Privacy Notice

Last Updated: October 23, 2024

Heartland Payment Systems, LLC, a Global Payments company ("Heartland," "us", "we" or "our") respects your rights and preferences regarding data privacy. Through our Heartland School Solutions offerings, Heartland provides K-12 school systems (our “Customers”) with tools that help them manage their operations, including cafeteria management, payment solutions, and communication with parents and students. Our users include our Customers, parents and guardians that engage with our Customers, as well as, where enabled by a parent or guardian or otherwise permitted based upon age, their students (collectively “Users”). Personal information that we receive from our Customers is subject to the Family Educational Rights and Privacy Act, and between us and our Customers, is owned by the Customers. Personal information that we receive from our Users is owned by the Users, and only processed by us as described below.

Our School Solutions offerings, all part of the MySchoolBucks family, fall within two categories of applications:

  • Payment Solutions: MySchoolBucks (“MSB”) (including FamilyPass, our annual-membership discount program), MSB Tickets, MSB Activities, MSB Anywhere, and MSB Accounting.
  • Nutrition Technology: Mosaic FoH, Mosaic BoH, MCS, Meal Orders, MealViewer, MySchoolApps, NutriKids, Cafe Enterprise, and WebSMARTT.

In this Privacy Notice ("Notice"), we describe how we collect, use, disclose and dispose of personal information that we collect from Users of our websites, forums and blogs ("Sites"), our mobile applications ("Apps"), and our other products and services including the Payment Solutions, the Nutrition Technology, and any other Heartland service provided through the MySchoolBucks platform or that otherwise links to this Notice (collectively, the "Services"). Where our privacy practices differ between the Payment Solutions and Nutrition Technology, we will specify in this Notice.

For some Services, to the extent required, we will provide additional privacy notices before collecting personal information from you. Heartland maintains specific privacy notices for job applicants, employees, and contractors through Global Payments. If you are a job applicant, employee, or contractor and need a copy of the applicable privacy notice, please contact us at privacy@globalpay.com.

This Notice applies to the Services provided by Heartland on its own behalf or in combination with one of its parents, affiliates, or subsidiaries.

In this Notice, we provide information about:

Please be aware that, depending on the context in which you interact with us, not all of the information in this Notice will be directly applicable to our handling of personal information about you. This Notice provides an overview of the possible circumstances in which we may interact with personal information about you. If you have any questions about our processing of personal information about you, please contact us at privacy@globalpay.com.

PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT

“Personal information” is information that identifies or relates to an identifiable individual. Subject to your consent if required by law or as otherwise directed by our Customers, we may collect the following categories of personal information about you, as relevant to the Services with which you are engaging:

  • Basic Identifying Information, including your full name, postal address, e-mail address, phone number, date of birth, username, or other similar identifiers.
  • Government-Issued Identifiers, including your Social Security number or other similar government identifiers.
  • Demographic Data, including gender, household/parent income information, race, ethnicity, citizenship, marital status, and primary language.
  • Device Information and Other Unique Identifiers, including device identifier, internet protocol (IP) address, cookies, pixel tags, or similar unique identifiers.
  • Internet or Other Network Activity, including browsing or search history and information regarding your interactions with our Services.
  • Geolocation Data, but only to the extent such can be inferred from your contact address, from your affiliation with a particular school or partner, or from your Device Information and Other Unique Identifiers or Internet or Other Network Activity;
  • Payment Information, including credit or debit card numbers or other financial account information.
  • Commercial Information, including information about the Services we provide to you, your access and purchase history, and other information about your commercial activity.
  • Professional and Employment-Related Information, including your role or status with the school Customer with which you are affiliated (i.e. staff or administrator).
  • Education Information, including student identification number and your status with the school Customer with which you are affiliated (i.e. parent or student).
  • Health/Medical Information, including food allergy information.
  • Information You Provide, including your communications with us and any other content you provide (such as if you participate in any blog, community or forum on our Sites or you report a problem with our Sites and Apps).
  • Audio and Visual Information, including photographs, images, videos, and recordings of your voice (such as when we record calls or videos for quality assurance or other business activities).

