Last Updated: December 3, 2024
At Total System Services, LLC (“TSYS”), a Global Payments company, we respect your concerns about privacy. Except as otherwise indicated, this Privacy Notice (“Notice”) relates to the collection of personal information from users of our websites, mobile applications (“Apps”), email, branded social media sites or pages and other online or mobile services that link to or expressly reference this Notice (collectively the “Sites”).
For the purpose of this Notice, TSYS, “we” and “us” refer to Total System Services, LLC and its subsidiaries and affiliates, as the context requires. Our privacy practices vary depending on the services we provide and the country-specific requirements for the countries in which we operate. For some products and services, where required, we will provide additional privacy notices before collecting personal information about you. TSYS maintains specific privacy notices for job applicants, employees, and contractors through Global Payments. If you are a job applicant, employee, or contractor and need a copy of the applicable privacy notice, please contact us at [email protected].
Please read this Notice carefully. If you have any questions, you may contact us at [email protected] or by the methods provided in the Contact Us section below.
TSYS provides financial transaction products and services for commercial and non-commercial enterprises (our “Customers”). Those products and services include payment card issuing and payment processing services, fraud monitoring services, front and back office customer service and card production services (collectively referred to as the “Services”). For our Customers, information about disclosures, transfers and other processing of personal information as part of the Services is set out in the documentation provided to Customers at or before onboarding. This Notice is a supplement, not a replacement, to that documentation and relates specifically to information we collect through our Sites and Apps.
Please be aware that not all of the information in this Notice will be directly applicable to our handling of personal information about you. This Notice provides an overview of the possible circumstances in which we may interact with personal information. If you have any questions about our processing of personal information about you, please contact us at [email protected].
TSYS collects personal information from users of our Sites and Apps who might be our Customers, prospective Customers, and Customer end users (“End Users”) who engage with our Sites as part of the Services we provide to our Customers.
Because TSYS’ relationship with End Users is indirect, we process such personal information relating to End Users only for the purposes of providing the Services to our Customers, in accordance with our Customer’s instructions. Under applicable privacy laws, in this context, TSYS would be considered a service provider or processor. If you are an End User who has a relationship with one of our Customers and you have a question about how personal information about you is collected, used, or disclosed, or would like to exercise any rights you may have with respect to such personal information, please contact the Customer directly.
Select one of the links below to jump to the relevant section:
- Personal Information We Collect
- Sources of Personal Information
- How We Use the Personal Information We Collect
- Our Legal Basis for Collecting and Using Personal Information
- How We Disclose the Personal Information We Collect
- Our Relationship with Affiliate Companies (Including Disclosures and Cross-Border Transfers)
- Login Details and Your Responsibility
- Data Security and Data Retention
- Cookies and Other Tracking Technologies
- External Links
- Managing Your Preferences
- Your Legal Rights
- Children
- Changes and Updates
- Contact Us
- Region-Specific Information
Personal Information We Collect
“Personal information” is information that identifies or relates to an identifiable individual. Through our Sites and Apps, subject to your consent if required by law, we may collect the following categories of personal information:
- Basic Identifying Information, including your full name, postal address, e-mail address, phone number, username, or other similar identifiers.
- Government-Issued Identifiers, including your Social Security number, tax identification number, or other similar government identifiers.
- Demographic Data, including age, gender, race, ethnicity, citizenship, and primary language.
- Device Information and Other Unique Identifiers, including device identifier, internet protocol (IP) address, cookies, pixel tags, or similar unique identifiers.
- Internet or Other Network Activity, including browsing or search history and information regarding your interactions with our Sites and Apps.
- Geolocation Data, including information that permits us to determine your precise location, such as if you manually provide precise location information or enable your device to send us precise location information.
- Payment Information, including credit or debit card numbers or other financial account information.
- Commercial Information, including information about your business, your commercial transactions with us, and your preferences regarding products and related services which are of interest to you (see Managing Your Preferences below).
- Professional and Employment-Related Information, including your role or status with the organization with which you are affiliated.
- Education Information.
- Health/Medical Information.
- Biometric Identifiers, including voiceprints, fingerprints, or facial scans.
