Effective Date: January 2023
Thanks for using Jupiter Payments! This Privacy Notice explains our online and offline collection, use, and disclosure of information that identifies or could be used to identify you (“Personal Data“). This Privacy Notice applies to Jupiter Payments and our controlled affiliates and subsidiaries (collectively, “Jupiter Payments,” “we,” “our,” or “us”).
Third-party services that we integrate with are governed under their own privacy policies.
References to “Products and Services” in this Privacy Notice includes our websites (see list below), apps, and related products and services, such as our payment processing platforms and our software solutions for Payments.
We operate the following Products and Services, which are subject to this Privacy Notice:
This Privacy Notice describes the following:
- PERSONAL DATA WE COLLECT
- HOW WE USE YOUR DATA
- HOW WE SHARE YOUR DATA
- YOUR CHOICES
- YOUR PRIVACY RIGHTS
- RETENTION OF PERSONAL DATA
- LOCATION OF PERSONAL DATA
- DATA SECURITY
- CHANGES TO THIS PRIVACY STATEMENT
- CALIFORNIA ADDENDUM – YOUR CALIFORNIA PRIVACY RIGHTS
This Privacy Notice applies when Jupiter Payments acts as a controller (i.e. when Jupiter Payments decides how and why Personal Data is processed). It does not apply to situations where Jupiter Payments is acting as a service provider or processor (as described below). If you have questions regarding your relationship with Jupiter Payments, and whether or not this Privacy Notice applies to your interactions with us, please contact Jupiter Payments at firstname.lastname@example.org or as otherwise described in the 11. Questions section of this Notice.
- Jupiter Payments as a Service Provider or Data Processor
Jupiter Payments Products and Services can be used by businesses that contract with us to use our Products and Services (“Customers”) and by consumers (“Consumers”). In most cases it is Jupiter Payments’ Customers, rather than Jupiter Payments itself, that make decisions about how the Customers’ employees (“authorized users”) and their customers or Consumers use our Products and Services. In most of those situations, Jupiter Payments is acting as a processor or service provider, and this Privacy Notice does not apply.
If you’re using a Jupiter Payments Product and Service in those situations, such as through your company, educational institution, gym, coach, or with your company email address, that entity is responsible for determining how your information is used.
This Privacy Notice does not apply to Personal Data we process as a service provider or data processor on behalf of our Customers. If you are a Consumer of one of our Customers, you should read that organization’s privacy notice. Questions about privacy practices can be directed to the Customer or to email@example.com.
- Jupiter Payments as a Controller
In other situations, Jupiter Payments acts as a “data controller” (the entity that decides how and why information is processed). This Privacy Notice applies to situations where Jupiter Payments is a data controller, such as when we process Personal Data collected online or offline by us, for example when:
Customers and Potential Customers:
- receive communications from us or otherwise communicate with us;
- use our Products and Services in their individual capacity under a contract with us;
- perform billing using our Products and Services;
- receive marketing communications from Jupiter Payments;
- register for, attend or take part in Jupiter Payments events, webinars, programs, or contests;
- participate in surveys, research or other similar data collection facilitated by us;
- use our Products and Services to pay our Customers;
- use our Products and Services in their individual capacity;
- visit our websites that display or link to this Privacy Notice;
- visit our branded social media pages; or
- register for, attend or take part in Jupiter Payments events, webinars, programs, or contests.
- Third Parties Products and Services
Our websites and Products and Services may also contain links to other websites, applications, platforms and services maintained by third parties. The information practices of these third parties, including the social media platforms that host our branded social media pages, are governed by their privacy notices, which you should review to better understand their privacy practices.
- PERSONAL DATA WE COLLECT
The Personal Data we collect depends on how you interact with us, the Products and Services you use, and the choices you make.
We collect, and may have collected in the preceding twelve months, Personal Data about you from different sources and in various ways when you use our services, including information you provide directly, information collected automatically about you, information collected from third-party data sources, and information we infer or generate from other data. We may combine any Personal Data we collect with other Personal Data we maintain, including those from other sources.
