Privacy | BlueSnap

BlueSnap Privacy Policy v.2.0 Date: 25th May 2018

BlueSnap Respects Your Privacy

Introduction
This website and related services are owned and operated by BlueSnap, Inc. (“BlueSnap”) a global company providing payment gateway services and enabling eCommerce, marketing and payment processing, together with various subsidiaries including a European Union subsidiary BlueSnap Payment Services Limited, Canadian subsidiary BlueSnap Enterprise Canada ULC and Australian subsidiary BlueSnap Australia Pty Limited. References to BlueSnap in this policy also include these subsidiaries unless otherwise stated. Additional subsidiaries may be added over time and shall be governed by the terms of this policy.

We understand that you care about how your information is used and shared when you enter it on our websites, www.bluesnap.com, or use BlueSnap’s payment services as a merchant or shopper, and this notice describes our privacy policy and practices.

BlueSnap respects each individual’s right to personal privacy. We will collect and use information through our website including registration forms, inquiry forms, product transaction forms, mobile and API services only in the ways disclosed in this statement.

Online payment transactions involve transfer of data across international borders, as well backing up of data at our secured data centers in the EU and USA. This means that data may be transferred, processed and stored outside the EU, the European Economic Area (EEA) and Switzerland. By submitting your data directly or through a third party such as a merchant you are agreeing to such transfer, processing and storage.

BlueSnap is committed to maintaining the principles of transparency, accountability and choice regarding the collection and use of your personal information. BlueSnap Inc., is certified with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework full details of which appear in the dedicated section below.

When using BlueSnap’s services, technologies, functions, web site or applications, the terms of this policy will apply.

BlueSnap Services and You

BlueSnap acts as a technology provider supplying secure online and mobile digital payment processing services to businesses known as merchants so that they can sell their goods and services to their shoppers both domestically and worldwide.

The personal information collected by BlueSnap depends on how you are using our services.

Individuals typically interface with BlueSnap in one of the following ways:

Site Visitor: If you are visiting our website for details about our products and services, you may be asked to enter your personal details on an online form to receive more information. Cookies may be used to track site usage to assist in product development or monitor behavior for marketing purposes. Visitors from the EU/EEA may initially be asked to expressly consent to cookie usage.

Merchant: you may be a business customer that has consented to BlueSnap’s terms of service under a merchant or other formal agreement and use BlueSnap to conduct secure online sales. To set up a merchant account you will need to provide personal details, business data and identifying documentation.

Shopper: You may be a business or consumer using BlueSnap’s secure online payment technologies to complete the purchase of goods and services from a merchant that has selected BlueSnap as its payments solution. Your own choice of payment method will usually determine what personal data is passed to BlueSnap to enable your payment transaction to take place. It could be name, address and credit/debit card details, electronic bank transfer information, or pay-wallet credentials if using a service such as PayPal.

While such secure transactions may be completed in just a few seconds they are often complicated by the fact that live anti-fraud checks need to be conducted. Data also has to be passed to the relevant payment processors; banks, payment card and payment account services may need to be notified; legal tax invoices generated, and transaction confirmations delivered. Some or all of these steps may all involve the transfer and sharing of personal data down a chain of service providers, as well as the use of tracking cookies.

The Information BlueSnap Collects

The types of personal information we may obtain or you may choose to provide include:

Contact information (such as name, postal address, email address, phone number)
Business contact information, job function, title, department, name and size of organization
Username and password
Payment account data
Content provided (includes social media submissions – comments, articles, ratings)
Mobile and device unique identifiers
Geo-location data
Business records and identification documents
IP address, browser type, operating system
Other information (such as tracking behavior, cookie preferences, language preferences, age, date of birth, gender and family status), time stamps, device details

Some of this information may be collected automatically by using technologies such as cookies and web beacons, when you interact with advertisements, mobile applications, sales pages, website pages and other digital applications. Often shoppers will provide information themselves when interacting with merchants to purchase goods and services.

