Last updated: July 21, 2022
Information We Collect Directly
We may collect personal information directly from (a) parties that interact with us, such as individuals who contact us or submit information through our Websites; (b) parties to whom we provide Services (“Clients”); (c) individual consumers who request a consumer report from us; and (d) other parties with whom we offer or provide Services (“Partners”).
Information We Collect Through Camera
When you use the App, we use the camera on your mobile device to capture the image of checks you are processing using the App. In order to process the check, we use a third-party service provider who uses the check image to collect and share with Certegy the check number, check amount, and routing and account numbers as they appear on the check. Please note that neither the image nor this extracted information is stored on your camera roll.
Request for Disclosure of Consumer Report Information
If you are a consumer requesting a disclosure of consumer report information from us or disputing consumer report information we have provided about you, we may collect personal information from you in connection with that process such as a government issued identification number, bank routing and account number, or social security number.
If you wish to receive your consumer report via text message, we may also ask you to provide us with your phone number.
Additionally, we may require you to submit proof of your identity (e.g., copy of a government-issued identification like a valid driver’s license, valid state issued identification, military identification, or passport) or proof that you are an owner or authorized signer on the bank account about which you are requesting information. For more information on how to request a disclosure of consumer report information, please visit https://www.askcertegy.com.
Information We Collect Indirectly
We may also receive personal information about individuals who do not interact with us directly. For example, our Clients, Partners, and service providers may provide us with information about individuals when using our Services.
For example, we may collect personal information about the personnel of our Clients, service providers, or Partners, such as the business contact information that our Clients, service providers, or Partners provide to us in the context of our contractual relationships with them. We may also collect personal information about individual customers of our Clients that our Clients send to us or allow us to collect in the context of providing the Services. Such information may include information related to financial check or electronic payment transactions initiated by an individual customer, government-issued identification numbers, bank routing/account numbers, and information needed to verify a customer’s identity and details of products or services purchased.
Information We Collect from Other Sources
We and our service providers may collect information about individuals that is publicly available, including by searching publicly accessible government lists of restricted or sanctioned persons, public records databases, as well as other private or commercially available sources to the extent permitted under applicable law.
Information Collected via Automated Means
For more information about how to control what cookies are placed on your computer and to manage your browser’s opt outs, visit: http://optout.networkadvertising.org.
Certegy’s Business Model
To protect both consumers and Clients against losses from fraudulent or returned payments, we have developed an automated system that predicts the likelihood of these outcomes and then recommends to Clients whether a payment should be accepted in exchange for goods, services, or cash. Our system analyzes each transaction for potential risk factors including, but not limited to, location, check writing and cashing history, amount, and fraud trends at the Client locations. To provide this service, Certegy compiles and maintains a database of consumer check writing history, returned checks, and account closures, which makes Certegy a consumer reporting agency under the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq. (the “FCRA”).
Providing Services to Our Clients
We use your personal information for the purposes of providing the Services, including without limitation: (a) operating, evaluating, maintaining, improving, and providing the features and functionality of our Services; (b) fulfilling a payment transaction initiated by you (either with us or our Client); (c) managing our relationship with you or your company; (d) carrying out our obligations, and exercising our rights, under our agreement with you or your company; (e) checking for fraud or money laundering and/or managing either our or our Clients’ risk; (f) administering and protecting our business; and (g) providing support and maintenance for our Services, including responding to your service-related requests, questions, and feedback.
If you have provided your contact information through the “Contact Us” page on our Website or contacted us for information about Certegy services, we may use your contact information to provide you with marketing communications about Certegy services.
Disclosure of Consumer Report Information
If you are a consumer requesting a disclosure of consumer report information from us, we will use the information you have provided along with your request, including any supplemental information or documentation, to verify you are the subject of the consumer report provided by Certegy, to fulfill your request and to contact you about your request to the extent necessary.
We may use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities. We may also use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern our Services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
When Certegy performs Services for its Clients, it may share personal information with those entities. For example, Certegy may collect information about a Client’s customers from or on behalf of the Client, such as when Certegy processes payment transactions, and Certegy may provide personal information about those customers back to the Client. We are not responsible for the privacy practices of our Clients and encourage you to review the privacy policies of any merchants collecting your personal information.
