Privacy Policy

Hyperwallet Privacy Policy

Effective Date: June 28, 2019

I. Overview

PayPal, Inc. developed this Privacy Policy to explain how Hyperwallet Systems Inc. (“HWCA”), HSI USA Inc. (“HWUS”), Hyperwallet Systems Europe Limited (“HWEU”), Hyperwallet Australia Pty Ltd (“HWAU”) and members of the PayPal group of companies (collectively, “Hyperwallet” “we,” “us,” or “our”) may collect, Process, share, store, and transfer Your Personal Data that You provide when You visit the Sites, access the Services and any other Site as a visitor or User (collectively, “Hyperwallet Services”). For the purpose of the data protection regulations applicable in the EEA and the UK, the data controller is Hyperwallet Systems Europe Limited registered in England and Wales, no. 10215249, with a registered office at 247 Tottenham Court Rd., London, W1T 7QZ or PayPal (Europe) S.à r.l. et Cie, S.C.A. (R.C.S. Luxembourg B 118 349), a duly licensed Luxembourg credit institution in the sense of Article 2 of the law of 5 April 1993 on the financial sector, as amended, and under the prudential supervision of the Luxembourg supervisory authority, the Commission de Surveillance du Secteur Financier.

This Privacy Policy is designed to help You obtain information about our privacy practices and to help You understand Your privacy choices when You use our Sites and Services. Please note that our Service offerings may vary by region.

In this Privacy Policy, we sometimes refer to “You” or “Your.” “You” mostly refers to a Payee; however, “You” may also refer to a visitor to our Sites, a Payor, a third-party service provider, or an employee — all of whom are subject to this Privacy Policy.

The Sites and Services are operated by Hyperwallet for Payors or on behalf of Payors, respectively.

We have defined some terms that we use throughout the Privacy Policy. You can find the meaning of a capitalized term in the Definitions section.

Please contact us if You have questions about our privacy practices that are not addressed in this Privacy Policy.

II. What Personal Data Do We Collect?

The Hyperwallet Sites are where You can learn more about the Services.

We collect Personal Data about our business customers (each a “Payor”) and their designated payees (each a “Payee”) when they use the Sites or the Services. We also collect information about the third-party service providers who we engage to help us provide the Services, as well as information about our employees.

We collect information about You that You provide to us when You access or use the Sites or Service. This information may include Your name, nationality, home address, telephone number, personal e-mail address, Your forwarding address (e.g. during a vacation), previous address(es), billing and account information (such as credit or debit card number, or bank account number), Your mailing preferences, delivery instructions, transaction history, IP address, and service preferences, as well as other information defined as non-public or private information about You pursuant to applicable law.

III. How do We Retain Personal Data?

We retain Personal Data in an identifiable format for the least amount of time necessary to fulfill our legal or regulatory obligations and for our business purposes. We may retain Personal Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law. We will continue to use and disclose such Personal Data in accordance with this Privacy Policy.

IV. How Do We Process Personal Data?

We may Process Your information for the following reasons:

  • To operate the Sites and provide the Services, such as to evaluate a Payor’s application to use our Services or to establish Your identity for compliance purposes, authenticate Your access to Your Account; and to process payment transactions on a Payor’s behalf;
  • To manage our business needs, such as monitoring, analyzing, and improving the Services and the Sites’ performance and functionality.
  • To manage risk and protect the Sites, the Services and You from fraud by verifying Your identity and helping to detect and prevent fraud and abuse of the Sites or Services.
  • To market to Payors by delivering marketing materials about Services.
  • To provide You with location-specific options, functionality or offers if You elect to share Your Geolocation Information through the Services. We will use this information to enhance the security of the Sites and Services and provide You with location-based Services, such as advertising, search results, and other personalized content.
  • To comply with our obligations and to enforce the terms of our Sites and Services, including to comply with all applicable laws and regulations.
  • For the performance of a contract, such as where necessary to carry out payment services.
  • For our legitimate interests:
    • to enforce the terms of our Sites and Services;
    • manage our everyday business needs; and
    • provide aggregated and anonymized statistical data to third parties, including other businesses and members of the public, about how, when, and why Users visit our Sites and use our Services;
  • With Your consent: to respond to Your requests, for example, to contact You about a question You submitted to our customer service team. You can withdraw Your consent at any time and free of charge.

We may also use information that we collect in aggregate form to further develop and improve the Sites and Services, and for our own business analyses that will allow us to make informed decisions.