Use of Information Collected

The information is collected to perform the following functions:

Process payment transactions (including authorization, clearance, invoicing, tax calculation, currency exchange, shipping, delivery, processing refunds, chargebacks, provision of customer support and dispute resolution processes)
Generation of invoices, transaction confirmation notices, delivery of licenses, access keys, product download files and associated documentation, subscription accounts, instant notifications relating to transactions, refunds and refund notices, warranty and dispute records, customer profiles, tax payments
Communicate with you, respond to inquiries and send service notices, issue notices about functions and services you are registered to use including significant developments about the website and/or eCommerce services. (Users cannot normally op-out of this kind of email communication without cancelling the relevant service).
When BlueSnap acts as payment service provider, merchant and/or reseller for product suppliers, we may need to share relevant customer information with the specific merchant/product supplier involved in the transaction in order for them to fulfill the transaction. Such information is supplied on the condition that it will not be used for spamming or direct marketing by another party. Occasionally such product suppliers may sell, transfer or assign their business to new owners and in such circumstances data records may be accessible to the new owners subject to such parties satisfying the underwriting requirements of BlueSnap and assuming the ongoing responsibility for the proper protection of such data by committing to relevant contractual provisions
Check applications for use of BlueSnap services, perform account underwriting and KYC reviews, protect against and prevent customer and transaction fraud, unauthorized transactions, claims, manage risk exposure, conduct periodic risk reviews and credit checks
Evaluate business, product development, improve services, perform marketing activities, run billing, invoicing and account reconciliation functions
Compliance with legislation, regulations, legal requirements and law enforcement measures, orders and subpoenas from judicial and governmental authorities, enforcement and defense of contractual and legal rights and claims, generation of reserves, guarantees and sureties
Perform data analysis and generation of aggregated data reports based on anonymized information for benefit of BlueSnap, Merchants, processing partners, regulators and customers, auditing practices, conducting business intelligence, performance reporting
Compliance with internal policies, card industry and payment scheme requirements, Payment Card Industry (PCI) assessment and validation
Provide you with content, data and advertising tailored to your individual interests, enabling you to access BlueSnap services such as the Merchant or Shopper Control panel, support, chargeback management services
Review employment and business development applications
Consensual storage of shopper payment information for subsequent or recurring transactions
Track and identify sales referred by merchants’ sales affiliates and marketplace sellers

We may also use information in other ways for which we provide specific notice of at the time of collection.

Site Visitor: As a guest we may set tracking and behavioral cookies when accessing BlueSnap site and landing pages. These may include IP, device, technical usage, time, language and geolocation data. If you decide to request more information, sign up for newsletters, set up a sales call or use support facilities you may be asked to provide name and contact details.

Shopper: To process payment and delivery of products and services BlueSnap receives your transaction information – this may include name, ID info, address, email, phone number, delivery details, card/bank/pay wallet data, currency, transaction amount, gender, gift recipients, donations, IP, technical usage, language, geolocation and relevant affiliate tracking details. Support and post purchase services, refund and chargeback processes may require the use of similar information. You might have access to a shopper account generated by your merchant seller that is powered by or accessed through BlueSnap, to review purchases and set preferences for instance related to subscription and recurring charge transactions and payment card details.

Merchants: Business-related information is collected including corporate structure, tax numbers, beneficiaries, ID info, social security numbers, name, address, email, phone, banking details, references, financial information, locations, nationality, web site ownership, signatory information, staff access, PCI records, technical details, IP, verification and data relating to PCI/ KYC/AML/Transaction fraud checks, affiliate referral tracking details.

International Entities

BlueSnap’s services enable merchants to sell to shoppers across the world. This sometimes requires BlueSnap to provide services through specific legal entities. BlueSnap Inc., is based in the USA, and its affiliate BlueSnap Payment Services Ltd., is a regulated UK payments institution offering payment services across the EU/EEA. BlueSnap Enterprise Canada ULC offers payment services to Canadian merchants. BlueSnap Australia Pty Limited offers payment services to Australian merchants. Additional BlueSnap entities may be added and shall automatically be covered by this Privacy Policy.

