Effective Date: July 25, 2016
MasterCard: MasterPass™ Mobile Application/ MasterPass™ Wallet/MasterPass Online™ Privacy Notice
MasterCard International Incorporated and its affiliates (“MasterCard”) (“We” or “we”) respect your privacy. This Privacy Notice applies to the MasterPass Mobile Application, the MasterPass Wallet and/or MasterPass Online (collectively, “MasterPass Wallet Services”). It describes the types of personal data we collect in connection with the MasterPass Wallet Services, the purposes for which we collect that personal data, the other parties with whom we may share it and the measures we take to protect the security of the data. It also tells you about your rights and choices with respect to your personal data, and how you can reach us to update your contact information or get answers to questions you may have about our privacy practices.
The entities responsible for the collection and use of your personal data in the context of the MasterPass Wallet Services are:
MasterCard Europe SA
MasterCard International Incorporated
Chaussée de Tervuren 198A
Attn: Global Privacy & Data Usage Officer
2000 Purchase Avenue
Purchase NY 10577
Please note that for those consumers who reside in France, MasterCard France (and not MasterCard Europe SA) will be the appropriate entity responsible for the collection and use of your personal data in the context of the MasterPass Wallet Services. Reference may be made to MasterCard International Incorporated as the parent company of MasterCard France.
112, Avenue Kléber
75784 PARIS CEDEX 16
By signing up for the MasterPass Wallet Services, you are creating a relationship with MasterCard. MasterCard is making the MasterPass Wallet Services available to you through its relationship with Fifth Third Bank; however, the MasterPass Wallet Services are being offered solely by MasterCard to you. For more details on how Fifth Third Bank uses your information and opt-out options, please visit the link below:
This Privacy Notice does not cover the collection and use of your personal data by third parties on the MasterPass Wallet Services, such as merchants, on other MasterCard branded websites or products, or any other information or communications that may reference MasterCard outside the MasterPass Wallet Services. For more information about MasterCard’s privacy practices, visit MasterCard’s Global Privacy Notice at [link].
This Privacy Notice also does not cover the collection and use of your personal data by your financial institution(s). Please make sure to review your financial institution(s) privacy disclosures to understand how they are collecting and using your personal data.
Click on one of the links below to jump to the listed section:
We collect data in a number of ways when you use the MasterPass Wallet Services: personal data provided by you; personal data provided by participating merchants; personal data provided by the issuer of your payment cards or other financial institutions; personal data we collect automatically; and personal data provided by you in connection with other MasterPass mobile wallets on your device. By personal data we mean “any information relating to an identified or identifiable natural person.”
If you have more than one MasterPass mobile application with an active account on your mobile device, we may also present data from each MasterPass account to you when making a purchase at a participating merchant to help you choose how you would like to pay. To learn more, see Section 1(e), below.
a. Personal Data Provided by You
In connection with your use of MasterPass Wallet Services, we may ask you for certain personal data upon registration, on applications forms or other forms, such as your name, home address, billing address, shipping address, telephone number, email address, national identity card number in some instances, user name, password, answers to our security questions, loyalty card information and payment card information. The provision of your personal data for the purposes listed below is voluntary. However, in some circumstances, withholding your personal data will mean that you cannot take advantage of certain products or services.
b. Personal Data Provided by Participating Merchants in Connection with Your Use of the MasterPass Wallet
We receive certain data from merchants about your transactions using the MasterPass Wallet Services, including but not limited to, stock-keeping unit data, description of items, quantity, price and subtotal and payment cards registered with the MasterPass Wallet, merchant name, currency, amount, date and time of order and information about whether or not the order was completed. If you have an account on file with the merchant, they may also provide us with your shipping address.
c. Personal Data Provided by the Issuer of Your Registered Payment Card or Other Financial Institution
When you register a payment card with the MasterPass Wallet, we may send information to the issuer of that card to validate the card, authenticate your identity and tokenize your payment credentials to make your payments more secure. This information may include your name, payment card information, billing address, information about your mobile device and information about how you registered your payment cards in your MasterPass Wallet. To facilitate the validation/authentication/tokenization process, we may receive personal data about you back from the issuer of your payment card. In addition, when you make payments using tokenized credentials via the MasterPass Wallet, we receive data about the token and the transaction back from the issuer of your payment card.
