate with you. Those sources include:
Information that you provide to us: We collect personal information that you provide to us when you set up an account with us, use our Services, or communicate with us. For example, if you register for an online account with us, we may request your name, contact information and business information. Providing us with personal information about yourself is voluntary, and you can always choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the Services.
Information collected from third parties: We may collect information about you from third parties in the course of providing our Services to you. For example, we may collect personal information from credit-reporting agencies to enable us to identify you, prevent possible fraud and to deliver the Services to you.
Information collected through technology: When you visit our Sites or Apps (or when you use any of our Services) we may collect certain information about your location, usage, or device through technology such as cookies (see “Cookies and Other Tracking Technologies” for more information). We may collect geolocation in the Apps for the purpose of enabling location-based Services.
How We Use the Personal Information We Collect
Subject to your consent if required by law, we may use your personal information for the following business purposes:
- Providing our Services and related support: including to help fulfill your requests for products and Services; to communicate with you about your use of our Services; to respond to your inquiries; to provide troubleshooting and other technical support; and for other customer service and support purposes.
- Protecting the integrity of the Services: including to verify your identity; to detect and prevent fraud and unauthorized activities; to facilitate software; to preserve the integrity of the Services and our systems, and prevent unauthorized access and activities; to enforce our applicable terms; and to protect the rights and safety of others.
- Analyzing and improving the Services and our business: including to better understand how users access and use our Services; to evaluate and improve the Services and our business operations; to develop new features, offerings and Services; to conduct surveys and other evaluations; and for other research and analytical purposes.
- Personalizing the Services: including to tailor content we send or display on our Sites and Services (e.g., for your geographic area); to offer personalized help and instructions; and to otherwise personalize your experiences with the Services.
- Advertising, marketing and promotional purposes: including to reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our ad campaigns; to contact you about our Services, and those of our affiliates, as well as other information we think may interest you. Where required by applicable law, we will obtain your consent to use your personal information for marketing and related purposes.
- Securing and protecting our business: including to protect and secure our business operations, assets, services, network and information and technology resources; to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third party, or other unauthorized activities or misconduct.
- Defending our legal rights: including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with users or third parties.
- Auditing, reporting, corporate governance, and internal operations: including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; to maintain appropriate business records; to enforce company policies and procedures; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business.
- Complying with legal obligations: including to comply with the law, our legal obligations and legal process, such warrants, subpoenas, court orders, and regulatory or law enforcement requests.
How we Share the Personal Information We Collect
We share your personal information in the manner and for the purposes described below:
- With TSYS affiliates where such disclosure is necessary to provide you with our Services or to manage our business.
- With third-party service providers whose systems, applications, products or services help us to provide the Services. For example, we share personal information with IT service providers who help manage our back office systems or administer our Sites and Apps. These service providers have agreed to confidentiality restrictions and have agreed to use any personal information we share with them, or which they collect on our behalf, for the purpose of providing the contracted service to us.
- With our Customer with whom you are also engaging when you use the Services. For example, you may be using a TSYS Site to log into your account with our Customer. TSYS will share the personal information you provide in order to fulfill your request. You may also receive communications from the Customer. Each such Customer operates independently from TSYS and their collection and use of your personal information is not subject to this Notice but to their own privacy notices.
- With other third parties including financial institutions such as Visa®, MasterCard®, Discover® Card services, and banking institutions involved in supporting, clearing or settling payment-related transactions.
In addition, subject to applicable legal requirements, we may share personal information in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business assets to another company.
We do not sell your personal information to third parties.
Our Relationship with Affiliate Companies (Including Sharing and Cross-Border Transfers)
Subject to your consent if required by law, we may appoint an affiliate company to process personal information in a service provider role. In most cases, we will remain responsible for that company’s processing of your personal information pursuant to applicable data privacy laws.
We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law, are carefully managed to protect your privacy rights and interests and limited to countries which are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
Login Details and Your Responsibility
Subject to your consent if required by law, we will collect and process your personal information as necessary to set up and administer your sign up to, and use of, the log in facility available on our Sites and Apps. We will use “cookies” to “remember” the machine or other device you use to access our Sites (see “Cookies and Other Tracking Technologies” below). Please remember that if we contact you, we will never ask you for your password in an unsolicited email, message or phone call. If you choose to use the log in facility available on our Sites and Apps, you are required to adhere to the security procedures we establish in the documentation we provide you as part of the Services.
