Last Modified: September 7, 2022
Payactiv, Inc. (“Payactiv,” “we,” “us,” or “our”) provides the Payactiv platform, this website, mobile applications, and related services (together, the “Services”). This Privacy Policy (“Privacy Policy”), which is incorporated into and is subject to the Payactiv Terms of Use, describes the information that we gather from you on the Service, how we use and disclose such information, and the steps we take to protect such information. By agreeing to this Privacy Policy, you agree to the terms as they exist at the time of your use of the Services.
Policy Scope and Links to Other Services
This Privacy Policy addresses activities on the Service provided by Payactiv. The Service may contain features or links to websites and services provided by third parties, and other products and services that may be made available to you through a third-party website (“Third-Party Service”). Any information you provide to a Third-Party Service, is subject to the policies, if any, of their respective operators governing privacy and security, even if accessed through the Service. We have no control over the nature, content, availability, or privacy and security practices of any Third-Party Service or any third-party sites or services which are linked from, or can be accessed through the Service. This Privacy Policy does not cover the links within the Service that link to such other Third-Party Services. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
The Information We Collect and How We Use It
Payactiv collects personal information about you in order to:
When you use the Service or a Third-Party Service, we may collect information about you, either directly from you or from the entity that operates the Third-Party Service. Personal information we collect may include:
We collect and use the personal information described above in order to provide you with the Services in a reliable and secure manner. We also collect and use personal data for our legitimate business interests. To the extent we process your personal data for other purposes, we ask for your consent in advance.
By using the Services, you acknowledge and agree that your data and information will also be treated in accordance with Plaid’s privacy policy, located at https://plaid.com/legal.
By using the Services and if applicable, you also authorize your wireless operator (AT&T, Sprint, T-Mobile, US Cellular, Verizon, or any other branded wireless operator) to use, or to disclose to Payactiv or its service providers your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber and device status details, if available, where provided in accordance with your mobile operator’s privacy policy for the duration of our business relationship solely to help verify your identity and to protect against or prevent actual or potential fraud or unauthorized use of our services.
Through the Service
As is true of most other services, the Service collects certain information automatically and stores it in log files. The information may include (i) internet protocol (“IP”) addresses, (ii) the region or general location where your computer or device is accessing the internet, (iii) browser type, (iv) operating system, and (v) other usage information about the use of the Service, including a history of the pages you view.
We may use cookies and automatically collected information to: (i) personalize our Service, such as remembering information about you so that you will not have to re-enter it during your visit or the next time you visit the Service; (ii) provide customized advertisements, content, and information; (iii) monitor and analyze the effectiveness of the Service and third-party marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track your entries, submissions, and status in any promotions or other activities on the Service.
When you use the Service, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Service. Please review your web browser “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept cookies from the Service, you may not be able to utilize the features of the Service to their fullest potential. We may use third party cookies on our Service as well. Payactiv does not process or respond to web browsers’ “do not track” signals or other similar transmissions that indicate a request to disable online tracking of users who visit our Site or who use our Service.
We may also automatically record certain information from your device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service. We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message. This information is gathered from all users, and may be connected with other information about you.
Aggregated Service Data
In an ongoing effort to better understand and service Payactiv’s customers, at times Payactiv conducts research on its customer demographics, interests and behavior based on the personal information and other information provided to us. This research may be compiled and analyzed on an aggregate basis and Payactiv may share this aggregate data with its affiliates, agents, and business partners. This aggregate information does not identify you personally and is not considered to be personal information.
When and How We Share Information with Others
Except as described in this Privacy Policy, we will not disclose information about you that we collect on the Service to third parties without your consent. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
We share personal information with third parties who are facilitating the delivery of Services. These third parties, which may include financial institutions that process disbursements of funds or third-party web hosts, may have access to or process information about you as part of providing those services for us. Generally, we limit the information provided to these service providers to information that is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information. Such third parties must agree to use such personal data only for the purposes for which they have been engaged by Payactiv and they must either:
We may disclose information about you to your employer in order to enable us to verify your identify and otherwise provide the Service to you.
We may disclose information about you if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
We also reserve the right to disclose information about you that we believe, in good faith, is appropriate or necessary to: (i) take precautions against liability; (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity; (iii) investigate and defend ourselves against any third-party claims or allegations; (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available; or (v) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others.
Information about our users may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
We may make certain aggregated, automatically-collected, or otherwise de-identified information available to third parties for various purposes, including: (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Service. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Your Choices About Your Information
We offer you choices regarding the collection, use, and sharing of your personal information and we’ll respect the choices you make. Please note that if you decide not to provide us with the personal information that we request, you may not be able to access all of the features of the Services.
