Last Updated: December 17, 2019
At Global Payments, we respect your concerns about privacy. This Website Privacy Notice (“Notice”) relates to the collection of personal information, information security and privacy standards applicable to all users of our websites, forums and blogs (“Sites”) in the course of our business activities.
For the purpose of this Notice, “Global Payments”, “we” and “us” refer to Global Payments Inc. and its subsidiaries and affiliates, as the context requires. Our privacy practices vary depending on the services we provide and the country-specific requirements for the countries in which we operate. For some products and services, where required, we will provide additional privacy notices before collecting your personal information. Please read this Notice carefully. If you have any questions, you may contact us at [email protected] or by the methods provided in the “Contact Us” section below.
Global Payments provides payment products and services for commercial and non-commercial enterprises. Those products and services include payment card processing, check recovery, cash access services, point-of-sale terminal management and support, merchant accounting and funds transfer. As a part of our payment processing function, we routinely collect and retain personal information about our customers and the third parties with whom our customers do business. For our customers, information about disclosures, transfers and other processing of personal information as part of our payment processing function is set out in the documentation provided to them at or before onboarding and is outside of the scope of this Notice, which relates only to information we collect through our Sites.
Personal information we collect
Sources of personal information
How we use the personal information we collect
How we share the personal information we collect
Our relationship with affiliate companies (including sharing and cross-border transfers)
Login details and your responsibility
Managing your preferences
Your Legal Rights
Data anonymization and aggregation
Commitment to security, privacy and standards
Cookies and other tracking technologies
External links
Children
Changes & Updates
Choice of Law
Arbitration
Contact Us
Region-specific information
Through our Sites, subject to your consent if required by law, we may collect the following personal information, as relevant and as is voluntarily supplied to us by you:
Identifiers including name and contact details including telephone number, email address and postal address;
Information protected against security breaches such as your username and password, which you may use to log in to the Sites (see “Login Details and Your Responsibility” below);
Commercial Information including your preferences regarding products and related services which are of interest to you (see “Managing Your Preferences” below);
Internet/electronic activity including information from cookies and other tracking technologies including location, device identifier, usage and browsing history;
Geolocation;
Information you provide if you report a problem with our Sites; and
Records of any correspondence we have with you.
We collect personal information that you provide to us when you visit our SItes, set up an account with us, or communicate with us. We may also collect information about you from third parties. For example, we may receive referrals from banks or independent service organizations with which you have a relationship. In addition, when you visit our Sites we may collect certain information about your location, usage, or device through technology such as cookies (see “Cookies and Other Tracking Technologies” below).
Subject to your consent if required by law, we may use your personal information for the following business purposes:
To contact you regarding any inquiry you make or to fulfill a request, such as, for example, a request for information about our products and services;
To improve and personalize your experience when you use our Sites;
To improve our products and services and for the development of future products and services;
For internal record keeping and administration of records;
For auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with laws and other standards;
For detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity
For internal research for technological development and demonstration;
To verify or maintain the quality or safety of our products and services and to improve, upgrade, or enhance our services;
To contact you by email and, if you have signed up for the service, to share e-newsletter or any other updates, communications or publications;
For direct marketing purposes subject to your consent if required by applicable law (see “Managing Your Preferences” below);
As necessary to set up and administer your sign up to, and use of, the log in facility available on the Sites; and
For compliance with applicable laws and/or regulations and as otherwise required or permitted by applicable laws and/or regulations.
We are a multinational business headquartered in the United States, with subsidiaries and affiliates in various countries around the world. Your personal information may be disclosed to recipients located outside of your country, including our global subsidiaries and affiliates (see “Our Relationship with Affiliate Companies” below), as well as other types of service providers engaged to help us run our business, subject to your consent if required by law. These types of service providers may include distributors of our products and services, vendors retained to perform functions on our behalf or to provide services to us, including (without limitation) legal, accounting, audit, consulting and other professional service providers, and providers of other services related to our business.
In addition, if you were referred to Global Payments for services via a partner, such as independent services organization, we may share information with such partner in accordance with our business relationship with you and that partner, consistent with any privacy notice shared with you by either party at the time of the collection of your personal information.
We take steps aimed at ensuring that all persons who process your personal information as a service provider to us processes such information only as necessary for their service delivery and, where required by law, we ensure appropriate written instruction is provided to each service provider.
