Thank you for using PayMongo!
Please read this Policy carefully. By clicking the applicable button or checkbox to indicate your acceptance to this Policy and our Terms, or otherwise by creating an Account and using the Service, you represent and agree that you have read, understand, and agree to be bound by both this Policy and our Terms as binding agreements.
We may update this Policy from time to time. If you continue using the Service after we make any changes to this Policy, you accept and agree to be bound by those changes. The most updated version of this Policy will always be posted on the Service, so we encourage you to check the Policy periodically. In certain situations, we may notify you about material changes to the Policy. You are responsible for ensuring we have an up-to-date, active, and deliverable email address on file for you, and you agree that your use of the Service will be subject to any updated Policy posted on the Service, whether or not you receive notice of such changes.
This Policy applies to personal information we collect on the Service. It does not apply to any non-personal information or any information collected by any third party. As used in this Policy, “personal information” means information that can be used to identify any natural person either directly or indirectly.
Moreover, if you are a Customer, we may collect Customer Data either directly from you or from the user using our Payment Processing Services.
When you register for an Account, we require that you provide us with certain personal information about you. This includes, but is not limited to, your first and last name, e-mail address, and the name of your business. As part of the account registration and verification process, we may also ask you for certain other information, such as your phone number and your business’s tax identification number, as well as documents that include personal information about you. These documents include, but are not limited to, government-issued identification including identification containing photo and signature, bank statements, proof of income, documentation verifying the legal existence of your business and its beneficial owners and principals, bank statements and related banking information, and other financial documents to verify your identity and assess the risk associated with your business. Even if you access and use the Service without registering for an Account, you may choose to provide us with certain personal information about you (for example, you may want to sign up for our newsletters or RSVP for events). The collection of this information is necessary to provide the functionality of the Service and/or to comply with applicable laws and regulations related to the Service’s product offerings.
If you are a Customer, when you make a payment through a user’s website or application in relation to a Transaction, we will receive certain Customer Data. Customer Data may include:
The collection of this Customer Data is necessary to provide the functionality of the Service (mainly, to process the Transaction) and/or to comply with applicable laws and regulations related to the Service’s product offerings. We may use Customer Data for the following purposes: (i) providing and improving the Services; (ii) internal usage, including but not limited to, data analytics and metrics so long as such Customer Data has been anonymized and aggregated with other customer data; (iii) complying with applicable legal requirements and assisting law enforcement agencies by responding to requests for the disclosure of information in accordance with applicable law; and (iv) any other purpose for which consent has been provided by the Customer.
PayMongo also offers UX features for you, as a Customer which includes card vaulting.
By agreeing to save the Card Details for future use, you, as a Customer, agree to the storage of your Card Number, Expiration Date, and CCV/CVV (“Card Details”) through the safety of our Card Vaulting System. With regard to your CCV/CVV, this data will only be stored in order to process your payment. If your payment pushes through, your CCV/CVV will be deleted immediately. If your payment does not push through, your CCV/CVV will be deleted within twenty-four (24) hours thereof. We employ world-class security standards (PCI-DSS compliant) for card processing, which guarantees the security of your Card Details. We will also be using safe and tokenized user details to access your Card Details.
We collect certain information about you automatically as you access and use the Service and may similarly collect information from Customers. This includes:
This information does not identify you directly but may nevertheless be considered personal information.
We use the personal information that we collect to make the Service available to our users, to comply with our legal obligations under anti-money laundering and related laws, to market and promote the Service, to improve the Service, and to protect our legal rights.
Examples of the ways in which we may use your personal information include:
In addition to the above, if you choose to opt in to receive marketing and promotional communications from us, we may use your personal information to contact you about our products. If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails, or by whatever other means we allow you to unsubscribe. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.
We may also use your personal information for any other purposes with your consent.
We may disclose or share personal information that we collect in the following circumstances:
Any third-party entity to whom we disclose your personal information is contractually required to comply with confidentiality standards and establish adequate safeguards for data privacy, undertake to respect your right to privacy and comply with applicable laws. We also require that these third-party entities use information shared with them only for authorized purposes and follow our reasonable directions with respect to this information.
Additionally, we may share your personal information as required to comply with any subpoena, court order, similar legal process, including to respond to any government or regulatory request. To the extent permitted by law, we will notify you if we receive government requests about your data.
Finally, we may disclose anonymized, non-personal information about the Service and our users without restriction.
If you do not wish any of your personal information to be shared to any third party or for any of the indicated purposes, please contact us immediately.
You are solely responsible for ensuring that any personal information that you provide to us is accurate. You may be able to view and update certain personal information that we have about you by logging into your Account or by emailing address provided at the end of this Policy. Please note that we reserve the right to reject any changes you make to your personal information and to reject any requests to change your personal information submitted through inappropriate channels.
We use commercially reasonable physical, technical, and administrative measures to secure your personal information from accidental loss and from unauthorized access, use, and disclosure. For example, we (i) have implemented a strict data security policy, (ii) restrict access to personal information to employees, contractors, and other service providers on a need-to-know basis, (iii) use industry-standard encryption technology to secure data, (iv) train our personnel on privacy issues and have appointed a data privacy officer, (v) review the privacy practices of new products and services that we integrate into our Service, and (vi) require our personnel to sign confidentiality agreements that extend to your personal information. However, the transmission of information via the Internet is not completely secure. As we cannot guarantee the security of information transmitted to or from us, we are not responsible for any unauthorized access to and disclosure of any information you send to or receive from us. Any transmission of personal information is at your own risk.
Please also keep in mind that the safety and security of your information also depends on you. You are responsible for keeping your account information, including your password, confidential. We ask you not to share your password with anyone. If you have reason to believe that your data is no longer secure, please contact us immediately at the email address, mailing address or telephone number listed at the end of this Policy.
We may retain your personal information for the longer of: (i) six (6) months after receipt of your request to delete your Account; (ii) the length of time required by law; (iii) the length of time required by our compliance program; or (iv) the length of time required by our banking partners, including Payment Method Providers and Acquirers. Please note that if you delete your Account, we may still retain your personal information as explained above. You may delete your Account through the Dashboard, or you may email the address provided at the end of this Policy.
As you navigate through and interact with the Service, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, as further described in this Policy.
Other Technologies. We may use other third-party services that automatically collect information about you to better understand how you use and interact with the Service. For example, we may use third-party vendors to provide us with services surrounding analytics, advertising, and cybersecurity. The information collected through this process by the third-party service providers does not enable us or them to identify your name, contact details or other personal information that directly identifies you unless you choose to provide these.
To the extent that we receive any Do-Not-Track signals, we will not comply with them.
Any third-party services integrated with the Service shall be subject to the policies and practices of such third parties, and we are not responsible for how they collect, use, and share your personal information. We encourage you to review the privacy practices and policies of such third parties. We make no guarantees about, and assume no responsibility for the information, services, or data privacy practices of third parties.
To ask questions or comment about this Policy and our privacy practices, contact us.