In addition, in some instances, we may receive data about you from your financial institution in order to help ensure you create the correct MasterPass wallet. For example, your financial institution may provide us with your email address or phone number in an encrypted, protected form. When you click on the “Buy With MasterPass” button at a merchant or otherwise sign-up or sign-in for a wallet, you will be asked for your email or phone number. If the information you provide matches the information provided by your financial institution, you may be directed to a specific MasterPass wallet relating to that financial institution.
d. Personal Data We Collect Automatically
Overview: We, and our service providers, may collect certain information by using automated means, such as cookies and web beacons, when you interact with the MasterPass Wallet Services, or visit the MasterPass websites, pages or other digital assets. The information we collect in this manner may include: IP address, mobile device IP address, mobile device unique identifier, browser type and setting data (such as screen resolution, color depth, timezone settings, browser extension and plugins, fonts, etc), operating system, referring URLs and information on actions taken or interaction with our digital assets. A “cookie” is a text file placed on a computer’s hard drive by a web server. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, is used to transmit information back to a web server.
Browser Data: In addition to the above, we, and our service providers, may automatically collect browser data from your device. Browser data consists of information about settings on the configuration of the browser you use to access the MasterPass Wallet Services. This may include screen resolution and color depth, timezone settings, browser extensions and plugs installed in the browser and versions thereof, fonts installed on the browser, the user agent string and other similar data. This data is used to create a unique fingerprint of the browser used to access MasterPass Online to remember the choices made by that browser and to assist in preventing fraud and enhancing the security of the MasterPass Wallet Services. We may offer users of our MasterPass Wallet Services choices to opt-out of the collection and fingerprinting of browser data via our Cookie Consent Tool.
Third Party Analytics: We may use third-party web analytics services, such as those of Adobe Omniture. The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyze how visitors use the MasterPass Wallet Services. In the MasterPass Mobile Application, you can turn off Adobe Omniture web analytics. In the United States, you can also opt-out of analytics via the AdChoices icon on the MasterPass websites. Please see the “Your Rights and Choices” section of this Privacy Notice to learn about your ability to opt out or limit the use of your browsing behavior for online behavioral advertising purposes.
Pixels. When we send emails to people with a MasterPass Wallet account, we may track behavior such as who opened the emails and who clicked the links. We do that to measure the performance of our emails and to improve our features. To do this, we include single pixel gifs, also called web beacons, in emails we send. Web beacons allow us to collect information about whether an email has been opened and the number of clicks inside that email. We use the data from those Web Beacons to create the reports about how our email campaign performed and what actions individuals took within the email (e.g. links clicked). If you do not wish for us to track emails we send you, some email services allow you to adjust your display to turn off HTML or disable download of images which should effectively disable our email tracking.
Customized Checkout: We may use information about your use of the MasterPass wallet, or which MasterPass Wallet you use, in order to deliver you a customized merchant checkout experience. After making a MasterPass transaction, we may drop a cookie on your device that will provide a customized MasterPass checkout button on merchant websites based on which MasterPass Wallet you use, or, in some instances, which payment card you used for that transaction. This will deliver a more seamless consumer MasterPass experience. Merchants are not able to access this information. Please see the “Your Rights and Choices” section of this Privacy Notice to learn about your ability to opt out the customized checkout experience.
If you are accessing the MasterPass Wallet Services from Europe, please refer to our Cookie Notice for further information.
e. Personal Data Presented from Your Other MasterPass Wallets on the Device
If you are using the MasterPass Wallet Services on an eligible device, when you click on the “Buy With MasterPass” button to make a payment using a participating merchants mobile application, we will scan your mobile device to see if any certified MasterPass mobile applications are loaded on the device. If so, during the checkout flow at the Participating Merchant, you will be presented with a list of each such MasterPass wallet and the registered payment cards for such wallets so you can choose which MasterPass wallet and payment card you would like to use for that transaction.
