Last revised 2020/01/29
NitroPay is owned and operated by GG Software, LP.
Information Collection And Use
We may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name, your email address, your browser and device, including your browser type, device type, IP address, user agent string, operating system, mobile carrier, and identifiers assigned to your browser or device. For NitroPay clients, we may also collect tax information in conjunction with our payment system. We also collect information about your visit to our products, such as the websites you visit immediately prior to visiting our products, access times, and the specific pages viewed. (“Personal Information”).
If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.
Sharing of Information
- With vendors, consultants, and other service providers who need access to such information to carry out work on our behalf;
- In response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, or legal process;
- If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property, and safety of GG Software or others;
- In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company;
- Between and among GG Software and our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership; and
- With your consent or at your direction.
We may also share aggregated or de-identified information, which cannot reasonably be used to identify you.
You can choose to disable or selectively turn off our cookies or third-party cookies in your browser settings, or by managing preferences in programs such as Norton Internet Security. However, this can greatly affect how you are able to interact with the Site as well as most other websites.
NitroPay and GDPR
GG Software and NitroPay are committed to compliance with the GDPR. We also wish to assist our customers with their own GDPR compliance by providing simple steps for ensuring proper compliance with NitroPay SDKs.
The EU General Data Protection Regulation (GDPR) was enacted on May 25, 2018, and will bolster the rights of European end users with regards to their personal data. The new legislation will also unify data protection laws across Europe, regardless of where the data is being processed.
NitroPay as a Processor
As defined by the GDPR, “a controller is the entity that determines the purposes, conditions and means of the processing of personal data, while the processor is an entity which processes personal data on behalf of the controller.”
Processing According to Instructions
Any data that a customer and its users put into our systems will only be processed in accordance with the customer’s instructions, as described in our GDPR-updated Terms of Service.
Deletion and Return of Data
As per the GDPR, end users of the controller’s services may request a deletion or return of their data. When NitroPay receives a data return request from the controller, NitroPay will produce an export of the relevant information as indicated by Controller’s request within a maximum period of 10 business days. If a complete deletion request is communicated from you, NitroPay will delete the relevant customer data from all of its systems within a maximum period of 20 business days unless retention obligations apply.
Security of NitroPay Services
According to the GDPR, controllers and processors shall implement appropriate technical and organizational measures to ensure a level of security appropriate for the risk profile of the data. NitroPay’s infrastructure and organization is built with data protection and privacy in mind, focusing on a secure deployment of services, secure storage of data, secure communications between services, and safe operation by administrators. We adhere to a data model of storing pertinent information to our customers, and this provides a firm foundation of our overall security profile.
Updating Your Information — You may update, correct, or delete information about you at any time by emailing us at [email protected]. Note however that we may retain certain information as required by law or for legitimate business purposes.
For California Residents: CCPA Information
Rights and Choices
The CCPA provides consumers located in the state of California with certain rights regarding their personal information and data. The following section describes those rights and explains how to exercise them:
Access to Specific Information and Data Portability Rights
You have the right to request that GG Software LP disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (as described in the section “Exercising Access, Data Portability, and Deletion Rights”), we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called data portability request)
- If we sold or disclose your personal information for a business purpose, two separate lists disclosing:
- Sales, identifying the personal information categories that each category of recipient purchased, and
- Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.
Any CCPA-permitted financial incentive we offer will reasonably relate to your value and contain written terms that describe the program’s material aspects.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at [email protected]
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access of data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Information We Collect
Our websites, emails (with your consent, where required by law), and other products, services and platforms collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, our websites, apps, emails, and other products, services and platforms may have collected the following categories of personal information from its consumers within the last twelve (12) months:
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))||YES|
|C. Protected classification characteristics under California or federal law||NO|
|D. Commercial information.||YES|
|E. Biometric information.||NO|
|F. Internet or other similar network activity.||YES|
|G. Geolocation data.||YES|
|H. Sensory data.||NO|
|I. Professional or employment-related information.||NO|
|J. Inferences drawn from other personal information.||YES|
Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy.
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a newsletter or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we or our third-party service providers will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product or service orders and requests.
- To provide, support, personalize, and develop our websites, emails, and other products, services and platforms.
- To create, maintain, customize, and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including investigating and addressing your concerns and monitoring and improving our responses.
- To personalize your website, apps, emails, or other product, service or platform experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our websites, apps, emails, and other products, services and platforms.
- To help maintain the safety, security, and integrity of our websites, apps, emails, and other products, services and platforms, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our websites, apps, emails, and other products, services and platforms.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by the Company about our Website users is among the assets transferred.
The Company will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
The Company may disclose your personal information to a third-party for a business purpose or sell your personal information, subject to your right to opt-out of those sales (see ‘Sales of Personal Information’ below). When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the personal information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales (see ‘Sales of Personal Information’ below).
We may share your personal information with the following categories of third parties:
- Subsidiaries and affiliates.
- Contractors and service providers.
- Data aggregators.
- Third parties with whom we partner to offer products and services to you.
Disclosures of Personal Information for a Business Purpose
In the preceding twelve (12) months, the Company has disclosed the following categories of personal information for a business purpose:
- [Category A: Identifiers.]
- [Category B: California Customer Records personal information categories.]
- [Category F: Internet or other similar network activity.]
- [Category G: Geolocation Data.]
- [Category K: Inferences drawn from other personal information.]
Sales of Personal Information
In the preceding twelve (12) months, the company has not sold any personal information.