Privacy Policy

TabaPay, Inc. (“Company,” “we,” “our,” or “us”) provides payment processing services for financial institutions and businesses. We respect your privacy and are committed to protecting it through our compliance with this policy. This policy describes the types of information we may collect from you or that you may provide when you visit the website https://www.tabapay.com (our “Website”) or when we collect, process, retain, and disclose personal data about you when providing our payment processing services (our “Services”). This policy also describes our practices for using, maintaining, protecting, and disclosing that information. This policy also serves as our privacy notice required under the Gramm-Leach-Bliley Act (“GLBA”) and its implementing regulations, including the Federal Trade Commission’s Safeguards Rule and Privacy Rule.

This policy applies to persons whose personal data is processed by us in connection with payment transactions. The Company does not operate a consumer-facing platform; rather, we act as a third-party payment processor for various merchants and other business partners (each, a “Partner”). Many Partners maintain their own privacy policy governing their data practices, and you should review such Partner’s privacy policy for information about how it collects, uses, and discloses your personal data.

This policy applies to information we collect:

• Through the Services, including when we process payment transactions on behalf of a Partner.
• In communications, including email, text, and other electronic messages, between you and us in connection with the Website or Services.
• Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
• When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

• Us offline or through any other means, including on any other website operated by Company or any third party that does not link to this policy; or 
• Any third party, including Partners, through any application or content (including advertising) that may link to or be accessible from or through the Website or Services.

Please read this policy carefully to understand our policies and practices regarding your information and how we treat it. By using our Website or Services or providing us with your information, you acknowledge and agree to the collection, use, and sharing of your information as described in this privacy policy. This policy may change from time to time (see “Changes to Our Privacy Policy”). Your continued use of the Services after we make changes as described here is deemed to be acceptance of those changes, so please check the policy periodically for updates. 

Children’s and Minors’ Data

Our Website and Services are not intended for, and we do not knowingly collect any personal data from, children under the age of 13. If we learn that we have collected or received personal data from a child under 13 years old without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at: privacy@tabapay.com. 

The Personal Data That We Collect or Process

We collect several types of information from and about users of our Website and Services, including personal data. “Personal data” is information that identifies, relates to, or describes, directly or indirectly, you as an individual, such as your name, email address, telephone number, home address, or payment information (for example, account information such as name, postal address, email address, or payment card number, or any other identifier we may use to contact you or process your transactions).

The types and categories of personal data we collect from and about users of our Website include information:

• By which you may be personally identified, such as name, postal address, email address, telephone number, social security number, or any other identifier by which you may be contacted online or offline;
• That is about you but individually does not identify you, such as browser ID, MAC address, etc.; or
• About your internet connection, the equipment you use to access our Website, and usage details.

The types and categories of personal data we collect or process in connection with the Services include:

• Account and contact information, including name, address, email address, phone number, and other contact information you provide to us.
• Transaction processing information, including credit card or debit card information, bank account information and information about the payment methods you use in connection with the Services.
• Transaction history, including information about your transactions, payment history, and related records.
• Device information, including your IP address, device identifiers, operating system and version, browser type and settings, and other device information.
• Identity document information, such as government-issued identification numbers, as required for identity verification, know-your-customer (KYC), and anti-money laundering (AML) compliance purposes.

We also collect:

• Statistics or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific feature of the Services.
• Technical information. Technical information includes information about your internet connection and usage details about your interactions with the Services, such as clickstream information to, through, and from our Services (including date and time), products that you view or search for; page response times, download errors, length of your visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), or methods used to browse away from a page.

If we combine or connect non-personal statistical or technical data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal data.

How We Collect Your Personal and Other Data

You Provide Information to Us

We collect information about you when you interact with our Services, such as when you initiate a payment transaction through one of our Partners, or when you communicate with us regarding a transaction.

We also collect information about you on or through our Website, that may include:

• Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our Services, or requesting further services. We may also ask you for information when you report a problem with our Website.
• Records and copies of your correspondence (including email addresses), if you contact us.
• Your responses to surveys that we might ask you to complete for research purposes.
• Details of transactions you carry out through our Website and of the fulfillment of your orders. You may be required to provide financial information before placing an order through our Website.
• Your search queries on the Website.

You also may provide information to be published or displayed (hereinafter, “posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Automatically Through Our Services

As you navigate through and interact with our Website or Services, we may use automatic data collection technologies to collect information that may include personal data. Information collected automatically may include usage details, IP addresses, operating system, and browser type, and information collected through cookies and other tracking technologies, including details of your interactions with our Website or Services, such as traffic data, logs, and other communication data.