We may also disclose your personal information to third parties who are not service providers. Below is a list of categories of third parties to which we may disclose personal information and the business purpose for such disclosure:
To regulators including state and federal agencies, card payment networks, issuing banks and other parties required to enable compliance with laws, regulations and industry standards related to transaction processing in order to obtain commercial and credit information to establish, maintain or renew a customer’s contract(s), as may be required to provide any of the services for which a customer has subscribed, to comply with the rules and regulations of any credit or debit card payment network or otherwise in accordance with this policy;
To law enforcement, courts and other relevant parties in response to a court order or a request for cooperation from a regulatory, law enforcement or other government agency; to establish or exercise our legal rights; to defend legal claims; as otherwise required or permitted by applicable laws and/or regulations; when we believe that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or to protect and defend the rights, property or safety of Global Payments, its customers, staff, suppliers or others; and
Subject to applicable legal requirements, to another company or agent of such company in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business assets to such company.
Unless otherwise disclosed in a specific notice, and subject to your consent where required by applicable law,, we do not sell your personal information to third parties.
Subject to your consent if required by applicable law, we may appoint an affiliate company to process personal information in a service provider role. In most cases, we will remain responsible for that company’s processing of your personal information pursuant to applicable data privacy laws.
Because our affiliate companies are located around the globe, your personal information may be transferred to and stored in the United States or in another country outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.
We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law, are carefully managed to protect your privacy rights and interests and limited to countries which are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
Subject to your consent if required by applicable law, we will collect and process your personal information as necessary to set up and administer your sign up to, and use of, the log in facility available on our Sites and Apps. We will use “cookies” to “remember” the machine or other device you use to access our Sites and Apps (see “Cookies and Other Tracking Technologies” below). Please remember that if we contact you, we will never ask you for your password in an unsolicited email, message or phone call. If you choose to use the log in facility available on our Sites, you are required to adhere to the following security procedures in relation to your username (currently, your email address) and password, which are referred to as “login information”:
Keep your login information secret and secure at all times and do not disclose it to any other person or allow any other person to use it;
Do not write down or record in any form your login information or store it on any software, including a password save feature;
Destroy any notice from us concerning your login information as soon as you have read and understood it;
Should you become aware or have reason to suspect that your login information has been lost or disclosed to, or seen or accessed by someone other than yourself, immediately notify Global Payments at the email address provided above;
Do not leave your computer or other device unattended while you are using the log in facility available on this website or let anyone else use your computer or other device unless and until you have logged out; and
Use particular caution if you access the log in facility available on our Sites from a public or shared computer, to ensure that other people are not able to see seen your login details.
Subject to your consent if required by applicable law, we may use your personal information to provide you with direct marketing information about our products and services as well as those of our global affiliates and third parties. Our direct marketing may be by email, telephone, post or SMS or such other method(s) as may become relevant. In addition, we may provide direct marketing information and permit others to do that as allowed by our customers’ respective contracts.
We will take steps to seek to ensure that any direct marketing from us and which is sent by electronic means will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in emails, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. In addition, if we need your consent for direct marketing communications under applicable law, and if you provide your consent, you will be able to change your mind at any time.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, some users, including European Union residents and residents of the state of California, may have certain rights in relation to their personal information. These rights may include:
EU Resident Rights |
What does this mean? |
Right to be informed |
You have the right to be provided with clear and easy-to-understand information about how we use your personal information. This is why we are providing you this Notice and we may provide other forms of notice, as appropriate or required by law, in the Services. |
Right to access personal information |
You have the right to access and receive a copy of personal information we hold about you. |
Right to data portability |
In some circumstances, you have the right to receive the personal information you request from us in a format that is user-friendly and enables you to transfer it to another provider. |
Right to rectification |
You have the right to correct or update your personal information if it is outdated, incorrect or incomplete. |
Right of erasure (“right to be forgotten”) |
In some circumstances, you have the right to have your personal information erased or deleted. |
Right to restrict/suspend processing of personal information |
You may object to processing of personal information that is based on legitimate interest. You may withdraw consent for processing that is based on consent (this includes the right to opt out of direct marketing). |
Right to information about information transfers |
You have the right to obtain a copy of documents related to the safeguards under which your personal information is transferred outside the EU. |
Right to complain to a supervisory authority |
You have the right to contact the data protection authority in your country to complain about our data protection and privacy practices. |
CA Resident Rights |
What does this mean? |
Right to know about personal information collected, disclosed, and sold |
You have the right to be provided with clear and easy-to-understand information about how we use your personal information. This is why we are providing you this Notice and we may provide other forms of notice, as appropriate or required by law, in the Sites and Services. You also have the right to access and receive a copy of the personal information we hold about you. |
Right to opt-out of the sale of personal information |
You may request that we do not sell your personal information to third parties. |
Right to request deletion |
In some circumstances, you have the right to have your personal information erased or deleted. |
Right to equal service and prices (“non-discrimination”) |
Your choice to exercise your privacy rights will not be used as a basis to discriminate against you in services offered or pricing. |
Subject to your consent if required by law, we may anonymize or aggregate your personal information in such a way as to ensure that you are not identified or identifiable from it, in order to use the anonymized or aggregated data, for example, for statistical analysis and administration including analysis of trends, to carry out actuarial work, to tailor products and services and to conduct risk assessments and analysis of costs and charges in relation to our products and services. We may share anonymized or aggregated data with our global affiliates and with other third parties. This Notice does not restrict Global Payments' use or sharing of any non-personal, summarized, derived, anonymized or aggregated information.