How We Use The Personal Information. We use your personal information to provide the Services. In providing the Services, we may use personal information about you to:

  • Create, maintain or provide service for your account
  • Process or fulfill requests from you
  • Respond to customer service requests from you
  • Verify your information
  • Process payments
  • Undertake activities to maintain the quality, safety or integrity of the Services, including to repair, improve, upgrade, or enhance the Services
  • To conduct our operations and for other general business purposes
  • To conduct audits and enable internal record keeping and administration of records
  • Maintain data security including detecting and responding to security incidents and protecting you and us from fraud or other illegal activity, and prosecute individuals responsible for that activity
  • Monitor our Sites, including gathering usage data and other analytic information that enables us to maintain and improve the Services
  • To personalize your experience when you use the Services
  • Other uses that are required for us to meet our legal, contractual or regulatory requirements

Sources of Personal Information. We collect personal information from various sources, including the following:

  • Information that you provide to us: We collect personal information that you provide to us when you set up an account with us, use our Services, or communicate with us. For example, if you register for an online account with us, then we may request your name, contact information and payment information. Providing us with personal information about yourself is voluntary, and you can always choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the Services' features.

  • Information collected from third parties: We may collect information about you from third parties in the course of providing our Services. For example, we may collect personal information like your name, contact information and enrollment status from the Customer on whose behalf we are providing the Services to you.

  • Information collected through technology: When you visit our Sites or Apps (or when you use any of our Services) we may collect certain information about your location, usage, computer or device through technology such as cookies (see “Cookies and Other Tracking Technologies” below for more information). When you download and use our Apps, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.

Our Business Purpose for Collecting and Using Personal Information. Our primary business purpose for processing personal information is to provide the Services consistent with the contract terms between us and our Customer. We may also use your personal information to enable the following additional business purposes: (1) detecting and managing security incidents or fraudulent activity, (2) providing customer service, fulfilling requests, and other functions directly related to the Services, (3) maintaining our software, including debugging and repairing errors, and (4) maintaining the quality of the Services and developing enhancements and improvements to meet our Customer needs.

Data anonymization and aggregation. Subject to your consent if required by law, we may anonymize or aggregate your personal information so that you are not identified or identifiable from it, in order to use the anonymized or aggregated data. For example, we may use anonymized or aggregated data for statistical analysis including to analyze trends, for product development, and for risk assessments and cost analysis. We may disclose anonymized or aggregated data to our parents, subsidiaries, affiliates or with other third parties. This Notice does not restrict Heartland's use or disclosure of any anonymized or aggregated information.

Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information or provide it to a third-party to attempt to re-identify.

HOW WE DISCLOSE PERSONAL INFORMATION

For each category of personal information we collect, we may disclose such information to the following categories of recipients in the manner and for the purposes described:

  • With Heartland affiliates, where such disclosure is necessary to provide you with our Services or to manage our business. For example, our affiliate Active Network, LLC, provides certain technical services to us in support of FamilyPass, our annual-membership discount program. Active Network, LLC, provides those services pursuant to a contract that forbids them from using your personal information for any purpose other than assisting us in providing the FamilyPass program to you. We disclose certain basic account details, such as name and account ID, to Active Network to enable them to service the FamilyPass program for us pursuant to that contract.

  • With non-affiliated service providers. For example, we disclose personal information to information technology (IT) service providers who help manage our back office systems or administer our Sites and Apps. Third-party service providers may also include (without limitation) legal, accounting, auditing, consulting, or other professional service providers.

  • With non-affiliated entities with whom you have a business relationship. For example, we enable integration of third-party services that relate to the Services we provide so you can access their features through our Sites and Apps. When we enable a third-party integration, you will be provided appropriate notices and the opportunity to decide whether you want to disclose your personal information to the third party under their own terms and applicable notices.

  • With our Customer with whom you are also engaging when you use the Services. For example, you may be using a Heartland Site provided to you through a school website, to engage in a purchase. Heartland may disclose the personal information you provide to the school in order to fulfill your request. You may also receive communications from the school. Each Heartland Customer operates independently from Heartland and their collection and use of your personal information is not subject to this Notice but to their own privacy notices.

  • With banks and payment providers to authorize and complete card payments.

  • With other third parties to whom you direct us to disclose personal information about you.

  • With regulators including state and federal agencies, and other parties required to enable compliance with laws, regulations and industry standards related to our Services.

  • When we believe that disclosure is necessary or appropriate to comply with laws or respond to lawful requests and legal process; to enforce our agreements, policies and terms of use; or to protect or defend the rights, safety or property of Heartland and its affiliates, our Customers, Users of the Services or any person.

  • To third parties in connection with any proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our assets or stock (including in connection with any bankruptcy or similar proceedings).

ACCESSING PERSONAL INFORMATION GLOBALLY

Because our affiliate companies are located around the globe, personal information may be accessed from outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.

We will take appropriate steps to process personal information in accordance with applicable law. If you have questions about whether personal information about you is transferred outside of your country or about how we comply with any applicable transfer requirements, you can contact us at privacy@globalpay.com.

DATA SECURITY AND DATA RETENTION

We maintain administrative, technical and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.

