Privacy Policy

Last Updated May 23, 2016

Table of Contents

General Information

Pay By Group Inc. ("Pay By Group" or “we” or “our”) provides this Privacy Policy ("Policy") to inform you of its policies and procedures regarding the provisioning of its payment services (the “Services”) and how we handle your personal information. We want you to be familiar with how we collect, use, and disclose data.

This Privacy Policy describes the privacy practices of Pay By Group for data that we collect from users and subscribers ("User"):

This Policy applies to information collected through all of the above channels. Collectively, we refer to all of the above channels as the “Services.”

Acceptance of this Privacy Policy

Please read this privacy policy carefully. By subscribing to, accessing, or using the Services, you acknowledge that you agree to the terms and conditions of this Privacy Policy and our User Agreement, which you should review carefully.

Individual requests for waivers of the privacy policy will not be accepted. This privacy policy is non-negotiable.

If you do not agree to these terms, please exit this page and do not access or use the services.

How We Collect Personal Data

Pay By Group collects the following information that relates to an identified or identifiable individual (“Personal Data”) in the following ways.

Other Data We Collect

“Other Data” are data that generally do not reveal your specific identity or do not directly relate to an individual. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:

How We Use Personal Data and Other Data

We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data and Other Data in the following ways:

A User's credit card information is never stored on our server.

We also use Personal Data to comply with our financial, regulatory, and other legal obligations, and to pursue our legitimate business interests.

We rely on our legitimate business interests to process Personal Data about you. The following list sets out the business purposes that we have identified as legitimate. In determining the content of this list, we balanced our interests against the legitimate interests and rights of the individuals whose Personal Data we process. We:

How We Use Cookies


Pay By Group uses “cookies” to collect certain information. A cookie is a small data file that is transferred to a User's computer’s hard disk to facilitate your computer’s future access to this information.

“Persistent cookies” are utilized to save a User's user ID and login password to facilitate future logins. Pay By Group uses cookies to better understand how our Users interact with the Services, to monitor usage and how traffic arrives to our Services, and to improve the functionality of the Services.

Pay By Group encodes our cookies so that only we can interpret the information stored in them. You can remove or block persistent cookies using the settings in your browser, but this may limit your ability to use Pay By Group’s Services.


Pay By Group may also employ a software technology, called clear gifs or web beacons, that helps us manage content for the Services, and in emails, by informing Pay By Group what content is effective. “Clear gifs” are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Users of a website. Clear gifs are embedded invisibly on web pages and are extremely tiny.

To learn more about the cookies and related technologies that may be served through our Services and how you can control our use of cookies and third-party analytics, please see our Cookie Policy.

Pay By Group does not respond to web browser "Do Not Track" signals or other mechanisms that provide a method to opt out of the collection of Personal Data across the Services because there is no industry standard for recognizing such signals. In the event Pay By Group does respond to the “Do Not Track” signals, we will update our Policy.

How We Disclose Personal Data

Platforms

Pay By Group works with third-party Platforms to enable Users to split the cost of the products or services offered on the Platform’s website or other channels. In order to provide the Services to our customers, Pay By Group will use the information you provide in the ways you would reasonably expect and not for any purposes other than those requested by or authorized by a User.

For example, when a User joins into a group, Pay By Group provides that User's information to the Platform, including information regarding whether or not that User has opted to receive marketing messages from the Platform. Platforms are obligated not to use a User's Personal Data for any purpose other than providing the goods and services purchased by the User. The Platform is only allowed to use the Personal Data for marketing messages if the User chose to opt in to the Platform’s marketing messages. You have a right to access this data and correct or remove it. In all cases you can always contact Pay By Group for assistance with regards to your Personal Data.

Any information you enter on a Platform's website or application, or on Pay By Group-controlled pages, fields, or resources that are integrated with the Platform's website or application, may be shared with the owner of the Platform website or application, subject to the requirements of the Payment Card Industry Data Security Standard (PCI-DSS) as regards payment information and applicable law.

It will be clear that you are on a page with the brand logo or other identification denoting that it is not exclusively a Pay By Group site unassociated with any Platform. Pay By Group is not responsible for the content or information practices of Platforms. For an understanding of their privacy policies and how they handle your personal information, you should contact the Platform directly.

Other Users

Certain Personal Data is disclosed to other Users through normal use of the Services and in order to provide the Services in an effective manner. These are described in detail in the section covering how we use Personal Data.

Service Providers

We may employ trusted third party companies and individuals to facilitate the Pay By Group Services, to provide service on Pay By Group's behalf, to perform related services (including but not limited to maintenance services, database management, web analytics and improvement of Pay By Group’s features), or to assist Pay By Group in analyzing how the Services are used and can be improved.

