This Privacy Statement was last updated September 3, 2015.
As a leading provider of payment management services to hundreds of thousands of online businesses around the world, privacy and data protection are of the utmost importance to CyberSource Corporation and its subsidiaries, including Authorize.Net LLC, CyberSource Limited, CyberSource NI Ltd., CYBS Singapore Pte. Ltd., CyberSource K.K., CyberSource Payment Solutions Pty Ltd and other subsidiaries (collectively “CyberSource”).
This Privacy Statement details CyberSource’s policies with respect to the handling of personally identifiable information (“Personal Information”) submitted to or otherwise collected by CyberSource via CyberSource’s website(s), mobile application(s), and/or in the course of providing its payment processing, payment security and fraud management solutions and services (collectively the “Services”). CyberSource will use and disclose Personal Information in accordance with the terms of this Privacy Statement.
Personal Information we collect:
Personal Information is information which can be used to identify an individual. We collect Personal Information any time the Services are used. The Personal Information collected includes information provided to us directly by individuals and that is provided to us by merchants or financial institutions. The collection of Personal Information described herein is necessary for use of the Services. This information includes but is not limited to:
Contact information (such as email address, phone number, and mailing address)
Order and payment information
We collect other information, such as:
IP address and information about the device used to access the Services
How and which Services are used
Merchant and merchant account information, including account information we may gather from third party sources
Information provided to us through means such as social media or when you contact us through our website.
We also collect or compile other information about you (such as enrollment numbers or demographic group information) which does not identify you. We may use or share any other information with third parties for any lawful purpose.
To find out more about cookies, including browser-specific instructions on how to restrict or block cookies, go to http://www.allaboutcookies.org. Remember, though, without cookies, users may not be able to take full advantage of all of our website features.
We may also use locally stored objects (sometimes referred to as “Flash cookies”) for security and fraud detection purposes. Flash cookies are not managed through web browser settings. Please visit Adobe’s Flash Player Help website for help with managing Flash cookies.
How we use Personal Information
Usage and disclosure of Personal Information varies based on a party’s relationship with CyberSource. CyberSource primarily uses this information to provide the Services and related features and to
Facilitate the processing of payment transactions
Respond to requests and inquiries
Provide support services
Send administrative information, such as changes to our terms, conditions, and policies
Administer promotions or contests
Facilitate social sharing functionality
Analyze and monitor Services usage and to make improvements
Help secure the Services, prevent fraud and enforce our policies
Help personalize our Services
Communicate about other CyberSource services or those of our affiliates or other third parties
To make contact, directly or through a third party vendor, to complete a survey or questionnaire
To communicate, directly or through a third party vendor, about CyberSource offerings, about general company news and industry trends, and to address responses to a survey or questionnaire
Compile information for use on an aggregated and de-identified basis
Conduct data analysis and research, audits, develop new products, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities
Perform other activities with consent
How we share Personal Information
We will only share Personal Information as described in this policy. Specifically, we may share Personal Information:
As necessary to perform the Services and to complete payment transactions
With companies and vendors that help us to operate our business by providing services such as website hosting, fraud screening, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing and other similar services
With third parties that have contracted with CyberSource to perform certain functions on our behalf
With third parties sponsors of promotions or contests where consent has been given
To comply with law or other legal obligations such as responding to subpoenas, or other requests from public and government agencies, including laws and other legal obligations outside a party’s country of residence
To protect our rights, operations or property, or that of our users
To investigate, prevent, or take action regarding potential or suspected illegal activities, fraud, threats to the personal safety of any person, or violations of the Service’s terms and conditions
With other companies that control, are controlled by, or are under common control with CyberSource that support the provision of Transaction Services or relationship with a party. This includes its subsidiaries and parent companies.
With a purchaser of all or a unit of CyberSource (or the majority of CyberSource’s or its unit’s assets), a merger, acquisition, or internal reorganization of CyberSource or a unit of CyberSource
Please note that any information posted to public areas such as on our social media pages may be seen by other visitors.
Users can choose not to provide us Personal Information when you use our website(s) or mobile application(s). However if the information request is not identified as optional and a user chooses to not provide required Personal information, then the user may not be able to use the features of the website or mobile application.
Users can opt out of receiving promotional email from CyberSource by following the unsubscribe link in those email messages. Users can opt out of receiving SMS text messages from CyberSource by replying STOP to any message.
Users can learn more about CyberSource’s use of online behavioral advertising and how it can manage its choices for online behavioral advertising by clicking here.
Users can configure its browser to reject cookies, or to notify it when a cookie is set. However, if you reject cookies, the Services may not operate properly.
Accessing or editing Personal Information
CyberSource may be contacted at the email address at the bottom of this policy to request access to or that we update, or correct the Personal Information collected by our Services. Please note, that consistent with local law, CyberSource may retain Personal Information for auditing purposes, to troubleshoot problems, assist with investigations, enforce our policies or comply with legal requirements. Please note that we are not responsible for permitting the review, or the updating or deleting Personal Information provided to a third party, including any mobile application, social media platform, or wireless service provider.
Third Parties and Linked services
CyberSource is not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, including any Personal Information disclosed to other organizations through or in connection with the Services.
The inclusion of a link on the CyberSource website does not imply endorsement of the linked site or service by CyberSource.
We will retain Personal Information for the period necessary to fulfill the purposes outlined in this policy unless a longer retention period is required or permitted by applicable law or regulation.
Use of the Services by minors
The Services are not directed to individuals under the age of thirteen (13), and we request that these individuals do not provide Personal Information through the Services.
Notice to European Users
The Data Protection Act puts obligations on users of Personal Information and sets forth principles for its use. One principle states that information must be processed fairly and lawfully. This means that citizens of the European Union are entitled to know how we intend to use Personal Information. Details are publicly available at ico.org.uk or from:
Information Commissioner’s Office
Cheshire SK9 5AF
Tel: 08456 30 60 60 or 01625 54 57 45
Fax: 01625 524510
The Data Protection Act does not generally apply to data about limited companies or partnerships, but it does cover personal data relating to sole traders and partnerships. When we receive an application from a business, we may perform a search with a credit reference agency and fraud prevention agency on the individual company directors or partners.
Personal Information may be processed and stored by CyberSource or its affiliates, service providers or agents located in the United States, Singapore and other countries. By providing Personal Information directly to CyberSource or to its customers, you consent to the transfer of such information outside of the European Union and to its storage and use as described herein.
How to contact CyberSource regarding your privacy concerns and questions
If you have questions or comments about our privacy practices, or if you want CyberSource to correct your Information that is stored on CyberSource systems, please submit your request in writing to:
P.O. Box 8999
San Francisco, CA 94128
ATTN: Data Use and Privacy Office
Fax: (650) 286-6547
P.O. Box 3073
Reading RG1 9YB
ATTN: Compliance Officer
Fax: +44 (0)118 990 7301
Subject to our ability to verify your request, CyberSource will correct the information within thirty (30) days of receipt of your request.