V. Do We Share Personal Data?

We may share personal data or other information about You with others for the following reasons:

With other members of the Hyperwallet corporate family: We may share Your Personal Data with members of the Hyperwallet family of entities, including PayPal, to among other things, provide the Services You have requested or authorized; to manage risk; to help detect and prevent potentially illegal and fraudulent acts and other violations of our policies and agreements; and to help us manage the availability and connectivity of products, Services, and communications.

With Payors. We will share Your Personal Data with Payors for processing payments and transactions or as legally required. You should consult with Your Payor to learn how Your Payor uses any Personal Data, as we have no control over Personal Data once it is disclosed to Your Payor.

With other companies that provide services to us. We may share Personal Data with third-party service providers who assist us in managing, administering or delivering the Site or providing the Services.

With the other parties to transactions when You use the Services: We may share information with the other participants to Your transactions, including:

  • Personal Data necessary to facilitate the transaction; and
  • information to help other participant(s) resolve disputes and detect and prevent fraud, for example we may report device information, including if we conclude that a device has been used in connection with a fraudulent or abusive transaction with us.

With other third parties for our business purposes or as permitted or required by law: We may share information about You with other parties for Hyperwallet’s business purposes or as permitted or required by law, including:

  • For the performance of a contract, such as where necessary to carry out payment services;
  • if we need to do so to comply with a law, legal process or regulations;
  • to law enforcement authorities or government officials, or other third parties pursuant to a subpoena, a court order or other legal process or requirement applicable to Hyperwallet or Hyperwallet’s corporate family:
  • if we believe, in our sole discretion, that the disclosure of Personal Data is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
  • To protect the vital interests of a person;
  • To investigate violations of or enforce a user agreement or other legal Terms applicable to any Service;
  • to protect our property, Services and legal rights;
  • to facilitate a purchase or sale of all or part of Hyperwallet’s business;
  • to help assess and manage risk and prevent fraud against us, our Users and fraud involving our Sites or use of our Services, including fraud that occurs at or involves our business partners or other individuals;
  • to companies that we plan to merge with or be acquired by; and
  • to support our audit, compliance, and corporate governance functions.

With Your consent: We also will share Your Personal Data and other information with Your consent or direction.

VI. International Transfers

Our operations are supported by a network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. We and our third-party service providers store and Process Your Personal Data in Canada and the United States and may be stored and processed in any other country where we have service providers or in the country where Your Payor is located. We will protect Your information as described in this Privacy Policy if Your Personal Data is transferred to other countries. Personal Data is transferred to other countries, including countries that have different data protection rules than Your country.

VII. How do we use Cookies and Tracking Technologies?

When You use the Site or interact with the Services, we may use cookies and other tracking technologies (collectively, “Cookies”) to collect non-personal data. Cookies are small text files (typically made up of letters and numbers) placed in the memory of Your browser or device when You visit a website or view a message. Cookies allow a website to recognize a particular device or browser.

Our Cookies and similar technologies have different functions. We may use cookies or other technologies that are necessary to the operation of our Sites, Services, applications, and tools. This includes technologies that allow You access to our Sites, Services, applications, and tools; that are required to identify irregular site behavior, prevent fraudulent activity, facilitate transactions and improve security; or that allow You to make use of our functions. Certain aspects and features of our Services and Sites are only available through the use of Cookies, so if You choose to disable or decline Cookies through Your device or browser settings, Your use of the Sites and Services may be limited or not possible.

Where appropriate, security measures are set in place to prevent unauthorized access to our Cookies and similar technologies. A unique identifier ensures that only we and/or our authorized service providers have access to Cookie data.

Service providers are companies that help us with various aspects of our business, such as Site operations, Services, applications, advertisements and tools. We may use some authorized service providers to help us to serve You relevant ads on our Services and other places on the internet. These service providers may also place Cookies on Your device via our Services (third-party Cookies). They may also collect information that helps them identify Your device, such as IP-address or other unique device identifiers.

VIII. What Privacy Choices Are Available To You?

Choices Relating to the Personal Data We Collect

You have the right to access the personal data we maintain about You. You are entitled to one copy of information free of charge; however, we may charge a reasonable fee if Your request is manifestly unfounded or excessive, particularly if it is repetitive.

In addition, You have the right to access and correct the data in certain instances, by logging into the Pay Portal or sending a detailed request to privacyofficer@hyperwallet.com; however, for security reasons, the best way to make a request is to do so while logged into the Pay Portal (Go to “Support,” select “Email” and complete the form for “Privacy Concerns”). Some of the Personal Data in Your profile may only be updated in Your Payor’s system. In such case, Your Payor may provide the information to us so that we may update Your profile in our systems. We reserve the right to charge a reasonable administrative fee where permitted by law.

