Information Protection Statement
Effective December 16, 2021
At Global Payments, we are aware of your concerns about the loss of privacy. This Website Privacy Statement (the "Statement") applies to the collection of personal data, information security and privacy standards applicable to all users of our websites, forums and blogs (the "Sites") and mobile applications (the "Apps") in connection with our business activities. For the purposes of this Statement, the terms "Global Payments", "our company", the pronouns "we" and "us" refer to Global Payments Inc. with respect to context. and its subsidiaries and affiliates. Our privacy policies vary according to the type of services we provide and the specific requirements of the specific countries in which we operate. For some services and products where this is required, we provide supplemental privacy statements prior to collecting your personal information. Please read this Statement carefully. If you have any questions, you can contact us atthe emailaddress privacy@globalpay.com or as set out in the "Contact Us" section below.
Global Payments is a provider of payment products and services for both commercial and non-commercial entities. These products and services include card transaction processing, cheque collection, cash services, payment terminal management and support, business account management and money transfers. As part of our payment processing activities, we routinely collect and store personal data about our customers and the third parties with whom our customers do business. Information about the provision, transfer and further processing of personal data that occurs as part of our payment processing activities is provided to our customers at or before the time of establishing a relationship with us and is not part of this Statement as this applies only to the data we collect through our Sites. Click any of the links below to go to the appropriate section:
- Personal Information We Collect
- What sources of personal data we use
- How We Use the Personal Information We Collect
- How We Share The Personal Information We Collect
- Our relationship with affiliates (including sharing and cross-border transfers)
- Login details and your responsibility
- Setting your preferences
- Your legal rights
- Anonymization and aggregation of data
- How we protect and handle your personal information
- Cookies and other tracking technologies
- External links
- Kids
- Changes and updates
- Choice of law
- Arbitration
- Contact Us
- Region-specific information
Personal Data Collected
- identifiers such as name and contact details, which includes telephone number, email address and postal address;
- information protected from security breaches, such as your username and password with which you log in to the Site (see "Login Details and Your Responsibility" below);
- business information, which includes information about your business and your preferences regarding the products and related services you are interested in (see "Setting Preferences" below);
- Internet/electronic activity, which includes information obtained through cookies and other trackingtechnologies, such as location, device identifier, usage pattern and usage history;
- position;
- information provided by you, e.g. when you report a problem with our Site; and
- records of the correspondence we have with you.
Sources of personal data
Information obtained from third parties: When providing our services, we may receive information about you from third parties. This may include, for example, personal information, such as your name and contact information, obtained from your referring partners or other third parties so that we can contact you about the services we provide. We may also receive information from third parties regarding your business, which allows us to supplement our customer records with information about your company and professional data.
Information obtained by technological means: Whenever you visit our Sites or Apps or respond to an email we send, we may automatically collect information such as your account or device identifier and usage patterns, such as the pages you visit, the links you click, the type of content you interact with, the frequency and duration of your activities, and other information about how you use our services. However, you have the opportunity to express your preferences regarding certain methods of data collection by technological means for some of our services (see the section "Cookies and other tracking technologies"). On the Sites and Apps, we may collect your geographic location data in order to make location-specific services available to you.
How We Use the Personal Information We Collect
- to provide you with services;
- to contact you in connection with a query you have sent us or to comply with your request, e.g. a request for information about our products and services;
- to improve and personalize your use of the Site;
- to improve our existing products and services and develop new ones;
- for internal records and administration purposes;
- for control purposes related to current consumer interaction and concurrent transactions, which includes, but is not limited to, counting ad servings per visitor, verifying the position and quality of ad serving, checking compliance with laws and other regulations;
- for purposes related to the detection of security incidents, the protection against harmful, deceptive, fraudulent or illegal activities and the prosecution of persons responsible for such activities;
- for the purposes of internal research for the purposes of technological development and presentation;
- to verify or maintain the quality or safety of our products and services and to improve, update or extend them;
- to contact you by e-mail and send you newsletters or other updates, communications or publications, if you have subscribed to this service;
- for direct marketing purposes based on your consent, where required by law (see "Preference Settings" below);
- as necessary, to set up and manage your login and use of the login device available on the Site; and
- to comply with applicable laws and regulations, or for other purposes required or permitted by applicable laws and/or regulations.