We take seriously our responsibility to protect the security and privacy of the information we receive via our Sites and Apps. We maintain administrative, technical and physical safeguards designed to protect the personal information you provide via our Sites and Apps against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
Please remember that communications over the internet such as emails are not secure. We seek to keep secure all confidential information and personal information submitted to us through our Sites in accordance with our obligations under applicable laws and regulations. However, like all website operators, we cannot guarantee the security of any data transmitted through our Sites.
A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. Our Sites use cookies including cookies that are strictly necessary to enable the features of our Sites, performance cookies to see how visitors use our Sites, and functionality cookies that enable the Sites to “remember” machines or devices, personalize website content and tailor user experience.
On some Sites we also use cookies to help us target advertisements to users when they are browsing this website and other websites, in each case by reference to anonymous identifiers, not personal information. Additional information about the types of cookies we may use is provided in the Cookie Statement on this page.
In addition to the cookies Global Payments sets when you visit our Sites, third parties may also set cookies when you visit Global Payments sites. In some cases, that is because we have hired the third party to provide services on our behalf, such as site analytics. In other cases, it is because our web pages contain content from third parties, such as videos, news content or ads delivered by ad networks. Because your browser connects to those third parties’ web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services. Our Cookie Statement provides additional information about the cookies on this page and about your options to opt-out of third-party cookies.
Global Payments may provide links on our Sites to other websites that are not under our control. We do not endorse or make any warranty of any type regarding the content contained on such websites or products and services offered on those websites. We make no representation regarding your use of such websites. Please be aware that we are not responsible for the privacy practices of the operators of other websites. We encourage our users to be aware when they leave our Sites and to read the privacy statements of each and every website that collects personal information. This Notice applies solely to information collected by us. You should read any other applicable privacy and cookies notices carefully before accessing and using such other websites.
Our Sites are not intended for use by children. We do not solicit or knowingly accept any personal information from persons under the age of 18. Please do not use this website if you are under the age of 18.
We reserve the right, in our sole discretion, to modify, update, add to, discontinue, remove or otherwise change any portion of this Notice, in whole or in part, at any time. When we amend this Notice, we will revise the “Last Updated” date located at the top of the document. We will also take reasonable steps to ensure you are made aware of any material updates including providing you direct communication about such changes or providing a notification through the Services, as appropriate. If you provide personal information to us or access or use our Sites after this Notice has been changed, you will be deemed to have unconditionally consented and agreed to such changes. The most current version of this Notice will be available on the Sites and Apps and will supersede all previous versions of this Notice.
This Notice, including all revisions and amendments thereto, is governed by the laws of the United States, State of Georgia, without regard to its conflict or choice of law principles which would require application of the laws of another jurisdiction.
