Paybox is committed to protecting the privacy of information supplied by users of Paybox services. In the course of providing Paybox financial products and services, we need to collect and maintain certain user information which may include nonpublic information.
This statement discloses the privacy practices for Paybox and informs you about:
- what organization is collecting the information;
- what information is collected and from whom;
- how to correct, update or delete the information that Paybox collects;
- how the information is used and disclosed to third parties; and
- what kind of security procedures are in place to protect the loss, misuse or alteration of information under the company’s control.
Paybox is an electronic invoicing and payment application service provider that offers Internet-based financial transaction processing services. Our mailing address is 500 E. Broward Blvd., Suite 1550 Fort Lauderdale, FL 33394. Our telephone number is 954.510.3750 and our customer service email address is email@example.com. You may learn more about our service offerings at our company website www.gopaybox.com.
Our services and use of this website are not intended for use by anyone under the age of 18 and Paybox will not knowingly solicit or collect information from users under that age.
Our services are used to facilitate financial transaction processing between Buyers and Sellers. The majority of our users typically are placed in one of the following categories, and collectively these are called the ‘System Users”:
- Merchants and their authorized personnel (Sellers); or
- Cardholders or employees of corporations that have been authorized to use credit cards, ACH and other means to make purchases on behalf of themselves or their employers (Buyers); or
- Financial Institutions or third parties that are providing technical or financial services to the Buyers or Sellers.
In order to facilitate the establishment of accounts and subsequent payment processing between the parties, payment account information, user Paybox’s and profiles, transaction details and other similar information must be collected from you (as a System User) and stored and shared between the parties.
Paybox collects and stores a wide variety of information for both Buyers and Sellers, including but not limited to organization and individual-user profile data (name, mailing address, email address, phone numbers, etc.), payment or financial account information (credit card account numbers, bank account information, etc.), and line item details for the goods and services that are bought or sold. Our servers automatically collect information about which sites users visit and which pages are viewed in the Paybox website.
Personally Identifiable Information (PII): Information that can be used to distinguish or trace an individual’s identity. For Paybox, PII comprises a System User’s name, social security number, biometric records, or other nonpublic identifying information that is linked to the specific System User, such as date and place of birth, mother’s maiden name, or bank or credit card account information. The only PII that we collect is information that you voluntarily provide to Paybox. If you supply Paybox with PII we will use that information to:
- Authenticate you; or
- Contact you; or
- Provide services to you; or
- Provide you with information you have requested, or
- Send you other information that we believe you would find interesting or relevant.
In the event that PII is collected, (a) the System User will have the choice over what information to submit and (b) it will be limited to the minimum amount of information needed to provide the services that have been requested. Failure to provide some PII may limit System User’s capability to use Paybox services.
Most PII may be collected, changed, or deleted by the System User through the user’s own maintenance of their profile and transaction information.
Information Use and Disclosure
Paybox may, on occasion, share general information with its relationship partners. Paybox may disclose information between System Users, or the Paybox affiliates or vendors. In some cases, this may require your PII to be sent to other countries and, by providing PII to Paybox, you consent to your information being transferred across national borders.
Such disclosure of PII shall be made under strict conditions designed to safeguard the security and privacy of the PII. Paybox policies limit access to PII that is collected to our employees and agents and the employees and/or agents of our affiliates and business partners who need the information to fulfill our obligations to you and their business responsibilities. Vendors and other outside contractors we engage are subject to Paybox‘s contractual requirements for safeguarding sensitive information and PII.
Employees and others with duties related to providing Paybox services receive annual training about Paybox privacy policies and security procedures and are subject to non-disclosure and employee agreements which specify remedies up to and including termination if they fail to comply with such policies.
From time to time, however, Paybox may disclose PII to fulfill legal or regulatory obligations or if we determine such disclosure is legally advisable or necessary to protect our rights, the rights of others, or to prevent harm. In addition, we may aggregate data about users of our site (i.e., combine information from many other users), and use it for analytical purposes and to improve Paybox product or service offerings. Paybox will use its best efforts to de-identify such analytical data. Information that is de-identified may be used by Paybox for any reason and shared freely with affiliates, partners, and other third parties. This may include information such as traffic patterns, trends in connection with various types of transactions, and other information.
