Vindicia Privacy Policy

This privacy policy (“Privacy Policy”) was last updated in August, 2016.

Preamble

Vindicia, Inc. (“Vindicia”, “we”, or “us”) is committed to protecting the privacy of your personal information. This Privacy Policy details certain policies implemented throughout our company governing Vindicia’s use of personally identifiable information about:

  • visitors to our Internet website (the “Site”) located at the URL: Vindicia.com, and
  • visitors to our clients’ Internet websites (“the Sites”) which use our services and/or products (collectively, services and products are: “Service” or “Services”).

Where the Privacy Policy differs depending on whether you are using the Site(s) or the Services, those distinctions will be noted in this Privacy Policy.

Privacy Policy Updates

Due to the Internet’s rapidly evolving nature, Vindicia may need to update this Privacy Policy from time to time. If so, Vindicia will post a notice of the change and the updated Privacy Policy on our Site located at https://www.vindicia.com/privacy-policy. We may also send registered visitors of the Site(s) e-mail notifications notifying such visitors of any changes to the Privacy Policy. If any change is unacceptable to you, you have the right to cease using this Site(s) and the Services. If you do not cease using this Site(s) and the Services, you will be deemed to have accepted Vindicia’s then current Privacy Policy.

Information Collection

Through the Site:

You can generally visit the Site without revealing any personally identifiable information about yourself. However, in certain sections of the Site we may invite you to contact us for information or questions, inquire about a job or apply for a job, or provide other information, such as referrals, or to obtain content we provide for informational and marketing purposes. In such situations, you may disclose to us your name, phone number, email address, title, company name, and certain employment-related information.

We may track and store information such as the total number of visitors to our Site(s), the number of visitors to each page of our Site(s), your IP address, your browser type, the number of external web site (defined below) pages you have visited, and other browsing or computer data.

Through the Services:

When our clients use our Services, our client or you may provide us with information about you, including personally identifiable information such as your name, address, email, phone number, IP address, and financial information such as your credit card numbers and expiration dates and bank account numbers. Our clients or you may also provide us with information about the transactions you have entered into with our clients.

Use of Information

We may use your personally identifiable information you submit to the Site(s) to contact you to deliver certain Services or information you have requested, verify your authority to enter our Site(s), consider your eligibility for employment, improve the content and general administration of the Site(s), provide Services, provide you with notices regarding goods and/or Services that you have purchased or may wish to purchase in the future, and for targeted advertising.

Vindicia uses the information Vindicia receives from you and our clients through your or our clients’ use of the Services to provide our Services to our clients, for example, to bill on our client’s behalf, dispute chargebacks, make a transaction risk determination, choose the right offer to present to you, or calculate tax. Such information about the transactions that you have made will be correlated with your personally identifiable information in a transaction history that Vindicia stores. We may also use aggregate information (defined below) to analyze and report upon trends, improve the Services we provide to you and our clients, and allow our clients to improve the services they offer you and prospective new customers, administer the Site(s) and gather broad demographic information for aggregate use.

Aggregate Information:

Some of the information collected by Vindicia is used for analysis purposes. This information is analyzed in an anonymous format. The groups created by such information are devoid of most personally identifiable information, such that individuals cannot be easily identified.

Disclosure and Onward Transfer of Information

We may provide your personally identifiable information and/or the aggregate information to our subsidiaries and affiliates. We may provide your personally identifiable information and/or the aggregate information to vendors and service agencies that we may engage to assist us in providing our Services to you. We also may provide a transaction risk score that we generate based on your transactions with other clients as well as an explanation of your score in general to our other clients in Vindicia’s network. Such third parties will be restricted from further distributing your personally identifiable information and must enter into a written confidentiality agreement with us. Vindicia is liable for appropriate onward transfers of personal data to third parties. We will return your personally identifiable information to the client (or their designated service provider) that originally provided such personally identifiable information to us upon that client’s request, provided that the recipient maintains the appropriate Payment Card Industry Data Security Standard (“PCI-DSS”) compliance. We will also disclose your personally identifiable information if we are required to do so by law, regulation (including a chargeback dispute process) or other government authority, or otherwise in cooperation with a bona-fide investigation of a governmental or other public authority, including to meet national security or law enforcement requirements, or to protect the safety of visitors to our Site(s) and our Services. We will not sell your personally identifiable information to any company or organization. We may transfer your personally identifiable information to a successor entity upon a merger, consolidation or other corporate reorganization in which Vindicia participates or to a purchaser of all or substantially all of Vindicia’s assets to which the Site(s) and/or Services relate.

Children’s Privacy

Vindicia recognizes the privacy interests of children and we encourage parents and guardians to take an active role in their children’s online activities and interests. The Site(s) are not intended for children under the age of 13. Vindicia does not target its Services or the Site(s) to children under 13. Vindicia does not knowingly collect personally identifiable information from children under the age of 13.