Please note that if we do not collect or receive certain Personal Data from You, You may not be able to utilize the Services offered on the Sites or Service, including receipt of funds from the Payor.

Choices Relating to Cookies

You may have options available to manage Your cookies preferences. For example, Your browser or internet device may allow You to delete, disable, or block certain cookies and other tracking technologies. You can learn more by visiting AboutCookies.org. You may choose to enable these options but doing so may prevent You from using many of the core features and functions available on a Service or Site.

Choices Relating to Registration and Account Information

If You use our Services, You generally may review and edit Personal Data by logging in and updating the information directly or by contacting us. Contact privacyofficer@hyperwallet.com if You have questions about Your Account information or other Personal Data. Some of the Personal Data in Your profile may only be updated in Your Payor’s system.

Choices Relating to Communication

We may communicate with Payors (and related business contacts) about our Services. If You wish to unsubscribe from receiving e-mail marketing communications, please opt-out via the unsubscribe link included in such emails, and we will stop sending You communications.

We will send communications to You that are required or necessary to send to Users of our Services, notifications that contain important information and other communications that You request from us. You may not opt out of receiving these communications. However, You may be able to adjust the media and format through which You receive these notices.

IX. How Do We Protect Your Personal Data?

We maintain technical, physical, and administrative security measures designed to provide reasonable protection for Your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls. You should keep in mind that no Internet transmission is ever completely secure or error-free. In particular, e-mail sent between You and us may not be secure.

X. Can Children Use Our Services?

The Sites and Services are not directed to children under the age of 16. If we obtain actual knowledge that we have collected Personal Data from a child under the age of 16, we will promptly delete it, unless we are legally obligated to retain such data. Contact us if You believe that we have mistakenly or unintentionally collected information from a child under the age of 16.

XI. Specific provisions relating to EEA and UK Personal Data

  • What are Your Rights?

    Subject to limitations set out in data protection laws, You have certain rights in respect of Your Personal Data. In particular, You have a right of access, rectification, restriction, opposition, erasure and data portability. Please contact us at privacyofficer@hyperwallet.com if You wish to exercise these rights. If You wish to complete an access request to all Personal Data that Hyperwallet holds on You, please note that photo identity may be required to prove Your identity. If You have an Account with any of our Services, You generally can review and edit Personal Data in the Account by logging in and updating the information directly.

  • Transfers Outside the EEA and UK

    Personal data from the EEA and UK will only be transferred to countries considered as providing an adequate level of legal protection or to entities with suitable alternative safeguards in place, such as model clauses in the form approved by the European Commission, Binding Corporate Rules (available here) or participation in an applicable Privacy Shield Framework. Please see below for information about Hyperwallet’s participation in the in the EU-U.S. and Swiss-U.S. Privacy Shield frameworks.

  • EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

    Hyperwallet complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union (“EU”) and Switzerland to the United States, respectively. This commitment extends to personal data received from the United Kingdom in reliance on the Privacy Shield. Hyperwallet has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
    To learn more about the Privacy Shield program (“Privacy Shield”), and to view our certification (listed under HSI USA Inc.), please visit https://www.privacyshield.gov/.

    Hyperwallet’s participation in the Privacy Shield applies to Personal Data that is subject to this Privacy Policy (see Section 1 above) and is transferred from the European Union, UK or Switzerland to the United States. Hyperwallet will comply with the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability with respect to such Personal Data.

    We limit the collection and use of personal data to that which is necessary to administer our business, including to process payment transactions, protect against fraud, and provide customer service. We may disclose personal data to our third-party service providers, business partners, Payors, and others who assist us in providing our Services. Hyperwallet’s accountability for Personal Data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Hyperwallet may be liable with respect to the onward transfer to third parties of EU, UK and Swiss data subjects’ personal data received pursuant to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks, unless Hyperwallet proves that it is not responsible for the event giving rise to the damage.

    Additionally, Hyperwallet collects, uses and processes human resources data in the context of an employment relationship with its current employees, applicants and former employees in accordance with the Privacy Shield Principles. In connection with its human resources operations, Hyperwallet may now and/or in the future transfer or provide personal data regarding employees in the EU, UK and Switzerland to other countries where it operates, including the United States. Hyperwallet has further committed to cooperate with EU, Swiss and UK DPAs with regard to unresolved complaints concerning human resources data.

