Privacy Policy

Last Updated: August 26, 2020

This Privacy Policy governs Nilon’s collection and use of your personal information for the purpose of providing you with the Services, and is incorporated by reference into Nilon’s Terms of Use.

The capitalized terms that appear in this Privacy Policy have the same meanings as in Nilon’s Terms of Use, unless they are defined in this policy.

By using the Services, you agree to this Privacy Policy. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICES.

SCOPE OF POLICY

This Privacy Policy describes how Nilon collects, uses, and protects personal information that can be used to identify an individual (“Personally Identifiable Information”). Personally Identifiable Information may include names, addresses, telephone numbers, email addresses, birth dates, and similar types of information. Personally Identifiable Information may also include demographic information, employment information, financial information, and similar types of information. This Privacy Policy incorporates One Pay’s GDRP Policy to the extent Nilon collects and uses the Personally Identifiable Information of persons residing in the European Union and other jurisdictions that have adopted the EU’s Data Protection Regulation (“GDPR”).

This Privacy Policy does not describe our practices regarding other types of information. Nor does this Privacy Policy describe the practices of other companies with respect to your information. We do not control and are not responsible for the practices of such companies.

The capitalized terms that appear in this Privacy Policy have the same meanings as in Nilon’s Terms of Use, unless they are defined in this policy.

CHANGES TO PRIVACY POLICY

Nilon may modify this Privacy Policy, including any of the policies associated with this Privacy Policy, at any time, with or without notice. Any changes to this Privacy Policy will be effective immediately upon being posted on our Website, and you are responsible for periodically checking our Website to determine if any such changes have been made. By continuing to use the Services after such changes are posted, you agree to such changes. If you do not agree to such changes, you may not continue to use the Services.

PURPOSE OF PROCESSING

The purpose of Processing Data Subjects’ Personally Identifiable Information is to provide the Services set forth on our Website. This may include:

Operating, evaluating, maintaining, improving, and providing the features and functionality of our products and services
Fulfilling a payment or return transaction initiated by you
Delivering electronic receipts to consumers who request them via email or text message
Managing our relationship with you or your company
Carrying out our obligations, and exercising our rights, under our agreement with you or your company
Communicating with you regarding your account with us, if you have one, including by sending you service-related emails or messages (e.g., messages regarding account verification, changes or updates to the functionality of our products or services, technical and security notices and alerts, and support and administrative messages)
Facilitating communications between merchants’ customers and merchants regarding marketing messages and preferences
Personalizing the manner in which we provide our products and services
Maintaining records for merchants regarding their interactions with us
Maintaining records for merchants of their customers’ purchase activity and history
Checking for fraud or money laundering and/or managing either our or merchants’ risk
Administering and protecting our business
Providing support and maintenance for our products and services, including responding to your service-related requests, questions, and feedback
Developing or improving our products and services
Developing and creating analytics and related reporting
Providing information about other products or services we offer or other products or services third parties may offer
Complying with applicable law, regulations, or rules, or lawful requests for information, such as government investigations and subpoenas
Prevention of illegal or improper activity or harm to our interests

COLLECTION OF PERSONAL INFORMATION

We may collect certain types of Personally Identifiable Information when you create or update your Account, or when we create an Account on your behalf, such as your name, address, and email address. We may also collect certain types of Personally Identifiable Information when you use the Services, such as fingerprint scans. The purpose of colleting such information is to permit you to use the Services.

Specific types of information we may collect include the following.

When you make a payment, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, electronic signature, name and location of the merchant at which the transaction occurred, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.

When you make a payment, merchants may provide us with information about you. This information may include uploaded email addresses, phone numbers, and purchase history.

When you access our website or use our mobile application, we, our service providers, and our partners may automatically collect information about you, your computer or mobile device, and activity on our websites or mobile applications. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites or mobile applications, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Certain products or services that we provide or which merchants may incorporate into their websites or mobile applications may automatically collect additional information.

