Fractal Privacy Policy

This privacy notice for Fractal, Inc. (“Fractal,” "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services ("Services"), visit our website at https://fractalpay.com or any website of ours that links to this privacy notice, apply for a job with us, or otherwise engage with us directly or indirectly.

Fractal's Role

In the course of providing our services, we process personal information about (a) our clients and their authorized users and representatives (collectively, “Clients”), and (b) our clients’ end users, customers, 
or cardholders (collectively, “Consumers”). This Privacy Policy pertains only to our processing of personal information about our Clients, while our processing of personal information about Consumers is governed by our agreements with our Clients as well as applicable privacy law and industry standards such as PCI DSS. Consumers can learn about how their information is collected and used by our Clients by reviewing the Clients’ privacy policies.

Table of Contents

  1. What information do we collect?
  2. How do we process your information?
  3. When and with whom do we share your personal information?
  4. Do we use cookies and other tracking technologies?
  5. How long do we keep your information?
  6. How do we keep your information safe?
  7. Do we collect information from minors?
  8. Do we collect information from minors?
  9. What are your privacy rights?
  10. What additional information do California residents need to know?
  11. What additional information do international residents need to know?
  12. Links to third party websites
  13. Do we make updates to this notice?
  14. How can you contact us about this notice?

1. What Information Do We Collect?

Personal information you disclose to us.

In Short: We collect personal information that you provide to us.

“Personal information” refers to any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.

Personal Information Provided by You.
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • names
  • phone numbers
  • email addresses
  • mailing addresses
  • job titles
  • contact preferences
  • contact or authentication data
  • billing addresses
  • debit/credit card numbers
  • business name
  • owner information
  • username and password

When opening a merchant account, we may collect additional information regarding a Client’s beneficial owners such as Social Security number, driver’s license number, passport information, citizenship, and date of birth in order to underwrite and onboard the account.

Information automatically collected
In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. See further discussion in Section 4 below.

Information collected from other sources

In Short: We may collect limited data from public databases, marketing partners, and other outside sources.

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media sites, and from other third parties. This information may include mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising.

2. How Do We Process Your Information?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To deliver and facilitate delivery of our Services. We may process your information to provide you with the requested service.
  • To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, service announcements, and other similar information.
  • To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
  • To send you marketing and promotional communications. We may process personal information for our marketing purposes, if this is in 44854-9027-7885.v2 accordance with your marketing preferences. You can opt out of our marketing emails at any time. For more information, see Section 8 below.
  • To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
  • To evaluate job applicants. We may process your information to evaluate you for employment with Fractal.
  • To evaluate and improve our Services, products, marketing, and your experience. We may process your information when we believe it is necessary to identify usage trends, determine the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your experience.
  • To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.

We may also de-identify your personal information and use it for analytics, aggregated research, statistical and other purposes, such as improving our website, products and services or measuring the effectiveness of our advertising.

3. When and With Whom Do We Share Your Personal Information?

In Short: We may share information in specific situations described in this section.

Vendors, Consultants, and Other Third-Party Service Providers.

We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do that work.

We also may need to share your personal information in the following situations:

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Business Partners. We may share your information with our business partners as necessary to provide our Services. Business partners may include referral partners, payment processing partners, and financial institutions.
  • Government or Law Enforcement. To government or judicial authorities or agencies to comply with a subpoena, court order, governmental inquiry, 54854-9027-7885.v2 legal process, legal obligation, or to protect the rights, property, or safety of other users or the public.

4. Do We Use Cookies and Other Tracking Technologies?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.

To the extent these online tracking technologies are deemed to be a "sale"/"sharing" (which includes targeted advertising, as defined under the applicable laws) under applicable US state laws, you can opt out of these online tracking technologies by submitting a request as described below under Section 9.

Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

Most web browsers include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals.

