mCards Privacy Policy
Last updated: November 4, 2022
We know that you care how information about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly. This Privacy Policy describes the privacy practices of MCards Inc., a Delaware corporation, and its subsidiaries (“mCards”, “we” and “us”) and applies to your use of the products and services provided by us (collectively, the "Services"). The Services are provided, through our mobile applications, web based applications and our website at www.mCards.com (collectively the “mCards App”). By using our Services, you accept the practices described in this Privacy Policy.
This Privacy Policy explains:
-
What information we collect and why we collect it.
-
How we use that information.
-
The choices we offer, including how to access and update your information.
In this Privacy Policy, the term “personal information” means any information about or related to you or your use of the Services in respect of which the collection, storage, handling or disclosure is subject to the requirements of applicable laws and regulations.
Information We Collect
We collect information to provide, personalize and continually improve the Services. This includes helping us to present relevant information to you within the mCards App and recognizing when you should receive discounts, incentives, rewards and other offers for an action you have taken.
We collect information in three ways:
1
Information you give us. Many of our services require you to sign up for an account (“mCards Account”). When you do, we’ll ask for personal information, such as your name, date of birth, address, email address, telephone number, loyalty, prepaid, debit or credit card information to store with your mCards Account. To complete transactions using our Services, you will need to provide the account and card details for one or more loyalty, prepaid, debit or credit cards held by you. We will also retain information you provide in feedback, surveys, ratings, reviews and social media postings initiated within our application or platform.
2
Information we obtain from your use of our services. We collect information about your use of the Services including:
-
Device information. We collect device-specific information (such as your hardware model, operating system and version, unique device identifiers, and mobile network information including phone number).
-
Transaction Information. When you use the Services to make, or request to make, a transaction, including a return or refund, we will be provided with details of the transaction including the amount of the transaction, the time of the transaction, goods and/or services purchased, the details of any loyalty, points, discounts, incentives, rewards and other offers or benefits offered by, provided to or redeemed by or with you and the details of the third party, including name, location and type of business.
-
Location Information. When you use the Services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide us with information on nearby devices, Wi-Fi access points and cell towers. You may disable location services with the mCards App or generally on your mobile device.
-
Local Storage and Cookies. When using the mCards App we may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches. We may also send one or more cookies or anonymous identifiers to your device when you interact with the Services or the services we offer to our partners, such as mCards features that may appear on other sites.
-
Log Information. When you use the Services, we automatically collect and store certain information in server logs including details of how you used our service, internet protocol address, device information, telephony log information such as your phone number, event information such as crashes, system activity, hardware settings, browser type, browser language and the date and time of your use, your interaction and viewing history for content within the Services and cookies that may uniquely identify your browser or your mCards Account.
3
Information we obtain from our partners. Your name and the name of any additional cardholder associated with any loyalty, prepaid, debit, credit card or other account linked to your mCards Account is received from the issuer of the card or holder of the account when it is linked to your mCards Account.
Information we collect when you use the Services, in addition to information we obtain about you from partners, may be associated with your mCards Account. When information is associated with your mCards Account, we treat it as personal information.
Information Security
We work hard to protect mCards and our users from loss, interference, misuse, unauthorized access to or unauthorized modification of, unauthorised disclosure of information we hold. In particular:
-
We encrypt many of our services using SSL.
-
Our card processing systems adhere to the PCI Data Security Standard.
-
We offer you password protection for your mCards Account.
-
We regularly review our information collection, storage and processing practices and security measures, to guard against unauthorized access.
-
We restrict access to personal information to mCards employees, contractors, merchants and agents who need to know that information in order to provide the Services or to process it for us, and who are subject to strict contractual confidentiality obligations.
How We Store Information We Collect
Your personal information may be used or stored by us or by our data storage service providers, and, unless prohibited by applicable laws, may be stored in data centres outside of your country of residence. We take reasonable contractual or other measures to protect customer’s personal information while processed or handled by us or our data storage providers. Your personal information may be subject to the laws of the jurisdiction in which it is located, including lawful disclosure requests by government authorities.
How We Use Information We Collect
We use the information collected about you to allow us to provide, maintain, protect, improve our services and to develop new products and services. We also use the information to protect you, other users and mCards.
Specific examples of the way we use your information include:
-
to authorize and process transactions including any returns and refunds and funding of transactions from any funding source
-
to apply any discounts, incentives, rewards and other offers applicable to your transactions
-
to provide appropriate data and content to you including details of applicable discounts, incentives, rewards and other offers
-
to verify user identity and maintain and update our records
-
to communicate with users, including dealing with user enquiries
-
to conduct product and marketing research
-
to improve our products and services
We may use the name for your mCards Account across all of our services. In addition, we may replace past names associated with your mCards Account so that you are represented consistently across all our services.
When you contact mCards, we keep a record of your communication to help solve any issues you might be facing. We may use your telephone number to send you notifications and information relating to actions you have taken. We may also inform you about our services through email, SMS, push notifications or within the mCards App, such as letting you know about upcoming changes or improvements.
We use information we collect and may combine information from the Services with information, including personal information, from other mCards services to improve your user experience and the overall quality of our services.
We will ask for your consent before using information for a purpose other than those that are set out in this Privacy Policy.