    Please note that in certain situations Hyperwallet may be required to disclose Personal Data if it is the subject of a lawful request by public authorities, including to meet national security or law enforcement requirements.

  • Banking Regulations Notice for EEA Payors

    This section applies to EEA Payors who have relationships with PayPal Europe. In general, the Luxembourg laws to which PayPal’s handling of user data is subject (data protection and bank secrecy) require a higher degree of transparency than most other EU laws. This is why, unlike the vast majority of providers of internet-based services or financial services in the EU, PayPal has listed in this Privacy Policy the third-party service providers and business partners to whom we may disclose Your data, together with the purpose of disclosure and type of information disclosed. You will find a link to those third parties here. By acknowledging this Privacy Policy and maintaining an account with PayPal, You expressly consent to the transfer of Your data to those third parties for the purposes listed.

    PayPal may update the list of third parties referred to above every quarter (January 1st, April 1st, July 1st and October 1st). PayPal will only start transferring any data to any of the new entities or for the new purposes or data types indicated in each update after 30 days from the date when that list is made public through this Privacy Policy. You should review the list each quarter on the PayPal website on the dates stated above. If You do not object to the new data disclosure, within 30 days after the publication of the updated list of third parties, You are deemed to have accepted the changes to the list and to this Privacy Policy. If You do not agree with the changes, You may close You account and stop using our services.

    In order to provide the PayPal Services, certain of the information we collect (as set out in this Privacy Policy) may be required to be transferred to other PayPal related companies or other entities, including those referred to in this section in their capacity as payment providers, payment processors or account holders (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities of the relevant country. Your use of the PayPal Services constitutes Your consent to our transfer of such information to provide You the PayPal Services.

    Specifically, Your consent to and direct PayPal to do any and all of the following with You information:

    1. Disclose necessary information to: the police and other law enforcement agencies; security forces; competent governmental, intergovernmental or supranational bodies; competent agencies, departments, regulatory authorities, self-regulatory authorities or organizations (including, without limitation, the Agencies referenced in the “Agencies” section of the Third Party Provider List here) and other third parties, including PayPal Group companies, that (i) we are legally compelled and permitted to comply with, including but without limitation the Luxembourg laws of 24 July 2015 on the US Foreign Account Tax Compliance Act (“FATCA Law”) and 18 December 2015 on the OECD common reporting standard (“CRS Law”); (ii) we have reason to believe it is appropriate for us to cooperate with in investigations of fraud or other illegal activity or potential illegal activity, or (iii) to conduct investigations of violations of our User Agreement (including without limitation, Your funding source or credit or debit card provider).

      If You are covered by the FATCA or CRS Law, we are required to give You notice of the information about You that we may transfer to various authorities. Please read more about PayPal’s obligations under the FATCA and CRS Law and how they could affect You as well as take note of the information we may disclose as result.

      We and other organizations, including parties that accept PayPal, may also share, access and use (including from other countries) necessary information (including, without limitation the information recorded by fraud prevention agencies) to help us and them assess and to manage risk (including, without limitation, to prevent fraud, money laundering and terrorist financing). Please contact us if You want to receive further details of the relevant fraud prevention agencies. For more information on these Agencies, fraud prevention agencies and other third parties, click here.

    2. Disclose Account Information to intellectual property right owners if under the applicable national law of an EU member state they have a claim against PayPal for an out-of-court information disclosure due to an infringement of their intellectual property rights for which PayPal Services have been used (for example, but without limitation, Sec. 19, para 2, sub-section 3 of the German Trademark Act or Sec. 101, para 2, sub-section 3 of the German Copyright Act).
    3. Disclose necessary information in response to the requirements of the credit card associations or a civil or criminal legal process.
    4. If You as a merchant use a third party to access or integrate PayPal, we may disclose to any such partner necessary information for the purpose of facilitating and maintaining such an arrangement (including, without limitation, the status of You PayPal integration, whether You have an active PayPal account and whether You may already be working with a different PayPal integration partner).
    5. Disclose necessary information to the payment processors, auditors, customer services providers, credit reference and fraud agencies, financial products providers, commercial partners, marketing and public relations companies, operational services providers, group companies, agencies, marketplaces and other third parties listed here. The purpose of this disclosure is to allow us to provide PayPal Services to You. We also set out in the list of third parties, under each ” Category”, non-exclusive examples of the actual third parties (which may include their assigns and successors) to whom we currently disclose Your Account Information or to whom we may consider disclosing Your Account Information, together with the purpose of doing so, and the actual information we disclose (except as explicitly stated, these third parties are limited by law or by contract from using the information for secondary purposes beyond the purposes for which the information was shared).
    6. Disclose necessary information to Your agent or legal representative (such as the holder of a power of attorney that You grant, or a guardian appointed for You).
    7. Disclose aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in Manchester. However, this aggregated information is not tied to personal information.
    8. Share necessary Account Information with unaffiliated third parties (listed here) for their use for the following purposes:
      1. Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk. For example, if You use the PayPal Services to buy or sell goods using eBay Inc, or its affiliates (“eBay”), we may share Account Information with eBay in order to help protect You accounts from fraudulent activity, alert You if we detect such fraudulent activity on You accounts, or evaluate credit risk.