Paybox makes use of a web browser technology called a “cookie.” The purpose of the cookie is to store session variables (information about a user and their transaction) while moving from page to page within the software application, to enable user-preferences to be recorded, or to gather use information to enable us to improve the design or usability of the website. Most cookies are stored in Random Access Memory and are deleted when exiting the applications. If the cookie feature is disabled on the user’s browser, the user will not be able to use the software application properly.
External Internet Sites/Third Parties
Data Security Measures
Protecting the confidentiality and integrity of our user’s data is important to us. Paybox maintains compliance with the PCI (Payment Card Industry) Data Security Standard and has enacted certain security methods and protocols that employ valid user identities, passwords, digital certificates, encryption, firewalls and other measures that we believe meet or exceed the best in the industry. However, we also acknowledge and you acknowledge and agree that no system is 100% guaranteed to be secure from attack or other compromise.
The Personal Information about you that we collect includes information within the categories of data defined by California state privacy laws and provided below. Under the CCPA, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular consumer or household. Personal Information does not include:
- de-identified or aggregated information;
- “publicly available information” that is lawfully made available from federal, state, or local government records; or
- information excluded from the CCPA, such as Protected Health Information or medical information that is subject to HIPAA, or other personal information covered by certain other privacy laws, such as the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, or California Financial Information Privacy Act, and the Driver’s Privacy Protection Act of 1994.
We do not and will not sell Personal Information about you, as defined by CCPA. We also have not done so for the last 12 months.
Rights Available to California Residents
Under the CCPA, residents of California are provided with certain rights regarding their Personal Information (as defined in the CCPA). The following section outlines these rights:
- Right to Know: You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- the Categories of Personal Information we have collected from you
- the business purposes for which such Personal Information was collected
- the Sources of Personal Information we have collected from you
- the specific pieces of Personal Information stored about you
- the categories of 3rd parties with whom we share Personal Information
- If we shared your Personal Information for a business purpose, the categories of Personal Information that each category of recipient obtained.
- Right to Request Deletion: You have the right to request deletion of your Personal Information that has been collected and retained from you subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records, unless there is an applicable exception. We may deny your deletion request if we need to retain the information to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
If none of the foregoing exceptions applies, and we delete the information in compliance with your verifiable request, we will also direct our applicable service providers to delete your personal information.
You or an authorized agent registered with the California Secretary of State that you authorize to act on your behalf, may exercise the Rights twice in a 12-month period. Your verifiable request must include sufficient detail for us to understand, evaluate, and respond to it. It must also provide sufficient information that allows us to reasonably verify that you are the individual about whom we have collected Personal Information or an authorized agent representing the individual. Please note that in some cases we may need to obtain information from you as part of the verification process to verify your identity to a reasonable degree. We may require you to provide Personal Information as part of the verification process. For authorized agents, we may require a signed, written authorization, a notarized affidavit, or a valid power of attorney. We will only use this information for the purpose of verifying the requestor’s identity or authority. To exercise these rights, please email us at firstname.lastname@example.org or send us written notification to the below address providing your name, address, phone number, and email address and your request for either Right to Know or Right to Request Deletion of your personal information as defined in the CCPA.
150 South Pine Island Road
Plantation, FL 33324
We will acknowledge your right to know or deletion request within ten (10) business days of receipt and provide information about how we will process the request. In many cases we will respond to your request within 45 days. In some cases, we may extend the time to respond for another 45 days. If this extension is necessary, we will give you notice and the reason that we need the additional time to respond.
If we are unable to verify your identity or your authority to make the request within 45 days, we cannot fully respond to you and may deny your request. We may in such cases elect to treat the deletion request as an opt-out request. For requests seeking specific pieces of information, we will treat it as a request for the disclosure of the categories of Personal Information about the consumer.
We retain records of your requests, including the request data, nature of the request, manner of submission, the response and any basis of denial for a period of 24 months.
We will not discriminate against you in terms of services, the level or quality of services, or pricing for exercising any of your CCPA rights. If there are excessive requests, we may charge a reasonable fee as permitted under the CCPA.
Right to Opt-out of Data Sales for Nevada Residents
We do not sell your covered information, as defined by Section 603A.320 of the Nevada Revised Statutes. If you reside in Nevada, you have the right to submit a request to us at email@example.com to us regarding the sale of covered information. Please include “Nevada” in your email subject line and include the following information in your email: your name, Nevada resident address, and email address. We will respond within sixty (60) days of receiving your request.