Information We Share
We do not share personal information with companies, organizations and individuals outside of mCards unless one of the following circumstances applies:
For transaction processing including processing discounts, incentives, rewards and other offers.
-
We provide personal and other information to our partners, affiliates or service providers other trusted businesses or persons to process your transactions, based on our instructions and in compliance with our Privacy Policy and any other legally required personal information protection, confidentiality and security measures.
For Legal Reasons
-
We will share personal information with companies, organizations or individuals outside of mCards if we have a good faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
-
meet any applicable law, regulation, legal process or enforceable governmental request.
-
enforce applicable Terms of Service, including investigation of potential violations.
-
detect, prevent, or otherwise address fraud, security or technical issues.
-
protect against harm to the rights, property or safety of mCards, our partners, service providers, users or the public as required or permitted by law.
Aggregated/Anonymised Data
-
We may share aggregated, non-personally identifiable information publicly and with our merchants, partners or connected sites. For example, we may share information publicly to show trends about the general use of our services.
With Our Partners
-
We may share personal information, including transaction data, with our business partners, including business partners other than the partner relating to the Services in respect of which the personal information was obtained. Those business providers may use your personal information provided by us to provide their services to you, billing and accounting purposes, marketing their products and services to you and for general business purposes but must otherwise comply with this Privacy Policy in respect of your personal information.
Corporate Transaction
-
If mCards is involved in a major corporate transaction such as a merger, acquisition or sale of all or substantially all of our business or one or more subsidiaries or divisions of our business, we may disclose certain of your personal information to potential buyers, merger targets, underwriters and advisors. If we do this, we will take reasonable precautions to ensure that recipients of your personal information are obligated to keep it confidential. To the extent that we transfer our business or a division of our business to which your personal information is relevant, your relevant personal information will be also be transferred and the new owner or newly controlling party will be permitted to use your personal information in accordance with this Privacy Policy.
With Your Consent
-
We will also share personal information with companies, organizations or individuals outside of mCards when we have your consent to do so.
Our Communications With You
Among other things, we will communicate with you on a regular basis via e-mail, SMS push notifications or within the mCards App. We may also communicate by phone to resolve user complaints or investigate suspicious transactions. Communications will be made for various reasons, including sending records of transactions requested or made, sending information about important changes to our Services, and to send notices and other disclosures required by law. You agree to receive such communications electronically until you advise us otherwise. We may send you promotional messages about new services, discounts, incentives, rewards and other offers or opportunities that may interest you. If you do not want to receive promotional messages or other communications from us, please adjust the settings within the mCards App, under your mCards Account. However, we reserve the right to send you notices for customer service reasons, including notices about your mCards Account or transactions using our Services. Also, to help us make communications more useful and interesting, we may receive a confirmation when you open or receive communications from us.
Accessing And Updating Your Personal Information
Whenever you use our services, we aim to provide you with access to your personal information. If that information is wrong, we provide ways to update it quickly or to delete it (unless we have to keep that information for legitimate business or legal purposes). When updating or correcting your personal information, we may ask you to verify your identity before we can act on your request.
We may reject requests for access to personal information or to correct your personal information if they are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backup systems), or we are legally obligated to do so.
Where we can provide you with access to your personal information, we will do so for free, unless providing the personal information means we will incur an unreasonable cost. In such cases, we may charge you a fee commensurate with such cost but we will advise of any such charge in advance.
We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our Services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems. Until such information is deleted from our servers, we will store, manage and disclose it only in accordance with this Privacy Policy.
When This Privacy Policy Applies
Our Privacy Policy applies to all of the services offered by MCards Inc., its subsidiaries and its affiliates, and services offered by any of them on other sites and through other mobile apps but excludes services that have separate privacy policies which do not specifically reference or incorporate this Privacy Policy.
Our Privacy Policy does not apply to services offered by other companies or individuals, including sites that may include mCards services, or other sites linked from our services unless those services specifically reference or incorporate this Privacy Policy. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services.
Opting Out, Corrections and Complaints
Upon your request, we will (a) correct or update your personal information; (b) stop sending communications to you via email, SMS or push notifications; (c) stop disclosing non-public personal information about you to non-affiliated third parties, (d) disable your mCards Account. Some of these requests can be satisfied by changing settings within the mCards App. To the extent that you are unable to do so within the mCards App, you may make such requests to:
Attn: Privacy Officer
MCards Inc.
Four Embarcadero Center
Suite 1400 – # 178, San Francisco
California US 94111-4164
Email: privacy@mcards.com
Please do not email or mail your mCards Account number or other sensitive information.
Please note that we may need to communicate with you about certain things we are legally permitted to communicate with you about regardless of whether you wish to opt out and accordingly, you cannot opt out of these communications.
You may also register any complaints pertaining to the use by us of your personal information not in accordance with this Privacy Policy in the above manner.
Compliance and Cooperation with Regulatory Authorities and Complaints
We regularly review our compliance with our Privacy Policy. We also adhere to several self-regulatory frameworks.
We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.
Australian Users: If you are using the Services in Australia, and are not satisfied with our response to any complaint you make to us then you may complain to the Office of the Australian Information Commissioner in writing online or by post at either https://forms.business.gov.au/aba/oaic/privacy-complaint-/ or Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001. You may also phone the Office of the Australian Information Commissioner on 1300 363 992 if you need assistance in making a complaint.
Changes
Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.