Last Updated: January 1, 2020
- United States only
- What we collect and how we use it
- Identifiable information
- Information we collect
- IP addresses
- Non-personally identifiable information
- Session data
- Disclosure of personal information
- Disclosure of anonymized information
- Transfer of personal information
- Third party sites
- Choices for email communications
- Do not track
- Retention and disposal of information
- Data security
- Reviewing or changing your information
- No use by children
- Our information security management group
- Cancellation and terminating your account
- Your California privacy rights
United States only
The Site is hosted on servers located in the United States of America and is intended for use only by individuals and entities located in the United States. BY USING THIS SITE, YOU EXPRESSLY ACKNOWLEDGE AND CONSENT THAT YOUR DATA MAY BE TRANSFERRED TO VARIOUS LOCATIONS AND THIRD-PARTY PROVIDERS, AND MAY BE MAINTAINED AND PROCESSED ON COMPUTERS LOCATED OUTSIDE OF YOUR STATE, PROVINCE, COUNTRY, OR OTHER GOVERNMENTAL JURISDICTION WHERE THE PRIVACY LAWS MAY NOT BE AS PROTECTIVE AS THOSE IN YOUR JURISDICTION.
What we collect and how we use it
You may visit our Site without expressly submitting any personally identifiable information about you. You may indicate your interest in becoming a participating merchant by submitting certain information as further described in the section entitled “Information We Collect.”
Information we collect
If you indicate your interest in becoming a participating merchant, we will collect your name, business name, email, telephone, and mailing address. We offer our participating merchants two products: Merchant Cash Advance (“MCA”), through which we purchase future receivables of your business and market your business to our rewards program members, and Marketing Services (“MS”), through which we market your business to our rewards program members. If you enter into an agreement with us to become a participating merchant (“Participating Merchant”) of Rewards network, you become either an MCA client (“MCA Client”) or MS client (“MS Client”).
We have a robust information security program in place to protect both MCA Client and MS Client information. See Data Security Section below for additional details.
If you are interested in becoming an MCA Client, we ask you to submit an MCA Client application. Through the MCA Client application, we collect information about your business (including its sales, credit card processing, bank account, and legal entity information) as well as information about you as the owner of your business (including your name, address, telephone number, email address, social security number, date of birth, and driver’s license information). When you enter into an agreement to become an MCA Client, we use this information in order to support your relationship with us — to generate account balance statements, to respond to your account service inquiries via telephone or email, or to contact you about payment or other account service matters. We also collect content about your business as an MCA Client, such as menus, photos, and logos. We use this content in order to market your business to our rewards program members.
If you are interested in becoming an MS Client, we collect information about your business (including your business name, address, telephone number, and email address) and financial information about your restaurant’s historical sales. When you enter into an agreement to become an MS Client, we use this information in order to support your relationship with us — to generate billing statements, to respond to your account service inquiries via telephone or email, or to contact you about program performance, payment or other account service matters. We also collect content about your business as an MS Client, such as menus, photos, and logos. We use this content in order to market your business to our rewards program members.
If you are an MCA Client or MS Client, or otherwise registered with us, we may also use the information you provide us to send you emails or to serve you ads about products and services or special offers.
If you are an MCA or MS Client, you will receive access to our Comment Management System, a valuable tool for participating restaurants that allows you to connect with your diners outside of the restaurant — online, 24/7. When you log in to the CMS, you can build customer relationships to encourage loyalty and respond to customer feedback. In order to access the Comment Management System, your user name will be your email address and you will need to create a user name and password for your account with us.
We also collect information about your business’s credit card transactions as a Participating Merchant. We collect through your payment processor and American Express. As a Participating Merchant, you are authorizing us to monitor your business’s credit card sales through your payment processor and American Express.
We collect IP address information from any visitor to the Site. We log IP addresses for system administrative purposes only. IP addresses are not used for identification. This information helps us determine how often different areas of the Site are visited. We do not link IP addresses to any information that is personally identifiable.
Non-personally identifiable information
When you visit the Site, we may collect usage information (“Session Data”) that is anonymous and is not linked to you as an individual. Session Data may include browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform. We may use Session Data for a variety of reasons, including to better understand things like how the Site is navigated, how many visitors arrive at specific pages, and the length and frequency of stays at our Site.
We may have the ability to collect location data and provide you with push notifications based on your location and past dining activity. We utilize location information to provide you with more relevant location-based restaurant choices, track your general dining patterns and stores that you visit, and also aggregate this data to help understand general Program member patterns and trends, which we may share with third parties in our discretion. You are agreeing that we can collect and use your location data and can continue to do so until you turn off your location settings.