Cookies and Other Tracking Technologies
A “cookie” is a text file that is stored to your browser when you visit a website.
Unique device identifiers like IP address or UDID recognize a visitor’s computer or other device used to access the internet. Unique device identifiers are used alone and in conjunction with cookies and other tracking technologies for the purpose of “remembering” computers or other devices used to access the Sites and Apps.
Cookies can be classified by duration and by source:
Duration. The Sites use both “session” and “persistent” cookies. Session cookies are temporary – they terminate when you close your browser or otherwise end your “active” browsing session. Persistent cookies remember you on subsequent visits. Persistent cookies are not deleted when you close your browser, and they will remain on your computer or other device unless you choose to delete them (see below for “How to Delete or Block Cookies”).
Source. Cookies can be “first-party” or “third-party” cookies, which means that they are either issued by or on behalf of TSYS or by a third-party operator of another website. For an example of a third-party cookie, our Sites may contain a Facebook “like” button, which would set a cookie that can be read by Facebook. Our Sites may use both first-party and third-party cookies.
The cookies that we may use on the Sites fall into the following categories:
Strictly Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions taken by you such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but blocking them may impede the functionality of the Sites.
Performance Cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functionality Cookies. These cookies enable the Sites to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some of these services may not function properly.
Targeting Cookies. These cookies may be set through our Sites by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
How to Delete or Block Cookies
On some Sites, when technically feasible, we will enable tools to help you make choices about cookies. You may also delete or block cookies at any time by changing your browser settings. You can click “Help” in the toolbar of your browser for instruction or review the cookie management guide produced by the Interactive Advertising Bureau available at www.allaboutcookies.org. If you delete or block cookies, some features of the Sites may not function properly.
TSYS may provide links on our Sites to other websites that are not under our control. We do not endorse or make any warranty of any type regarding the content contained on such websites or products and services offered on those websites. We make no representation regarding your use of such websites. Please be aware that we are not responsible for the privacy practices of the operators of other websites. We encourage our users to be aware when they leave our Sites and to read the privacy statements of each and every website that collects personal information. This Notice applies solely to information collected by us. You should read any other applicable privacy and cookies notices carefully before accessing and using such other websites.
Managing Your Preferences
Subject to your consent if required by applicable law, we may use your personal information to provide you with direct marketing information about our products and services as well as those of our global affiliates and third parties. Our direct marketing may be by email, telephone, post or SMS or such other method(s) as may become relevant. In addition, we may provide direct marketing information and permit others to do that as allowed by our customers’ respective contracts.
We will take steps to seek to ensure that any direct marketing from us and which is sent by electronic means will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in emails, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. In addition, if we need your consent for direct marketing communications under applicable law, and if you provide your consent, you will be able to change your mind at any time.
Your Legal Rights
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, some users, including residents of the state of California, may have certain rights in relation to their personal information. These rights may include:
|CA Resident Rights||What does this mean?|
|Right to know about personal information collected, disclosed, and sold||You have the right to be provided with clear and easy-to-understand information about how we use your personal information. This is why we are providing you this Notice and we may provide other forms of notice, as appropriate or required by law, in the Sites and Services.
You also have the right to access and receive a copy of the personal information we hold about you.
|Right to opt-out of the sale of personal information||You may request that we do not sell your personal information to third parties.|
|Right to request deletion||In some circumstances, you have the right to have your personal information erased or deleted.|
|Right to equal service and prices (“non-discrimination”)||Your choice to exercise your privacy rights will not be used as a basis to discriminate against you in services offered or pricing.|
Commitment to Security, Privacy and Standards
We take seriously our responsibility to protect the security and privacy of the information we receive via our Sites and Apps. We maintain administrative, technical and physical safeguards designed to protect the personal information you provide via our Sites against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
Please remember that communications over the internet such as emails are not secure. We seek to keep secure all confidential information and personal information submitted to us through our Sites and Apps in accordance with our obligations under applicable laws and regulations. However, like all website operators, we cannot guarantee the security of any data transmitted through our Sites and Apps.
