Privacy Policy

Paycloud.io is committed to keeping your information private in accordance with applicable laws and regulations, as well as industry recommendations. This policy documents the practices and approach used on systems owned or managed by Paycloud.io or its subsidiaries, henceforth “Paycloud.io”. Applicable regional privacy laws are reviewed and added to this policy.

Personal Information

Generally, “Personal Information” means any information about an identifiable individual and information which can be reasonably used to identify an individual. This Privacy Policy sets out the collection, use, and disclosure of Personal Information through our websites and our various software and related services (the “Software Services“).

Software services are generally used by individual self registered consumers, website visitors who may not be registered on the services, individuals registered on Paycloud.io portals by a customer of the software services and integrated partners using Paycloud.io software services on their platforms. Individual users regardless of registered status, and method of integration will be referred to as “end user, visitor, and customer” for the purpose of the privacy policy.
This Privacy Policy does not govern third parties or Personal Information that is collected, used, or disclosed by any third parties, including integrated Software Services partners. For more information on the types of Personal Information that may stored on behalf customers, see the section below entitled “Integrated Customer Data”.

Accountability

Paycloud.io is responsible for Personal Information in our control and has designated its Director of Payments as accountable for the organization’s compliance with this Privacy Policy. Any questions or complaints about this policy or compliance with this policy, or any requests to review or correct any of your Personal Information collected under this policy, should be directed to Paycloud.io as follows: Paycloud.io, 201 Byrd Court, Warner Robins, Ga. 31088, Attention: Director of Payments or customerCare@payCloud.io.

End User Information Collection

Paycloud.io is the sole custodian of the Personal Information, described below, that is collected on the publicly visible portion https://www.paycloud.io/. Information acquired is limited to only information required to provide services to end users and as needed to support service usage. Information from our end users is collected at the following points on our website:

Signup & Contact Information

Paycloud.io requests Personal Information from customers on the service signup form. Customers must provide contact information including: name, phone number and email address, and company name and address, if applicable in order tosignup. This Personal Information is used to contact the customer to provide access to the Software Services and to communicate related news and information. We may ask additional information about our customer’s business such as size, revenues and numbers of clients as well as more information about our customers such as their position in the company and the names and contact information of their colleagues. This information is used to help determine the nature and extent of type services that are appropriate.

Cookies

A cookie is a piece of data stored on the website user’s and visitor’s computer tied to information about software service usage. The Website uses “cookies” to collect information and improve our products and services. A cookie is a small data file that is stored on your device. Cookies cannot be used to see any other data on your computer, nor can they determine your email address or identity.
We may use session cookies to non-sensitive session information to improve or validate authentication. We may also use persistent cookies to enable the Software Services to remember certain settings and preferences.

The website may include advertisement partners cookies which may be used to track results of ad campaigns (marketing) and re-marketing our Software Services within other websites the user may visit. These third parties may place cookies on your computer and collect data about your online activities across websites or online services when you are logged into the third-party service, including for targeted advertising. Users can opt out by visiting the advertisement platform’s website.

Use of Customer Information

Personal Information collected is used only for configuration and maintenance of Software Services, providing customer support, processing invoice payments, and conveying information about accounts and upcoming features and benefits. Paycloud.io will only use personal information for the purpose of account management, as part of the service and to respond to marketing and sales inquiries. Such information is only stored in systems configured for internal Paycloud.io use as documented in this policy.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if any of our Software Services are temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested Software Services and in regards to issues relating to their account we reply via email or through the software portal.

Integrated Customer Data

Integrated Customers use Paycloud.io systems and applications to deliver Software Services to their users as Paycloud.io labeled or white labeled service. Customer Information, Information about our Customer’s Contacts and Archival Information (each defined below) are governed by this Privacy Policy, the Terms of Service and any other services agreements between Paycloud.io and the applicable Integrated Customers. This Personal Information is used to administer the Software Services and billing associated with payment for the Software Services.

