PapiPay Privacy Policy

PapiPay App Privacy Policy

This privacy policy ("Privacy Policy”) describes how 111 Papipay Operating, LLC (“PapiPay”, “we”, “us” or “our”) collects, uses, transmits, stores, shares and protects the personally identifiable information (“Personal Information” as further defined below) that you (“User”, “you” or “your”) may provide through the PapiPay website, software applications, mobile application, loyalty or rewards program and any other of its products or services (collectively, the “App” or “Digital Services”). The Policy also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

PapiPay does not require all users of the Digital Services to register with or provide information to PapiPay to view some portions of the Digital Services or send an inquiry to PapiPay. Certain information contained in the Digital Services is available without supplying Personal Information. However, you must provide certain Personal Information to create a PapiPay account, use the PapiPay app (even if you do not create a PapiPay account, your geolocation information will be used for the store location function), purchase products or other offerings, participate in a loyalty or rewards program, receive certain communications or use certain other aspects of the Digital Services. In the event you affirmatively act to provide your information to PapiPay, to contact PapiPay, to request information via the Digital Services, email, or in person, purchase products or other offerings, or otherwise use the Digital Services, you agree to the terms of this Policy with respect to the collection and use of your Personal Information for PapiPay’s legitimate business interests and as set forth herein.

 

PLEASE READ THIS PRIVACY POLICY CAREFULLY. YOUR ACCESS TO AND USE OF ANY PART OF THE DIGITAL SERVICES CONSTITUTES YOUR EXPRESS AGREEMENT TO THE TERMS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, YOU MAY NOT ACCESS OR USE THE DIGITALSERVICES.
ACCEPTANCE OF TERMS. By using any part of the Digital Services, which is intentionally defined broadly, you agree to be bound by all of the terms of this Policy. If you have questions regarding this Policy, please contact PapiPay under the methods in the “Contacting Us” section below.
BY USING AND ACCESSING ANY PART OF THE DIGITAL SERVICES, YOU UNCONDITIONALLY AND EXPRESSLY ACKNOWLEDGE, REPRESENT AND AGREE THAT YOU: (I) HAVE READ AND UNDERSTAND THE TERMS OF THIS PRIVACY POLICY; (II) UNDERSTAND THAT YOU ARE BOUND BY THE TERMS OF THIS PRIVACY POLICY; (III) WILL COMPLY WITH THE TERMS OF THIS PRIVACY POLICY AND ANY APPLICABLE LAWS AND REGULATIONS; AND (IV) YOU WILL NOT CONTEST THE APPLICABILITY OR ENFORCEABILITY OF THIS PRIVACY POLICY.

Collection of Personal Information

We want you to understand the types of information we collect as you use the App. In this Privacy Policy, the term “Personal Information” means information which you knowingly provide to us which personally identifies you, such as your name, email address, location data or other data which can be reasonably linked to such information by us. We receive and store any information you knowingly provide to us when you use the App, complete any transactions, or fill any forms on the App. If you do not agree to our collection of this information, you may not be able to use our Service. If you create a PapiPay account, we may collect the following information from you:
  • Account Information - text-enabled cellular/wireless telephone number, machine or mobile device ID and other similar information.
  • Identification Information - your name, street address, email address, date of birth, and tax identification number (e.g., social security number) or other governmental issued verification numbers).
  • Device Information - information about you: (a) from your mobile device or computer such as your device type, machine or mobile device identification number, Geolocation Information, time zone, language setting, browser type, and IP address, and (b) from third parties for purposes of transaction processing, identity verification, fraud detection or prevention and other similar purposes. For fraud prevention purposes, we also may link your machine ID with the machines of others who use your same payment cards.
  • Geolocation Information - information that identifies with reasonable specificity your location by using, for instance, longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. We will collect this data for fraud and risk purposes. In addition, some of our digital services may ask you for permission to share your current location within your device settings to enhance our Digital Services. If you do not agree to our collection of Geolocation Information, our Digital Services may not function properly when you try to use them. For information about your ability to restrict the collection and use of Geolocation Information to enhance our Digital Services, please refer to the settings available in your device.
  • Financial Information - bank account online login information, bank account and routing numbers and credit cards or other payment information linked to your PapiPay account.
  • Transaction Information and History – transaction and order information and transaction and order history information linked to activity in your PapiPay account.
We are committed to providing a safe, secure service. Therefore, before permitting you to use the Digital Services, we may require additional information from you we can use to verify your identity, address or other information or to manage risk and compliance throughout our relationship. We may also obtain information about you from third parties such as identity verification, fraud prevention and similar services. When you are using the Digital Services, we collect information about your account transactions and we may collect geolocation information and/or information about your computer or other access device for fraud prevention and other similar purposes.
Finally, we may collect additional information from or about you in other ways not specifically described here. For example, we may collect information related to your contact with our customer support team or store results when you respond to a survey.