How and Where Information is Stored

BlueSnap maintains administrative, technical and physical safeguards designed to protect the personal information provided or collected against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or misuse. Data is also routinely backed up at secure locations in Europe and the US in accordance with standard industry practice. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any further questions about privacy or security, or have reason to believe your data security has been compromised please contact us immediately by sending an email to: Security@bluesnap.com.

The international nature of BlueSnap’s services means that personal data may be transferred beyond your national borders when you use BlueSnap’s services or purchase from or sell to persons or entities outside your country. By using such services you are deemed to understand and accept that data may be subject to cross-border transfers.

How long data is retained

BlueSnap stores personal information for as long as necessary to fulfill the purpose for which the personal information was collected and as required or authorized by law. We take measures to delete or permanently de-identify personal information as required by law or if no longer required for the purpose for which it was collected. Certain data relating to transaction records particularly billing and invoice information may be required to be safeguarded for significant periods of time in accordance with standard tax and accounting practices, or to enable the refund and chargeback requests to be processed on behalf of shoppers.

Sharing of Personal Information

BlueSnap does not sell or otherwise disclose personal information we collect about you except as disclosed in this Privacy Policy or as may be disclosed to you at the time information is collected.

BlueSnap may share personal information collected with its subsidiaries and other BlueSnap entities that process payment transactions as well as relevant merchants, fraud prevention services, card and payment services, and payment processors/acquirers.

BlueSnap may share certain information with service providers who provide or perform services on behalf of BlueSnap. We authorize such services providers to use or disclose such information only as necessary to perform services on our behalf or to comply with legal requirements. Such entities are required by contract to safeguard the privacy and security of personal information processed on our behalf. We may also share personal information with other parties with your express consent.

Personal data used with respect to payment transactions involving individuals of the EU/EEA often needs to be passed to other parties as part of the transaction process. Transfers of data may be through APIs, email, and other formats, and may be bi-directional. BlueSnap takes steps to ensure that such parties are committed to compliance with applicable data law including the GDPR and that any additional Data Processors or Sub-Processors used are retained under a contractual duty of compliance and are able to respond to data subject access requests. In certain situations, BlueSnap and its subsidiaries might be deemed to be acting on the instruction of other transaction services or together with such parties, in which case BlueSnap shall itself be obligated to act in a manner compliant with applicable data law.

Certain Merchants might use checkout and other systems as part of the payment transaction process that might be integrated with BlueSnap. Accordingly personal information that you provide to such services either directly or through your selected Merchant might be passed to BlueSnap. BlueSnap treats such personal information in accordance with this Privacy Policy, however other entities might have their own policies and these should be thoroughly checked by you.

BlueSnap may use third-party service providers, for example to provide you with support when using our site and including the use of live chat software. When you sign up for our services we will share your personal information only as necessary for the third party to provide that service. Personal information collected relating to marketing and Merchant underwriting functions may be stored and processed on secure compliant cloud-based services provided by third parties to BlueSnap. Such service providers are contractually required by BlueSnap to act in compliance with relevant data law.

Merger, sale and/or transfer of corporate assets or reorganization

BlueSnap may transfer information as part of any corporate merger, sale, acquisition, transfer or assets or reorganization without notice. Such transfer will be on the basis of the continuation of all privacy rights set out in this document. You will be notified via email and/or a prominent notice on our website of any change in BlueSnap ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Compliance with court orders & law enforcement agencies

BlueSnap may be required to disclose personal information without notification in response to a lawful request by public authorities, including to meet national security requirements, or in order to comply with a legal requirement, legislation, regulation, court order or subpoena, or when we believe in good faith that disclosure is necessary to protect our rights, prevent harm of financial loss, protect your safety or the safety of others or investigate fraud or cooperate with law enforcement or government agencies, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

EU/EEA Data Privacy Law

With respect to data protection legislation in the European Economic Area, including the GDPR, BlueSnap acts as ‘Data Processor’ concerning shopper information of EU/EEA-based persons that is transmitted to BlueSnap either through a merchant or directly in order to process a purchase transaction.

When BlueSnap sets up an account for a merchant we are required to conduct to various payment security, anti-money laundering, credit and KYC checks. When managing such personal data with respect to EEA-based individuals BlueSnap acts as a ‘Data Controller’.