Your device may allow you to disable the collection of location data and push notifications by accessing your device’s application or notification settings. If you do not want us to have access to your location, you may change your location settings. You are agreeing that we can continue to collect location data until you turn off data collection in your device. We have no responsibility or liability for the functions of location settings within any device.
Most Internet browsers automatically accept cookies. However, you can instruct your browser to stop accepting cookies or prompt you before accepting a cookie from the sites you visit.
We use Google Analytics in order to analyze traffic and performance related to the Site. To learn how Google uses data when you use our Site, visit www.google.com/policies/privacy/partners/. To learn about certain choices you may have relating to Google Analytics, visit https://support.google.com/analytics/answer/181881.
When you visit the Site, we automatically collect usage information about how you use and navigate the Site (“Session Data”). Session Data may include browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform. Session Data may also include the number and frequency of visitors to each page on the Site, the length of their stays, the type of operating system each visitor is using, the address (or URL) of the web site that the visitor came from before visiting the Site, and which links were clicked on. We may use Session Data for a variety of reasons, including to better understand things like how the Site is navigated, how many visitors arrive at specific pages, and the length and frequency of stays at our Site.
Disclosure of identifiable information
We do not sell information that identifies Merchants to any third party and we will not disclose your contact or other identifiable information to any third party for them to market to you directly without your prior express consent.
We may disclose any information, including identifiable information of any Merchant, to non-affiliated third-party suppliers, vendors, contractors, and payment card networks (for example, American Express®, Mastercard®, or Visa®) as necessary for the non-affiliated third party to provide services to us in connection with operating and managing our Programs, business, products, and services, including addressing any issue that may arise in connection with a Merchant’s bank account.
We may disclose information that we may have, whether or not identifiable, as necessary for defending and bringing legal actions or if required by a government authority or legal process.
Disclosure of anonymized information
We may share anonymous or aggregated information that is not reasonably identifiable to you or your business with our affiliates, partners, merchants, and other third parties in our discretion. Such information could be used, for example, to provide us with statistical or other analysis. This information is de-identified and cannot reasonably be used to identify you personally or your business. This information is most often aggregated demographic and statistical information (such as information derived from your participation in any of our rewards programs (“Program(s)”).
Transfer of personal information
Third party sites
Choices for email and marketing communications
You may opt-out of receiving Program emails from us. However, doing so will affect your eligibility for all or some the benefits and participation in any event hosted across our site.
If you do not wish to receive email communications from us, you can unsubscribe from the link in the email you received, or indicate your preferences within a direct communication to us. You may also email us if you wish to unsubscribe, but for your security, please do not send credit or debit card information via email. Your browser may give you the ability to control cookies. How you do so depends on the type of cookie. Certain browsers can be set to reject browser cookies. If you block cookies, certain features on our Site may not work. Certain options you select are browser and device specific.
Do not track
We will automatically collect cookies and other non-personally identifying information when you visit the Site and, therefore, do not respond to Do Not Track (DNT) signals.
Retention and disposal of information
We retain your information as long as we determine it is required for the operation of our business and Program and to meet legal, regulatory, and other requirements.
We take reasonable steps to ensure that information is disposed of securely when we no longer require such data.
We take commercially reasonable steps to maintain physical, electronic, and procedural safeguards to protect your information. These safeguards may include data encryption, access authorization, firewalls, and physical access control to our data centers. We use industry-standard encryption technologies when transferring and receiving identifiable information. We maintain PCI DSS compliance. You can find our listing on the Visa Global Registry of Service Providers.
We maintain a Service Organization Control (SOC) 3 report. This assessment of our security practices enables you and your stakeholders to validate that we have obtained independent auditor assurance, which attests to our alignment with the American Institute of Certified Public Accountants (AICPA) Security Trust Principles. We may elect in the future to assess our security practices through a standard other than SOC, and we will in any case maintain and routinely test our controls related to the security, integrity, confidentiality, and privacy of the information we collect, store, and process.
Reviewing or changing your information or communications preferences
At any time, if you are a registered Merchant, you can contact us to access and/or modify any information that we have for you or otherwise modify your preferences pertaining to communications (whether made by email or telephone). To review, change, or update your information or if you do not wish to receive email communications from us, contact us via one of the methods below:
- By phone: Contact Client Services toll-free at (800) 422-5155
- By email: firstname.lastname@example.org
- Merchants may also contact their Account Executive or Account Manager for assistance.