We will retain Integrated Customer Information processed on behalf of Integrated partners for as long as needed to provide services to our partners, or for the period of time requested by a particular partner. Integrated partners are responsible for obtaining consent and maintaining any Personal Information collected with their forms. Individual users own all of their client data, which may include Personal Information. Our partners use the Software Service to manage their clients. Paycloud.io will only process Personal Information belonging to customers in the course of providing its services. This may include, for example, client names, contact information, billing information for use by the partner in the course of using our Software Services. While the application only collects the Personal Data necessary to provide Services, integrated partners may collect a wide variety of information from your customers using the forms within their applications.

We will not send promotional materials to or communicate directly with our customer’s clients other than on our customer’s behalf, and per their instruction. We will not share any customer information other than as required by law, or with express written permission of the appropriate person. It is the responsibility of our partners to ensure they have the appropriate consents in place for the collection and management of their data and Personal Information of third parties, such as their clients, and that all data is collected in a fair and lawful manner. Furthermore, it is our partner’s responsibility to update their clients’ Personal Information and to provide appropriate access to, and information about, the existence, use and disclosure of their information. Please contact any third-party organization directly for any inquiries about Personal Information collected by the organization.

Sharing Personal Information

Legal Disclaimer

While we make every effort to preserve user privacy, we may need to disclose Personal Information when required or permitted by law. In particular, we may disclose Personal Information to satisfy any applicable law, regulation, legal process or governmental request; enforce our contracts or user agreement, including investigation of potential violations hereof; and/or detect, prevent, or otherwise address fraud, security or technical issues.
Where reasonable, we will expeditiously provide customers with notice of any potential disclosure so that they can take appropriate protective measures.

Service Providers and Business Partners

Paycloud.io employs third parties to perform tasks on our behalf and we may need to share Personal Information with them to provide certain services. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary for them to provide the tasks and services on our behalf. The third parties we currently engage includes third party companies and individuals employed by us to facilitate our services, including the provision of database management, payment processing and customer relationship management tools.

Links

This website contains links to other sites. Please be aware that Paycloud.io is not responsible for the privacy practices of such other sites. We encourage our visitors to be aware when they leave our site and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this Web site.

Security

Paycloud.io takes every reasonable precaution to protect our visitors’ and our customers’ information. When sensitive information is submitted via the website, the information is protected both online and off-line. When our Software Services ask users to enter sensitive information, that information is encrypted and it is protected in alignment with recommendations from industry groups such as the Payment Card Industry Data Security Standard (PCI DSS). Along with encrypting the information while it is transmitted “in transit”, our systems are configured to protect the information through additional encryption after it is stored “at rest”. Servers that store personally identifiable information are in a secure environment. Paycloud.io protects credit card information according to Payment Card Industry Data Security Standards (PCI-DSS). As part of the our PCI program, the software services are reviewed by an external PCI Qualified Security Assesor to verify the security of the application in accordance with PCI-DSS requirements. In the event thatPaycloud.io becomes aware of a security breach, as required by applicable law or our customer agreements, we will notify customers whose data is affected and describe the measures being taken to contain the breach.

Supplementation of Information

In order to properly fulfill its obligation to our customers it is necessary for us to supplement the information we receive with information from third-party sources. For example, we validate the addresses provided. Credit checks may be performed on corporate customers by our payment processor in accordance with its own privacy policy and terms.

Business Transfers

If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.

Retention

We use and retain your Personal Information for as long as necessary to fulfill the purpose for which it is being processed, to carry out legitimate business interests, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your Personal Information will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

Notification of Changes

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

Children

The Site is not intended for use by children. We do not intentionally gather Personal Information about visitors who are under the age of 16 (or a minor in the jurisdiction in which you are accessing our Sites or Services). If a child has provided us with Personal Information, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 16 in the applicable jurisdiction, please contact us at customerCare@payCloud.ioIf we learn that we have inadvertently collected the personal information of a child under 16, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.

