On January 16, 2018, Worldpay, Inc., (formerly Vantiv, Inc.) acquired Worldpay Group Plc and its subsidiaries to form the new Worldpay group of companies (together “Worldpay”). Worldpay includes within its group, Worldpay (UK) Limited, Worldpay Limited, Worldpay BV, Worldpay AP Limited, Worldpay LLC (formerly Vantiv LLC), Worldpay eCommerce, LLC (“Worldpay eCommerce”), formerly Vantiv eCommerce, LLC, Worldpay Integrated Payments, LLC (formerly Vantiv Integrated Payments, LLC), and Paymetric, Inc. (“Paymetric”).
Personal Information and Personal Data are terms used in this Privacy Notice, both of which refer to any information relating to an identified or identifiable individual. Worldpay is committed to ensuring that it collects, uses, shares and otherwise processes Personal Information in accordance with this notice. This includes, in relation to a customer or prospective or former customer of Worldpay (including individuals who maintain a card with one of our financial institution clients), any sole trader and any principals, including the managing and financial directors, any other directors and officers, shareholders, partners and beneficial owners of a customer as well as any member of staff accessing or using the Worldpay Services on behalf of a customer.
When Worldpay uses the word ‘card’ in this notice, it applies to all payment methods and types and not simply those involving a physical card; and use of the term ‘cardholder’ applies to any shopper or individual whose payment transactions may be processed.
Worldpay’s global headquarters is based in Cincinnati, Ohio, United States, and its international headquarters is based in London, United Kingdom. Worldpay has appointed a Data Protection Officer for you to contact if you have any questions or concerns about Worldpay’s Personal Information policies or practices. Worldpay’s Data Protection Officer and contact information are as follows:
Data Protection Officer
The Walbrook building
Email: [email protected]
Worldpay collects Personal Information relating to cardholders, merchants or other customers, suppliers and other business partners in order to carry out its business activities. Worldpay may collect Personal Information from various sources, including:
This Personal Information may include:
Worldpay uses Personal Information internally in relation to its main processing activities, which are categorized as follows:
Worldpay uses Personal Information for purposes that are appropriate, based on legitimate interests or as authorized by applicable law. These purposes may include:
Worldpay may share Personal Information with members of our corporate family, which means our subsidiaries and our ultimate holding company and its subsidiaries. We may also share Personal Information with Worldpay-approved third parties for lawful purposes, such as legal and regulatory purposes, in order to deliver and develop our and our partners’ business products and services, and in relation to mergers and acquisitions.
Before we share Personal Information, we ensure there are adequate safeguards in place to protect the processing of that data. Except where permitted, Worldpay does not sell, rent, share or otherwise disclose Personal Information to third parties for the third party’s commercial purposes.
Worldpay does not disclose information that could identify you personally to anyone, except as described in this notice, including, but not limited to:
Worldpay may disclose Personal Information to third parties for the following purposes:
Where Worldpay uses and/or discloses confidential or cardholder transactional data for preparing and furnishing compilations, analyses and other reports of aggregated information and anonymized information, it will do so provided it has taken reasonable measures to avoid identifying any customer of Worldpay other than the customer whose transactions were involved in the preparation of any compilation, analysis or other report. This data may be used for statistical, analytic, and administrative purposes, including for customizing our Sites and Services, analyzing trends, tailoring products and services, or conducting risk and cost analysis.
Worldpay’s websites use “cookies” and other technologies, which store small amounts of information on your computer or device to allow certain information from your web browser to be collected.
Cookies (and similar technologies) are widely used on the internet and allow a website/portal to recognize a user’s device, without uniquely identifying the individual person using the computer.
For more information about cookies, including how to see what cookies have been set and how to manage, block and delete them, see www.allaboutcookies.org and Worldpay’s Cookies Policy. You may also be able to configure your browser not to accept cookies, although please note this may affect your ability to use the services Worldpay provides.
Worldpay respects the privacy of children and encourages all parents to supervise their children’s computer usage. We do not knowingly collect or retain Personal Information from children under the age of 18. To learn more about the Children’s Online Privacy Protect Act (COPPA) please visit the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/children's-privacy.