- Information You Provide, including your communications with us and any other content you provide (such as if you report a problem with our Sites and Apps).
- Audio and Visual Information, including photographs, images, videos, and recordings of your voice (such as when we record calls or videos for quality assurance or other business activities).
- Inferences drawn from or created based on any of the information identified above.
Data anonymization and aggregation. Subject to your consent if required by law, we may anonymize or aggregate personal information about you so that you are not identified or identifiable from it, in order to use the anonymized or aggregated data. For example, we may use anonymized or aggregated data for statistical analysis including to analyze trends, for product development, and for risk assessments and cost analysis. We may disclose anonymized or aggregated data to our parent company, subsidiaries, affiliates, service providers, or with other third parties. This Notice does not restrict TSYS’ use or disclosure of any anonymized or aggregated information. Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
Sources of Personal Information
We collect personal information from the following categories of sources:
Information that you provide to us: We collect personal information that you provide to us when you set up an account with us, use our Services, or communicate with us. For example, if you register for an online account with us, we may request your name, contact information and business information. Providing us with personal information is voluntary, and you can always choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the Services.
Information collected from third parties:We may collect information about you from third parties in the course of providing our Services. For example, we may collect personal information like your name and contact information from a referral partner or other third party in order to contact you about the Services we provide. We may also receive business-related information about you from third party companies that supplement our business customer records with, for example, professional information.
Information collected through technology : When you visit our Sites or Apps or interact with an email we send to you, we may collect certain information automatically such as your account or device identifier, and usage information such as pages that you visit, information about links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services. You have the ability to express your preference regarding some of the ways we collect information through technology in some of our Services (see Cookies and Other Tracking Technologies for more information). When you download and use our Apps, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number. Subject to your consent where required by law, we may collect geolocation in the Apps for the purpose of enabling location-based services.
How We Use the Personal Information We Collect
Subject to your consent if required by law, we may use personal information about you for the following business purposes:
- To provide our Services to you;
- To contact you regarding any inquiry you make or to fulfill a request, such as, for example, a request for information about our products and Services or to provide customer support;
- To contact you if you have signed up for e-newsletters or any other updates, communications or publications;
- To verify or maintain the quality and safety of our products and services and to repair, improve, upgrade, or enhance our Services;
- To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute individuals responsible for that activity;
- To conduct audits and enable internal record keeping and administration of records;
- To personalize your experience when you use our Sites and Apps;
- To track information about our interactions with you, including, but not limited to, counting advertising impressions to unique visitors and verifying positioning and quality of advertising impressions;
- To send you direct marketing, subject to your consent if required by applicable law (see Managing Your Preferences below); and
- To comply with applicable laws and regulations.
Our Legal Basis for Collecting and Using Personal Information
Our legal basis for collecting, using and storing personal information may depend on the specific Service with which you are engaging. In most cases, when we process personal information on behalf of our Customer, our legal basis is the performance of a contract. In some contexts, such as when we engage in direct marketing, our legal basis for processing personal information is consent. When we rely on legitimate interest as the legal basis for our processing of personal information, we have procedures in place to ensure that we are balancing our interests and rights against the impact to the individual and their applicable statutory or fundamental rights. When we rely on your consent as the legal basis for our processing of personal information, you may withdraw your consent as may be instructed in the Sites and Apps, or by contacting us using the information in the “Contact Us” section, below.