If you wish to access or amend any personal information you have provided to us, you may do so through the Service or through a Third-Party Service, or you may contact us at [email protected] In your request, please note you are writing about “personal information” in the subject or body of the email. Please note that while any changes you make will be reflected in active databases within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please submit your request to [email protected] In your request, please attest to the fact that you are a California resident and provide a current California address for our response.
If you receive marketing email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt out from receiving marketing email from us by sending your request to us by email at [email protected] or by writing to us at the address given at the end of this Policy. In your request, please note you are writing to “unsubscribe” in the subject or body of the email or correspondence.
Please be aware that if you opt out of receiving marketing email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten (10) business days for us to process your request, and you may continue receiving promotional communications from us during that period. After you opt out from receiving marketing messages from us, you will continue to receive administrative messages from us regarding the Service.
Security of Your Information
We maintain physical, technical and administrative safeguards to protect your personal information. Our servers are located in the United States and to provide you with the Services, we may store, process and transmit information in the United States. Personal information may also be stored locally on the device you use to access the Services.
When you submit information to us, your information is protected both online and offline. Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. The computers/servers in which we store personal information are kept in a secure environment. Only employees who need access to the information to perform a specific job (for example, in order to provide customer service) are granted access to personal information. In addition, we commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities.
Compromise of Personal Information
In the event that personal information is compromised as a result of a breach of security, Payactiv will promptly notify those persons whose personal information has been compromised in accordance with the notification procedures set forth in this Privacy Policy or any other applicable law.
Data Retention
We only retain collected personal information for a limited period of time for as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law.
All data in the Payactiv platform is retained for 7 years as required by law. A customer may request deletion of their data, but certain transaction information must be retained for legal purposes. After 7 years, personal information is deleted but certain non-specific transactional information is retained.
If you would like to inquire as to what, if any, of your personal information we have or request deletion of any personal information you have submitted to us, please contact us at [email protected] In your request, please note you are writing about “personal information” in the subject or body of the email.
Children
Payactiv does not knowingly collect personal information from children under the age of 13. If you are under the age of 13, please do not submit any personal information through the Services. If you have reason to believe that a child under the age of 13 has provided personal information to Payactiv through the Services, please contact us, and we will endeavor to delete that information from our databases.
Notification Procedures
It is our policy to provide notifications, whether such notifications are required by law or are for marketing or other business-related purposes, to you by (i) email notice, (ii) written or hard copy notice, or (iii) through conspicuous posting of such notice on this website, as determined by Payactiv in its sole discretion. We reserve the right to determine the form and means of providing notifications to you, provided that you may opt out of certain means of notification as described in this Privacy Policy.
Changes and Updates to the Privacy Policy
Payactiv reserves the right to amend the Privacy Policy at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy on this website. Changes to this Privacy Policy are effective when they are posted on this page. When we change the policy in a material manner we will let you know by updating the “Effective Date” at the top of this page.
If you have any questions or comments about this Privacy Policy please contact us by email at [email protected] and please note you are writing about “Privacy Policy” in the subject or body of the email. or by postal mail at:
Payactiv, Inc.
4880 Stevens Creek Blvd. Suite 102
San Jose, CA 95129
Effective Date: April 12, 2021
This Privacy Notice for California Residents (“CCPA Privacy Notice”) supplements the information contained in the Privacy Policy of Payactiv (“Payactiv”, “we,” “us,” or “our”) and applies only to visitors, users, and others who reside in the State of California (“consumers” or “you”). Payactiv provides the Payactiv platform, this website, mobile applications, and related services (together, the “Services”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this notice.
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“Personal Information”). Personal Information we have collected from you over the past 12 month period may include the following categories:
Category | Examples | Collected by Payactiv |
Identifiers | Name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. | Yes |
Personal information described in Cal. Civ. Code § 1798.80(e). | Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Yes |
Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | No |
Commercial information. | Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | No |
Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | No |
Internet or other similar network activity. | Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement. | Yes |
Geolocation data. | Physical location based on your IP address. | Yes |
Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | No |
Professional or employment-related information. | Current or past job history or performance evaluations. | No |
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No |
Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | No |
Personal information does not include:
Use of Personal Information
Except as described in this CCPA Privacy Notice, we will not disclose information about you that we collect on the Services to third parties without your consent. We may use and/or disclose the Personal Information described above for one or more of the following business purposes:
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosing Personal Information
We may disclose information to third parties for a business purpose if you consent to us doing so and. In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose:
We disclose your Personal Information to the following categories of third parties for a business purpose:
In the preceding twelve (12) months, we have not sold any Personal Information.