We may use the personal data we obtain about you to:
· Create, manage and personalize your online account (including providing you with a transaction history), provide our products and services, and respond to your inquiries;
· Route you to the appropriate MasterPass wallet based on whether you have an existing MasterPass wallet relationship or an existing banking relationship with a participating issuer;
· Validate your payment card information, authenticate your identity with your bank and tokenize your payment credentials to make your payments more secure;
· Provide a customized checkout experience;
· Create a view that shows you all of your eligible MasterPass wallet accounts, including this MasterPass Wallet, and each account’s registered payment cards, when you click on the “Buy with MasterPass” button via a participating merchant’s mobile application;
· Provide reporting back to the issuer of your enrolled payment cards and the merchants you transact with via the MasterPass Wallet Services;
· Anonymize personal information and prepare and furnish aggregated data reports showing anonymized information, (including, but not limited to, the following: compilations, analyses, analytical and predictive models and rules, and other aggregated reports);
· Perform data analyses (including anonymization of personal information) to determine, among other measurements, business performance, number of registrants, channels, transaction spend and site performance;
· Provide, administer and communicate with you about products, services and promotions (including contests, sweepstakes, programs and other offers), including the display of customized content and advertising via the MasterPass Wallet Services and elsewhere online;
· Protect against and prevent fraud, unauthorized transactions, claims and other liabilities, and manage risk exposure and franchise quality;
· Operate, audit, evaluate, monitor and improve our business and interactive assets (including by developing new products and services; managing our communications; determining the effectiveness of and optimizing our advertising; analyzing our products, services and websites; facilitating the functionality of our websites; and performing accounting, auditing, billing, reconciliation and collection activities);
· Assist third parties in the provision of products or services that you request;
· As may be required by applicable laws and regulations or requested by any judicial process or governmental agency having or claiming jurisdiction over MasterCard or MasterCard’s affiliate
· Comply with industry standards and our policies
We also may use the information in other ways for which we provide specific notice at the time of collection.
We do not sell or otherwise disclose personal data we collect about you, except as described in this Privacy Notice or otherwise disclosed to you at the time the data is collected. In particular, your personal data may be shared:
· Between MasterCard our affiliates in order to provide the the MasterCard Wallet services and for the purposes described above.
· With merchants and their service providers to perform and/or facilitate payment card transactions (including via Near Field Communication (NFC) and other contactless payment technology), to ensure the safety and security of those transactions (including card fraud detection and prevention), to resolve disputes, provide customer service, usage analysis and reporting and to provide the MasterPass Wallet Services that you request. Please note that merchants and their service providers may have their own privacy policies governing how they use and disclose personal data. We recommend that you review privacy policies of the companies you interact with to learn about their practices.
In addition, if you elect to connect your wallet to a merchant, we will provide personal data to that merchant in order to personalize your shopping experience and/or facilitate faster check-outs. In such instances, merchants are not permitted to use your data for any other purpose.
· With financial institutions and their service providers to perform and/or facilitate payment card transactions (including via Near Field Communication (NFC) and other contactless payment technology), to ensure the safety and security of those transactions (including card fraud detection and prevention), to authenticate and identity you and the payment cards you register with the MasterPass Wallet, to tokenize your payment credentials, to resolve disputes, provide customer service, usage analysis and reporting and to provide the MasterPass Wallet Services that you request. Please note that financial institutions and their service providers may have their own privacy policies governing how they use and disclose personal data. We recommend that you review privacy policies of the companies you interact with to learn about their practices.
· With our respective service providers who perform services on our behalf. We do not authorize these service providers to use or disclose the data except as necessary to perform certain services on our behalf or comply with legal requirements. We require these service providers by contract to appropriately safeguard the privacy and security of personal data they process on our behalf.
· If we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.
· Otherwise with your consent
In addition, we also may share aggregated or anonymized data with third parties for any lawful purpose.
You may have certain rights under applicable law regarding the personal data we maintain about you. We offer you certain choices about what personal data we collect from you, how we use that information, and how we communicate with you.
· Account Information and Email Marketing Preferences: At any time, you can access your account by logging into your account. You can view or change your personal details and manage your marketing preferences here. You can at any time tell us not to send you marketing communications by e-mail by clicking on the unsubscribe link within the marketing e-mails you receive from us or by changing your settings on your preferences page on your account. You also may opt-out of receiving marketing e-mails by clicking here. We will apply your preferences going forward. In some circumstances, withdrawing your consent to our use or disclosure of your personal data will mean that you cannot take advantage of certain products or services.