Using automatic collection technologies helps us to improve our Services, maintain security, and detect and prevent fraud.

The technologies we use for this automatic data collection may include:

• Cookies. A cookie is a small file placed on your device or hard drive of your computer when you interact with the Website or Services. You may disable or refuse to accept cookies by activating the appropriate setting on your browser or device. However, if you select this setting, you may be unable to access certain parts of our Website or features of the Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. 
• Web Beacons. Some pages of our Website, emails, and parts of the Services and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or parts or opened an email and for other related statistics (for example, recording the popularity of certain website content and verifying system and server integrity). 

• These automatic collection technologies and the related services as used by us to provide the Services do not involve the “sale” or “sharing for purposes of cross-context behavioral advertising” of personal data, nor does this constitute targeted advertising.

Third-Party Use of Tracking Technologies

When you interact with the Website or Services, there are third parties that might use automatic collection technologies to collect information about you or your device. These third parties might include security, fraud prevention, and identity verification service providers for our Services, or advertisers, ad networks and servers, content providers, and application providers servicing our Website.

These third parties might use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use the Website or Services. The information they collect might be associated with your personal data or they might collect information about your online activities over time in connection with the Services and across different websites and other online.

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about their data practices, you should contact the responsible provider directly.

From Business Partners and Service Providers

We may receive personal data about you from other sources and combine that with information we collect directly from you. For example, we may obtain information about you from our Partners in connection with processing your payment transactions. We may also receive information from service providers that we engage to perform services on our behalf, such as identity verification providers, fraud prevention and detection services, payment network operators, and regulatory compliance service providers. 

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal data, to:

• To present our Website and its contents to you.
• Provide you with information, products, or the Services, including processing payment transactions.
• Fulfill and manage payment transactions, including processing pull transactions, disbursements, refunds, and chargebacks.
• Fulfill any other purpose for which you provide it.
• Provide you with notices about your account or transactions, including expiration and renewal notices, transaction confirmations and receipts.
• Improve and develop our payment processing services, including by analyzing usage patterns, identifying service improvements, and developing new features and capabilities. This analysis may use aggregated or de-identified data derived from your information.
• Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
• Notify you about changes to our Website or when Services updates are available and about changes to any products or services we offer or provide through them or through our Website.
• To allow you to participate in interactive features on our Website.
• In any other way we may describe when you provide the information.
• For any other purpose with your consent.

The usage information we collect, whether containing or connected to your personal data or not, helps us improve our Website and Services and deliver a more personalized online experience and a more secure and reliable payment processing experience by enabling us to:

• Estimate our audience size  and usage patterns.
• Store information about your preferences, allowing us to customize the Website and Services according to your individual interests  and needs.
• Speed up our searches and Services.
• Refine fraud and security protocols and features.
• Recognize you when you return to our Website or Services.

We may also use your information to contact you about our Services and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please adjust your user preferences in your account profile. 

We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal data for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

Who We Disclose Your Information To

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. 

We may also disclose personal data that we collect or you provide as described in this privacy policy:

• To our subsidiaries and affiliates, if applicable.
• To payment networks and financial institutions.
• To contractors, service providers, and other third parties we use to support our business and organization and who are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of TabaPay’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by TabaPay about users of our Website or Services is among the assets transferred.
• To third-party vendors and service providers engaged by us to assist with identity verification, fraud prevention and detection, security monitoring, and compliance with our legal and regulatory obligations (including anti-money laundering (AML), know-your-customer (KYC), and other Bank Secrecy Act (BSA) compliance requirements). These vendors are bound by contractual obligations to use your information only for the specific purposes for which it was disclosed and to maintain appropriate data security standards.
• To third-party vendors and service providers engaged by us to support the operation of our payment processing services (other than our core payment processing infrastructure, for which we do not use third-party service providers), provided that each such vendor maintains a privacy policy that is at least as restrictive as this Privacy Policy. A current list of such vendors appears at the end of this Privacy Policy. These vendors are contractually prohibited from using your information for any purpose other than providing services to us.
• To third parties to market their products or services to you if you have not opted out of these disclosures. We contractually require these third parties to keep personal data confidential and use it only for the purposes for which we disclose it to them.
• To fulfill the purpose for which you provide it.
• For any other purpose disclosed by us when you provide the information.
• With your consent.

We may also disclose your personal data:

• To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
• To enforce or apply our Services and other agreements, including for billing and collection purposes.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our organization, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

The categories of personal data we may disclose include:

• Account and contact information.
• Payment information.
• Transaction history, including information about your transactions, payment history, and related records.
• Device information.
• Identity document information.

