Last Updated December 18, 2018
This Policy applies to information collected through all of the above channels. Collectively, we refer to all of the above channels as the “Services.”
If you do not agree to these terms, please exit this page and do not access or use the services.
Pay By Group collects the following information that relates to an identified or identifiable individual (“Personal Data”) in the following ways.
“Other Data” are data that generally do not reveal your specific identity or do not directly relate to an individual. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:
We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data and Other Data in the following ways:
A User's credit card information is never stored on our server.
We also use Personal Data to comply with our financial, regulatory, and other legal obligations, and to pursue our legitimate business interests.
We rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes that we have identified as legitimate. In determining the content of this list, we balanced our interests against the legitimate interests and rights of the individuals whose Personal Data we process. We:
Pay By Group works with third-party Platforms to enable Users to split the cost of the products or services offered on the Platform’s website or other channels. In order to provide the Services to our customers, Pay By Group will use the information you provide in the ways you would reasonably expect and not for any purposes other than those requested by or authorized by a User.
For example, when a User joins into a group, Pay By Group provides that User's information to the Platform, including information regarding whether or not that User has opted to receive marketing messages from the Platform. Platforms are obligated not to use a User's Personal Data for any purpose other than providing the goods and services purchased by the User. The Platform is only allowed to use the Personal Data for marketing messages if the User chose to opt in to the Platform’s marketing messages. You have a right to access this data and correct or remove it. In all cases you can always contact Pay By Group for assistance with regards to your Personal Data.
Any information you enter on a Platform's website or application, or on Pay By Group-controlled pages, fields, or resources that are integrated with the Platform's website or application, may be shared with the owner of the Platform website or application, subject to the requirements of the Payment Card Industry Data Security Standard (PCI-DSS) as regards payment information and applicable law.
It will be clear that you are on a page with the brand logo or other identification denoting that it is not exclusively a Pay By Group site unassociated with any Platform. Pay By Group is not responsible for the content or information practices of Platforms. For an understanding of their privacy policies and how they handle your personal information, you should contact the Platform directly.
Certain Personal Data is disclosed to other Users through normal use of the Services and in order to provide the Services in an effective manner. These are described in detail in the section covering how we use Personal Data.
We may employ trusted third party companies and individuals to facilitate the Pay By Group Services, to provide service on Pay By Group's behalf, to perform related services (including but not limited to maintenance services, database management, web analytics and improvement of Pay By Group’s features), or to assist Pay By Group in analyzing how the Services are used and can be improved.
These third party service providers may have access to your Personal Data only for purposes of performing these tasks on our behalf and under obligations similar to those in this Policy, and Pay By Group requires that these third party service providers use such Personal Data only in connection with the services they perform for Pay By Group.
As of the date this Policy went into effect, Pay By Group uses the following;
Successors and Assigns
Disclosing Other Data
Pay By Group does not sell, trade, share or rent your Personal Data to unaffiliated third parties. Trusted third parties may receive your Personal Data in fulfillment of our Services as outlined above.
Pay By Group maintains specific contractual agreements with these third parties to ensure that they use the Personal Data only for intended purposes and protect the information as Pay By Group would. If this practice were to change, Pay By Group would specifically provide you with the opportunity to choose to “opt in” or “opt out” of the sharing of your information.
In cases of onward transfer to third parties of information in violation of the Privacy Shield Principles, Pay By Group is potentially liable.
Pay By Group will cooperate with United States authorities, European Union (“EU”) Member State authorities, European Economic Area (“EEA”) authorities, Swiss authorities, and any other authorized independent third party with regard to the investigation and resolution of complaints or a claim. In the event of a claim and/or legal process (including but not limited to subpoenas), to protect the property and rights of Pay By Group or a third party, to protect the safety of the public or any person, or to prevent or stop any activity Pay By Group may consider to pose a risk of being illegal, unethical, inappropriate or legally actionable, Pay By Group reserves the right to disclose any Personal Data about you to government or law enforcement officials or private parties as Pay By Group in its sole discretion finds necessary or appropriate.
In the event of a merger, acquisition, reorganization or sale of assets, Pay By Group may sell, transfer or otherwise share some or all of its assets, and our Users' Personal Data may be transferred as part of that transaction.
Except as expressly disclosed in this Policy, Pay By Group will not sell or disclose User information to third parties. Pay By Group will not sell, rent, share, or trade personally identifiable information to third parties for their promotional purposes. Pay By Group may disclose aggregated or other types of non-personally identifiable information to third parties for various purposes.
Your Rights and Choices.
You have choices regarding our use and disclosure of your Personal Data:
Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. You may also have the right to object to the processing of your Personal Data on grounds relating to your particular situation.
Exercising Your Rights
In order to exercise your data protection rights, you may contact Pay By Group as described in the follow paragraphs. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country.