We collect Personal Information relating to you from the following categories of sources:
The CCPA providers California residents with specific rights regarding their Personal Information. The following is a description of your rights under the CCPA and how you can exercise such rights.
Access and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we verify your request, we will disclose to you:
Right to Deletion
You have the right to request that we delete any of your Personal Information that we have collected from you and that we retain, subject to the limitations set forth below. Once we have received a verifiable consumer request (as described below), we will delete your Personal Information from our records and direct any service providers to do the same, unless an exception applies.
We may deny your request to delete your Personal Information if we need that information for any of the following purposes:
Right to Opt-Out of the Sale of Your Personal Information
California residents have the right to opt-out of the sale of their personal information. However, Because we do not sell personal information, there is no need to submit such a request to us.
Shine the Light
California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please submit your request to [email protected]. In your request, please state that you are a California resident and provide a current California address for our response.
Exercising your Rights – Verifiable Consumer Requests
To exercise any of your rights described in this CCPA Privacy Notice, please submit a verifiable consumer request to us by calling us at: +1(408) 606-8443; visiting us at www.Payactiv.com; or emailing as at [email protected] (in your request, please note you are writing about “Personal Information” in the subject or body of the email).
Only you or an agent registered with the California Secretary of State who is authorized by you can submit a verifiable consumer request relating to your Personal Information. You, or your agent, may only make two verifiable consumer requests within a twelve-month period. You must provide us with information that is sufficient to allow us to reasonably verify your identity, or to confirm that you are an authorized representative of that person. You must describe your request in enough detail to allow us to properly evaluate and respond to your request.
If we cannot verify your identity or verify the authenticity of your representative then we will be unable to respond to your request. You do not need an account with us in order to submit a consumer request. We will limit the use of any information provided in relation to verifying a consumer request for verification purposes only.
Timing
We will work to respond to a verified consumer request within 45 days of receipt of the request. We may reasonably require additional time to comply with your request. In such a case, we will notify you in writing within the initial 45 day period that we require additional time (up to 90 days where necessary). If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Disclosures will only cover the twelve-month period preceding your request. Where necessary, we will explain the reasons we cannot comply with a request. For data portability requests, we will select a format to provide your Personal Information that is readily useable and transferable.
We do not normally charge a fee for processing or responding to verifiable consumer requests. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Non-Discrimination
We will not discriminate against you for exercising any of your rights under the CCPA. Unless permitted by the CCPA, we will not:
Payactiv reserves the right to amend the CCPA Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended CCPA Privacy Notice on this website. Changes to this CCPA Privacy Notice are effective when they are posted on this page. When we change the policy in a material manner we will let you know by updating the “Effective Date” at the top of this page.
If you have any questions or comments about this Privacy Notice for California Consumers please contact us by email at [email protected] and please note you are writing about “–CCPA Privacy Notice” in the subject or body of the email, or by postal mail at:
Payactiv, Inc.
4880 Stevens Creek Blvd. Suite 102
San Jose, CA 95129
Privacy Shield
Payactiv complies with the EU-U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Payactiv has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
Payactiv is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield, Payactiv is potentially liable.
In compliance with the Privacy Shield Principles, Payactiv commits to resolve complaints about our collection or use of your personal information. EU residents with inquiries or complaints regarding our Privacy Shield policy should first contact Payactiv by email at [email protected] and note you are writing about “Privacy Shield Inquiry” in the subject or body of the email or by postal mail sent to:
Payactiv, Inc.
Attn: Privacy Shield Inquiry
4880 Stevens Creek Blvd., Suite 102
San Jose, CA 95129
Payactiv has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States to assist with the complaint resolution process. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.
Payactiv is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield Principles outlined in this Privacy Policy.
© 2022 Payactiv, Inc. All Rights Reserved
* The Payactiv Visa Prepaid Card is issued by Central Bank of Kansas City, Member FDIC, pursuant to a license from Visa U.S.A. Inc. Certain fees, terms, and conditions are associated with the approval, maintenance, and use of the Card. You should consult your Cardholder Agreement and the Fee Schedule at payactiv.com/card411. If you have questions regarding the Card or such fees, terms, and conditions, you can contact us toll-free at 877-747-5862, 24 hours a day, 7 days a week.
** Central Bank of Kansas City is the issuer of the Payactiv Visa Prepaid Card only and does not administer, endorse, nor is liable for the Payctiv App.
1 Standard rates for data and messaging may apply from your wireless provider.
Google Play and the Google Play logo are trademarks of Google LLC.
Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc., registered in the U.S. and other countries.