Your Rights and Choices About Your Information

This section describes mechanisms you can use to control certain uses and disclosures of your information and rights you may have under state law, depending on where you live.

Cookies and tracking technologies choices: 

• Cookies and Other Tracking Technologies. You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. If you disable or refuse cookies or similar tracking files, some parts of the Website or some Services features may be inaccessible or not function properly.
• Promotional Offers from the Company. If you do not wish to have your contact information used by the Company to promote our own or third parties’ products or services, you can opt out by logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to privacy@tabapay.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience, or other transactions.
• Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt out by logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to privacy@tabapay.com.

We do not control third parties’ collection or use of your information to serve interest-based advertising. However these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website.

Residents of certain states may have additional personal information rights and choices. Please see Your State Privacy Rights for more information.

Accessing and Correcting Your Information

You can review and change your personal information by logging into the Website and visiting your account profile page.

You may also send us an email at privacy@tabapay.com to request access to, correct, or delete any personal information that you have provided to us. We cannot delete your personal data except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you delete your User Contributions from the Website, copies of your User Contributions may remain viewable in cached and archived pages, or might have been copied or stored by other Website users.

Residents of certain states may have additional personal information rights and choices. Please see Your State Privacy Rights for more information.

Your State Privacy Rights

State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information.

California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia provide (now or in the future) their state residents with rights to:

• Confirm whether we process their personal information.
• Access and delete certain personal information.
• Correct inaccuracies in their personal information, taking into account the information’s nature processing purpose.
• Data portability.
• Opt-out of personal data processing for:

1. targeted advertising (excluding Iowa);
2. sales; or 
3. profiling in furtherance of decisions that produce legal or similarly significant effects (excluding Iowa and Utah).

• Either limit (opt-out of) or require consent to process sensitive personal data. 

The exact scope of these rights may vary by state. To exercise any of these rights please email your request to us at privacy@tabapay.com. To appeal a decision regarding a consumer rights request, email your appeal to us at privacy@tabapay.com.

Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to this designated address: privacy@tabapay.com.However, please know we do not currently sell data triggering that statute’s opt-out requirements.

Depending on your state of residency, you may have certain rights related to your personal data, including: 

• Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible and required by state law, depending on your state, data will be provided in a portable format. Depending on your state, you may have the right to receive additional information and it will be included in the response to your access request.
• Correction. You may request that we correct inaccuracies in your personal data that we maintain, taking into account the information’s nature and processing purpose.
• Deletion. You may request that we delete personal data about you that we maintain, subject to certain exception under applicable law.  
• Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. You may request that we do not use your personal data for these purposes, however, please note that we do not engage in targeted advertising, profiling, the sale of personal data, or the sharing of personal data for the purpose of cross-context behavioral advertising.

Important: The exact scope of these rights vary by state. There are also several exceptions where we may not have an obligation to fulfill your request. 

Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to process your request to opt out from certain types of data processing, including data “sales” as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.

How We Protect Your Personal Data

We maintain a written information security program with administrative, technical, and physical safeguards designed to protect the security, confidentiality, and integrity of customer information, consistent with the requirements of the Gramm-Leach-Bliley Act and the FTC Safeguards Rule. These safeguards include commercially reasonable measures designed to protect your personal data from accidental loss or destruction and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Website or Services. Any transmission of personal data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website. 

How We Retain Your Personal Data

We keep the categories of personal data described in this policy for as long as reasonably necessary to fulfill the purposes described or for as long as otherwise legally permitted or required, such as maintaining the Services, operating our organization, complying with our legal obligations, resolving disputes, and for safety, security, and fraud prevention. Retention periods for financial records may be governed by applicable law, including the GLB and the BSA. This means that we consider our legal and business obligations, potential risks of harm, and nature of the information when deciding how long to retain personal data. At the end of the retention period, personal data will be deleted, destroyed, or de-identified.

Changes to Our Privacy Policy

We may update this policy from time to time, and we will provide notice of any such changes to the policy as required by law. The date the privacy policy was last updated is identified at the top of the page. We will notify you of changes to this policy by updating the “last updated” date and posting the updated policy on the Services. We may email or otherwise communicate reminders about this policy, but you should check our Services periodically to see the current policy and any changes we have made to it.

Contact Information

To exercise your rights or ask questions, comment or register a complaint or concern about this privacy policy or our privacy practices, please contact us at privacy@tabapay.com.