We retain the personal information we collect for different periods of time depending on what it is and how we use it. In some contexts, we will provide additional information about retention as you use the Services. When we collect personal information, we will retain it only for as long as is necessary to complete the legitimate business or legal purposes for which we collected it. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide Services to you, for example, for as long as you have an account with us or continue to use our Services, and the length of time thereafter during which we may have a legitimate need to reference personal information to address issues that may arise;

  • Whether there is a contractual obligation to which we are subject, for example, our contracts with our Customers may specify a certain period of time during which we are required to maintain the information on behalf of our Customers;

  • Whether there is a legal obligation to which we are subject, for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them; and

  • Whether retention is advisable in light of our legal position, such as in regard to applicable statutes of limitations, litigation or regulatory investigations.

COOKIES AND OTHER TRACKING TECHNOLOGIES

Cookies and similar tracking technologies are used to help us retain information about your use of our Sites and Apps. Using cookies, we collect information like country location, language preference and other settings. Cookies can also help us to operate our services more efficiently and securely, remember you for future visits and enhance your user experience by providing real-time tools including user guides and chatbots. We also gather statistical information about the use of our services in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them.

The cookies and tracking technologies that we may use fall into the following categories:

  • Strictly Necessary Cookies. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions taken by you such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but blocking them may impede the functionality of the Sites.

  • Performance Cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

  • Functionality Cookies. These cookies enable the Sites to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some of these services may not function properly.

How to Delete or Block Cookies. We adhere to the standards set out in this Notice and do not currently monitor or respond to browser Do-Not-Track signals. If you do not want information collected through the use of cookies, you can use the Cookie Settings banner or icon on the Site to make selections about the use of cookies. Additionally, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of our services. You also may not receive advertising from us that are relevant to your interests and needs. Additionally, some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt out of certain types of data processing. Through our consent management platform, administered by our vendor OneTrust, the Sites recognize and respond to opt-out requests made using GPC.

Heartland may provide links on our Sites, Apps, and Services to other third-party websites or services that are not under our control, including websites and services associated with our school Customers. For example, on our FamilyPass website, you will see links to discounts and other offers from third-party program partners. We do not endorse or make any warranty of any type regarding the content contained on such third-party websites or services or the products and services they offer. We encourage our users to be aware when they leave our Sites, Apps, and Services. You should read any other applicable privacy and cookie notices carefully before accessing and using third-party websites and services.

OUR RELATIONSHIP WITH AFFILIATE COMPANIES

Subject to your consent if required by applicable law, we may appoint an affiliate company to process personal information in a service provider role. We will typically remain responsible for that company’s processing of personal information pursuant to applicable data privacy laws.

Because our affiliate companies are located around the globe, personal information may be transferred to and stored in the United States or in another country outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.

We take appropriate steps to transfer personal information in accordance with applicable law, such as transferring personal information to countries that are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.

LOGIN DETAILS AND YOUR RESPONSIBILITY

If you are a User of one of our Services that has an account creation or login function, we will collect and process personal information about you as necessary to set up and administer an account for you. The Services in the MySchoolBucks family, including Payment Solutions and Nutrition Technology, utilize the same MySchoolBucks authentication process. This means, if you use multiple of our Services, you will only need one username and password to login and access those Services. It is your responsibility to protect the login credentials that you set up or we provide to you from compromise, and you are required to adhere to the security procedures we establish in the documentation we provide you as part of the Services.

MANAGING YOUR PREFERENCES

Subject to your consent if required by applicable law, we may use personal information to provide you with direct marketing information about our products and services as well as those of our global affiliates and third parties. Our direct marketing may occur through email, telephone, post or SMS or such other method(s) as may become relevant.

We will take steps to ensure that any direct marketing from us will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in email, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. In addition, if we need your consent for direct marketing communications under applicable law, and if you provide your consent, you will be able to change your mind at any time. Please note that if you opt out of receiving marketing-related communications from us, we may still send you administrative, transactional, or information messages, from which you cannot opt out.

CHILDREN

When enabled by a parent or guardian (“Primary User”), we permit the creation and use of accounts for Users under the age of 18 (“Student”). We do not allow the creation of Student accounts without consent from the Primary User. At the time a Primary User creates an account for a Student, we will disclose the type of information that will be collected from the Student which may include contact information such as email address and phone number, order information (i.e. lunch orders), and Student preferences (i.e. lunch menu preferences). The Primary User will retain the ability to see the activity in the Student account and may delete the Student account at any time. The Primary User may also delete Student’s personal information and refuse to permit its further collection or use by contacting Heartland as set forth in the “Contact Us” section in this Notice.