Google Analytics

We may share your information with Google Analytics to track and analyze the use of the Services. The Google Analytics Advertising Features that we may use include: Google Analytics Demographics and Interests Reporting. To opt out of being tracked by Google Analytics across the Services, visit https://tools.google.com/dlpage/gaoptout. You can opt out of Google Analytics 
Advertising Features through Ads Settings and Ad Settings for mobile apps. Other opt out means 
include http://optout.networkadvertising.org/ and http://www.networkadvertising.org/mobile-choice. For more information on the privacy practices of Google, please visit the Google Privacy & Terms page.

5. How Long Do We Keep Your Information?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

7. Do We Collect Information From Minors?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly share or sell such personal information. By using the Services, you represent that you are at least 18. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such datafrom our records. If you become aware of any data we may have collected from children under age 18, please contact us.

8. What are Your Choices with Respect to Marketing Communications?

In Short: You may opt-out of marketing communications from us.

You may opt out of receiving email marketing communications from us by clicking the unsubscribe link included in our emails or contacting us. Please note that we may still send you transactional and administrative emails even if you opt out of marketing communications.

You may opt out of receiving automated text message marketing communications from us by replying “STOP” to the message or contacting us. Please note that we may still send you transactional and administrative text messages even if you opt-out of marketing communications.

Based on where you live, you may have additional rights regarding your personal information; see Section 9 below.

9. What are Your Privacy Rights?

In Short: Depending on your jurisdiction of residence, you may have rights with respect to your personal information.

Depending on your jurisdiction of residence, you may have some or all of the privacy rights listed below with respect to the personal information we maintain about you. Please note that these rights are not absolute, may apply only in certaincircumstances and, in certain cases, we may decline your request as permitted by law.

  • Right to Confirm / Access / Know
    
You may have the right to request access to personal information that we hold about you, including details relating to the ways in which we collect, use, and share your information. Residents of California have the right to know the categories of personal information we have collected about them, the categories of sources from which the personal information is collected, the categories of personal information sold, shared, or disclosed, the business or commercial purpose for selling, sharing, or disclosing the personal information, and the categories of third parties to whom we have sold, shared, or disclosed their personal information. California’s “Shine the Light” law also permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
  • Right to Delete
    
You may have the right to request that we delete personal information we maintain about you.
  • Right to Correct
    
You may have the right to request that we correct inaccurate personal information we maintain about you.
  • Right of Portability
    
You may have the right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party.
  • Right to Withdraw Consent
    
You may have the right to withdraw your consent to processing of your personal information. However, please note that this will not affect the lawfulness of the processing before withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • Right to Opt-Out
    You may have the right to opt-out of certain uses of your personal information such as for (i) targeted advertising, (ii) “sale” or “sharing” for cross-context behavioral advertising, or (iii) profiling or automated decision-making activities that result in a legal or similarly significant effect on you. You can opt-out of uses (i) and (ii) by selecting “Do not sell or share my personal information” in our Cookies Consent Manager, or by visiting our website with the Global Privacy Control (“GPC”) opt-out preference signal enabled. Please note your request may apply only to the browser or device from which you submit the request unless you are logged into an account. Learn more about the Global Privacy Control here.
  • Right to Appeal
    
You may have a right to appeal our decision if we decline to process your request in part or in full. You can do so by replying directly to our denial. If you are not satisfied with our response to your appeal, you may contact your state Attorney General.

Requests to exercise these rights may be made using the contact information listed at the end of this policy, by calling us toll-free at (513) 201-7420, by submitting a data subject access request, or as otherwise described in this section. Only you, or as permitted by law, a person that you authorize to act on your behalf, may make a request related to your personal information. For certain requests, we must verify your request before we can fulfill it. Verifying your request will require you to provide sufficient information for us to reasonably verify that you are the person about whom we collected personal information or that the requestor is authorized to act on your behalf. We will not discriminate against you for exercising your privacy rights.

10. What Additional Information Do California Residents Need to Know?

In Short: This section provides additional disclosures for residents of California, as required by the California Consumer Privacy Act (“CCPA”).