Collection of Non-Personal Information

When you visit the App, our servers automatically record non-personally identifiable information that your mobile device sends. This data may include information such as your device's IP address, mobile device ID, operating system type and version, language preferences, sections of our App that you visit, the time spent on those sections, information you search for in our App, access times and dates, and other statistics.

Use and Processing of Collected Information

Any of the information we collect from you may be used to run and operate our App and Digital Services; personalize your experience; improve our Digital Services; improve customer service and respond to queries and emails of our Users. We collect, share and use Personal Information about Users of and visitors to the Digital Services to manage relationships, comply with legal obligations and/or because we have a legitimate business interest to do so. We collect share and use such information to: (i) provide the Digital Services and support and enhance any functions, operations or offerings of the Digital Services; (ii) fulfill transaction requests or orders; (iii) provide geolocation services; (iv) provide advertising, discounts and promotions, including enhancing or targeting such activities; (v) operate and promote loyalty and rewards programs; (vi) provide information about PapiPay and its products and services; (vii) learn more about our User’s preferences; (viii) enhance, personalize and support the User experience with the Digital Services; (ix) communicate with you; (x) analyze the traffic and other metrics of the Digital Services; (xi) for identification verification and fraud prevention purposes; and (xii) assist law enforcement and respond to legal and regulatory inquiries. We do not store such personal information, unless required by law. Any statistical information is not otherwise aggregated in such a way that would identify any particular User of the Digital Services.
We may process Personal Information related to you if one of the following applies: (i) you have given your consent for one or more specific purposes (note that under some applicable laws we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below); (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary to comply with any applicable law and assist law enforcement agencies under any applicable law, when we have a good faith belief that our cooperation with the law enforcement agencies is legally mandated or meets the applicable legal standards and procedures; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party; (vi) to detect abuse and illegal activity, fraud, misappropriation, infringements, identity theft and other illegal activities and misuse of the Digital Services; (vii) to take any action in any case of dispute, or legal proceeding of any kind between you and the Digital Services, or between you and other Users or third parties with respect to, or in relation with the Digital Services; and (viii) to help improve the safety and reliability of our Digital Services, including detecting, preventing, and responding to security risks, and technical issues that could harm us, our users, or the public.

Sharing Information (Including Your Personal Information)

Users may choose to share Personal Information such as name, age, gender, picture and other information, including certain financial information. This information may be shared directly to the Digital Services and to other Users. This information may also be shared via third-party services (such as social networks) which interact with the Digital Services upon such User’s choice.
In addition, you can select the optional “Link Members” feature in the App that allows you to link your PapiPay account to another PapiPay user’s App account if that other PapiPay user approves your request to link App accounts. When your App account is linked to another PapiPay user’s account, certain of your Personal Information and App account information will be shared with other PapiPay accounts that you approve becoming linked to.
You can decide whether or not to upload content to the Digital Services. However, any content that you choose to share and submit for posting is neither private nor confidential and you should expect that it may be made public and known to others. Information you choose to upload may be posted along with your User name and other information including Personal Information you attached to your publicly available User profile. At the very least you should demonstrate the same degree of caution as when publishing Personal Information by means other than the Internet and cellular services (e.g. such as to social media sites).
We take commercially reasonable measures to provide you with the best experience you can have while using the Digital Services. However, we have no control over the conduct of any other user and disclaim all liability in this regard. App users are advised to carefully and thoroughly consider whether or not to make public or available any information, including Personal Information, and carefully examine all necessary details related to any communication with other users prior to any engagement or communication being made.
Participating in any activities as a result, directly or indirectly, from using the Digital Services, is entirely at your own risk. We are not a party to any agreement entered into between users and merchants in any circumstances. The User has the sole and ultimate responsibility regarding compliance with all laws, regulations or any other duty. PapiPay has no liability for any loss, damage, cost or expense that you may suffer or incur as a result of or in connection with your participation in any activity or event initiated, held or conducted by another User or a third party nor in connection to any agreement between the users or third parties, including any activity or event related in any way, directly or indirectly, the Digital Services or the use thereof.