Providing us with your Personally Identifiable Information is entirely voluntary. If you do not wish to consent to the collection and use of your Personally Identifiable Information, you are not required to do so. If you provide you consent to the collection and use of your Personally Identifiable Information, whether expressly or by using the Services, you may withdraw you consent at any time. To withdraw your consent, you may send us a request at support@Nilon.com. However, if you do not consent to the collection and use of your Personally Identifiable Information, or if you withdraw you consent, you will not be able to use the Services, and if you do not wish to provide certain types of information, your use of the Services may be adversely affected and you may not receive certain communications.

COLLECTION OF OTHER TYPES OF INFORMATION

We may collect “aggregate data” when you use the Services. Aggregate data is data about your use of the Services. Aggregate data may include your computer’s IP address, referring website addresses, and the time you accessed the Website. This Privacy Policy does not limit our use of aggregate data since Personally Identifiable Information is not contained in such data or has been removed from such data. We may share aggregate data with third parties for various purposes, including to help us improve the Services and for marketing purposes.

We may also collect information about your use of the Services by using cookies pursuant to Nilon’s Cookies Policy, which is incorporated by reference into this Privacy Policy.

ACCESS TO PERSONAL INFORMATION

You may access or request access to the Personally Identifiable Information in your Account at any time through the Nilon platform or by sending a request to: support@Nilon.com.

If you terminate your use of the Services, or if Nilon terminates your use to the Services, any request to access your Personally Identifiable Information must be made within thirty (30) days of termination. If you do not request such access within this time frame, or if your access to the Services is terminated due to your actual, attempted, threatened, or suspected violation of Nilon’s Terms of Use, Nilon will have no obligation to maintain such information, and such information may no longer be retrievable. You may access the Personally Identifiable Information in your Account through the platform or by sending a request to: support@Nilon.com.

Nilon reserves the right to decline commercially unreasonable request to access the Personally Identifiable Information in your Account.

UPDATES TO PERSONAL INFORMATION

You may update the Personally Identifiable Information in your Account at any time through the Nilon platform or by sending a request to: support@Nilon.com.

Nilon reserves the right to decline commercially unreasonable request to update the Personally Identifiable Information in your Account.

You agree to promptly update the Personally Identifiable Information in your Account if such information changes, particularly your name, address, telephone number, and email address.

USE OF PERSONAL INFORMATION

Your privacy is important to us. Nilon actively seeks to maintain your privacy as set forth in this Privacy Policy. We will not sell, license, share, or disclose your Personally Identifiable Information, except as set forth in this Privacy Policy or with your consent, and we will use such information only as set forth in this policy.

Nilon may use your Personally Identifiable Information to permit you to use the Services and for related purposes, including to communicate with you about the Services and to facilitate the operation of Nilon’s business. For example, we may send you communications to confirm the creation of your Account, changes made to your Account, and purchases made through your Account; to provide you with information about the use of the Services; to respond to your requests for customer support; to respond to your questions, comments, or complaints; to request feedback about the Services; and to send you information about updates, improvements, and/or other modifications to Services and our policies.

You may opt-out of receiving some or all types of electronic communications when you create an Account, by modifying your Account preferences, or by sending a request to support@Nilon.com. However, if you do not consent to the receipt of any types of communications, you will not be able to use the Services, and if you do not consent to the receipt of certain types of communications, you may not receive important communications and your use of the Services may be adversely affected.

DISCLOSURES OF PERSONAL INFORMATION

We may also disclose your Personally Identifiable Information to certain third parties under the following circumstances.

DISCLOSURES TO PRODUCT/SERVICE PROVIDERS

Nilon may disclose certain Personally Identifiable Information to product and/or service providers who assist us in providing Services. For example, we may share Personally Identifiable Information with companies in the transaction processing chain in connection with processing a payment transaction, such as merchants, banks or other card issuers, card associations, debit network operators and their members. The Personally Identifiable Information disclosed to such companies will be limited to information sufficient to provide the Services, to support the Services, to enhance the Services, or to verify or supplement the information in your account.