How We Disclose the Personal Information We Collect
For each category of personal information we collect, we may disclose such information in the manner and for the purposes described below:
- With companies engaged to help us run our business, subject to your consent if required by law. These types of companies may include our affiliate companies, distributors of our products and Services, service providers retained to perform functions on our behalf or to provide services to us, including (without limitation) legal, accounting, audit, consulting and other professional service providers, and providers of other services related to our business. Portions of our Services may be provided by organizations with which TSYS has a contractual relationship, including subcontractors, and, accordingly, your personal information may be disclosed to them;
- With non-affiliated entities with whom you have a relationship, such as a financial institution or independent sales organization who referred you to TSYS for services;
- With logistics service providers to enable the delivery of packages to individuals;
- With social media management providers that enable us to manage and analyze our branded social media account content, including tags, mentions, posts, comments, and direct messages;
- With other non-affiliated entities to whom you direct us to disclose personal information;
- With regulators including state and federal agencies, card brands, financial networks, issuing banks and other parties required to enable compliance with laws, regulations and industry standards related to transaction processing and in order to obtain commercial and credit information to establish, maintain or renew a customer’s contract(s), as may be required to provide any of the Services for which a Customer has subscribed, or to comply with the rules and regulations of any credit or debit card payment network or otherwise in accordance with this Notice;
- In response to a court order or a request for cooperation from a regulatory, law enforcement or other government agency; to establish or exercise our legal rights; to defend legal claims; or as otherwise required or permitted by applicable laws and/or regulations;
- When we believe that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; to protect and defend the rights, property or safety of TSYS, its customers, staff, suppliers or others; and
- To third parties in connection with any proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our assets or stock (including in connection with any bankruptcy or similar proceedings).
Our Relationship with Affiliate Companies (Including Disclosures and Cross-Border Transfers)
Subject to your consent if required by law, we may appoint an affiliate company to process personal information in a service provider role. In most cases, we will remain responsible for that company’s processing of personal information pursuant to applicable data privacy laws.
Because our affiliate companies are located around the globe, personal information may be transferred to and stored in the United States or in another country outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.
We will take appropriate steps to transfer personal information in accordance with applicable law, such as transferring personal information to countries that are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
Login Details and Your Responsibility
Subject to your consent if required by law, we will collect and process personal information as necessary to set up and administer your sign up to, and use of, the log in facility available on our Sites and Apps. We will use cookies to “remember” the machine or other device you use to access our Sites and Apps (see Cookies and Other Tracking Technologies below). Please remember that if we contact you, we will never ask you for your password in an unsolicited email, message or phone call. If you choose to use the log in facility available on our Sites and Apps, you are required to adhere to the security procedures we establish in the documentation we provide you as part of the Services.
Data Security and Data Retention
We maintain administrative, technical and physical safeguards designed to protect the personal information you provide via the Sites and Apps against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
Any suspected attempt to breach our policies and procedures, or to engage in any type of unauthorized action involving our information systems, is regarded as potential criminal activity. Suspected computer mischief may be reported to the appropriate authorities.
Please remember that communications over the internet such as emails are not secure. We seek to keep secure personal information submitted to us through the Sites and Apps in accordance with our obligations under applicable laws and regulations. However, like all website operators, we cannot guarantee the security of any data transmitted through the Sites and Apps.
We retain the personal information we collect for different periods of time depending on what it is and how we use it. In some contexts, we will provide additional information about retention as you use the Services. When we collect personal information, we will retain it only for as long as is necessary to complete the legitimate business or legal purposes for which we collected it. The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide Services to you, for example, for as long as you have an account with us or continue to use our Services, and the length of time thereafter during which we may have a legitimate need to reference personal information to address issues that may arise;
- Whether there is a contractual obligation to which we are subject, for example, our contracts with our Customers may specify a certain period of time during which we are required to maintain the information on behalf of our Customers;
- Whether there is a legal obligation to which we are subject, for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them; and
- Whether retention is advisable in light of our legal position, such as in regard to applicable statutes of limitations, litigation or regulatory investigations.
Cookies and Other Tracking Technologies
Cookies and similar tracking technologies are used to help us retain information about your use of our Sites and Apps. Using cookies, we collect information like country location, language preference and other settings. Cookies can also help us to operate our Services more efficiently and securely, remember you for future visits and enhance your user experience by providing real-time tools including user guides and chatbots. We also gather statistical information about the use of our Services in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them.
The cookies and tracking technologies that we may use fall into the following categories:
Strictly Necessary. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions taken by you such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but blocking them may impede the functionality of the Sites and Apps.
Performance. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our Sites and Apps. They help us to know which pages are the most and least popular and see how visitors move around the Sites and Apps. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our Sites and Apps, and will not be able to monitor their performance.
Functional. These cookies enable the Sites and Apps to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some of these services may not function properly.