The UK-based subsidiary, BlueSnap Payment Services Limited is authorized by the UK’s Financial Conduct Authority (FCA) under the Payments Services Regulations 2009 reference no. 629580, for the provision of payment services. This company is a relevant establishment with a branch office in the EU, and is subject to the Payment Services Regulations 2017. BlueSnap Payment Services Limited is the representative for all other BlueSnap entities with respect to the provisions of the GDPR. Privacy matters concerning this company should be directed to BlueSnap through email at: PrivacyOptions@bluesnap.com

EU/EEA-based users will be asked to expressly consent to provision of personal information or initial setting of cookies when visiting BlueSnap web properties so that there is a clear legal basis for processing such data. In other cases personal information will be processed legally by virtue of the performance of the contractual obligations relating to a merchant and/or shopper, BlueSnap’s legitimate interest, or the defense or preservation of BlueSnap’s legal rights.

BlueSnap complies with legal requirements to provide adequate safeguards for the transfers of personal data outside the EU/EEA and Switzerland, and is certified under the EU/EEA-US and Swiss-US Privacy Shield schemes.

Individual users from the EU/EEA or other regions with laws governing data collection and use, should note that you are agreeing to the transfer of your personal information to the United States and other jurisdictions in which BlueSnap may operate. By providing your personal information with respect to a transaction or express consent mechanism, you consent to any transfer and processing in accordance with this Policy.

Individuals based in the EU/EEA have additional statutory data subject rights as shown below under the heading: EU/EEA Data Subject Rights

Automatic Processing & Profiling

Anti-fraud checks may involve the automatic processing and profiling of personal data.

EU-US Privacy Shield & Swiss-US Privacy Shield

BlueSnap Inc. complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. BlueSnap Inc. has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, BlueSnap Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to PrivacyOptions@bluesnap.com. If requested to remove data, we will respond within a reasonable timeframe.

Your right to access your personal data may be restricted in exceptional circumstances, including, but not limited to, when the burden or expense of providing this access would be disproportionate to the risks to your privacy in the case in question, or when the rights of persons other than you would be violated by the provision of such access. If we determine that your access should be restricted in a particular instance, we will provide you with an explanation of our determination and respond to any inquiries you may have.

We will also provide an individual opt-out or opt-in choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To limit the use and disclosure of your personal information, please submit a written request to PrivacyOptions@bluesnap.com.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

BlueSnap Inc.’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, BlueSnap remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless BlueSnap proves that it is not responsible for the event giving rise to the damage.

In compliance with the EU-US and Swiss-US Privacy Shield Principles, BlueSnap Inc., commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact BlueSnap at: PrivacyOptions@bluesnap.com.

Tel: +1 (781) 790-5013

Mailing Address: BlueSnap Corporate HQ, 800 South St, Suite 640, Waltham, MA

BlueSnap Inc. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

BlueSnap Inc., and its UK subsidiary BlueSnap Payment Services Limited are also contractually committed to handling such data transfers from the EU/EEA to other countries in accordance with the requirements of the European Union as set out in Set II of the model clauses published by the European Union in respect of Controller to Controller and Processor to Controller situations.

EU/EEA Data Subject Rights

Individuals from the EU/EEA may have the right to exercise additional data subject rights under data privacy laws including the following:

The right to request information about the purpose of the processing; the categories of personal data concerned; who else outside BlueSnap might have received the data from BlueSnap; what the source of the information was (if you did not provide it directly to BlueSnap); and how long it will be stored.

You have a right to correct the record of your personal data maintained by BlueSnap if it is inaccurate. You may also request that we cease using your data for direct marketing purposes.

Right of erasure: this is a right to erasure of personal information that we hold about you if it is no longer necessary in relation to the purpose for which it was originally collected. Please note that BlueSnap may need to retain certain data to complete transactions, perform refunds, maintain underwriting records or comply with legal obligations, tax and accounting requirements, etc.

Right to restrict processing of your personal information in certain circumstances, for example where such data is inaccurate or unlawfully held.