These third party service providers may have access to your Personal Data only for purposes of performing these tasks on our behalf and under obligations similar to those in this Policy, and Pay By Group requires that these third party service providers use such Personal Data only in connection with the services they perform for Pay By Group.

As of the date this Policy went into effect, Pay By Group uses the following;

Successors and Assigns

Additionally, if Pay By Group is involved in a merger, acquisition, or sale of all or a portion of its assets causing a change in the use of your Personal Data, Pay By Group will provide an updated Privacy Policy on our Website informing you of any additional choices you may have at that time regarding your Personal Data.

Disclosing Other Data

Pay By Group may also share non-personally identifiable User information with third parties that help us better understand how Users use our Service or help us detect and prevent fraud and other unauthorized or suspicious activity. These third parties may use cookies and other technologies to collect non-personally identifiable information about Users and combine it with similar information collected from others. They may use this information to help Pay By Group to better understand our Users.

Onward Transfer and Liability

Pay By Group does not sell, trade, share or rent your Personal Data to unaffiliated third parties. Trusted third parties may receive your Personal Data in fulfillment of our Services as outlined above.

Pay By Group maintains specific contractual agreements with these third parties to ensure that they use the Personal Data only for intended purposes and protect the information as Pay By Group would. If this practice were to change, Pay By Group would specifically provide you with the opportunity to choose to “opt in” or “opt out” of the sharing of your information.

In cases of onward transfer to third parties of information in violation of the Privacy Shield Principles, Pay By Group is potentially liable.

Compliance with Laws, Enforcement, and Recourse

Pay By Group must cooperate with government and law enforcement officials and private parties to enforce and comply with the law. Pay By Group is subject to the investigatory and enforcement powers of the Federal Trade Commission, the Department of Transportation and other authorized statutory bodies as applicable. Pay By Group will conduct compliance audits of its relevant privacy practices to verify adherence to this Privacy Policy. Any employee that Pay By Group determines is in violation of this Privacy Policy will be subject to disciplinary action.

Pay By Group will cooperate with United States authorities, European Union (“EU”) Member State authorities, European Economic Area (“EEA”) authorities, and any other authorized independent third party with regard to the investigation and resolution of complaints or a claim. In the event of a claim and/or legal process (including but not limited to subpoenas), to protect the property and rights of Pay By Group or a third party, to protect the safety of the public or any person, or to prevent or stop any activity Pay By Group may consider to pose a risk of being illegal, unethical, inappropriate or legally actionable, Pay By Group reserves the right to disclose any Personal Data about you to government or law enforcement officials or private parties as Pay By Group in its sole discretion finds necessary or appropriate.

Business Transfers

In the event of a merger, acquisition, reorganization or sale of assets, Pay By Group may sell, transfer or otherwise share some or all of its assets, and our Users' Personal Data may be transferred as part of that transaction.

Except as expressly disclosed in this Policy, Pay By Group will not sell or disclose User information to third parties. Pay By Group will not sell, rent, share, or trade personally identifiable information to third parties for their promotional purposes. Pay By Group may disclose aggregated or other types of non-personally identifiable information to third parties for various purposes.

Your Rights and Choices.

You have choices regarding our use and disclosure of your Personal Data:

Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. You may also have the right to object to the processing of your Personal Data on grounds relating to your particular situation.

Exercising Your Rights

In order to exercise your data protection rights, you may contact Pay By Group as described in the follow paragraphs. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country.

A request to delete a User's account is different from a request to unsubscribe from emails and communications. Users may opt to unsubscribe from our email alerts, which will terminate the issuance of automatically generated emails that inform Users about new features of the Site or to market Pay By Group's Services. To delete a User account entirely from Pay By Group.com, the User must email support@paybygroup.com with the subject line "delete account.""

If a User decides at any time that they no longer wish to receive Pay By Group emails or communications, they should click on the unsubscribe link provided in Pay By Group's marketing emails or email support@paybygroup.com with subject line "unsubscribe."

For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file or requesting additional verification in the forms of other identification. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.

If you are a User of a Platform, please direct your requests directly to the Platform. For example, if you are making, or have made, a purchase from a merchant using Pay By Group, and you have a request that is related to the payment information that you provided as part of the purchase transaction, then you should address your request directly to the merchant.

Jurisdiction-specific Provisions

Residents of the European Economic Area (EEA) and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA and Switzerland is Pay By Group Inc. with offices at 880 Harrison St., Suite 303C, San Francisco, CA 94107. To exercise your rights, the Data Protection Officer may be contacted via dpo@paybygroup.com. In your email, please indicate the country from which you are contacting us.