        As part of our fraud prevention and risk management efforts, we also may share necessary Account Information with eBay in cases where PayPal has placed a hold or other restriction on Your account based on disputes, claims, chargebacks or other scenarios regarding the sale or purchase of goods. Also, as part of our fraud prevention and risk management efforts, we may share Account Information with eBay to enable them to operate their programmes for evaluating buyers or sellers.

      2. Customer Service: for customer service purposes, including to help service You accounts or resolve disputes (e.g., billing or transactional).
      3. Shipping: in connection with shipping and related services for purchases made using PayPal.
      4. Legal Compliance: to help them comply with anti-money laundering and counter-terrorist financing verification requirements.
      5. Service Providers: to enable service providers under contract with us to support our business operations, such as fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use Your information in connection with the services they perform for us and not for their own benefit.

XII. What Else Should You Know?

Links to Third-Party Websites

We are not responsible for the websites of third parties to which we provide links for Your convenience. We cannot endorse these websites or their privacy practices and this Privacy Policy does not apply to them. You should familiarize Yourself with the privacy policies provided by the owners of these third-party sites before submitting any Personal Data to them.

Changes to this Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes to our business, the Sites or Services, or applicable laws. The revised Privacy Policy will be effective as of the published effective date.

If the revised version includes a substantial change, we will provide You with advance notice by posting notice of the change on our website.

XIII. Contact Information

In compliance with applicable privacy laws, including the Privacy Shield Principles, Hyperwallet is committed to responding to concerns regarding our collection or use of Your Personal Data. For inquiries or complaints regarding this Privacy Policy You should first contact Hyperwallet and the Data Protection Officer at privacyofficer@hyperwallet.com or at PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg.

XIV. Supervisory Authority

For complaints by individuals residing in the EU, UK or Switzerland that cannot be resolved with Hyperwallet directly, Hyperwallet has chosen to cooperate with EU data protection authorities and the Swiss Federal Data Protection and Information Commissioner’s authority (collectively “DPAs”) and to comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please click here to be directed to the relevant EU DPA contacts and here for the Swiss DPA.

Hyperwallet is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Complaints from individuals residing in Australia that cannot be resolved with Hyperwallet directly can be sent to the Office of the Australian Information Commissioner (OAIC).

If You are not satisfied by the way in which we address Your concerns, You have the right to lodge a complaint with the Supervisory Authority for data protection in Your country.

If neither Hyperwallet nor the DPA resolves Your complaint, You may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

Definitions

Personal Data means any information that can be associated with an identified or identifiable person. “Personal Data” can include name, home address, telephone number, personal e-mail address, forwarding address (e.g. during a vacation), previous address(es), billing and account information (such as credit or debit card number, or bank account number), mailing preferences, delivery instructions, transaction history, IP address, and service preferences, as well as other information defined as non-public or private information pursuant to applicable law. Personal Data does not include information that does not identify a specific user.

Process describes any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.

Services means the online payment platform (“Pay Portal”), payment services and related functionality and technology.

Sites means the Hyperwallet websites, mobile apps, official social media platforms, or other online properties through which Hyperwallet offers the Services.

User means You or anyone else who has established a relationship with Hyperwallet or otherwise uses the Services or accesses the Sites.

Contact Information

Support

Canada /U.S.: 1-877-546-8220
U.K.: +44 800 041 8728
Australia: +61 290 984 705
Other Countries: +1-604-900-2318

Corporate Sales

Canada/U.S.: 1-877-929-7002
U.K.: +44 800 086 9801
Australia: +61 1800 952 928
Other Countries: +1-604-482-0090

Monthly Newsletter Signup