Our Legal Basis for Collecting Personal Information

Whenever we collect Personal Information from you, we may do so on the following legal bases:

1. Your consent to such collection and use;
2. Out of necessity for the performance of an agreement between us and you, such as your agreement to use our Services or your request for Services;
3. Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Information is necessary for:
   • Intra-organization transfers for administrative purposes;
   • Product development and enhancement, where the processing enables Paycloud.io to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our Users, and to better understand how people interact with our Sites;
   • Fraud detection and prevention;
   • Enhancement of our cybersecurity, including improving the security of our network and information systems; and
   • General business operations and diligence;

Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.

California Residents

This section provides additional details about the Personal Information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act (the “CCPA”). Paycloud.io does not sell (as that term is defined in the CCPA) the Personal Information we collect.

During the last twelve (12) months, we have collected the following categories of personal information from consumers.

A. Identifiers

First and last name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address.

Collected: YES

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, physical characteristics or description, address, telephone number, education, employment, employment history and disciplinary action, professional memberships, employee reference checks, trade union membership, bank account number, credit card number, debit card number, or any other financial information, medical information.

Collected: YES

C. Commercial information

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Collected: YES

D. Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application logs, device data and registration, social media account information or advertisement.

Collected: YES

We obtain the categories of Personal Information listed above from the following categories of sources:

• Directly or indirectly from our customers or their agents.
• Directly and indirectly from activity on our websites (www.paycloud.io). For example, from website usage details that are collected automatically. In addition, like many companies, we use “cookies” which are small text files a website can use to recognize repeat users, facilitate the user’s ongoing access to and use of the site and to track usage behavior of, for example, the webpages you visit.
• From third parties that assist us in providing certain transactions and services (e.g. payment processing, cloud hosting), even though it appears that you may not have left our Site.

We disclose your Personal Information for a business purpose to the following categories of third parties:

• Our affiliates;
• Strategic business partners who provide goods, services and offers that enhance our services;
• Service providers and other third parties we use to support our business, including without limitation those performing core services (such as credit card processing, customer support services, customer relationship management, accounting, auditing, processing insurance claims, administering surveys, advertising and marketing, analytics, email and mailing services, data storage, and security) related to the operation of our business and/or the Services, the processing and fulfillment of your orders, and making certain functionalities available to our users;

Subject to certain limitations, the CCPA provides California consumers with certain rights. This section describes Californians’ rights and explains how California consumers can exercise those rights.

Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.

• Right to Access Your Data. You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Personal Information over the past twelve (12) months. Any disclosures we provide will only cover the 12-month period preceding the receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
• Right to Data Portability. You have the right to a “portable” copy of your Personal Information that you have submitted to us. Generally, this means you have a right to request that we move, copy or transmit your Personal Information stored on our servers or information technology environment to another service provider’s servers or information technology environment.
• Right to Delete Your Data. You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
• Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for exercising your privacy rights conferred by the California Consumer Privacy Act.
• Exercising Your Rights

If you are a California resident who chooses to exercise your rights, you can:

1. Submit a request via email to customerCare@payCloud.io, or
2. Call 1- 866-385-6487 to submit your request.

You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.

Our Response to Your Request

Upon receiving your request, we will confirm receipt of your request by sending you an email. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.

We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

1. Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
3. Debug products to identify and repair errors that impair existing intended functionality;
4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 );
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
8. Comply with a legal obligation; or
9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
10. You may make this type of request once every calendar year.

Do Not Track

Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not respond to browser “Do Not Track” signals.

We adhere to the standards outlined in this privacy policy, ensuring we collect and process personal information lawfully, fairly, transparently, and with legitimate, legal reasons for doing so.
Contact Information

For any questions or suggestions regarding our privacy policy or requests to alter or remove any information please contact us at:
customerCare@payCloud.io

Last Updated: July __, 2024