How We Share The Personal Information We Collect
- with Global Payments affiliates where sharing is necessary for the provision of services or for our business (see "Our relationship with affiliates" below);
- service providers whose systems, applications, products or services help us provide our own services. For example, we share personal information with IT service providers who manage our office systems and our Sites and Apps. These service providers are bound by confidentiality and obliged to use any personal data we share with them or that they collect for us only for the purpose of providing the agreed service to our company;
- in the event that you have been referred to Global Payments by a partner in connection with the Services, the data may be shared with that Referring Partner. For example, if you have been referred to Global Payments by a third-party organization, we may share information with the Referring Partner in accordance with the terms of our business relationship with you and that partner, in accordance with the applicable privacy statement provided to you by either party at the time of collection of your personal information;
- we may share identifiers with logistics service providers for the purpose of delivering packages to individuals;
- we may share information about your electronic/internet activity (see "Cookies and other tracking technologies" below) with advertising and analytics providers to measure the impact of our advertising campaigns and to better understand how individual users use our Sites and Apps;
- with third parties to whom we are instructed to provide specified categories of your personal data.
In addition, Global Payments may disclose information about you if global payments believes that such disclosure is necessary to comply with the law or in response to a lawful request and legal action, to enforce our agreements, regulations and terms of use, and to protect or defend the rights, safety or property of Global Payments, users of the Services or any other person.
In addition, we may share personal data subject to applicable legal requirements in connection with a merger, financing, acquisition, bankruptcy, liquidation, transaction or proceeding relating to the sale, transfer, divestment of part or all of the assets of another company or the provision of information about such assets.
We will not sell your personal data to any third party unless otherwise stated in a specific communication and unless you have given your consent to do so, unless required by law.
Our relationship with affiliates (including sharing and cross-border transfers)
Because our affiliates are located in different countries of the world, your personal data may be transferred to and stored in the United States or other countries outside your country of residence, which may be governed by different data protection regulations than those applicable in your country of residence.
We take appropriate measures to ensure that such transfer of personal data is carried out in accordance with applicable law, that it strictly protects your right to privacy and your interests, and that the transfer is limited to those countries that are known to provide an adequate level of legal protection or that they apply alternative reasonable measures to protect your privacy.
Setting your preferences
Subject to your consent, where required by law, we may use your personal information for the purpose of directly providing marketing information about our and our affiliated products and services in various locations around the world and to third parties. Direct marketing is carried out by e-mail, telephone, post, SMS, or other relevant methods. In addition, we may provide direct marketing information and allow other parties to do so if we are permitted to do so by applicable contracts with our customers.
We will also take measures to ensure that any direct marketing coming from us by electronic means will allow you to easily stop receiving further communications in accordance with applicable law. For example, in the case of emails, we may provide you with an "unsubscribe" link or email address to which you can send your unsubscribe request. In addition, if we need your consent in accordance with applicable direct marketing laws, if you give us such consent, you will be able to change your decision at any time.
