PLEASE READ THIS PRIVACY DISCLOSURE CAREFULLY BEFORE USING THIS SITE OR RELATED SERVICES
The Site is hosted on servers located in the United States of America and is intended for use by individuals and entities who are United States residents. All data collected from the Site is stored on servers within the United States that are owned and controlled by our third-party vendors or us. YOU EXPRESSLY ACKNOWLEDGE AND CONSENT THAT YOUR DATA MAY BE TRANSFERRED TO VARIOUS LOCATIONS AND THIRD-PARTY PROVIDERS, AND MAY BE MAINTAINED AND PROCESSED ON COMPUTERS LOCATED OUTSIDE OF YOUR STATE, PROVINCE, COUNTRY, OR OTHER GOVERNMENTAL JURISDICTION WHERE THE PRIVACY LAWS MAY NOT BE AS PROTECTIVE AS THOSE IN YOUR JURISDICTION.
You may visit our Site without expressly submitting any personally identifiable information about you. You may indicate your interest in becoming a participating merchant by submitting certain information as further described in the section entitled “Information We Collect.”
Information We Collect
If you indicate your interest in becoming a participating merchant, we will collect your name, business name, email, telephone, and mailing address. We offer our participating merchants two products: Merchant Cash Advance (“MCA”), through which we purchase future receivables of your business and market your business to our rewards program members, and Marketing Services (“MS”), through which we market your business to our rewards program members. If you enter into an agreement with us to become a participating merchant (“Participating Merchant”) of Rewards network, you become either a MCA client (“MCA Client”) or MS client (“MS Client”).
We have a robust information security program in place to protect both MCA Client and MS Client information. See Data Security Section below for additional details.
If you are interested in becoming an MCA Client, we ask you to submit a MCA Client application. Through the MCA Client application, we collect information about your business (including its sales, credit card processing, bank account and legal entity information) as well as information about you as the owner of your business (including your name, address, telephone number, email address, social security number, date of birth and driver’s license information). When you enter into an agreement to become an MCA Client, we use this information in order to support your relationship with us – to generate account balance statements, to respond to your account service inquiries via telephone or email, or to contact you about payment or other account service matters. We also collect content about your business as an MCA Client, such as menus, photos and logos. We use this content in order to market your business to our rewards program members.
If you are interested in becoming an MS Client, we collect information about your business (including your business name, address, telephone number, email address, and financial information about your restaurant’s historical sales. When you enter into an agreement to become an MS Client, we use this information in order to support your relationship with us – to generate billing statements, to respond to your account service inquiries via telephone or email, or to contact you about program performance, payment or other account service matters. We also collect content about your business as a MS Client, such as menus, photos and logos. We use this content in order to market your business to our rewards program members.
If you are an MCA or MS Client, you will receive access to our Comment Management System, a valuable tool for participating restaurants that allows you to connect with your diners outside of the restaurant – online, 24/7. When you log in to CMS, you can build customer relationships to encourage loyalty, and respond to customer feedback. In order to access the Comment Management System, your user name will be your email address and you will need to create a user name and password for your account with us.
We also collect information about your business’ credit card transactions as a Participating Merchant. We collect through your payment processor and American Express. As a Participating Merchant, you are authorizing us to monitor your business’ credit card sales through your payment processor and American Express.
We collect IP address information from any visitor to the Site. We log IP addresses for system administrative purposes only. IP addresses are not used for identification. This information helps us determine how often different areas of the Site are visited. We do not link IP addresses to any information that is personally identifiable.
Non-Personally Identifiable Information
When you visit the Site, we may collect usage information (“Session Data”) that is anonymous and is not linked to you as an individual. Session Data may include browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform. We may use Session Data for a variety of reasons, including to better understand things like how the Site is navigated, how many visitors arrive at specific pages, and the length and frequency of stays at our Site.
“Session cookies” track the user’s progression through the Site and session data for a single visit. These cookies enable us to follow the user as they progress from one page to another. Your session cookies expire at the end of your browser session. In addition, if you leave your browser open for a prolonged period, they are set to automatically expire.
“Persistent cookies” are stored on your device between browser sessions, allowing us to remember you and your preferences. We may use a persistent cookie to remember such information as your user name, name, preferred dining area, and favorite restaurants.