We may also disclose certain Personally Identifiable Information to affiliated companies whose products or services may be used in connection with the Services. The Personally Identifiable Information disclosed to such affiliated companies will be limited to information sufficient to contact you electronically about their services, and will be used only for the purpose of providing you with information about such services. Your Personally Identifiable Information will not be sold to such affiliated companies. You may opt-out of the disclosure of your Personally Identifiable Information to such affiliated companies at any time by contacting us at support@Nilon.com.

DISCLOSURES TO OTHER ENTITIES

Nilon may disclose Personally Identifiable Information to third parties: (a) to comply with a valid legal demands for such information; (b) to protect Nilon or any of its owners, directors, officers, employees, agents, customers, or anyone else; (c) to enable Nilon to investigate actual, attempted, threatened, or suspected violations of our Terms of Use or other agreements, or to enforce our Terms of Use or other agreements; or (d) pursuant to any acquisition, merger, or sale of all or substantially all of our business (“Change of Control”). In the event that Personally Identifiable Information is disclosed to a third party pursuant to a Change of Control, you will receive notice of the transfer.

GOVERNMENT DISCLOSURES

The disclosure of Personally Identifiable Information to third parties to comply with valid legal demands for such information is governed by Nilon’s Government Disclosures Policy.

RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

This Privacy Policy does not require us to destroy any Personally Identifiable Information, unless you request its destruction, and unless otherwise provided in this Privacy Policy. In the absence of a request to destroyed your Personally Identifiable Information, we may use such information for as long as necessary based on the reasons why we collected the information and purposes for which the information is collected. In general, we may retain such information for the duration of your involvement/engagement with us and for as long as reasonably necessary afterwards. However, we may maintain different retention periods for different types of information. There are also certain types of information which are required to be retained for a certain period by law.

SECURITY

Nilon and the third-party product/service providers who assist Nilon in processing Personally Identifiable Information take reasonable steps to prevent destruction, alteration, disclosure, misuse, and unauthorized access to your Personally Identifiable Information.

Sensitive information, including your login information, is protected through encryption during transmission over the Internet. Servers and other devices used for processing your information at Nilon and third-party vendors are kept in controlled environments where access to your information is limited to authorized persons.

Nilon’s security policies and practices comply with HITRUST, ISO 270001, and PCI-DSS standards, and we are certified as compliant by the governing bodies for each of those standards.

CONFIDENTIALITY OF COMMUNICATIONS

You agree that, aside from any Personally Identifiable Information contained in your communications with Nilon, your communications with Nilon are not confidential. Such communications, including any communications containing any ideas, concepts, or suggestions regarding the Services, improvements to the Services, or new Services, may be used by Nilon for any purpose.

CHILDREN

We do not knowingly collect personally identifiable information from children under the age of 13 without parental consent. If we learn that we have collected the personally identifiable information of a child under the age of 13 without parental consent, we will take steps to delete the information as soon as possible.

CALIFORNIA USERS

If you reside in California, CERTIFY’s collection and use of your Personally Identifiable Information is subject to the California Consumer Privacy Act (“CCPA”). Under the CCPA, you may ask us what information we have about you (which we note is set forth above), you may ask us what we do with that information (which we note is set forth above), and you may request that we not sell your information (which we do not as stated above) by contacting us at the below email address. In addition, you may request that we delete any information we have about you by contacting us at the below email address. We may not discriminate against you in any way for exercising any of the above rights. This section of our Privacy Policy supplements our CCPA Collection Notice, which contains additional information for California residents regarding their rights under the California Consumer Protection Act, and which is incorporated by reference into this Privacy Policy.

INTERNATIONAL USERS

If you reside in the European Union or another jurisdiction that has adopted the EU’s General Data Protection Regulation (“GDPR”), CERTIFY’s collection and use of your Personally Identifiable Information is subject to the GDRP. CERTIFY’s obligations under the GDPR are set forth in the CERTIFY’s GDPR Policy, which is incorporated by reference into this Privacy Policy.

COMMUNICATIONS

Questions, complaints, and other communications regarding any aspect of this Privacy Policy should be addressed to Nilon at info@Nilon.com.

Questions, complaints, and other communications regarding any aspect of Nilon’s GDPR Policy should be addressed to Nilon as set forth in our GDPR Policy.