Cookies (and similar technologies) are widely used on the internet and allow a website/portal to recognise a user’s device, without uniquely identifying the individual person using the computer. These technologies help to make it easier for you to log on and use the website, provide feedback to Worldpay as to which parts of the website you visit or viewing preferences from a previous use of our website when you return to our website, so Worldpay can assess the effectiveness of the website or communication, to provide a better user experience or to serve Worldpay advertisements to you while browsing other websites. Worldpay may also use the aggregate information from these technologies to research and understand how the Sites and Services are used.
Some web browsers may send out ‘do not track’ signals. There is no industry standard currently in place as to what websites and other online services should do upon receipt of such signals. Should such a standard be developed, Worldpay will re-visit its notice, but currently takes no action upon receipt of such signals.
Worldpay may offer certain features that are only available through the use of tracking technologies. Temporary cookies are used to enable you to navigate our site and use its features. These are deleted when you close your browser. IP addresses are used in conjunction with cookies for the purpose of “remembering” computers or other devices used to access our site.
Analytical or performance cookies collect anonymous information about how visitors use our websites. They allow us to analyse information such as the count of visitors to our websites, what search terms our visitors are using, what pages are viewed, and the last page visited. This information is based on the visitor’s IP address, and we cannot view individual activity tied to a single person.
Under this notice, information collected by cookies and similar technologies are dealt with as Non-Personal Information. To the extent that Internet Protocol (IP) addresses (or similar identifiers) are clearly defined to be Personal Information under any local law and where such local law is applicable to Worldpay Services, Worldpay will manage such identifiers as Personal Information.
Worldpay’s websites may also contain links to and from third party websites, including those of partner networks, advertisers and affiliates. If you follow such a link or if you post information or content, such as commenting on content or participating in online forums or communities, or when you interact with our websites through social media sites, plug-ins or other applications, depending on your privacy settings, this information may become public on the Internet. Please note that these websites have their own privacy notices and cookies policies, and Worldpay does not accept any responsibility or liability for these third party websites.
If our websites link through to third party websites, those processes may involve the placement of third party cookies on your machine or device. Please be aware that we do not control these third party websites or any of the content contained on those websites, including the third-party cookies used for these purposes. The inclusion of links to third party websites in no way constitutes an endorsement by us of such websites’ content, actions, or policies.
We may also, from time to time, partner with ad networks and other online advertising providers in order to serve ads on behalf of us or other non-affiliated parties on our websites and across the Internet. These ads may be presented to you based on products and services the advertising providers think are relevant to your interests. These preferences may be inferred based on information collected about your browsing behavior on our websites and other non-affiliated websites and apps across time. We adhere to the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Principles. To learn more about, or opt-out of, this type of advertising from participants in the DAA, you can visit www.aboutads.info.
Worldpay has its global headquarters in Cincinnati, Ohio, United States, and its international headquarters in London, United Kingdom. Information Worldpay collects from you may be transferred, stored and processed in a country different from where the data was collected or outside of the European Economic Area (“EEA”), for example, data collected from within the EEA may be stored or processed in the United States or data collected from the United States may be stored or processed in India or Asia Pacific (Philippines).
Worldpay eCommerce complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data received from the European Union (EU) and Switzerland to the United States. Please click here to view our Worldpay eCommerce Privacy Shield Policy.
Paymetric complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data received from the European Union (EU) to the United States. Please here to view our Paymetric Privacy Shield Policy.
By using our Worldpay Sites and Services, you are permitting the transfer of Personal Information to Worldpay in the United States, which has different data protection laws that the EU and Switzerland have not deemed equivalent to those in EU member countries and Switzerland. The transfer of information will often be in furtherance of a contract to which you are a party. In other cases, the transfer of information will be consistent with the legitimate interests of Worldpay eCommerce. In other cases, we rely on your consent to the transfer of this information for the uses described in our Privacy Shield Policies and in this Privacy Notice to the extent permitted by EU and Swiss laws.
Worldpay or such other third party service providers may also process payments through other financial institutions. These external organizations may process and store your Personal Information abroad and Worldpay may have to disclose your information to foreign authorities to help them in their fight against crime and terrorism. Where these organizations are based outside the EEA and Switzerland, your Personal Information may not be protected to the same standards.
Worldpay also provides contact center services outside of the EEA and Switzerland.