When you are asked to provide Personal Data, you may decline. If you choose not to provide data that is necessary for certain features of our Products and Services, those features may not be available to you or may not function correctly.
- Data you provide directly to us.
Website Visitors. We may collect contact information and the contents of inquiries, questions, and complaints from you through surveys, feedback requests, and forms on our websites or other locations.
Customers. As a Customer, we collect Personal Data directly from you and your authorized users when you, for example: contract with us to use our Products and Services, integrate our Products and Services with another website or product, or communicate with us in any way.
Consumers. As a Consumer, we collect Personal Data directly from you and on behalf of our Customers when you sign up to receive services from our Customers, such as a gym, leisure facility, or nursery; or make payments.
Personal Data you provide directly to us includes:
- Contact information, such as name, physical address, email address, phone number.
- Payment information, including credit or debit card numbers, bank account numbers, and other payment details.
- Credentials, including any usernames, passwords, profile photos, and profile details you create to use the Products and Services.
- Content and files, such as the photos, documents, or other files you upload to our Products and Services, and the content of your communications with us.
- Other details you chose to provide when scheduling services with our Customers.
If you provide us, our service providers, or our affiliates with any Personal Data relating to other consumers, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Notice.
B. Data we collect automatically.
When you use our Products and Services, some Personal Data is collected automatically about you.
For example, when you visit our websites, our web servers automatically log:
- Identifiers and device information, including your device’s operating system, Internet Protocol (IP) address, browser type and language, and device type.
- Geolocation data, such as city, state, country, and jurisdiction, or precise geolocation, depending on your device or app settings.
- Usage data, such as the website you visited before our websites or apps, access times, and your activity on our websites.
- Recordings, such as when you call a helpdesk operated by us, including helpdesks we operate on behalf of our Customers. Such recordings will be collected and maintained in compliance with applicable law.
- Data we create or generate.
We infer new information from other data we collect, including through the use of automated means, to generate information about your likely preferences or other characteristics (“inferences”). For example, we may infer your general geographic location (such as city, state, country, and jurisdiction) based on your IP address.
- Data we obtain from third-party sources.
We may also obtain Personal Data from third parties. These third-party sources include, for example:
- Third-party applications and services, such as social networks you choose to connect with or interact with through our Products and Services.
- Service providers, such as third parties that collect or provide data in connection with work they do on our behalf.
- Data brokers, including data aggregators from which we obtain data to supplement the data we collect.
- Publicly available sources, such as open government databases.
- Customers using our Products and Services may provide us with the Personal Data concerning their employees, contractors, or other personnel in order to provide access to our Products and Services.
- Social Media Platforms, such as the social media features on our websites (including the “Tweet” button and other sharing widgets, “Social Media Features”). Social Media Features may allow you to post information about your activities on our website to outside platforms and social networks. Social Media Features may also allow you to like or highlight information we have posted on our website or our branded social media pages. Social Media Features are either hosted by each respective platform or hosted directly on our website. To the extent the Social Media Features are hosted by the platforms themselves, and you click through to these from our websites, the platform may receive information showing that you have visited our websites. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile and may share that data with us. We recommend that you review the privacy policies of the respective social media platforms, as those policies will apply to the processing of your Personal Data on those sites.
- HOW WE USE YOUR DATA
We use your Personal Data to perform the functions of our Products and Services and to provide you with the Products and Services you request. We also use Personal Data collected through our Products and Services for the purposes described in this Privacy Notice or as otherwise disclosed to you.
For example, we use, or have used in the preceding twelve months, each category of Personal Data (listed above in the 2. Personal Data We Collect section) for the following purposes:
- Product and Services delivery, including securing, troubleshooting, improving, and personalizing our Products and Services.
- Product and Services improvement and development, including assessing your use of our Products and Services and creating new or improved Products and Services.
- Business operations, such as improving our internal operations, securing our systems, and detecting fraudulent or illegal activity.
- Personalization, including understanding you and your preferences to enhance your experience and enjoyment using our Products and Services.