If we learn that we have collected or received personal information from a child under 13 without verification or parental consent, we will delete that information. If you believe we might have any such information from or about a child under the age of 13, please contact us at:

General Counsel
Vindicia, Inc.
303 Twin Dolphin Drive Suite 200
Redwood City, CA 94065-1424 USA
Phone: +1 650 264 4700, +1 650 264 4700
Email: privacy@vindicia.com

Cookies

We may use small text files called cookies to improve overall Service and Site(s) experience. A cookie is a piece of data stored on the user’s hard drive containing information about the user. Cookies generally do not permit us to personally identify you. You may refuse to accept cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of the Site(s) and/or Service(s). Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Site(s) and/or Service(s).

Links to Third Party Sites

The Site(s) may provide links to other Web sites or resources over which Vindicia does not have control (“External Web Sites”). Such links do not constitute an endorsement by Vindicia of those External Web Sites. You acknowledge that Vindicia is providing these links to you only as a convenience, and further agree that Vindicia is not responsible for the content of such External Web Sites. Your use of External Web Sites is subject to the terms of use and privacy policies located on the linked to External Web Sites.

Limiting the use of Personally Identifiable Information Collected Through the Site(s) and Services

You can limit our use of personally identifiable information collected through our Site by following the instructions at the bottom of each email we send you. You can limit our use of personally identifiable information that we obtain via our Service by managing your account at each of our client’s sites with whom you interact.

Reviewing and Deleting Personally Identifiable Information Collected Through the Site(s) and Services

Vindicia provides you with the ability to review, correct, and delete your personally identifiable information that we have received if it is inaccurate or if you believe that one of our clients made a decision that impacted you negatively based upon personally identifiable information we collected; provided, however, that Vindicia will retain a copy in its files of all personally identifiable information, even if corrected, necessary to resolve disputes. You have the right to review or delete the foregoing information, by contacting Vindicia at:

General Counsel
Vindicia, Inc.
303 Twin Dolphin Drive Suite 200
Redwood City, CA 94065-1424 USA
Phone: +1 650 264 4700, +1 650 264 4700
Email: privacy@vindicia.com

EU-U.S. Privacy Shield Framework

Vindicia complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  Vindicia has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, regarding the collection, use, and retention of personal information from European Union member countries, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

US-Swiss Safe Harbor Framework

Vindicia also complies with the US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from Switzerland.  Vindicia has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  If there is any conflict between the policies in this privacy policy and the Safe Harbor Privacy Principles, regarding the collection, use, and retention of personal information from Switzerland, the Safe Harbor Privacy Principles shall govern.  To learn more about the US-Swiss Safe Harbor and to view our certification page, please visit http://www.export.gov/safeharbor/

Privacy Complaints by European Union Citizens

In compliance with the EU-US Privacy Shield Principles, Vindicia commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this privacy policy should first contact Vindicia at:

General Counsel
Vindicia, Inc.
303 Twin Dolphin Drive Suite 200
Redwood City, CA 94065-1424 USA
Phone: +1 650 264 4700, +1 650 264 4700
Email: privacy@vindicia.com

Vindicia has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

Privacy Complaints by Swiss Citizens

In compliance with the US-Swiss Safe Harbor Principles, Vindicia commits to resolve complaints about your privacy and our collection or use of your personal information. Swiss citizens with inquiries or complaints regarding this privacy policy should first contact Vindicia at:

General Counsel
Vindicia, Inc.
303 Twin Dolphin Drive Suite 200
Redwood City, CA 94065-1424 USA
Phone: +1 650 264 4700, +1 650 264 4700
Email: privacy@vindicia.com

Vindicia has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

California Privacy Rights

California Civil Code section 1798.83 permits users of our Site(s) that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact Vindicia at:

General Counsel
Vindicia, Inc.
303 Twin Dolphin Drive Suite 200
Redwood City, CA 94065-1424 USA
Phone: +1 650 264 4700, +1 650 264 4700
Email: privacy@vindicia.com

Enforcement

Vindicia is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Security

We employ procedural and technological measures that are reasonably designed to help protect your personally identifiable information from loss, unauthorized access, disclosure, alteration or destruction. Vindicia uses encryption, Transport Layer Security, firewalls, password protection and takes other physical security measures and places internal restrictions on who within Vindicia may access your data to help prevent unauthorized access to your personally identifiable information. Our security is annually audited by a third party, under the framework of Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization, and by an additional third party to comply with the PCI-DSS for Level 1 service provider entities. Vindicia is listed on Visa USA’s list of Cardholder Information Security Program compliant providers. The PCI Standards are located at https://www.pcisecuritystandards.org/security_standards/index.php.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Site(s) and/or Service(s), you are responsible for keeping that password confidential. We ask you not to share your password with anyone. You also acknowledge that your account is personal to you and agree not to provide any other person with access to this Site or portions of it using your user name, password or other security information. You agree to notify us immediately of any unauthorized access to or use of your user name or password or any other breach of security. There are similar security dependencies for clients of our Service and we refer you to the appropriate section of our SSAE No. 16 for more information.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, as described above, we cannot guarantee the security of your personal information transmitted to our Site(s) and/or Service(s). Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site(s) and/or Service(s).

If you have any questions regarding this Privacy Policy please contact us via e-mail at: privacy@vindicia.com.

This Privacy Policy is effective as of August 17, 2016, and supersedes the Privacy Policies effective as of January 31, 2016, January 31, 2014, September 10, 2012, February 10, 2012, April 4, 2011, and May 22, 2008.