Your legal rights
With certain exceptions, and in some cases depending on the specific processing, some users, which includes citizens of the European Union and citizens of the State of California, may have certain rights in relation to their personal data. These rights are:
EU citizens' rights |
What does this mean? |
Right to be informed |
You have the right to clear and comprehensible information about how we use your personal data. Therefore, we provide you with this Statement, and we may provide you with other forms of Statements within the Services as required or required by law. |
Right of access to personal data |
You have the right to access the data we hold about you and a copy of this data. |
Right to data portability |
In somecircumstances, you have the right to collect the personal data you request from us in a format that is user-friendly and in which you will be able to transfer your data to another provider. |
Right to rectification |
You have the right to have your personal data corrected or updated if it is outdated, incorrect or incomplete. |
Right to erasure ("right to be forgotten") |
In some circumstances, you have the right to have your personal data erased or deleted. |
Right to restriction/suspension of personal data processing |
You have the right to object to the processing of personal data on the grounds of legitimate interest. You have the right to withdraw your consent to the processing that takes place on the basis of your consent (this includes the right to stop direct marketing). |
Right to information on data transfers |
You have the right to receive a copy of the documents relating to the security measures under which your personal data is transferred outside the EU. |
Right to lodge a complaint with the visor authority |
You have the right to lodge a complaint with the competent data protection authority in your country about the way we process your data and protect your privacy. |
California Citizens' Rights |
What does this mean? |
Right to information about the collection, disclosure and sale of personal data |
You have the right to request that we provide you with information about the categories of personal data we have collected, used, provided or sold within the last 12 months. We provide information about the categories of personal information we have collected, the sources from which we obtained it, the purposes for which we collected it, and the third parties with whom we may share that information. |
Right to terminate the sale of personal data |
You have the right to request that we do not sell your personal data to third parties. |
Right to request erasure |
In certain circumstances, you have the right to request the erasure or removal of your personal data. |
Right to the same services and prices ("non-discrimination") |
Your decision to exercise your privacy rights will not be used as a ground to discriminate against you in relation to the services or prices offered. |
Anonymization and aggregation of data
Subject to your consent, where required by law, we may anonymize and aggregate your personal data in a way that ensures that you are not identified and identifiable, so that we can use such anonymized or aggregated data for example for statistical analysis and administration, including trend analysis, to perform actuarial analyses, to tailor products and services to customer needs, and for risk and cost analysis; and fees in connection with our products and services. We may share anonymized or aggregated data with our global affiliates and other third parties. This Statement does not limit Global Payments' ability to use or share any non-personal, aggregated, derivative, anonymized or aggregated information.
How we protect and handle your personal information
We have implemented administrative, technical and physical security measures to protect the personal information you provide to us from accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Any suspicion of an attempt to breach our actions and processes or an unauthorized act of any kind relating to our information systems is considered a potential criminal offence. Suspected attempts to access or use our systems in a manner that is contrary to our laws or security controls may be reported to the appropriate authorities.
Please note that communication via the Internet, e.g. by e-mail, is not secure. We strive to ensure the security of all confidential information and personal data provided to us in accordance with our obligations under applicable laws and regulations. However, like no website operator, we cannot guarantee the security of any data transmitted over the Internet. When we no longer need your personal information to provide the Services, it will be securely deleted or anonymized in a way that makes it impossible to re-identify you. Where we collect or store your personal data on behalf of our Customer, the possession of your personal data may be subject to the terms of our contract with that Customer.
Cookies and other tracking technologies
A "cookie" is a text file that is stored in your browser when you visit a website. Unique device identifiers, such as an IP address or UDID number, recognize the computer or other device through which a visitor accesses the Internet. Unique device identifiers are used alone and in combination with cookies and other tracking technologies to "remember" the computers or other devices used to access the Sites and Apps.
The use of cookies and other tracking technologies allows us to remember a variety of information about your visit to the Site, such as country, language and other settings. Tracking technologies provide us with insight into who has viewed what pages, ads or emails we send, from which we can determine how often certain pages are visited, as well as the relevance and effectiveness of our communications. They also help us manage our Sites more efficiently to make your work even easier the next time you visit. Cookies and other tracking technologies allow us to do all sorts of other things as explained below.
Cookies can be divided by duration and source:
Duration. The site uses both "short-term" and "persistent" cookies. Session cookies are temporary – their function is terminated as soon as you close your browser or otherwise stop your "active" browsing. Persistent cookies also remember you on your next visits. Persistent cookies are not deleted when you close your browser, on the contrary, they remain stored on your computer or other device until you delete them yourself (see below "How to delete or block Cookies").
Source. Cookies can come from a "first party" or a "third party", which means that they are set either by or on behalf of TSYS or by a third party that is the operator of another website. Examples of third-party cookies may be some elements contained on our Sites, such as videos provided by other companies that are able to set and read their own cookies. Our Sites may use both first-party and third-party cookies.
The cookies and tracking technologies that we may use on the Site fall into the following categories:
Necessary. These cookies are necessary for the functioning of the website and cannot be turned off in our systems. Typically, they are set only in response to actions you perform, such as logging in or filling out forms. You can set your browser to block or notify you of these cookies, but blocking them may reduce the functionality of the Site.
Power. These cookies allow us to count visits and traffic sources in order to measure and improve the performance of our website. They help us to find out which pages are the most and least popular and how visitors move around our website. All information these cookies collect is aggregated. If you do not allow these cookies, we will not know when you have visited our website and we will not be able to monitor its performance.