- Customer support, such as troubleshooting and responding to your questions.
- We may record phone calls for training, quality assurance, and administration purposes as permitted by and in accordance with applicable law.
- Processing payments, including to verify payment information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you.
- Reviewing compliance with applicable usage terms, such as to validate that you are a licensed user and to review compliance with the applicable usage terms in our contract with you.
- Communications, such as sending you confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- Marketing, including communicating with you about new services, offers, promotions, and other information about our Products and Services and Customers. We may process your Personal Data to conduct market research, advertise to you, provide personalized information about us on and off our websites, and to provide other personalized content based on your activities and interests (see the 5. Your Choices section below for how to change your preferences for promotional communications).
- Compliance with legal obligations, such as when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights, or is otherwise necessary for our legitimate interest in protecting against misuse or abuse of our websites or Products and Services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, responding to lawful requests, or for auditing purposes.
We combine Personal Data that we collect from different sources to give you a more seamless, consistent, and personalized experience.
- HOW WE DISCLOSE YOUR DATA
Jupiter Payments may disclose, or may have disclosed in the preceding twelve months, your Personal Data with your consent or as necessary to complete your transactions or provide the Products and Services you have requested or authorized.
In addition, we disclose, or have disclosed in the preceding twelve months, each of the categories of Personal Data described above, with the types of third parties described below, for the following business purposes:
- Public information. You may select options available through our Products and Services to publicly display and share your name and/or username and certain other information, such as your profile, content and files, or geolocation data.
- Service providers. We share Personal Data with vendors or agents working on our behalf for the purposes described in this Privacy Notice. For example, companies we have hired to assist in protecting and securing our systems and the Products and Services that may need access to Personal Data to provide those functions.
- Financial services & payment processing. When you provide payment data, for example to make a purchase, we will share payment and transactional data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.
- Affiliates. We enable access to Personal Data across our subsidiaries, affiliates, and related companies where, for example, we share common data systems or where access is needed to provide our Products and Services and operate our business.
- Corporate transactions. We may disclose Personal Data as part of a corporate transaction or proceeding, such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
- Customers. If you use our Products and Services as an authorized user, we may share your Personal Data with your affiliated Customer responsible for your access to the Product and Services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies.
- Marketing Partners. We may share (as the term is defined by applicable law) your Personal Data for online marketing purposes.
- Contest and promotion sponsors. We may disclose Personal Data to sponsors of contests or promotions for which you register in order to fulfill the contest or promotion.
- Professional advisers. In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, accountants and insurers who provide consultancy, banking, legal, insurance, audit and accounting services.
- Legal and law enforcement. We may access, disclose, and preserve Personal Data when we believe that doing so is necessary to comply with applicable law or respond to valid legal process, including to comply with requests from law enforcement or other government agencies.
- Security, safety, and protecting rights. We may disclose Personal Data if we believe it is necessary to:
- protect our Customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
- operate and maintain the security of our Products and Services, including to prevent or stop an attack on our computer systems or networks; or
- protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
- Other disclosures with your consent. We may also disclose your Personal Data to other third parties with your consent, or as otherwise permitted by law.
Third-party analytics companies also collect Personal Data through our website and apps, including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data.
We may disclose your Personal Data to these third-party vendors to improve analytics for their own purpose and others. For example, we use Google Analytics on our website to help us understand how users interact with our website. You can learn how Google collects and uses information at www.google.com/policies/privacy/partners.
Please note that some of our Products and Services include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide Personal Data to any of those third parties, or allow us to disclose Personal Data to them, that Personal Data is governed by their privacy notices.
Finally, we may share de-identified information in accordance with applicable law. De-identified information is generally not considered to be Personal Data.
5. YOUR CHOICES
- Communications preferences.
Jupiter Payments may send promotional communications to current and prospective Customers about new services, offers, promotions, and other information about our Products and Services. You can choose whether you wish to receive promotional communications from us by email, telephone, physical mail, push notifications, and social media. If you receive promotional communications from us and would like them to stop, you can do so by following the directions in the relevant message.
