Menu

Paymetric complies with the Privacy Shield Framework, as set forth by the U.S. Department of Commerce in consultation with the European Commission, regarding the collection, use and retention of personal data received from the European Union. As Paymetric is a U.S. company, it has voluntarily decided to comply with the EU – U.S. Privacy Shield Framework and is subject to the investigatory and enforcement powers of the Federal Trade Commission. By using our client’s services, you are permitting the transfer of your personal data to Paymetric, Inc. in the United States, which has different data protection laws than those in European Union member countries. You consent to the transfer of this information for the uses described in this Privacy Shield Policy and in our general Privacy Policy to the extent permitted by EU law.

Paymetric adheres to the Privacy Shield Principles. As such, Paymetric commits to subject all personal data received from the EU to the Principles, and therefore this policy shall govern Paymetric’s use of your personal data if there is any conflict between this policy and those contained in our general Privacy Policy.

Paymetric annually certifies its adherence to the Privacy Shield Principles. To learn more about the EU – U.S. Privacy Shield Framework, please visit https://www.privacyshield.gov/EU-US-Framework. To view Paymetric’s certification, please visit https://www.privacyshield.gov/list.

 

Personal Data Collected and Processed by Paymetric

Personal data means information that identifies or can identify an individual whether directly or indirectly and whether processed electronically by automatic means or manually. Paymetric receives personal data for individuals related to processing payment transactions initiated through our merchant clients. This data is collected for the purposes of completing a payment for goods and services purchased from our clients. The personal data collected can consist of payment information such as names, addresses, email addresses, card or account numbers, and CVV codes.

We may also collect your personal data from other sources, such as affiliates, or other companies.

Disclosures to Third Parties

When Paymetric receives personal data from a client for processing, we are acting as an agent for the client, and we do not control or share such data without direction from the client. In relation to such processing, Paymetric enters into appropriate agreements with the clients providing that the clients are the data controllers and are in compliance with the applicable EU data protection laws.

Paymetric does not transfer personal data to unrelated third parties unless lawfully directed by our client or in certain limited circumstances in accordance with the Privacy Shield Framework. In the event that Paymetric is directed by our client to transfer data to additional data processors, Paymetric will enter into appropriate agreements providing that the processor is in compliance with the Privacy Shield. Paymetric may be liable if it fails to meet those obligations and Paymetric is responsible for the event giving rise to the damage.

Paymetric may also share your personal data with other third parties as required or permitted by a duly authorized court order, subpoena, or request for cooperation from a regulatory, law enforcement or other government agency to meet national security or law enforcement requirements; to establish or exercise our legal rights; to defend legal claims; when we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others; or as otherwise required or permitted by applicable laws and/or regulations. In such events we will only disclose data relevant and necessary to the investigation or inquiry.

Paymetric may also share information with a third party that acquires all or part of Paymetric or succeeds Paymetric in carrying on all or part of Paymetric’s business by sale, merger, acquisition, or other corporate restructuring.

Choice

You can request that Paymetric no longer use or share your personal data with third parties or use your data for a purpose different from the purpose for which it was initially collected or subsequently authorized by you. If you wish to submit such a request, please submit your request via email to EUPrivacy@vantiv.com. To begin processing your request we require your name, address, and email address. We will follow up with you to verify the request, and obtain any additional information required. Please note that not all requests can be honored and that we may only honor reasonable requests. For example, in some cases such a request may not be immediately or fully executed because it is possible that we have a legal obligation to keep using your personal data. Also, you must consider that for certain purposes, the revocation of consent to use your data means that we cannot continue providing the services you requested.

Access and Updates to Personal Data

An individual in the European Union may contact Paymetric to learn whether or not personal data relating to him or her is found in Paymetric’s databases, learn how any personal data about the individual has been used or disclosed, verify the accuracy of any personal data about the individual, and request correction, amendment and deletion of personal data about the individual. Should you wish to make such an inquiry, please submit your request via email to EUPrivacy@vantiv.com. To begin processing your request we require your name, address, and email address. We will follow up with you to verify the request, and obtain any additional information required.

Please note that this right only applies to personal data about the individual making the request and is subject to other limitations as defined by law and the Privacy Shield Framework, including where the burden or expense of providing access would be disproportionate to the risks related to the privacy of the individual, where the rights of other individuals would be violated, where responding to or complying with an individual’s request would interfere with execution of the law or private causes of action, or where responding to or complying with and individual’s request would interfere with countervailing public interests like national security, defense, or public security. This right is also subject to reasonable limits on the number of times within a given period that access requests from a particular individual will be met.

Security

Paymetric has adopted technical, physical, and administrative security measures adopted under U.S. law and regulations to help protect the security of your personal data. For additional information regarding our security measures, please see the section entitled “Security,” in our general Privacy Policy.

Data Integrity

Paymetric makes reasonable efforts to only process personal data for the purpose for which it was collected as instructed by our clients. Paymetric takes reasonable steps to help ensure that personal data is accurate, complete, current, reliable for its intended use, kept only for the period necessary and not excessive for the purposes for which the personal data is processed.

Accountability, Enforcement and Inquiries

Any EU person who is not satisfied with Paymetric’s compliance with the EU – U.S. Privacy Shield may contact Paymetric to resolve such complaints at EUPrivacy@vantiv.com. We will respond within 45 days. If any EU person believes that such a complaint has not been resolved, he or she agrees first to try and settle the dispute by mediation, administered by the International Centre for Dispute Resolution under its Mediation Rules, before resorting to arbitration, litigation, or some other dispute resolution procedure. The rules governing these procedures and information regarding how to file a claim free of charge can be found here: http://go.adr.org/privacyshield.html.

Paymetric has further committed to refer unresolved Privacy Shield complaints to the JAMS Foundation, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of the JAMS Foundation are provided at no cost to you.

Any EU person who remains dissatisfied may contact his or her national Data Protection Authority in the country where the person resides. Paymetric has agreed to cooperate and comply with appropriate EU Data Protection Authorities and the Department of Commerce in resolving such disputes. If an EU person remains dissatisfied and meets the pre-arbitration requirements of Annex I Part C of the EU – U.S. Privacy Shield Framework, the person may invoke binding arbitration pursuant to procedures in Annex I of the EU – U.S. Privacy Shield Framework Principles found here: https://www.privacyshield.gov/EU-US-Framework.

Verification

Paymetric uses a self-assessment approach to ensure compliance with this Privacy Shield Policy, and verifies at least annually that the policy is accurate, comprehensive for the data intended to be covered, prominently displayed, completely implemented, and accessible and in conformity with the Privacy Shield Principles.

Questions & Contact Information

Any further questions and comments regarding Paymetric’s Privacy Shield Policy or practices can be directed in writing to:

Vantiv
Attn: Privacy Operations
8500 Governors Hill Drive,
Cincinnati, OH 45249

Or via email at EUprivacy@vantiv.com

Policy Updated: May 24, 2018