Most Internet browsers automatically accept cookies. However, you can instruct your browser to stop accepting cookies or prompt you before accepting a cookie from the sites you visit.
We do not sell information that identifies Merchants to any third party and we will not disclose your contact or other identifiable information to any third party for them to market to you directly without your prior express consent.
We may disclose any information, including identifiable information of any Merchant, to non-affiliated third party suppliers, vendors, contractors, and payment card networks (for example, American Express, MasterCard, or Visa) as necessary for the non-affiliated third party to provide services to us in connection with operating and managing our Programs, business, products and services, including addressing any issue that may arise in connection with a Merchant’s bank account.
We may disclose information that we may have, whether or not identifiable, as necessary for defending and bringing legal actions or if required by a government authority or legal process.
Disclosure of Anonymous Information
We may share anonymous or aggregated information that is not reasonably identifiable to you or your business with our affiliates, partners, merchants, and other third parties in our discretion. Such information could be used, for example, to provide us with statistical or other analysis. This information is de-identified and cannot reasonably be used to identify you personally or your business. This information is most often aggregated demographic and statistical information (such as information derived from your participation in any of our rewards programs (“Program(s)”),).
Transfer of Personal Information
Third Party Sites
Choices for Email and Marketing Communications
You may opt-out of receiving Program emails from us. However, doing so will affect your eligibility for all or some the benefits and participation in any event hosted across our site.
If you do not wish to receive email communications from us, you can unsubscribe from the link in the email you received, or indicate your preferences within a direct communication to us. You may also email us if you wish to unsubscribe, but for your security, please do not send credit or debit card information via email.
Do Not Track
We will automatically collect cookies and other non-personally identifying information when you visit the Site and, therefore, do not respond to Do Not Track (DNT) signals.
Retention and Disposal of Information
We retain your information as long as we determine it is required for the operation of our business and Program and to meet legal, regulatory, and other requirements.
We take reasonable steps to ensure that information is disposed of securely when we no longer require such data.
We take commercially reasonable steps to maintain physical, electronic, and procedural safeguards to protect your information. These safeguards may include data encryption, access authorization, firewalls, and physical access control to our data centers. We use industry-standard encryption technologies when transferring and receiving identifiable information. We maintain PCI DSS compliance. You can find our listing on the Visa Global Registry of Service Providers.
We maintain a Service Organization Control (SOC) 3 report. This assessment of our security practices enables you and your stakeholders to validate that we have obtained independent auditor assurance, which attests to our alignment with the American Institute of Certified Public Accountants (AICPA) Security Trust Principles. We may elect in the future to assess our security practices through a standard other than SOC, and we will in any case maintain and routinely test our controls related to the security, integrity, confidentiality and privacy of the information we collect, store and process.
Reviewing or Changing Your Information or Communications Preferences
At any time, if you are a registered Merchant, you can contact us to access and/or modify any information that we have for you or otherwise modify your preferences pertaining to communications (whether made by email, telephone). To review, change, or update your information or if you do not wish to receive email communications from us, contact us via one of the methods below:
By phone: Contact Client Services toll-free at (800) 422-5155
Merchants may also contact their Account Executive or Account Manager for assistance.
To protect your privacy and security, we will take reasonable steps to verify your identity before making corrections or granting access to your information.
No Use by Children
In no event may our Programs, our web site and mobile application, or our other services be used by a child, including any child under the age of 18.
Our IT Security & Privacy Office
The following person serves as the contact person for the IT Security & Privacy Office:
Two North Riverside Plaza, Suite 200
Chicago, Illinois 60606
Phone: (800) 422-5155
Cancellation and Terminating your Account
If you do not agree to have your information collected, shared and used as described in this Privacy Disclosure, you may terminate your Program account / contract at any time by contacting us at (800) 422-5155. If you no longer consent to this Privacy Disclosure and our collection and maintenance of this information, you must un-enroll from the Program / cancel your contract. If you elect to un-enroll / cancel, we will also need to disclose that information to Rewards Partners, non-affiliated third-party suppliers, vendors, contractors, payment card issuers, payment card processors, Payment Card Networks as necessary to allow them to remove you from the Program.