Functional. These cookies allow our Site to provide better features and personalization. They may be set by us or by third-party providers whose services we have added to our site. If you do not allow these cookies, some of these services may not work properly.
Targeting cookies. These cookies may be set through our Sites by our advertising partners. They may be used by such companies to create a profile of your interests and to display relevant advertising on other websites. They are based on the unique identification of your browser and Internet device. If you do not allow these cookies, you will see less targeted advertising.
How to delete or block Cookies and Other Tracking Technologies
Where technically possible, we will enable tools on some Sites that allow you to choose your settings for cookies and other tracking technologies. At the same time, you have the option to delete or block cookies at any time by changing your browser settings. You can either click on the "Help" link in your browser toolbar to learn how to proceed, or refer to the Interactive Advertising Bureau's Cookie Management Guide, available at www.allaboutcookies.org. If you delete or block cookies, it may happen that some elements of the Site do not work properly.
External links
Global Payments may post links to other websites on its Sites under its control. We do not endorse the content placed on such websites or the products and services offered on them, and we make no warranties of any kind with respect to such content, products or services. We make no representations regarding the use of such websites. Please note that we are not responsible for the way in which the operators of such websites ensure privacy. We encourage our users to be aware of when they leave our Sites and to read the privacy statements on each website that collects personal information. This Statement applies only to information that we collect. Before you access and use other websites, you should read any other relevant privacy and cookie statements.
Kids
Our Sites are not intended for children. We do not request and knowingly collect any personal information about individuals under the age of 18. Please do not use this website if you are under 18 years of age.
Changes and updates
We reserve the right, in our sole discretion, to modify, update, extend, cancel, remove or otherwise modify this Statement in whole or any part thereof at any time. Each time we make changes to this Statement, we will modify the "Last Updated" date at the beginning of the document. We will also take reasonable steps to ensure that you are aware of all material updates, including by direct notice of such changes and, where applicable, notices made through the applicable Services. If you provide us with your personal information or access and use our Site after any change to this Statement, we assume that you have unreservedly accepted and agree to the changes made. The most recent version of the Statement will be available on both the Sites and Apps and supersedes any previous versions of this Statement.
Choice of law
Except as otherwise permitted by law, this Statement, including any amendments or additions, is governed by the laws of the United States, the State of Georgia, without regard to conflict of laws and choice of law principles that would require the application of the laws of another state.
Arbitration
Except as otherwise permitted by law, by using our Sites, you unreservedly agree and undertake that (1) any claim, controversy or dispute , whether on a contractual, civil or other basis) with respect to Global Payments or its parent company, subsidiaries or affiliates, as well as with respect to its members, representatives, directors and employees (all such persons and entities hereinafter collectively referred to as "Global Payments Entities") arising out of or in connection with the Services or in determining the scope of this Arbitration Agreement shall be exclusively, definitively and bindingly resolved in arbitration before JAMS conducted by one arbitrator under JAMS Rules; (2) this Arbitration Agreement is entered into by reason of a transaction involving interstate commerce and will be governed by the Federal Arbitration Act ("FAA"), 9 U.S.C. §§ 1-16; (3) the arbitration shall be held in Atlanta, Georgia, USA; (4) the arbitral award must be consistent with the terms of this Statement and any other agreements referenced herein that the relevant user has entered into in connection with the Services; (5) the arbitrator shall apply the laws of the State of Georgia in accordance with the FAA and applicable statutory time limits, and shall respect the right to refuse to produce documents and maintain confidentiality in accordance with the law; (6) there will be no authority to decide claims based on a class action or an action by proxy, only your individual claims or individual claims of Global Payments entities may be decided; the arbitrator shall not have the power to consolidate or aggregate the claims of other persons or parties in a similar situation; (7) the arbitrator shall not have the right to impose any punitive damages on you or any Global Payments entity; (8) In the event that the administrative fees and advances that must be paid in order to commence arbitration against any Global Payments entity exceed $125 and you are unable (or obliged under JAMS Rules) to pay any fees or advances in excess of that amount, Global Payments agrees to pay or cover them on your behalf, subject to the final decision of the arbitrator. If you are further able to demonstrate that the cost of arbitration is too high compared to the cost of litigation, Global Payments will pay such portion of your registration and court fees in connection with the arbitration as the arbitrator deems necessary to prevent arbitration fees from being too high and thus obstructing arbitration; and (9) if any part of this arbitration provision, with the exception of paragraph (6) above, is found to be invalid, unenforceable or unlawful, or otherwise inconsistent with JAMS Rules, the remainder of this arbitration provision shall remain in effect and shall be construed in accordance with its terms as if the invalid, unenforceable, illegal or conflicting part was never contained therein. However, if paragraph (6) is found to be invalid, unenforceable or unlawful, this arbitration provision will become invalid in its entirety, and neither you nor Global Payments will be entitled to resolve any dispute by arbitration. More information about JAMS and its rules can be found on the www.jamsadr.com website.