Marketing

PapiPay may send marketing messages or communications and offers to you and other App users, including email messages, push notifications, and messages through the PapiPay App. Users are free to opt out of any such marketing communications and offers at any time by following the opt-out instructions set forth in the relevant communication and offers and/or by changing the notification settings in the App. If you opt out of marketing communications, you may still receive certain notifications in relation to the App.

Information Transfer and Storage

We will transfer or otherwise disclose the information we collect in the App to our employees, independent contractors, and third-party suppliers if (i) the disclosure will enable that party to perform a business, professional, or technical support function for us, (ii) the disclosure will enable us to prevent or mitigate fraud, or (iii) we reasonably believe we are required to do so by law. We do not knowingly allow these employees, independent contractors or third-party suppliers to use this information or to share it for any purpose other than to provide services on our behalf. We will also transfer or otherwise disclose Personal Information in response to judicial or similar process, to comply with legal requirements, and, as permitted under provisions of law, to provide information to law enforcement agencies or in connection with an investigation on a matter related to public safety. We may also use your Personal Information as permitted by law to protect our rights or property, the App, or its Users.
Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. If any such transfer takes place, you can find out more by checking the relevant sections of this document or inquire with us using the information provided in the contact section.
We will only retain your Personal Information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. Unless necessary to comply with applicable law, Personal Information will not be stored or retained for longer than 12 months after you delete the App. If we anonymize your Personal Information (so that it can no longer be associated with you), we may use and retain this information indefinitely without further notice to you.
In some cases, we may choose to buy, sell or otherwise transfer assets. In these types of transactions, Personal Information of App users is typically one of the business assets that is transferred. Moreover, when all, or substantially all of our assets, are acquired or otherwise transferred, your Personal Information would be one of the assets that is reviewed and transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of or recipient of our assets, including, but not limited to our App, may continue to use your Personal Information for the purposes for which it was supplied by you.

The Rights of Users

You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following:
  1. you have the right to withdraw consent where you have previously given your consent to the processing of your information;
  2. you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent;
  3. you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing;
  4. you have the right to verify the accuracy of your information and ask for it to be updated or corrected;
  5. you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; and
  6. you have the right to receive your information in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another data controller that you designate without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.

The Right to Object to Processing

Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us, or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. Should your Personal Information be processed for direct marketing purposes, you can object to that processing at any time without providing any justification.

How to Exercise These Rights

Any requests to exercise User rights can be directed to us through the contact details provided in this Privacy Policy. These requests can be exercised free of charge and will be addressed by us as early as possible and always within one month. In order to withdraw consent, you are required to uninstall the App.

Privacy of Children

We do not knowingly collect any Personal Information from children or anyone under the age of 18. We encourage parents and legal guardians to help enforce this Policy by instructing their children never to provide Personal Information through our App or Digital Services without their permission. If you have reason to believe that a person under the age of 18 has provided Personal Information to us through our App or Digital Services, please contact us immediately. You must also be at least 18 years of age to consent to the processing of your Personal Information.

Cookies

The App may use “cookies” to help personalize your online experience. A cookie is a text file that is placed on your device. Cookies cannot be used to run programs or deliver viruses to your mobile device. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. We may use cookies to collect, store, and track information for statistical purposes to operate the App and Digital Services. You have the ability to accept or decline cookies through the settings on your mobile device. If you choose to decline cookies, you may not be able to fully experience the features of the App and Digital Services. To learn more about cookies and how to manage them, visit internetcookies.com.

Links to Other Apps or Websites

Our Digital Services contain links to other apps and websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other apps, websites or third parties. We encourage you to be aware when you leave our App and to read the privacy statements of each and every website that may collect Personal Information.

Information Security

We secure information you provide on our information systems in a controlled, secure environment, where we undertake reasonable efforts to protect such information from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet and mobile device networks which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and our App cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third-party, despite commercially reasonable efforts.

Data Breach

In the event we become aware that the security of the App has been compromised or that users’ Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we may post a notice on the App.

Legal Disclosure

We will disclose any information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Changes and Amendments

We reserve the right to modify this Policy relating to the App or Digital Services at any time,as permitted by applicable law, effective upon posting of an updated version of this Policy within the App. When we make such updates or amendments, we will revise the effective date of this Policy. Continued use of the App and our Digital Services after any such changes shall constitute your consent to such changes. If you do not agree to the new terms, you may terminate your account by contacting us at [email protected].