To protect your privacy and security, we will take reasonable steps to verify your identity before making corrections or granting access to your information.
No use by children
In no event may our Programs, our web site and mobile application, or our other services be used by a child, including any child under the age of 18.
Our information security management group
The following person serves as the contact person for the ISMG:
SVP, Chief People & Legal Officer
Two North Riverside Plaza, Suite 200
Chicago, Illinois 60606
Phone: (800) 422-5155
Cancellation and terminating your account
If you do not agree to have your information collected, shared, and used as described in this Privacy Disclosure, you may terminate your Program account / contract at any time by contacting us at (800) 422-5155. If you no longer consent to this Privacy Disclosure and our collection and maintenance of this information, you must un-enroll from the Program / cancel your contract. If you elect to un-enroll / cancel, we will also need to disclose that information to Rewards Partners, non-affiliated third-party suppliers, vendors, contractors, payment card issuers, payment card processors, Payment Card Networks as necessary to allow them to remove you from the Program.
Your California privacy rights
Pursuant to applicable California law, including the California Consumer Privacy Act (CCPA), Rewards Network makes the following disclosures regarding personal information collected and/or sold by us:
Category of personal information
Category or source from which data is collected
Purpose of collection
Category of service providers to whom data is disclosed
Category of third parties to whom data is sold
|Identifiers, such as your name, address, and email address.||You, and sometimes the Rewards Partner.||To facilitate the program, communicate with you, and accurately award rewards.||Rewards Partner, Credit Card Processor/Payment Card Network, Service Providers who provide email and customer service support.||Your personal information is never sold.|
|The credit card number used to register for the Program.||You, and depending on the type of card you use, the issuing bank or Rewards Partner.||To facilitate the program and accurately award rewards.||Credit Card Processor/Payment Card Network.||Your personal information is never sold.|
|Commercial information, relating to transactions you make at restaurants.||The Payment Credit Card Processor/Payment Card Network, Participating Merchants.||To facilitate the program and accurately award rewards.||Restaurant Partners (in the aggregate only), Credit Card Processor/Payment Card Network, Service Providers providing email and customer service support.||Your personal information is never sold.|
|Internet or other electronic network activity information, including cookies and utilizing Google Analytics Tools.||You, and your activity on the Program websites. Depending on the type of information, sometimes through email communications.||To improve the Program to provide you with the best experience possible, including suggesting restaurants.||Service Providers providing email and customer service support, Service Providers who assist with marketing initiatives.||Your personal information is never sold.|
|Geolocation data, including where you are when you open the dining app or website.||You, and the device you use to access the mobile site and website.||To improve the program and make suggestions based on your location.||Service Providers who provide technical support for this functionality.||Your personal information is never sold.|
If you are a California resident, then pursuant to the California Consumer Privacy Act (CCPA), you have the right to request:
- the categories of personal information Rewards Network has collected about you;
- the categories of sources from which your personal information is collected;
- the business or commercial purpose of collecting or selling your personal information;
- the categories of Third Parties with whom Rewards Network shares your personal information;
- the specific pieces of personal information Rewards Network has collected about you;
- the categories of personal information that Rewards Network has sold about you and the categories of Third Parties to whom the personal information was sold, if applicable;
- deletion of your personal information; and
- an opt out of having your personal information disclosed or sold to Third Parties.
To submit a request, please complete this form or contact us at (877) 737-3787
However, Rewards Network will not be required to comply with your request to delete your personal information if it is necessary for us to maintain your personal information in order to:
- complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of Rewards Network’s ongoing business relationship with you, or otherwise perform a contract between you and Rewards Network;
- detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- debug to identify and repair errors that impair existing intended functionality;
- exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code;
- engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when Rewards Network’s deletion of the information is likely to render impossible or seriously impair the achievement of such research, if you have provided informed consent;
- to enable solely internal uses that are reasonably aligned with your expectations based on your relationship with Rewards Network;
- comply with a legal obligation; or
- otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Rewards Network will not discriminate against you in the event you exercise any of the aforementioned rights under CCPA, including, but not limited to, by:
- denying goods or services to you;
- charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- providing a different level or quality of goods or services to you; or
- suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Do we collect information from children?
Our Site is not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Site. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on the Site or on or through any of its features, including your name, address, telephone number, e-mail address or any username you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at email@example.com.
Pursuant to CCPA, we will not sell the personal information of any consumer less than 18 years of age.