By using our Sites, you unconditionally consent and agree that: (1) any claim, dispute, or controversy (whether in contract, tort, or otherwise) you may have against Global Payments and/or its parent, subsidiaries, affiliates and each of their respective members, officers, directors and employees (all such individuals and entities collectively referred to herein as the "Global Payments Entities") arising out of, relating to, or connected in any way with the Services or the determination of the scope or applicability of this agreement to arbitrate, will be resolved exclusively by final and binding arbitration administered by JAMS and conducted before a sole arbitrator in accordance with the rules of JAMS; (2) this arbitration agreement is made pursuant to a transaction involving interstate commerce, and shall be governed by the Federal Arbitration Act ("FAA"), 9 U.S.C. §§ 1-16; (3) the arbitration shall be held in Atlanta, Georgia; (4) the arbitrator's decision shall be controlled by the terms and conditions of this Notice and any of the other agreements referenced herein that the applicable user may have entered into in connection with the Services; (5) the arbitrator shall apply Georgia law consistent with the FAA and applicable statutes of limitations, and shall honor claims of privilege recognized at law; (6) there shall be no authority for any claims to be arbitrated on a class or representative basis, arbitration can decide only your and/or the applicable Global Payments Entity's individual claims; the arbitrator may not consolidate or join the claims of other persons or parties who may be similarly situated; (7) the arbitrator shall not have the power to award punitive damages against you or any Global Payments Entity; (8) in the event that the administrative fees and deposits that must be paid to initiate arbitration against any Global Payments Entity exceed $125 USD, and you are unable (or not required under the rules of JAMS) to pay any fees and deposits that exceed this amount, Global Payments agrees to pay them and/or forward them on your behalf, subject to ultimate allocation by the arbitrator. In addition, if you are able to demonstrate that the costs of arbitration will be prohibitive as compared to the costs of litigation, Global Payments will pay as much of your filing and hearing fees in connection with the arbitration as the arbitrator deems necessary to prevent the arbitration from being cost-prohibitive; and (9) with the exception of subpart (6) above, if any part of this arbitration provision is deemed to be invalid, unenforceable or illegal, or otherwise conflicts with the rules of JAMS, then the balance of this arbitration provision shall remain in effect and shall be construed in accordance with its terms as if the invalid, unenforceable, illegal or conflicting provision were not contained herein. If, however, subpart (6) is found to be invalid, unenforceable or illegal, then the entirety of this Arbitration Provision shall be null and void, and neither you nor Global Payments shall be entitled to arbitrate their dispute. For more information on JAMS and/or the rules of JAMS, visit their website at www.jamsadr.com.
If you have questions about this Notice, or if you want to exercise your rights as described in this Notice, you may contact us as follows:
Global Payments Inc.
3550 Lenox rd, Suite 3000
Atlanta, GA 30326
770-829-8000
Or you may contact us using the “Contact Us” link on our corporate webpage.
In order to honor any access or deletion request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you designate an authorized agent to make a rights request on your behalf, we may require proper proof of that authorization as well as direct verification of your identity from you.
Users in the following regions and countries should read the sections below, which contain additional information about regional-specific privacy laws and regulations. In the event of conflict between the information above and the sections below, the sections below will prevail for the regions and countries specified.
Your personal information may be processed in countries outside the European Economic Area (“EEA”) which may not have data privacy laws equivalent to those in the EEA. This includes transfers between Global Payments and its global affiliates and to the other third parties as described in the previous paragraphs. The relevant Global Payments companies will take the necessary measures to ensure protection of your personal data collected through this website in accordance with applicable data privacy laws.
The relevant Global Payments subsidiary in your country will be responsible under applicable privacy laws to the extent it uses your personal information for its own purposes. If Global Payments Inc. or any of its other subsidiaries uses your personal information for its own purposes, for example, to provide payment processing services to you, that entity may also be responsible under any privacy laws applicable to it. Below is a list of the Global Payments subsidiaries, by country in the European Union, that are responsible for processing your personal information collected through our Sites. You may contact our European Union subsidiaries to receive additional information about the third-parties to whom your personal data is shared as well as the legal basis for processing such data and specific information about exercising your data subject rights under the General Data Protection Regulation (GDPR).
Country |
Subsidiary |
Czech Republic |
Global Payments Europe, s.r.o. |
Ireland |
Pay and Shop Limited |
Malta |
Global Payments Limited |
Romania |
Global Payments s.r.o. Praga Sucursala București |
Slovakia |
Global Payments s.r.o., organizačná zložka |
Spain |
Comercia Global Payments Entidad de Pago, S.L. |
United Kingdom |
GPUK LLP(1) |
(1) Registered with the U.K. Information Commissioner’s Office as a “data processor” under the identifier Z1374314.
Under the Privacy Act 1988 (Cth) (the “Australia Act”), you have the right to (i) request access to your personal information; (ii) request the correction of your personal information; and (iii) complain about a breach by us of the Australian Privacy Principles (in Schedule 1 of the Australia Act) or any binding registered APP Code. We will handle any complaints or requests for access to or correction of personal information in accordance with our obligations under the Act. All complaints are taken seriously and will be assessed by appropriate personnel with the aim of resolving any issue in a timely and efficient manner and in accordance with the Act.
If you are a California resident, you may exercise your privacy rights as described above by contacting us using the methods listed in the “Contact Us” section of this Notice.