Governing Law and Jurisdiction

Your use of the Digital Services and the relationship between PapiPay, its parents, subsidiaries, partners, affiliates, officers, directors, employees, agents, partners and licensors(collectively, the “PapiPay Parties”) and you relating to PapiPay’s practices and performance under this Privacy Policy and any dispute, claim or controversy arising out of or relating to this Privacy policy or the breach, enforcement, interpretation, or validity thereof, shall be governed by the laws of the State of Texas without regard to its conflict of laws principles. You and PapiPay agree to submit to the personal and exclusive jurisdiction of the courts located within Dallas County, Texas to resolve any claims or disputes arising in connection with this Agreement and your use of the Digital Services.

Waiver of Jury Trial; Class Action

To the fullest extent permitted by law, you and PapiPay expressly and irrevocably waive any right to trial by jury in any legal proceeding directly or indirectly arising out of or relating to this Privacy Policy. BY YOUR ACCEPTANCE OF THESE TERMS, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, YOU AGREE THAT ANY CLAIMS OR DISPUTES ARISING UNDER THIS PRIVACY POLICY SHALL BE BROUGHT ONLY ON AN INDIVIDUAL BASIS AND NOT AS A PLAINTIFF OR CLASS MEMBER IN ANY PURPORTED CLASS.

Contacting Us

If you have any questions about this Policy, or if you believe that your privacy has been compromised in the course of using the Digital Services, please contact us at [email protected].

CALIFORNIA PRIVACY NOTICE

Last updated: August 2021

Notice of Collection and Use of Personal Information

We may collect the following categories of personal information about you:
  • Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number; telephone number and other forms of persistent or probabilistic identifiers), online identifier, Internet protocol address, email address, account name, and other similar identifiers.
  • Additional Data Subject to Cal. Civ. Code § 1798.80: signature, credit card number, debit card number, and other financial information.
  • Protected Classifications: characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status.
  • Commercial Information: commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies.
  • Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements.
  • Geolocation Data: information that can be used to identify an electronic device’s physical location.
  • Sensory Information: audio, electronic, visual, and similar information.
  • Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, predispositions, behavior, and attitudes.
We may use your personal information for the purposes described in the PapiPay Privacy Policy and for the following business purposes specified in the CCPA:
  • Performing services, including maintaining or servicing accounts, providing customer service, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services.
  • Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
  • Debugging to identify and repair errors that impair existing intended functionality.•Undertaking internal research for technological development and demonstration.
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.

Sharing of Personal Information

We may disclose the following categories of personal information about you for a business purpose to the following categories of third parties:

Category of Third Party

Our Affiliates and Subsidiaries

Category of Personal Information

  • Identifiers
  • Additional Data Subject to Cal. Civ. Code § 1798.80
  • Commercial Information
  • Online Activity
  • Geolocation Data
  • Sensory Information
  • Inferences

Category of Third Party

Our Service Providers

Category of Personal Information

  • Identifiers
  • Additional Data Subject to Cal. Civ. Code § 1798.80
  • Commercial Information
  • Online Activity
  • Geolocation Data
  • Sensory Information
  • Inferences

Category of Third Party

Our Business Partners

Category of Personal Information

  • Identifiers
  • Additional Data Subject to Cal. Civ. Code § 1798.80
  • Commercial Information
  • Online Activity
  • Geolocation Data
  • Sensory Information
  • Inferences

Category of Third Party

Data Analytics Providers

Category of Personal Information

  • Identifiers
  • Commercial Information
  • Online Activity
  • Geolocation Data
  • Inferences

Category of Third Party

Government Entities

Category of Personal Information

  • Identifiers
  • Additional Data Subject to Cal. Civ. Code § 1798.80
  • Commercial Information
  • Online Activity
  • Geolocation Data
  • Sensory Information
  • Inferences

California Consumer Privacy Rights

 
California residents may have certain rights pursuant to the CCPA, as described below.
  • Right to Delete: You have the right to request that we delete certain personal information we collected from you. Please email us at [email protected].
  • Right to Know: You have the right to request, twice in a 12-month period, a report that details the categories of personal information collected about you, the categories of sources from which the personal information is collected, the purposes for collecting the personal information, the categories of third parties which whom we share the personal information and the specific pieces of personal information collected about you over the past 12 months. To exercise this right, please email us at [email protected].

Verifying Requests. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request. If you request access to or deletion of your personal information, we may require you to provide any of the following information: name, phone Number, and email address. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.

Additional Information. We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or other record-keeping purposes and to process transactions and facilitate customer requests. If you choose to exercise any of your rights under the CCPA, you have the right to not receive discriminatory treatment by us, though we may not be able to provide some services to you without such information. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.