iATS complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. iATS has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view iATS’s certification, please visit http://www.export.gov/safeharbor/.
The policy as noted below came into effect on May 1, 2005. As iATS’s services evolve, we may revise this policy, so please check back frequently. If you have questions about iATS’s privacy practices please contact us via email at firstname.lastname@example.org or by mail at 1188 West Georgia St., Suite 600, Vancouver, BC, V6E 4A2, Canada.
Information Collection and Use
iATS collects personally identifiable information about you and your business when you register for an iATS merchant account. For example, when you register with iATS, we ask for your contact information (such as your name, street address, and e-mail address), as well as certain information pertaining to your business and certain billing information (such as your or your business’s bank account number or credit card number). iATS may also receive personally identifiable information from its resellers and other business partners.
In the course of processing a payment transaction, we typically receive information related to the transaction from the applicable merchant or financial institution. This normally includes personally identifiable information relating to the payment that the relevant consumer has separately furnished to the merchant or financial institution in requesting or initiating the transaction. As a merchant, you are solely responsible for obtaining all necessary and appropriate consent and authorization from each consumer and other person about whom you share personally identifiable information with iATS. Please only share with us personally identifiable information for which you have obtained appropriate consent and authorization from the applicable consumer. Any personally identifiable consumer information shared with us from the applicable merchant or financial institution is treated with the utmost care and security. iATS, LLC systems are certified as a Level 1 PCI Compliant and all data retention and credit card information is fully encrypted and data security is maintained at the PCI standards as determined by the PCI Security Standard Council. Please see more details about our security practices in the “Information Security” section below.
We do not acquire any personally identifiable information directly from consumers on the Site. Our Web site is not directed at persons under the age of 18 and iATS does not collect or maintain information on our Web site from persons we actually know are under the age of 18. As with many other Web sites, the Web servers used to operate the Site may collect certain non-personal data pertaining to users of the Site and the equipment and communications method that they use to access the Internet and the Site. Without combining these data with other sources of information, they do not readily or personally identify individuals. They may reveal such things as the Internet protocol (“IP”) address assigned to an individual’s computer, specific pages that an individual accessed on the Site or immediately prior to visiting the Site, and the length of time spent in a visit to the Site. The purposes for which this information is collected and used include facilitating Site operation and system administration, the generating of aggregate, non-identifiable statistical information, monitoring and analyzing Site traffic and usage patterns, and improving the content and content delivery with regard to the Site and the content, materials, opportunities, and services that we describe or make available on the Site.
We may also use “cookies” (small text files stored on users’ computers) to help track and customize access and use of the Site. Cookies store and retain information that helps us recognize individuals when they return to the Site following a previous visit. Most popular Internet browser packages allow one to configure the browser so as not to accept cookies. However, setting your browser to reject cookies may, in certain instances, prevent you from taking full advantage of the Site and the materials, products, and services that we make available on the Site.
Information Sharing and Disclosure
Protecting personally identifiable information about merchants and consumers is an important part of our business. We do not sell, share or rent client information to third parties except as described below.
iATS will disclose personally identifiable information about you, as a merchant, to third parties (whether other companies or individuals) when: (1) we have your consent to share the information with such third parties; (2) we need to share the information with such third parties to provide the product or service you have requested; or (3) such third parties work on behalf of iATS to provide a product or service to you (unless we tell you differently, these third parties do not have the right to use or disclose any personally identifiable information that we provide to them beyond what is necessary for them to perform their duties for us).
We share personally identifiable information about specific consumers with third parties (such as, for example, banks and credit card processors) to the extent necessary for iATS to deliver payment processing services that are requested regarding such consumers.
We also may disclose personally identifiable information to third parties when we believe disclosure is required or appropriate: (1) to comply with applicable laws, regulations, subpoenas, court orders, and the like; (2) to enforce or give effect to written agreements that we are party to (such as, for example, the Merchant Agreement that you, as a merchant, have executed with us); or (3) to protect the rights, property, or safety of iATS, its other users, or others. These disclosures may include, for example, exchanging information with other companies and organizations for fraud protection and risk reduction purposes.
Transfer of Personal Information in the Event Of Sale of iATS or Its Assets
What Choices Do You Have?
When corresponding with iATS or our representatives, or when making a request for information, submitting information, or otherwise interacting with us through the Site, you choose what information to supply, what questions to pose and comments to make, whether you wish to receive further information, and by what method of communication that information should be delivered to you. Please take care to share only such information as is needed or that you believe is appropriate. You may opt out of disclosing certain personally identifiable information to iATS. However, in doing so we may not be able to provide you the services that you are requesting.
Information security is critical to our business. We use firewalls and other industry standard security technology, as well as industry standard security practices, to protect personal and confidential information that we receive and to prevent that information from being accessed by unauthorized persons. For example, we work to protect the security of personal and confidential information submitted through the Site during transmission by using Secure Sockets Layer (SSL) software, which encrypts information. The information that you submit through the Site is gathered on computers, and stored in a data center, protected by industry standard security practices. The number of employees that have physical access to our data center, and to the computer on which personal information is stored, is limited. iATS, LLC systems are certified as a Level 1 PCI Compliant and all data retention and credit card information is maintained at the PCI standards as determined by the PCI Security Standards Council (https://www.pcisecuritystandards.org) Please click here for more information.
We also require that any personally identifiable information about consumers that is sent to us through or in connection with the Site be encrypted using SSL encryption. To learn more about SSL, go to: http://www.webopedia.com/TERM/S/SSL.html You are responsible for the use and safeguarding of any login ID that we issue to you regarding the use of the Site and any associated passwords. It is important for you to protect against unauthorized access to your login ID and password, to other sensitive data regarding your account with us, and to your computer. Be sure to appropriately safeguard the login ID and password that you use to access iATS’s services, and be sure to sign off of your account when you are finished using it, if you are using a shared computer to access the Site.