These choices do not apply to mandatory service communications that are part of certain of our Products and Services, or to surveys or other communications that may have their own unsubscribe method. For that reason, you will still receive certain communications from us after you opt-out of receiving marketing communications.
We may also send marketing communications to Consumers about the services our Customers provide, on behalf of our Customers as part of our Products and Services. Additionally, our Customers may have the ability to market to current and prospective Consumers directly. If you receive marketing communications from our Customers, please contact them if you have any questions.
2. Analytics and advertising.
Our third-party analytics and advertising partners typically provide options to opt-out of certain data collection or use.
YOUR PRIVACY RIGHTS
Depending on your jurisdiction, you may have certain rights with respect to your Personal Data:
- the right of access to a copy of the Personal Data we hold about you;
- the right to know what Personal Data is being collected, processed, sold or shared (as the term is defined by applicable law, i.e., the sharing of Personal Data through behavioral advertising cookies);
- the right to request that we correct any inaccuracies in your Personal Data;
- the right to opt-out of certain decisions about you being made by automated means, such as profiling (although we do not envisage using automated decision making to make decisions that may be limited under applicable law);
- where we have sought your consent, the right to withdraw your consent at any time;
- the right to ask us not to process your Personal Data for direct marketing purposes.
- the right to object to or request that we restrict our use of your Personal Data;
- the right to request that we provide a copy of your Personal Data in a portable format;
- the right to request that we erase your Personal Data;
- the right to prohibit the selling or sharing (as defined by applicable laws) of your Personal Data; and
the right to limit the use and disclosure of your sensitive Personal Data (although we do not process your sensitive Personal Data for reasons which may be limited).
To make such requests, contact us at firstname.lastname@example.org or as stated in the 11. Questions section below.
However, to the extent permitted by applicable law, we reserve the right to decline requests that are unreasonable, excessive, prohibited by law, could adversely affect the privacy or other rights of another person, if we are unable to authenticate you as the person to whom the data relates, or if we are otherwise permitted to decline such requests in accordance with applicable law. Depending on where you are located, you may also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
In certain jurisdictions, a person authorized to act on your behalf may make a verifiable request related to your Personal Data. If you designate an authorized person to submit requests to exercise certain privacy rights on your behalf, we will require verification that you provided the authorized agent with such permission.
Your verifiable request must: (i) provide sufficient information (e.g., name, address, phone number, and/or email address) that allows us to reasonably verify that you are the person about whom we collected Personal Data or an authorized representative; and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Prior to complying with your request, we will need to verify your identity. Our verification procedure may differ depending on whether you have a registered account, the sensitivity of the Personal Data, and the risk of harm to you by unauthorized disclosure or deletion as applicable. If you are a Consumer and we are processing Personal Data on behalf of our Customer as a data processor (for example, when processing data about your services with our Customer), you should direct your request to the appropriate Customer or to email@example.com. Depending on where you are located you may also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
We rely on different lawful bases for collecting and processing Personal Data about you, for example, with your consent and/or as necessary to provide the Products and Services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
- RETENTION OF PERSONAL DATA
We retain Personal Data for as long as necessary to provide the Product and Services and fulfill the transactions and the Product and Services our Customers and Consumers have requested, or for other essential purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different Personal Data types in the context of different Product and Services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the Personal Data, the availability of automated controls that enable users to delete Personal Data, and our legal or contractual obligations.
If you are a Consumer receiving services from a Customer, you may direct questions about the Customer’s retention of your Personal Data to them or to firstname.lastname@example.org or as stated in the 11. Questions section below.
- LOCATION OF PERSONAL DATA
The Personal Data we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the European Union, United Kingdom, United States, Canada, Australia, and New Zealand. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem.
We take steps designed to ensure that the data we collect under this Privacy Notice is processed according to the provisions of this Privacy Notice and applicable law wherever the data is located.
- Location of processing European Personal Data.