Targeting. These cookies may be set through our Sites and Apps by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
How to Delete or Block Cookies and Other Tracking Technologies
We adhere to the standards set out in this Notice and do not currently monitor or respond to browser Do-Not-Track signals. If you do not want information collected through the use of cookies, you can use the Cookie Settings banner or icon on the Site to make selections about the use of cookies. Additionally, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of our Services. You also may not receive advertising from us that are relevant to your interests and needs. Additionally, some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt out of certain types of data processing. Through our consent management platform, administered by our vendor OneTrust, the Sites recognize and respond to opt-out requests made using GPC.
External Links
TSYS may provide links on our Sites and Apps to third-party websites or services that are not under our control. We do not endorse or make any warranty of any type regarding the content contained on such third-party websites or services or the products and services they offer. We make no representation regarding your use of such websites or services. Please be aware that we are not responsible for the privacy practices of the operators of other websites or services. We encourage our users to be aware when they leave our Sites and Apps. You should read any other applicable privacy and cookies notices carefully before accessing and using third-party websites and services.
Managing Your Preferences
Subject to your consent if required by applicable law, we may use personal information to provide you with direct marketing information about our products and services as well as those of our global affiliates and third parties. Our direct marketing may occur through email, telephone, post or SMS or such other method(s) as may become relevant.
We will take steps to ensure that any direct marketing from us and which is sent by electronic means will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in emails, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. In addition, if we need your consent for direct marketing communications under applicable law, and if you provide your consent, you will be able to change your mind at any time. Please note that if you opt out of receiving marketing-related communications from us, we may still send you administrative, transactional, or information messages, from which you cannot opt out.
Your Legal Rights
If you are an End User who interacts with our Sites or Apps for the purpose of engaging with our Customers and have questions about legal rights you may have with respect to personal information collected by our Customer, please consult the Customer with whom you have a relationship.
If you interact with our Sites and Apps for the purpose of engaging in a direct relationship with us, subject to certain exceptions, and in some cases dependent upon the processing activity we are undertaking, you may have the right to:
- Know whether we process personal information about you;
- Know how the personal information is used;
- Access, request and receive the personal information we have collected in a portable manner;
- Opt out of having your personal information sold, “shared,” or used for certain profiling activities;
- Request that we correct inaccuracies in personal information about you; and
- Request that we delete personal information about you.
You may contact us using the information in the Contact Us section of this Notice for additional information about how to exercise your rights. In addition, if you are a resident of California, the European Union, the United Kingdom, Quebec, or other jurisdiction with similar laws, please see the Region-Specific Information section below for further details on how to exercise your privacy rights.
Children
Our Sites and Apps are not directed to children or intended for use by children. We do not solicit or knowingly accept any personal information from persons under the age of 18. Please do not use the Sites or Apps if you are under the age of 18.
Changes and Updates
We reserve the right, in our sole discretion, to modify, update, or otherwise change this Notice. The “Last Updated” legend at the top of this Notice indicates when this Notice was last revised. Any changes will become effective when we post the revised Notice on our Services, including our Sites and Apps. Where required by applicable law, to the extent we make material or significant changes to the Notice, we will notify you of the update via a pop-up, email, other notification in the Sites and Apps, or other method by which we routinely communicate with you.
Contact Us
If you have questions about this Notice, or if you want to exercise your rights as described in this Notice, you can submit a request by completing this form or may contact us as follows:
Total System Services, LLC
Attn: Privacy Office
3550 Lenox Road, Suite 3000
Atlanta, GA 30326
[email protected]
844-663-8797
If you make a request to exercise a privacy right, we will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may decline to honor your request where an exception applies. In order to honor any access, deletion, or similar request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you would like your agent to make a request on your behalf, if permitted under applicable law, the agent may exercise those rights as noted above. We will process the agent’s request consistent with applicable law. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in this section or confirm that you provided the agent permission to submit the request.
Region-Specific Information
Information for Residents of California, Colorado, and Similar Jurisdictions
This section supplements the above Notice and further describes how we collect, use, and disclose the personal information we collect about residents of California and other similar jurisdictions
Categories of Personal Information We Collect and Our Purposes for Collection, Use, and Disclosure
The following chart details which categories of personal information we collect and process, as well as which categories of personal information we disclose to recipients for our operational business purposes, including within the preceding 12 months.