In addition to Student account creation, which is discussed above and requires parental consent, MealViewer - a Nutrition Technology - allows students to create a “Profile.” This Profile is not associated with an account login, but can be used by students to save their name, school, and allergens within that student’s internet browser in order to view that information in the context of the school’s cafeteria menu. The creation of a Profile by a student does not require parental consent, but is only permitted for children over the age of thirteen. Users must input date of birth, which is not stored by Heartland, but is used to verify age before a Profile can be created. Profiles within MealViewer can be deleted or cleared by selecting “Clear Settings” within App Info.

On portions of the Services directed to Students, we do not allow use of cookies or other tracking technologies except for as needed for the Sites to function, to allow profile creation, and for purposes of supporting our internal operations.

To understand our disclosure practices for personal information we collect, including Student personal information, see the section in this Notice on “How We Disclose Personal Information.” The Services are not designed to enable Students to make their personal information publicly available online. Before using the Services, Students should always confirm they have permission from their parent or guardian.

If Heartland receives personal information about you from one of our Customers based on your relationship with that Customer and you have questions about legal rights you may have with respect to personal information collected by our Customer, please consult the Customer with whom you have a relationship.

If you interact with our Services and provide personal information to us directly, subject to certain exceptions and depending on how you interact with our Sites, Apps, or Services, you may have the right to:

  • Know whether we process personal information about you;
  • Know how the personal information is used;
  • Access, request and receive the personal information we have collected in a portable manner;
  • Opt out of having personal information sold, “shared,” or used for certain profiling activities;
  • Request that we correct inaccuracies in personal information about you; and
  • Request that we delete personal information about you.

You may contact us using the information in the “Contact Us” section of this Notice for additional information about how to exercise your rights. In addition, if you are a resident of California, Colorado, Delaware, Oregon, or another jurisdiction with similar laws, please see the “Region-Specific Information” section below for further details on how to exercise your privacy rights.

CHANGES AND UPDATES

We reserve the right, in our sole discretion, to modify, update, or otherwise change this Notice. The “Last Updated” legend at the top of this Notice indicates when this Notice was last revised. Any changes will become effective when we post the revised Notice on our Services, including our Sites and Apps. Where required by applicable law, to the extent we make material or significant changes to the Notice, we will notify you of the update via a pop-up, email, notification in the Sites and Apps, or other method through which we communicate with you.

CONTACT US

If you have questions about this Notice, or if you want to exercise your rights as described in this Notice, you may submit a request by completing this form or you may contact Heartland as follows:

Heartland Payment Systems, Inc.
765 Jefferson Road #400
Rochester NY 14623
privacy@globalpay.com
855-832-5226

If you make a request to exercise a privacy right, we will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may decline to honor your request where an exception applies. In order to honor any access, deletion, or similar request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you would like your agent to make a request on your behalf, if permitted under applicable law, the agent may exercise those rights as noted above. We will process the agent’s request consistent with applicable law. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in this section or confirm that you provided the agent permission to submit the request.

REGION-SPECIFIC INFORMATION

Information for Residents of California, Colorado, Delaware, Oregon, and Other Similar Jurisdictions

This section supplements the above Notice and further describes how we collect, use, and disclose the personal information we collect about residents of California, Colorado, Delaware, Oregon, and other similar jurisdictions.

Categories of Personal Information We Collect and Our Purposes for Collection, Use, and Disclosure

The following chart details which categories of personal information we collect and process, as well as which categories of personal information we disclose to third parties for our operational business purposes, including within the preceding 12 months.

Categories of Personal Information (See the “Personal Information We Collect and How We Use It” section for a description of each category of Personal Information) Disclosed to Which Categories of Recipients for Operational Business Purposes Processing Purposes
Basic Identifying Information; Demographic Data; Device Information and Other Unique Identifiers; Internet or Other Network Activity; Commercial Information; Professional and Employment-Related Information; Education Information; Information You Provide Please see the “How We Disclose Personal Information” section for a list of the categories of recipients to whom we may disclose these categories of personal information. Please see the “Personal Information We Collect and How We Use It” section for a list and description of the applicable processing purposes for these categories of personal information.
Government-Issued Identifiers Affiliates; distributors of our Services; service providers; third parties with whom you have a relationship (i.e. our Customers); regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation
  • Provide our Services and customer support
  • Operations and general business purposes
  • Improve and develop new products and services
  • Fraud prevention and security
  • Legal and compliance
Geolocation Data Affiliates; distributors of our Services; service providers; marketing partners; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation
  • Provide our Services and customer support
  • Operations and general business purposes
  • Marketing, promotions, and personalization
  • Improve and develop new products and services
  • Fraud prevention and security
  • Legal and compliance
Payment Information Affiliates; third parties with whom you have a relationship (i.e. our Customers); regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards including card brands and issuing banks
  • Provide our Services and customer support
  • Operations and general business purposes
  • Fraud prevention and security
  • Legal and compliance
Health/Medical Information Affiliates; third parties with whom you have a relationship (i.e. our Customers); service providers; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation
  • Provide our Services and customer support
  • Operations and general business purposes
  • Marketing, promotions, and personalization
  • Improve and develop new products and services
  • Fraud prevention and security
  • Legal and compliance
Audio and Visual Information Affiliates; distributors of our Services; service providers; regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation
  • Provide our Services and customer support
  • Operations and general business purposes
  • Improve and develop new products and services
  • Fraud prevention and security
  • Legal and compliance