A request to delete a User's account is different from a request to unsubscribe from emails and communications. Users may opt to unsubscribe from our email alerts, which will terminate the issuance of automatically generated emails that inform Users about new features of the Site or to market Pay By Group's Services. To delete a User account entirely from Pay By Group.com, the User must email firstname.lastname@example.org with the subject line "delete account.""
If a User decides at any time that they no longer wish to receive Pay By Group emails or communications, they should click on the unsubscribe link provided in Pay By Group's marketing emails or email email@example.com with subject line "unsubscribe."
For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file or requesting additional verification in the forms of other identification. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.
If you are a User of a Platform, please direct your requests directly to the Platform. For example, if you are making, or have made, a purchase from a merchant using Pay By Group, and you have a request that is related to the payment information that you provided as part of the purchase transaction, then you should address your request directly to the merchant.
Residents of the European Economic Area (EEA) and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA and Switzerland is Pay By Group Inc. with offices at 100 Broadway, San Francisco, CA 94111. To exercise your rights, the Data Protection Officer may be contacted via firstname.lastname@example.org. In your email, please indicate the country from which you are contacting us.
Pay By Group takes the security of Personal Data seriously. Pay By Group has implemented physical, technical, and procedural safeguards to protect User information from unauthorized access, disclosure, alteration, or destruction. Pay By Group uses computer safeguards such as firewalls and data encryption, and authorizes access to Personal Data only for those employees, contractors, third party providers and agents who require it to fulfill their job responsibilities.
Pay By Group also takes additional care to protect User information, such as credit card or bank account numbers, if disclosure of the particular type of User information could cause direct financial loss. To that end, all sensitive Personal Data, including credit card data, is transmitted through secure networks supported by high-grade 256-bit encryption. Credit card numbers are not stored or held on our servers.
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
Retention of Your Data
How long we keep information we collect about you depends on the type of information. as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
We retain Personal Data that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to provide you with the Service, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).
When we have no ongoing legitimate business need to process your Personal Data, we securely delete the information or anonymise it or, if this is not possible, then we will securely store your Personal Data and isolate it from any further processing until deletion is possible. We will delete this information from the servers at an earlier date if you so request, as described in "Exercising Your Rights" above.
If you have elected to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our content, products, or services. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
International Transfer of Information and Privacy Shield
International Transfers within Pay By Group’s Systems and Entities
To facilitate our global operations, Pay By Group stores and processes User information on dedicated servers located in secure data centers that may be located within the United States or in other jurisdictions. If you use the Services from the EU or EEA Union, Switzerland, or other regions of the world with laws governing data collection and use that differ from laws of the United States, then you acknowledge and agree that the privacy and data security laws in place in the United States or other jurisdictions may be different from the privacy and data security laws in force in the country in which you reside. By voluntarily providing User information, you hereby agree that you are consenting to our collection, use, storage, and disclosure of such User information in accordance with this Policy.
International transfers to third parties
Privacy Shield Notice
Pay By Group participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework. Pay By Group is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.
Pay By Group has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg). If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.
Pay By Group is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Pay By Group complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Pay By Group is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Pay By Group may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Pay By Group commits to resolve complaints about your privacy and our collection or use of your Personal Data. As such, individuals in the European Union with inquiries or complaints regarding this Policy or our Privacy Shield policy should first contact Pay By Group by sending an email to email@example.com. In the event Pay By Group fails to respond or acknowledge your complaint in a reasonable amount of time and/or your complaint remains unresolved, then please contact the European Union data protection authorities (“DPAs”) for more information or to file a complaint. The Services of European Union DPAs are provided at no cost to you. In addition, for individuals in Switzerland for whom Pay By Group fails to respond or acknowledge your complaint in a reasonable amount of time and/or your complaint remains unresolved, please contact the Swiss Federal Data Protection and Information Commissioner (FDPIC). The Servies of the FDPIC are provided at no cost to you.
In the event the complaint remains unresolved, individuals in the European Union may invoke binding arbitration as outlined in the EU-US Privacy Shield Agreement, Annex I, for some residual claims not resolved by other redress mechanisms. The same recourse to invoke binding arbitration is available to individuals in Switzerland as outlined in the Swiss-US Privacy Shield Agreement, Annex I.
Our Policy Toward Children
Pay By Group is not directed to nor is it intended for children under 18, and we request that they not provide Personal Data through the Services.
Pay By Group does not knowingly collect personally identifiable information from children. If a parent or guardian becomes aware that his or her child has provided Pay By Group with Personal Data without parental consent, he or she should contact Pay By Group at firstname.lastname@example.org. If Pay By Group becomes aware that a child has provided us with Personal Data, we will delete such information from our files. Users of Pay By Group accept responsibility of ensuring that children are not accessing or using their account and the Services. If a User is under the age of 18, that User may only use the Services with the consent and under the supervision of their guardian parent.
Links to Other Websites
The Services may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website.