Our Sites are not intended for use by children. We do not solicit or knowingly accept any personal information from persons under the age of 18. Please do not use this website if you are under the age of 18.
Changes and Updates
We reserve the right, in our sole discretion, to modify, update, add to, discontinue, remove or otherwise change any portion of this Notice, in whole or in part, at any time. When we amend this Notice, we will revise the “Last Updated” date located at the top of the document. We will also take reasonable steps to ensure you are made aware of any material updates including providing you direct communication about such changes or providing a notification through the Services, as appropriate. If you provide personal information to us or access or use our Sites after this Notice has been changed, you will be deemed to have unconditionally consented and agreed to such changes. The most current version of this Notice will be available on the Sites and Apps and will supersede all previous versions of this Notice.
Choice of Law
This Notice, including all revisions and amendments thereto, is governed by the laws of the United States, State of Georgia, without regard to its conflict or choice of law principles which would require application of the laws of another jurisdiction.
By using our Sites and Apps, you unconditionally consent and agree that: (1) any claim, dispute, or controversy (whether in contract, tort, or otherwise) you may have against TSYS and/or its parent, subsidiaries, affiliates and each of their respective members, officers, directors and employees (all such individuals and entities collectively referred to herein as the “TSYS Entities”) arising out of, relating to, or connected in any way with the Services or the determination of the scope or applicability of this agreement to arbitrate, will be resolved exclusively by final and binding arbitration administered by JAMS and conducted before a sole arbitrator in accordance with the rules of JAMS; (2) this arbitration agreement is made pursuant to a transaction involving interstate commerce, and shall be governed by the Federal Arbitration Act (“FAA”), 9 U.S.C. §§ 1-16; (3) the arbitration shall be held in Atlanta, Georgia; (4) the arbitrator’s decision shall be controlled by the terms and conditions of this Notice and any of the other agreements referenced herein that the applicable user may have entered into in connection with the Services; (5) the arbitrator shall apply Georgia law consistent with the FAA and applicable statutes of limitations, and shall honor claims of privilege recognized at law; (6) there shall be no authority for any claims to be arbitrated on a class or representative basis, arbitration can decide only your and/or the applicable TSYS Entity’s individual claims; the arbitrator may not consolidate or join the claims of other persons or parties who may be similarly situated; (7) the arbitrator shall not have the power to award punitive damages against you or any TSYS Entity; (8) in the event that the administrative fees and deposits that must be paid to initiate arbitration against any TSYS Entity exceed $125 USD, and you are unable (or not required under the rules of JAMS) to pay any fees and deposits that exceed this amount, TSYS agrees to pay them and/or forward them on your behalf, subject to ultimate allocation by the arbitrator. In addition, if you are able to demonstrate that the costs of arbitration will be prohibitive as compared to the costs of litigation, TSYS will pay as much of your filing and hearing fees in connection with the arbitration as the arbitrator deems necessary to prevent the arbitration from being cost-prohibitive; and (9) with the exception of subpart (6) above, if any part of this arbitration provision is deemed to be invalid, unenforceable or illegal, or otherwise conflicts with the rules of JAMS, then the balance of this arbitration provision shall remain in effect and shall be construed in accordance with its terms as if the invalid, unenforceable, illegal or conflicting provision were not contained herein. If, however, subpart (6) is found to be invalid, unenforceable or illegal, then the entirety of this Arbitration Provision shall be null and void, and neither you nor TSYS shall be entitled to arbitrate their dispute. For more information on JAMS and/or the rules of JAMS, visit their website at www.jamsadr.com.
If you have questions about this Notice, or if you want to exercise your rights as described in this Notice, you may contact us as follows:
TSYS Merchant Solutions, LLC
Attn: Legal Department
1601 Dodge Street, 26E
Omaha, NE 68102
In order to honor any access or deletion request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you designate an authorized agent to make a rights request on your behalf, we may require proper proof of that authorization as well as direct verification of your identity from you.