· Third Party Analytics: As indicated above, we may use third-party web analytics services, such as those of Adobe Omniture, to analyze how you use the MasterPass Mobile Application your usage of the MasterPass Online websites and other MasterCard websites. You can turn off the use of the analytics service inside the MasterPass Mobile Application by visiting “Settings” and turning off “Send Data.” In the United States, you can also opt-out of analytics on the MasterPass Online websites via the AdChoices icon.
· Customized Checkout: If you have a customized checkout experience, you can opt-out of seeing a customized checkout button on merchant websites through the AdChoices icon on the MasterPass website.
· Online Behavioral Advertising and Other Cookie Preferences: We may offer users of the MasterPass Wallet Services choices to manage their cookie preferences through the Cookie Consent tool displayed in the bottom right corner of the MasterPass websites or accessible via the AdChoices icon on the MasterPass website. Your browser may tell you how to be notified and opt out of receiving certain types of cookies, including analytics and advertising cookies. Otherwise, you can opt out at http://www.aboutads.info/choices/. You can also opt out of some of MasterCard’s use of web analytics at this link using https://www.mastercard.com/us/personal/en/general/web-analytics-opt-out.html To learn more about Cookies, please visit http://www.aboutads.info/choices/ or http://www.adobe.com/privacy/opt-out.html or our Cookies Notice available on MasterPass Online in the European Economic Region, Turkey, Switzerland and Canada.
Where required by law, MasterCard obtains your prior opt-in consent at the time of collection for the processing of (i) personal data for marketing purposes, (ii) personal data deemed sensitive pursuant to applicable law, or (iii) personal data to be used for other data processing activities for which your consent may be required.
Subject to applicable law, you may have the right to request access to and receive information about the personal data we maintain about you, update and correct inaccuracies in your personal data, to object to the processing of your personal data and have the information blocked or deleted, as appropriate. The right to access personal information may be limited in some circumstances by local law requirements. To update your preferences, ask us to remove your information from our mailing lists or submit an access request, please contact us as specified in the “How to Contact Us” section below.
We maintain appropriate administrative, technical and physical safeguards to protect personal data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal data in our possession. The types of measures we take vary with the type of data, and how it is collected and stored.
When you provide personal data online, we use the industry standard for encryption on the Internet – Secure Socket Layer (SSL) technology – to help protect the data that you provide. This Internet encryption standard scrambles data as it travels from your device to our server. You will know that you are in a secure area of the Site when a lock icon appears on your screen that the “http” prefix of our URL address changes to “https. ” The “s” represents “secure”. We also use digital certificates to ensure that you are connected to the authentic Site.
We will never ask you for your password in any unsolicited communication (including unsolicited correspondence, such as letters, phone calls or e-mail messages). If you believe your user name and password have been compromised, please contact us by following the instructions provided in the section "How to Contact Us" below.
We also take measures to destroy or permanently de-identify personal data when there is no longer a business need to keep the information and in any case, for no longer than 13 months from the last time you have accessed your account.
We may transfer personal information to countries other than the country in which the data was originally collected. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your personal information to other countries, we will protect that information as described in this Privacy Notice.
MasterCard is a global business. To offer our services, we may need to transfer your personal information among several countries, including the United States, where we are headquartered. We comply with applicable legal requirements providing adequate safeguards for the transfer of personal information to countries outside of the European Economic Area or Switzerland.
On our Site you may choose to use certain features for which we partner with other entities or click on links to other websites for your convenience and information. These features, which may include social networking and geographic location tools, and other websites may operate independently from MasterCard. They may have their own privacy notices or policies, which we strongly suggest you review. To the extent any features or linked websites you visit are not owned or operated by MasterCard, we are not responsible for the sites’ content, any use of the sites, or the privacy practices of the sites.
Although the MasterPass Wallet Service currently do not have a mechanism to recognize the various web browser Do Not Track signals, we may offer users of our MasterPass Wallet Services choices to manage their preferences via our Cookie Consent Tool we will honor your preferences. To learn more about browser tracking signals and Do Not Track, please visit http://www.allaboutdnt.com.
Global Privacy & Data Usage Officer
2000 Purchase Street
Purchase, New York 10577
Global Privacy & Data Usage Officer
MasterCard Europe SA
Chaussee de Tervuren 198A
For those consumers who reside in France, please contact:
112, Avenue Kléber
75784 PARIS CEDEX 16
66831.000174 EMF_US 46446576v1