Right to data portability: this right is available in certain circumstances to receive your personal information in a structured, commonly used format and to have such data transferred to another service.

In order to exercise any of these rights please contact us as follows:

Shoppers should contact us at shoppers@bluesnap.com and Merchants should contact us at merchants@bluesnap.com

Please note that in situations where you are shopper your request to exercise a statutory right may need to be referred to the merchant who supplied the product.

Where you have provided consent to passing of personal information or cookie information to BlueSnap through an online consent form, you have the right to withdraw such consent, usually through a similar method as the original consent was given.

You may also have the right to complain to an EU/EEA data protection authority about our collection and use of your personal information.

Payment data

Personal payment information such as credit card numbers, bank account information, name, email address and phone number is routinely collected and passed on to authorized payment processors, banks, acquirers, and credit card companies in order to make payments sanctioned by BlueSnap customers. Such information is handled through industry standard secure protocols and where appropriate in accordance with relevant Payment Card Industry (PCI) compliance standards. Such data may also be passed when making payment through mobile devices.

Payment data may also be encrypted and securely stored by BlueSnap and appropriate merchants and product suppliers in accordance with PCI standards. When expressly directed and approved by a customer it may be used to generate recurring or new transactions as requested by such customer. Transaction details may also be passed to relevant taxation authorities in respect of sales taxes, VAT, GST, withholding tax, and other relevant taxes and duties.

Minors

BlueSnap does not actively market to children and we never knowingly ask a child under 13 to divulge personal information. Services and Information available to registered users on this site are NOT INTENDED FOR USE BY ANY PERSON UNDER THE AGE OF 18.

Please note that if it comes to our attention through reliable means that a registered user is under 18, we will cancel that user’s account. Online payment transaction forms are not provided for use in any event by persons under 18 years of age.

External links

BlueSnap offer links to other websites. Please note: when clicking on links to other websites, we encourage you to read their privacy policies. Their standards may differ from ours.

Social Media Widgets

Our online properties may include social media features, such as the Facebook and Twitter buttons and widgets, such as a ‘Share this’ button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

Forums and Group Boards

The BlueSnap website may offer comment facilities, forums and message boards. Please be advised that information voluntarily posted in these venues becomes public knowledge. To request removal of your personal information from our blog or community forum, contact us at PrivacyOptions@bluesnap.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

Changes in this policy & notification

BlueSnap reserves the right to change this policy as and when it sees fit. If our policy on information collection or uses changes, we will advise you by posting a dated copy here and you are advised to visit this page regularly to check for updates. If you are a registered BlueSnap merchant then you will also be advised via email. If we make any material changes we will notify you by email (sent to the email address specified in your account) or by means of a notice on this site prior to the change becoming effective.

Opt out process

You have the option not to be added to mailing lists operated by BlueSnap or a merchant/product supplier. In the case of opt out, such decision will be relayed to the relevant product supplier. To exercise your opt out rights, please send an email to PrivacyOptions@bluesnap.com requesting that your personal information be deleted from any mailing lists operated by BlueSnap or your product supplier. BlueSnap will act on your request and inform your merchant/product supplier of your request in order to fully respect your decision. You may also follow the unsubscribe instructions located at the bottom of the emails you receive.

California privacy rights

Residents of the State of California under the California Civil Code have the right to ask companies with whom they have an established business relationship with to provide certain information about the sharing of personal information with third parties for direct marketing purposes during the past year. If you want a copy of the information disclosure provided by this site, please send your request to: BlueSnap, Inc., 800 South Street, Suite 640, Waltham, MA 02453, USA

Australian privacy rights

BlueSnap complies with The Australian Privacy Act 1988 (Commonwealth) and the Australia Privacy Principles. Further information is available here.

Cookie Policy and Tracking Technologies

Please click here to review our Cookie Policy and learn about our use of tracking technologies.