Under the EU’s General Data Protection Regulation, individuals located in Europe are able to exercise rights regarding their Personal Information. You can find a more detailed summary of these rights on the ICO’s website here. These rights include:
If access cannot be provided within a reasonable time frame, Worldpay will provide you with a date when the information will be provided. If for some reason access is denied, Worldpay will provide an explanation as to why access has been denied.
Individuals in Andorra, Argentina, Australia, Canada, Faroe Islands, Guernsey, Hong Kong, Israel, Isle of Man, Japan, Jersey, Mexico, New Zealand, Singapore, South Korea, Switzerland, Uruguay, and certain other jurisdictions may also exercise these or similar rights.
California’s “Shine The Light” law permits California residents free of charge to annually request and obtain a list of certain categories of Personal Information disclosed to third- parties for direct marketing purposes in the preceding calendar year and the names and addresses of such third parties and such further information sufficient to give the customer a reasonable indication of the nature of the third parties' business. Please send any such request to the contact address below, and Worldpay will respond within 30 days.
The laws of other territories applicable to your dealings with Worldpay may also be relevant (and may also impact the above rights). Any such rights can be progressed through our customer services center or via the ‘contact us’ section below. However, all cardholder requests must first be directed to the relevant customer. Worldpay will assist customers with such requests accordingly.
Worldpay works to maintain your confidence and trust in us and has therefore implemented physical, technical, and administrative measures designed to secure Personal Information from accidental loss, unauthorized access, use, alteration and disclosure. However, the safety and security of your information is also dependent upon you. We store and process your information on our servers located within the United Kingdom and the United States and use other computing facilities around the globe.
Where Worldpay has given you (or where you have chosen) a password or access code which enables you to access certain parts of Worldpay’s website/portal or mobile applications and similar, you are responsible for keeping this password and/or access code confidential. You should not share your password or access code with anyone and you should use all reasonable methods to ensure that there is no unauthorized use. You therefore authorize Worldpay to act upon instructions and information received from any person that enters your user ID and password and you agree to be fully responsible for all use and any actions that may take place during the use of your account. You also agree to promptly notify Worldpay of any information you have provided which has changed.
Unfortunately, the transmission of information via the internet is not completely secure. Although Worldpay will take reasonable steps to protect your Personal Information, Worldpay cannot guarantee the security of your data transmitted to Worldpay’s site; any transmission is at your own risk.
Worldpay maintains security standards that are designed to protect your information as it is transmitted from your computer to our network. This technology is called Secure Socket Layer (SSL). SSL is a leading security protocol for data transfer on the Internet and helps to protect the safety and confidentiality of your online banking information.
You have a role in helping Worldpay by safeguarding your information from others. You have several options when deciding how you can best protect your Personal Information. One option is simply not to volunteer it. The Federal Trade Commission’s websites (www.ftc.gov, www.ftc.gov/idtheft, and www.onguardonline.gov) offer useful information about how to protect your Personal Information.
Worldpay will store Personal Information only for the greater of as long as necessary to achieve the purposes for which it was collected and applicable law. Retention periods for transaction and other data categories may vary, depending on our obligations. For example, legal and regulatory compliance with anti-money laundering (AML) and KYC requirements, operational demands, business requirements or dates we assigned based on contracts will also need to be taken into account, and may require retention for a period of up to 7 years after the data was collected or after the merchant or other customer relationship has ended.
Worldpay may, from time to time, make changes to this Privacy Notice. If any material changes are made as to how Worldpay treat Personal Information, you will be notified through this notice on Worldpay’s Sites and Services.
The date the Privacy Notice was last modified is at the bottom of the page. You are responsible for ensuring you periodically visit our Sites and Services and Privacy Notice to check for any changes. By continuing to use Worldpay Services, you agree to the changes in this Privacy Notice.
This notice is global in scope, but is not intended to override any legal rights in any territory where such rights prevail. In such event, the rights and obligations set out in this Privacy Notice will apply, subject only to amendment under any applicable local law having precedence.
All comments, queries and requests relating to Worldpay’s use of Personal Information are welcomed. Please contact Worldpay’s Data Protection Officer:
Data Protection Officer
The Walbrook building
If you are in the United Kingdom and have any queries or complaints about the processing of your Personal Information, you can also contact the Information Commissioner’s Office here.
If you are in the United States and have any queries or complaints about the processing of your Personal Information, you can also contact the Federal Trade Commission here.