Contact Us
If you have any questions about this Statement or if you wish to exercise your rights as described in this Statement, you may submit your request to us by completing this form [LM1] or by contacting us at:
Global Payments Inc. 3550 Lenox rd, Suite 3000 Atlanta, GA 30326
privacy@globalpay.com 800-367-2638
In order to comply with your request for access or deletion, we need you to provide us with sufficient information to verify your identity. For example, we may ask you for information related to your account, which includes your contact information or other identifying information. If you appoint an authorised representative to make claims on your behalf regarding your rights, we may require convincing proof of their authorisation as well as verification of your identity directly by you.
Region-specific information
Users from the following regions and countries should read the following paragraphs, which contain additional information about some of the specifics of the privacy laws and regulations existing in those regions. In the event of a discrepancy between the information referred to above and the following paragraphs, the following paragraphs shall prevail in relation to the regions and countries concerned.
Users in the European Economic Area
Your personal data may be processed in countries outside the European Economic Area ("EEA") that may not have data protection laws comparable to those in the EEA. This includes data transferred between Global Payments and its affiliates in different locations around the world or by third parties as described in the paragraphs above. The relevant bodies of Global Payments will take the necessary measures to ensure the protection of your personal data obtained through this website in accordance with applicable data protection laws.
European Union: Identification of the data controller
The relevant Global Payments subsidiary operating in your country is responsible under applicable data protection laws to the extent that it uses your personal data for its own purposes. If Global Payments Inc. or any of its subsidiaries uses your personal information for its own purposes, such as to provide you with payment processing services, such entity may also be liable in accordance with applicable laws that apply to it. Below is an overview of the Global Payments subsidiaries operating in each country of the European Union that are responsible for processing your personal data collected through our Sites. You can contact our subsidiaries in the European Union if you require further information about the third parties with whom we share your personal data, as well as the legal basis for data processing and specific information on the exercise of your rights as data subjects within the meaning of the General Data Protection Regulation (GDPR).
Countries | Subsidiary |
Czech Republic | Global Payments Europe, s.r.o. |
Czech Republic | Global Payments s.r.o. |
Hungary | Global Payments Europe, s.r.o. Magyarorszagi Fioktelepe |
Slovakia | Global Payments s.r.o., organizational unit |
Austria | Global Payments s.r.o. Zweigniederlassung Österreich |
Romania | Global Payments s.r.o. Praga Sucursala București |
Ireland | Pay and Shop Limited |
Malta | Global Payments Limited |
Spain | Comercia Global Payments Entidad de Pago, S.L. |
Spain | EPG Support España |
United Kingdom | GPUK LLP(1) |
United Kingdom | Bleep UK PLC |
(1) The Company is registered with the Office of the Information Commissioner of the United Kingdom as a "data processor" under the identifier Z1374314.
Australia
Under the Privacy Act 1988 (Cth) (the "Australian Act"), you have the right to (i) request access to your personal data; (ii) request rectification of your personal data and (iii) lodge a complaint with us for breach of the Australian Privacy Provisions (Amendment 1 of the Australian Act) or any binding registered privacy policy. Any complaints or requests for access to or correction of personal data will be dealt with in accordance with our obligations under this Act. All complaints are treated seriously and are assessed by the relevant staff in order to resolve all matters properly and in a timely manner and in accordance with the law.
California
If you are a California resident, you may exercise your privacy rights described above by contacting us in any of the ways set forth in the "Contact Us" section of this Statement.