BlueSnap’s policy on privacy and personal information use

(Ver. 1.13 Date: April 12th, 2017)

Introduction
This website is owned and operated by BlueSnap, Inc. (“BlueSnap”) a global company providing payment gateway services and enabling eCommerce, marketing and payment processing, with various subsidiaries including a European Union subsidiary BlueSnap Payment Services Limited and Canadian subsidiary BlueSnap Enterprise Canada ULC. References to BlueSnap in this policy also include these subsidiaries unless otherwise stated.

Online transactions involve transfer of data across international borders, as well a backing up of data at our secured data centers. This means that data may be transferred, processed and stored outside the EU, the European Economic Area (EEA) and Switzerland. By submitting your data you are agreeing to such transfer, processing and storage.

BlueSnap is committed to maintaining the principles of transparency, accountability and choice regarding the collection and use of your personal information.

EU-US Privacy Shield & Swiss-US Privacy Shield Frameworks

BlueSnap Inc., complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. BlueSnap Inc., has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/ This program only covers BlueSnap Inc., and not its non-US subsidiaries.

EU-US Privacy Shield & Swiss-US Privacy Shield – Inquiries & Complaints

In compliance with the EU-US and Swiss-US Privacy Shield Principles, BlueSnap Inc., commits to resolve complaints about your privacy and our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding this privacy policy should first contact BlueSnap at: PrivacyOptions@bluesnap.com.

BlueSnap Inc., has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

If your complaint is not resolved through the above channel, in certain limited circumstances you may qualify to invoke binding arbitration before the ‘Privacy Shield Panel’ set up by the US Department of Commerce and the European Commission.

BlueSnap is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

In addition to the EU-US and Swiss-US Privacy Shield frameworks, BlueSnap Inc., and its UK subsidiary BlueSnap Payment Services Limited are also contractually committed to handling such data transfers from the EEA to other countries in accordance with the requirements of the European Union as set out in Set II of the model clauses published by the European Union.

BlueSnap follows strict security features and procedures in its effort to prevent unauthorized access to your data, however the nature of the Internet is such that we cannot guarantee the absolute security of your data transmission, and so any transmission made by you is at your own risk.

Minors

Part I. Information collection

BlueSnap collects information through its website and related eCommerce services at several points.

We also collect user registration data such as name, email address, phone number and address when merchants, product suppliers or affiliates register to use BlueSnap eCommerce services by means of voluntary submission forms for the purpose of providing such users with our services. Information is also collected from online forms completed by people wishing to learn more about the BlueSnap product or from emails sent to BlueSnap.
When underwriting new merchants BlueSnap routinely collects ‘Know Your Customer’ and Anti-Money Laundering data from merchants, information relating to business structure, financial/accounting reports, corporate management, ultimate beneficiaries, contact information, ID documentation, tax details, bank references, bank account data and credit reports. Merchant details may be checked against government/ commercial lists and search libraries to verify that such details are correct and not subject to blacklisting or service prohibitions.
BlueSnap also collects personal and payment information from online transaction forms including those generated through BlueSnap APIs and completed by end customers using BlueSnap’s eCommerce services to buy products, subscriptions and services (“Products”) from product suppliers selling their products through BlueSnap.
To receive Products sold through BlueSnap and eCommerce services provided by BlueSnap, personal information is required because it is used to accurately build a customer profile and for ongoing communication with customers and product suppliers. Other information we request is optional.
We may also provide you the opportunity to add additional users to your account. When you add a user to your account we will collect personal information such as name and email address. If you have been added to an account and wish to access your personal information in order to update or delete it you should first contact the account administrator. You may also contact us at PrivacyOptions@bluesnap.com

Tracking Technologies

Important Note: Please click here for further cookie information applicable to certain European Union countries.

BlueSnap employs cookies. A cookie is a small text, graphic or flash file that our Web servers place on a user’s computer hard drive or other web-based device to act as a unique identifier. Cookies may also enable BlueSnap to automatically login a user back to our services provided he/she choose to enable such option. BlueSnap cookies do not have an expiration date. Our cookies may collect personally identifiable information, including the username and password to support optional automatic logon. Cookies may also be used to identify and track transactions introduced by recognized BlueSnap affiliates and also to support optional choices by users to save and make available for reuse certain payment information for future transactions. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.
Technologies such as: cookies, beacons, tags and scripts are used by BlueSnap and our marketing partners, merchants, affiliates, or analytics or service providers, including online customer support providers, online transaction processors. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML 5 or Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. To manage Flash LSOs please click here.
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may link this automatically collected data to other information we collect about you.
We may from time to time partner with a third party to either display advertising on our Web site or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here(or if located in the European Union click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.