Categories of Personal Information (See the Personal Information We Collect section for a description of each category of Personal Information)
|
Disclosed to Which Categories of Third Parties for Operational Business Purposes |
Processing Purposes |
Basic Identifying Information; Demographic Data; Device Information and Other Unique Identifiers; Internet or Other Network Activity; Commercial Information; Professional and Employment-Related Information; Education Information; Information You Provide; Inferences |
Please see the How We Disclose the Personal Information We Collect section for a list of the categories of third parties to whom we may disclose these categories of personal information. |
Please see the How We Use the Personal Information We Collect section for a list and description of the applicable processing purposes for these categories of personal information. |
Government-Issued Identifiers |
Affiliates; distributors of our products and services; service providers; third parties with whom you have a relationship (i.e. our customers and/or referral partners); regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards including card brands and issuing banks; other parties in litigation |
|
Geolocation Data |
Affiliates; distributors of our products and services; service providers; marketing partners; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation |
|
Payment Information |
Affiliates; third parties with whom you have a relationship (i.e. our Customers); regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards including card brands and issuing banks |
|
Health/Medical Information |
Affiliates; third parties with whom you have a relationship (i.e. our Customers); service providers; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation |
|
Biometric Identifiers |
Affiliates; third parties with whom you have a relationship (i.e. our Customers); service providers; legal authorities and other third parties in order to comply with laws, regulations, and standards |
|
Audio and Visual Information |
Affiliates; distributors of our products and services; service providers; regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation |
|
Do Not Sell or Share My Personal Information
We do not sell your personal information to third parties for monetary compensation. We do not sell or “share” (for purposes of cross-context behavioral advertising) the personal information, including the sensitive personal information, of minors under 16 years of age.
The Sites and Apps use cookies, including some cookies that are created by other companies and placed on your browser when you visit our website. We use those cookies to improve your experience and to gather information about our customers and the performance of our Sites and Apps. However, the companies who provide those cookies to us also have access to the data collected through them, and they may use that data for targeted advertising purposes. Our use of those third-party cookies could therefore be considered a “share” of your personal information under California law or processing for targeted advertising under other privacy laws. If you are a resident of California or another jurisdiction with similar laws, that means you have the right to opt out. If you have not done so already, you can opt out of the placement of all non-necessary cookies by adjusting your Cookie Settings.
You can also use the GPC to indicate your choice to opt out of certain types of data processing, including sales and “shares” of personal information. Through our consent management platform, administered by OneTrust, the Sites recognize and respond to opt-out requests made using GPC.
Collection, Use, and Disclosure of Sensitive Personal Information
Subject to your consent where required by applicable law, we collect, process, and disclose sensitive personal information for purposes of: providing goods or Services as requested; ensuring safety, security, and integrity; countering wrongful or unlawful actions; short term transient use such as displaying first party, non-personalized advertising; performing services for our business, including maintaining and servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of our business; activities relating to quality and safety control or product improvement; and other collection and processing that is not for the purpose of inferring characteristics about an individual. We do not use sensitive personal information beyond these purposes.
Rights and Requests
If you interact with our Sites and Apps for the purpose of engaging in a direct relationship with us, subject to certain exceptions, and in some cases dependent upon the processing activity we are undertaking and/or your state of residence, you may have one or more of the following rights.