Do Not Sell or Share My Personal Information

We do not sell or “share” (for purposes of cross-context behavioral advertising) the personal information, including the sensitive personal information, of minors under 16 years of age.

The Sites and Apps use cookies, including some cookies that are created by other companies and placed on your browser when you visit our website. We use those cookies to improve your experience and to gather information about our customers and the performance of our website.

However, the companies who provide those cookies to us also have access to the data collected through them. Our use of those third-party cookies could be considered a “share” of your personal information under California law. If you are a resident of California or another jurisdiction with similar laws, that means you have the right to opt out. If you have not done so already, you can opt out of the placement of all non-necessary cookies by adjusting your Cookie Settings.

You can also use the Global Privacy Control (“GPC”) to indicate your choice to opt out of certain types of data processing. Through our consent management platform, administered by OneTrust, the Sites recognize and respond to opt-out requests made using GPC.

Collection, Use, and Disclosure of Sensitive Personal Information

Subject to your consent where required by applicable law, we collect, process, and disclose sensitive personal information for purposes of: providing goods or services as requested; ensuring safety, security, and integrity; countering wrongful or unlawful actions; short term transient use such as displaying first party, non-personalized advertising; performing services for our business, including maintaining and servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of our business; activities relating to quality and safety control or product improvement; and other collection and processing that is not for the purpose of inferring characteristics about an individual. We do not use sensitive personal information beyond these purposes.

Rights and Requests

If you interact with our Sites and Apps for the purpose of engaging in a direct relationship with us, subject to certain exceptions, and in some cases dependent upon the processing activity we are undertaking and/or your state of residence, you may have one or more of the following rights.

Right to know about personal information collected, used, disclosed, “shared,” and sold

You have the right to know whether we process personal information about you, and to access such personal information. If you are a California resident, you may also request that we disclose to you:

  • the categories of personal information we have collected about you and the categories of sources from which we collected such personal information;
  • the business or commercial purpose for which we collected, “shared,” or sold the personal information about you;
  • the categories of personal information about you that we “shared” or sold and the categories of third parties with whom we “shared” to whom we sold the personal information about you; and
  • the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.

If you are a resident of Delaware or Oregon, you may also have a right to request a list of any third parties to whom we have disclosed your personal data.

Right to receive a copy of personal information You have the right to request that we provide the specific pieces of personal information, including a copy of such personal information in a portable format.
Right to opt-out of the sale of personal information You may request that we do not sell personal information about you to third parties. See the “Do Not Sell or Share My Personal Information” section for more information.
Right to opt-out of targeted advertising, including the “sharing” of personal information for cross-context behavioral advertising You may request that we opt you out of targeted advertising, including that we stop “sharing” personal information about you for purposes of cross-context behavioral advertising. See the “Do Not Sell or Share My Personal Information” section for more information.
Right to request deletion In some circumstances, you have the right to have personal information about you deleted.
Right to equal service and prices (“non-discrimination”) Your choice to exercise your privacy rights will not be used as a basis to discriminate against you in services offered or pricing.
Right to request correction You have the right to request that we correct inaccuracies in your personal information.
Right to limit the use and disclosure of sensitive personal information In some circumstances, you may request that we limit the use and disclosure of your sensitive personal information.
Right to appeal Depending on your state of residence, if we refuse to take action on your request, you may appeal this refusal within a reasonable period after you have received notice of the refusal. To appeal, you can contact us at privacy@globalpay.com or complete this form and select “Appeal a decision about a previous request” under “Type of Request.”

You can submit a request for any of the above rights by using the contact information in the “Contact Us” section of this Notice.

California Shine the Light

If you are a resident of California, you may request information concerning the categories of personal information (if any) we share with third parties or affiliates for their direct marketing purposes. If you would like more information, please submit a written request to us using the information provided in the “Contact Us” section of this Notice.