Part II. Information usage

The information collected by BlueSnap, Inc. will be used by BlueSnap in conjunction with the terms specified in this document. Users who provide information may receive email announcements regarding BlueSnap’s services from time to time.
BlueSnap will share your personal information with third parties only in the ways that are described in this privacy policy. We do not sell your personal information to third parties.
Registered product suppliers may receive additional announcements from BlueSnap about transactions generated through BlueSnap eCommerce services, instant notifications, BlueSnap service changes, revisions and updates, affiliate product opportunities, services, legal notices, special offers, and a newsletter.
BlueSnap may also use personal information to provide announcements about functions or services that users are registered to use, about any user account they may create, about fulfillment of a specific transaction that may be requested, or about other significant developments that may affect use of the Site and or eCommerce services. Users cannot normally opt-out of this kind of email communication.
Information we collect from customers may be used to create online invoices, transaction confirmation notices, delivery of licenses, access keys and product download files and associated documentation, subscription accounts, instant notifications relating to such transactions, refunds and refund notices, warranty and dispute records, and customer profiles based on browsing or purchasing history. As BlueSnap is acting as payment service provider, merchant and/or reseller for product suppliers we need to share relevant customer information with the specific product supplier involved in the transaction in order for them to fulfill the transaction. Such information, if provided to product suppliers, is supplied on the condition that it should not be used for spamming or direct marketing by another party. Occasionally such product suppliers may sell, transfer or assign their business to new owners and in such circumstances data records may be accessible to the new owners subject to such parties satisfying the requirements of BlueSnap and assuming the ongoing responsibility for the proper protection of such data.
Out of respect for the privacy of our Customers we present the option to opt out of any mailing lists operated by BlueSnap or relevant product suppliers as set out in the Opt Out section of this policy.
Where customer data is passed to a relevant product supplier the use of such information may be subject to the privacy policy of such product supplier and their standards may differ from those of BlueSnap.

Payment data

Personal payment information such as credit card numbers, bank account information, name, email address and phone number is routinely collected and passed on to authorized payment processors, banks, acquirers, and credit card companies in order to make payments sanctioned by BlueSnap customers. Such information is handled through industry standard secure protocols and where appropriate in accordance with relevant Payment Card Industry (PCI) compliance standards. Such information may also be passed when making payment via BlueSnap through mobile devices.

Such data may also be encrypted and securely stored by BlueSnap and appropriate merchants and product suppliers in accordance with PCI standards. When expressly directed and approved by a customer it may be used to generate recurring or new transactions as requested by such customer. Transaction details may also be passed to relevant taxation authorities in respect of sales taxes, VAT, withholding tax, and other relevant taxes and duties.

Certain data may be subject to analysis and checking by third-party fraud prevention services in accordance with payment industry practice.

Service providers

We use other third parties such as a service provider to provide you with support when using our site and including the use of live chat software. When you sign up for our services we will share your personal information only as necessary for the third party to provide that service. In cases of onward transfer to third parties of data of EU and Swiss individuals received pursuant to the EU-US Privacy Shield and Swiss-US Privacy Shield frameworks, BlueSnap is potentially liable.

Affiliate tracking information

Certain product transactions may have taken place following a valid referral by a recognized affiliate introduction. In such cases basic non-personal information about the transaction will be tracked and passed to the relevant affiliate so that their role in the sale can be recorded and any due affiliate commission paid over at the relevant time.

Forums and Group Boards

The BlueSnap website may offer forums and message boards. Please be advised that information voluntarily posted in these venues becomes public knowledge. To request removal of your personal information from our blog or community forum, contact us at PrivacyOptions@bluesnap.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.