Right to know about personal information collected, used, disclosed, “shared,” and sold |
You have the right to know whether we process personal information about you, and to access such personal information. If you are a California resident, you may also request that we disclose to you:
|
Right to receive a copy of personal information |
You have the right to request that we provide the specific pieces of personal information, including a copy of such personal information in a portable format. |
Right to opt-out of the sale of personal information |
You may request that we do not sell personal information about you to third parties. |
Right to opt-out of targeted advertising, including the “sharing” of personal information for cross-context behavioral advertising |
You may request that we opt you out of targeted advertising, including that we stop “sharing” personal information about you for purposes of cross-context behavioral advertising. See the Do Not Sell or Share My Personal Information section for more information on opting out of certain cookies on the Sites and Apps. |
Right to request deletion |
In some circumstances, you have the right to have personal information about you deleted. |
Right to equal service and prices (“non-discrimination”) |
Your choice to exercise your privacy rights will not be used as a basis to discriminate against you in services offered or pricing. |
Right to request correction |
You have the right to request that we correct inaccuracies in your personal information. |
Right to limit the use and disclosure of sensitive personal information |
In some circumstances, you may request that we limit the use and disclosure of your sensitive personal information. |
Right to appeal |
Depending on your state of residence, if we refuse to take action on your request, you may appeal this refusal within a reasonable period after you have received notice of the refusal. To appeal, you can contact us at [email protected] or complete this form and select “Appeal a decision about a previous request” under “Type of Request.” |
You can submit a request for any of the above rights by using the contact information in the Contact Us section of this Notice.
California Shine the Light
If you are a resident of California you may request information concerning the categories of personal information (if any) we share with third parties or affiliates for their direct marketing purposes. If you would like more information, please submit a written request to us using the information provided in the Contact Us section of this Notice.
Information for European Union and United Kingdom Residents
To the extent that the Sites or Apps with which you are interacting is directed at United Kingdom or European Union residents, this section of the Notice applies to you.
You have specific rights with regard to the processing of your personal data. When Global Payments acts as a business for the purpose of processing your personal data you can contact us using the information provided in the Contact Us section of this Notice with regard to the following rights. You may also contact our Data Protection Officer at [email protected].
What does this mean? |
|
Right to be informed |
You have the right to be provided with clear and easy-to-understand information about how we use your personal information. This is why we are providing you this Notice and we may provide other forms of notice, as appropriate or required by law, in the services. |
Right to access personal information |
You have the right to access and receive a copy of personal information we hold about you. |
Right to data portability |
In some circumstances, you have the right to receive the personal information you request from us in a format that is user-friendly and enables you to transfer it to another provider. |
Right to rectification |
You have the right to correct or update your personal information if it is outdated, incorrect or incomplete. |
Right of erasure ("right to be forgotten") |
In some circumstances, you have the right to have your personal information erased or deleted. |
Right to restrict/suspend processing of personal information |
You may object to processing of personal information that is based on legitimate interest. You may withdraw consent for processing that is based on consent (this includes the right to opt out of direct marketing). |
Right to information about information transfers |
You have the right to obtain a copy of documents related to the safeguards under which your personal information is transferred outside the EU. |
Right to complain to a supervisory authority |
You have the right to contact the data protection authority in your country to complain about our data protection and privacy practices. |
Information for Quebec Residents
Cross-Border Transfers of Personal Information
If you are a resident of Quebec and we collect personal information about you in Quebec, that information will be communicated outside of Quebec to other locations in Canada, the United States and other places where we or our service providers process your information, for the purposes described above.
Data Governance
We maintain a governance program for the protection of personal information that we collect. The program includes policies and procedures designed to help us comply with this Notice. This program requires employees to protect the confidentiality of personal information that we handle through the lifecycle of that personal information. The program includes an employee code of conduct, breach reporting procedures, data retention and destruction policies, employee training, and procedures for addressing complaints and providing individuals with access to their personal information in accordance with this Notice.
TSYS has established controls and mechanisms to protect data at each stage of the data lifecycle, from collection or creation, through to disposal.
Data Subject Rights
De-indexation Right or Right to Erasure |
You have the right to request that we delete the personal information that we collected from you and retained, subject to certain exceptions. For example, we may deny your deletion request if retaining your information is necessary for us to be able to recover payment, detect security incidents, or protect against illegal activity. |
Cessation of Dissemination |
You have the right to request that we cease disseminating your personal information if the dissemination is contrary to the law or a court order, or in certain other circumstances. |
Right to Data Portability |
You have the right to receive computerized personal information that you have provided directly to us, for example, through opening an account, in a commonly-used and machine-readable format. You have this right so that you may transmit your information to another organization without hindrance. |