Security

Pay By Group takes the security of Personal Data seriously. Pay By Group has implemented physical, technical, and procedural safeguards to protect User information from unauthorized access, disclosure, alteration, or destruction. Pay By Group uses computer safeguards such as firewalls and data encryption, and authorizes access to Personal Data only for those employees, contractors, third party providers and agents who require it to fulfill their job responsibilities.

Pay By Group also takes additional care to protect User information, such as credit card or bank account numbers, if disclosure of the particular type of User information could cause direct financial loss. To that end, all sensitive Personal Data, including credit card data, is transmitted through secure networks supported by high-grade 256-bit encryption. Credit card numbers are not stored or held on our servers.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.

Retention of Your Data

How long we keep information we collect about you depends on the type of information. as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.

We retain Personal Data that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to provide you with the Service, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

When we have no ongoing legitimate business need to process your Personal Data, we securely delete the information or anonymise it or, if this is not possible, then we will securely store your Personal Data and isolate it from any further processing until deletion is possible. We will delete this information from the servers at an earlier date if you so request, as described in "Exercising Your Rights" above.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our content, products, or services. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

International Transfer of Information and Privacy Shield

International Transfers within Pay By Group’s Systems and Entities

To facilitate our global operations, Pay By Group stores and processes User information on dedicated servers located in secure data centers that may be located within the United States or in other jurisdictions. If you use the Services from the EU or EEA Union or other regions of the world with laws governing data collection and use that differ from laws of the United States, then you acknowledge and agree that the privacy and data security laws in place in the United States or other jurisdictions may be different from the privacy and data security laws in force in the country in which you reside. By voluntarily providing User information, you hereby agree that you are consenting to our collection, use, storage, and disclosure of such User information in accordance with this Policy.

This Privacy Policy shall apply even if we transfer Personal Data to other countries. We have taken appropriate safeguards to require that your Personal Data will remain protected. When we share information about you within and among Pay By Group’s affiliated entities, we make use of standard contractual data protection clauses, which have been approved by the European Commission, and we rely on the EU-U.S. and Swiss-U.S. Privacy Shield Framework to safeguard the transfer of information we collect from the European Economic Area and Switzerland. Please see our Privacy Shield notice below for more information.

International transfers to third parties

Some of the third parties described in this privacy policy, which provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of customers in the European Economic Area or Switzerland, we make use of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, binding corporate rules for transfers to data processors, or other appropriate legal mechanisms to safeguard the transfer. Please see our Privacy Shield Notice below.

Privacy Shield Notice

Pay By Group participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework. Pay By Group is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.

Pay By Group has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg). If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/ To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.

Pay By Group is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Pay By Group complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Pay By Group is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Pay By Group may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, Pay By Group commits to resolve complaints about your privacy and our collection or use of your Personal Data. As such, individuals in the European Union with inquiries or complaints regarding this Policy or our Privacy Shield policy should first contact Pay By Group by sending an email to support@paybygroup.com. In the event Pay By Group fails to respond or acknowledge your complaint in a reasonable amount of time and/or your complaint remains unresolved, then please contact the European Union data protection authorities (“DPAs”) for more information or to file a complaint. The Services of European Union DPAs are provided at no cost to you.

In the event the complaint remains unresolved, individuals in the European Union may invoke binding arbitration as outlined in the EU-US Privacy Shield Agreement, Annex I, for some residual claims not resolved by other redress mechanisms.

Our Policy Toward Children

Pay By Group is not directed to nor is it intended for children under 18, and we request that they not provide Personal Data through the Services.

Pay By Group does not knowingly collect personally identifiable information from children. If a parent or guardian becomes aware that his or her child has provided Pay By Group with Personal Data without parental consent, he or she should contact Pay By Group at support@paybygroup.com. If Pay By Group becomes aware that a child has provided us with Personal Data, we will delete such information from our files. Users of Pay By Group accept responsibility of ensuring that children are not accessing or using their account and the Services. If a User is under the age of 18, that User may only use the Services with the consent and under the supervision of their guardian parent.

Links to Other Websites

The Services may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website.

Updates to this Privacy Policy

We may change this Privacy Policy from time to time to reflect new services, changes in our Personal Data practices or relevant laws. Pay By Group reserves the right to amend this Policy at any time by posting a revised version at this link, http://paybygroup.com/privacy-policy.

The “Last updated” notation at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes are effective when we post the revised Privacy Policy on the Services. We may provide you with disclosures and alerts regarding the Privacy Policy or Personal Data collected by posting them on our website and, if you are a User or Platform, by contacting you through your Pay By Group Dashboard or email address on your Pay By Group account.

Contacting Us

If you have any questions about this Privacy Policy, please contact Pay By Group at support@paybygroup.com or send physical mail to:

Pay By Group
880 Harrison St., Suite 303C
San Francisco, CA 94107
Attention: Privacy