CCPA Categories of Personal Information We Collect

We have collected the following categories of personal information in the past twelve (12) months. We collect the information either directly from you, from a third party, or automatically when you use our Services.

Category

Examples

Collected

A. Identifiers

Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name

Yes

B. Personal information as defined in the California Customer Records statute

Name, contact information, education, employment, employment history, and financial information

Yes

C. Protected classification characteristics under state or federal law

Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data

Yes

D. Commercial information

Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies

Yes

E. Biometric information

Fingerprints and voiceprints

No

F. Internet or other similar network activity

Browsing history, search history, online behavior, interest data, and interactions with our and other websites, applications, systems, and advertisements

Yes

G. Geolocation data

Device location

Yes

H. Audio, electronic, sensory, or similar information

Images and audio, video or call recordings created in connection with our business activities

No

I. Professional or employment-related information

Business contact details in order to do business with you, and job title, work history, and professional qualifications if you apply for a job with us

Yes

J. Education Information

Student records and directory information

No

K. Inferences drawn from collected personal information

Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics

Yes

L. Sensitive personal Information

Drivers' license, passport number, login credentials, social security numbers. We may also collect information about race, ethnicity, or citizenship and immigration status from job applicants.

Yes

We do not collect or process sensitive personal information for the purpose of inferring characteristics about you.

We use, and have used, the personal information we collect for the purposes set forth in Section 2 above.

CCPA Categories of Personal Information Disclosed

We disclose all of the above categories of personal information as set forth in Section 3 above. Note that these disclosures are either made to a service provider for a business purpose under the CCPA or to a business partner to facilitate the provision of our Services pursuant to the individual’s consent.

CCPA Categories of Personal Information Sold or Shared

Under the CCPA, a “sale” of personal information does not necessarily involve an exchange of money. Instead, a sale also includes disclosures of personal information to third parties who may use the information for their own purposes, such as analytics and advertising cookie providers. Similarly, under California law, “sharing” personal information refers to disclosing of personal information to third parties for cross-context behavioral advertising. Per these definitions, we sell and share the following categories of personal information to third party analytics and advertising partners:

  • Identifiers
  • Personal Information described in Cal. Civ. Code § 1798.80(e)
  • Internet or other electronic network activity information
  • Geolocation data
  • Inferences

Privacy Rights for California Residents Relating to Your Personal Information
Please refer to Section 9 above for information regarding the rights you have with respect to your personal information and how to exercise them.

11. What Additional Information do International Residents Need to Know?

In Short: We are located in the U.S. and process personal information in the U.S.

Fractal is located in the U.S. By visiting the website or using the Services, you acknowledge and agree that your personal information may be processed as set forth in this policy and it may be processed in a country other than your country of residence, where laws regarding processing of personal information may be less stringent than the laws in your country.  Although any transfer of your personal information outside of the jurisdiction in which it was collected will be done in accordance with all applicable legal requirements, law enforcement in the countries where it is processed may have the right to access your information.

12. Links to Third Party Websites

In Short: This privacy notice does not apply to third party websites.

We may offer links to third party websites. However, we are not responsible for the content or information collection policies of third party websites. If you visit a third party website, we advise you to review their privacy policy before you submit any personal information to the third party.

13. Do We Make Updates to This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated  date at the top of this privacy notice. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently.

14. How Can You Contact Us About this Notice?

If you have questions or comments about this notice, you may email us at reach@fractalpay.com or contact us by post at:

Fractal, Inc.
1420 Celebration Blvd
Suite 200
Kissimmee, FL 34747
United States

contact

Get in touch

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.
Policies
Terms of UsePrivacy PolicyCookie PolicyDisclaimerDSAR Form
connect
reach@fractalpay.com
+1 (513) 201-7420⁩
35E 7th St, Suite 715, Cincinnati, OH 45202
1420 Celebration Blvd STE 200, Celebration, FL 34747
© 2024 FRACTAL. Fractal, is a registered Independent Sales Organization of Pathward, N.A., Sioux Falls, SD.