We transfer Personal Data from the European Economic Area, United Kingdom, and Switzerland to other countries (including the USA), some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts where appropriate, to help ensure your rights and protections.
To learn more about the European Commission’s decisions on the adequacy of Personal Data protections, please visit: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.
- DATA SECURITY
The security of your Personal Data is important to us. We take reasonable and appropriate steps to help protect Personal Data from unauthorized access, use, disclosure, alteration, and destruction.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
- CHANGES TO THIS PRIVACY NOTICE
We will update this Privacy Notice when necessary to reflect changes in our Services, how we process Personal Data, or the applicable law. When we post changes to this Privacy Notice, we will change the “last updated” date at the beginning of this Privacy Notice.
If we make material changes to this Privacy Notice, we will provide notice regarding such changes, and take such other actions as may be required by law.
Any questions, concerns, or complaints for Jupiter Payments or about this Privacy Notice should be addressed email@example.com or by mail to Jupiter Payments at 1001 US HWY 1 Suite 700, Jupiter, FL 33477.
- CALIFORNIA ADDENDUM – YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident and the processing of Personal Data about you is subject to the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), you have certain rights with respect to that information. You have a right to receive notice of our practices at or before collection of Personal Data, and we do not discriminate against individuals who exercise any of their rights described in this Privacy Notice. However, we may require the use of your Personal Data to provide access to the Products and Services. Therefore, when you exercise your deletion right, in particular, as well as other rights, you may lose access to certain aspects of the Products and Services that require your Personal Data.
- Right to know.
You have a right to request that we disclose to you the Personal Data we have collected about you. You also have a right to request additional information about our collection, use, disclosure, sale or sharing (as defined by the CPRA) of such Personal Data.
Note that we have provided much of this information in this Privacy Notice. You may make such a ‘request to know’ by contacting us at firstname.lastname@example.org or as stated in the 11. Questions section. If you are a Consumer and we are processing your Personal Data on behalf of our Customer as a service provider, you should direct your request to the appropriate Customer or to email@example.com.
- Right to request deletion.
You have a right to request that we delete Personal Data under certain circumstances, subject to a number of exceptions. To make a request to delete, contact us at firstname.lastname@example.org or as stated in the 11. Questions section. If you are a Consumer and we are processing your Personal Data on behalf of our Customer as a service provider, you should direct your request to the appropriate Customer or to email@example.com.
- Right to request correction.
You have a right to request that we correct inaccuracies in the Personal Data we maintain about you under certain circumstances. To make a request for correction, contact us at firstname.lastname@example.org or as stated in the 11. Questions section. If you are a Consumer and we are processing your Personal Data on behalf of our Customer as a service provider, you should direct your request to the appropriate Customer or to email@example.com.
- Right to opt-out.
You have a right to opt-out from future ‘sales’ of Personal Data and from future ‘sharing’ of Personal Data for cross-contextual behavioral advertising. Please note the following:
- The CCPA/CPRA defines ‘sell’, ‘share’ and ‘personal information’ very broadly, and some of the uses of Personal Data described in this privacy statement may be considered a ‘sale’ or ‘sharing’ under those definitions. In particular, we let advertising and analytics providers collect IP addresses, cookie IDs, and mobile IDs through our sites and apps when you use our online services. For more information, including how to opt-out, please see our Cookie Notice.
- The CCPA/CPRA defines ‘sensitive personal information’ as a specific category of personal data. We do not knowingly collect or process sensitive personal information, within the meaning of this definition, to infer characteristics about consumers.
- We do not knowingly sell or share the Personal Data of minors under 16 years of age.
- ‘Shine the Light’ law.
Additionally, under California Civil Code § 1798.83, also known as the ‘Shine the Light’ law, California residents who have provided Personal Data to a business with which the resident has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed Personal Data to any third parties for the third parties’ direct marketing purposes.
Please be aware that we do not disclose Personal Data to any third parties for their direct marketing purposes as defined by this law.
California Customers may request further information about our compliance with this law by e-mailing firstname.lastname@example.org or as stated in the 11. Questions section. Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated e-mail address.