Participants in the Transaction Processing Chain
Certegy shares personal information with companies in the transaction processing chain in connection with processing a payment transaction, such as merchants and banks.
Credit Reference, Fraud Protection, and Risk Management Agencies
Certegy may share personal information with fraud protection, risk management, and identity verification agencies to help guard against, detect, and respond to fraud or money laundering, and/or manage our or our Clients’ risk, and ensure we comply with contractual, legal, or regulatory requirements.
Certegy may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our Services; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
Certegy may transfer your personal information to any third party who is not otherwise covered by the other listed categories above where you have given us permission to do so, or with whom you have entered into a contract when we need to transfer your personal information to that party in order to fulfil that contract.
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track signals. To find out more about “Do Not Track,” please visit https://allaboutdnt.com/.
In some jurisdictions, applicable law may provide a right for individuals to access, modify, or delete their personal information in some. You may contact us as provided below directly to request access to or modify or delete your information. We may not be able to provide access to, modify, or delete your information in all circumstances.
If you have a complaint about our handling of your personal information, you may contact us as provided below. We request that a complaint be made in writing. We may contact you for additional details or clarification about your concern or complaint. You also may have a right to file a complaint with a national or local regulatory agency.
California residents have certain special rights. For more information, see section 12 below.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and are subject to a duty of confidentiality.
We will retain your personal information for the duration of your involvement/engagement with us and for as long as reasonably necessary afterwards. We may maintain different retention periods for different products and services. There are also certain types of information which are required to be retained for a certain period by law. We will retain and use your personal information for as long as necessary based on why we collected it and what we use it for. This may include our need to satisfy a legal, regulatory, accounting, or reporting requirement.
We do not transfer data outside of the United States to prepare or process the Services. The Services are prepared, and information is stored, in the United States. Additionally, our Websites are controlled and operated in the United States.
Our Websites and Services are not intended for children. We do not intentionally or knowingly collect personal information from children under the age of 16, and we request that individuals under the age of 16 do not submit any personal information on the Websites. If we learn that we have received identifying information from an individual under the age of 16 through our Websites, we will delete this information. If you believe that we have information relating to an individual under the age of 16, please contact us using the contact information provided below.
If you are a California resident, you also have the following special rights under the California Consumer Privacy Act (“CCPA”). Please note that we will never sell your personal information.
Your Right to “Know” and to Request Deletion
You have the right to know the categories and specific pieces of personal information we have collected about you. You have the right to know the categories of sources from which the personal information has been collected, the business or commercial purpose for collecting personal information, and the categories of third parties with whom we share personal information.
You also have the right to request deletion of personal information we’ve collected or maintain. Please note this right is subject to certain exceptions, including without limitation our retaining information as necessary to protect against malicious, deceptive, fraudulent, or illegal activity, to comply with our legal obligations (including without limitation our obligations under FCRA), and for other internal purposes.
To exercise these rights contact us as provided in the “Contact Us” section below. We may ask you to provide additional information in order to verify who is making the request. Please note that any requested disclosures will only apply to the 12-month period preceding the request, and you are entitled to request disclosure regarding your personal information twice in any 12-month period.
Personal Information Disclosed
You also have the right to what categories of personal information we’ve disclosed for a business purpose, and the third parties to whom that information was sold or disclosed. We’ve disclosed for a business purpose the following categories of information to service providers who assist with our business operations (for instance, payment processing, technology services, communications) in order to provide the Services to you or to facilitate collection of a debt: your first and last name, address, date of birth, e-mail address, phone number, bank routing and account number, and other information necessary for processing your transaction.
Your Right to Non-Discrimination
You have the right not to receive discriminatory treatment for the exercise of the privacy rights conferred by CCPA, including but not limited to by denying you Services, charging different prices or rates, or providing you with a different level or quality of Services.
Your Right to Use an Authorized Agent
You have the right to designate an authorized agent to make a request under the CCPA on your behalf. To designate an authorized agent, please contact us as provided in the “Contact Us” section below. In order to verify you have authorized an agent we will require a signed, written authorization from you.
If you make a request to access or delete your information, we may ask you for additional information to verify your identity. This information may include your full name, phone number, email address, or other basic personal information about you that we already have on file.
Certegy Payment Solutions, LLC
PO Box 7189
Clearwater, FL 33758