External links

We offer links to other websites including those of product suppliers. Please note: when clicking on links to other websites, we encourage you to read their privacy policies. Their standards may differ from ours.

Social Media Widgets

Our Web site includes Social Media Features, such as the Facebook and Twitter buttons and Widgets, such as the Share this button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

Compliance with court orders & law enforcement agencies

BlueSnap may be required to disclose an individual’s personal information without notification in response to a lawful request by public authorities, including to meet national security requirements, or in order to comply with a legal requirement, court order or subpoena, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others or investigate fraud or to cooperate with law enforcement or government agencies.

Merger, sale and/or transfer of corporate assets or reorganization

Changes in this policy & notification

BlueSnap reserves the right to change this policy as and when it sees fit. If our policy on information collection or uses changes, we will advise you by posting a dated copy here or if you are a registered BlueSnap user then you will also be advised via email. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this site prior to the change becoming effective.

Opt out process

Customers have the option not to be added to mailing lists operated by BlueSnap or the product supplier. In the case of opt out such decision will be relayed to the relevant Product Supplier. To exercise your opt out rights please send an email to us at PrivacyOptions@bluesnap.com requesting that you personal information be deleted from any mailing lists operated by BlueSnap or your Product Supplier. BlueSnap will act on your request and inform your Product Supplier of your request and of the need to fully respect your decision. You may also follow the unsubscribe instructions contained in each of the emails you receive.

California privacy rights

Residents of the State of California under the California Civil Code have the right to ask companies with whom they have an established business relationship to provide certain information about the sharing of personal information with third parties for direct marketing purposes during the past year. If you want a copy of the information disclosure provided by this Site then send your request to: BlueSnap, Inc., 800 South Street, Suite 640, Waltham, MA 02453, USA

Part III. Access to information

BlueSnap, Inc. maintains the accuracy of our information by acknowledging the right of users to access their personal information and allowing updates to take effect immediately. Registered users may access their own personal information via our login pages, both for customers and merchants and update any inaccuracies they may find. Users may choose to remove their information from our database by contacting us in writing at: BlueSnap, Inc., 800 South Street, Suite 640, Waltham, MA 02453, USA. We will respond to your request to access within 30 days.

BlueSnap will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal and tax obligations, resolve disputes, and enforce our agreements.

Part IV. Problem resolution

If problems arise, customers and merchants may contact BlueSnap by, email or mail, see here for more information. We are committed to resolving disputes within 5 business days. For customers based in the European Union certain additional standard statutory rights may apply with respect to resolution of customer and merchant complaints as set out in the BlueSnap information page at: https://home.bluesnap.com/ecommerce/legal/dispute-resolution/

Part V. Data storage and security

BlueSnap protects user information both in our servers and on the users computer with the following industry standard security measures: registry data encryption, data file encryption, secure servers, firewalls, encryption of sensitive information such as your payment information and other proprietary technologies and procedures used to protect consumer privacy. Data is also routinely backed up at secure international locations in accordance with standard industry practice. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any further questions about privacy or security, please contact us by sending an email to: Security@bluesnap.com.

Note: BlueSnap UK-based subsidiary, BlueSnap Payment Services Limited is authorized by the UK’s Financial Conduct Authority under the Payments Services Regulations 2009 reference no. 629580, for the provision of payment services. This company is a relevant establishment with a branch office in the EU. Privacy matters concerning this company should be directed to BlueSnap at the US office address appearing in section III above and through email at: PrivacyOptions@bluesnap.com

Previous Versions:

v1.13 Date: April 12, 2017

v1.12 September 14, 2016

v1.11 January 28, 2016

v1.10 December 21, 2014
v1.9 July 10, 2014
v1.8 July 7, 2013
v1.7 December 2, 2012
v1.6 November 12, 2012*
v1.5 April 10, 2012
v1.4 March 1, 2010
v1.3 February 12, 2007
*References to BlueSnap Inc. added April 3rd, 2012

Legal Documents

Privacy policy

BlueSnap’s policy on privacy and personal information use

(Ver. 1.13 Date: April 12th, 2017)

Interested in learning more?