INTRODUCTION
This notice applies to ChangeBlast Inc. and its group companies, which sometimes use trading names including ChangeBlast (together “us” or "we" or “our”). ChangeBlast Inc. is committed to protecting your privacy and will take all appropriate steps to ensure that your personal information is treated securely and will be collected, used, stored, and disclosed in accordance with this notice.
References to “you” in this notice are to the individual who is accessing or applying to use the ChangeBlast Inc. services (as defined below) either on your own account or on behalf of a business. This includes, in relation to a customer or prospective customer of ChangeBlast Inc., any sole trader and any principals, including the managing and financial directors, any other directors and officers, shareholders, partners, and beneficial owners of a customer, as well as any member of staff accessing or using the ChangeBlast Inc. services on behalf of a customer.
This notice (together with our terms of use applying to any specific services you may purchase or use) applies:
• to the website/portal features and services provided to you when you visit our websites, portals, or our payment panels our clients may use on their websites;
• when you apply to use and/or use ChangeBlast’sproducts and services (including any loyalty or reward schemes, whether points-based or otherwise (“Loyalty” or “Promotion”));
• to your use of software including terminals, mobile and desktop applications provided by ChangeBlast Inc.; and
• to email, other electronic messages including SMS, telephone, LiveChat, website/portal, and other communications between you and ChangeBlast Inc..
Together these are all referred to in this notice as “ChangeBlast Services”.
Please read this notice carefully to understand our policies and practices regarding your personal information and how we will treat it. ChangeBlast Inc. takes a “layered approach” to explain its privacy practices, as recommended by regulators. This means that we endeavour to initially provide you with the key privacy information in the form of a “short form” privacy notice. This, however, is our comprehensive privacy notice that explains our data protection practices in full, and to which the short form privacy notice will link. Contact Us details are provided at the end of the notice for feedback or any privacy inquiries you may have.
INFORMATION WE MAY COLLECT FROM YOU
Personal and non-personal information
We collect and process personal and non-personal information relating to you.
Personal information is information that can be used to uniquely identify a single person, either directly or indirectly.
ChangeBlast Inc. also collects non-personal information or may anonymize personal information in order to make it non-personal. Non-personal information is information that does not enable a specific individual to be identified, either directly or indirectly. ChangeBlast Inc. may collect, create, store, use, and disclose such non-personal information for any reasonable business purpose. For example, ChangeBlast may use aggregated transactional information for commercial purposes, such as trend analysis and the use of data analytics to obtain learnings and insight around payment transaction patterns and usage.
To the extent that Internet Protocol (IP) addresses (or similar identifiers) are clearly defined to be personal information under any local law and where such local law is applicable to ChangeBlast Services, we will manage such identifiers as personal information.
Please note that ChangeBlast Inc. provides services to both individual consumers and businesses and this privacy notice applies to both and should be read and interpreted accordingly.
Collecting your information
We collect the following information through the following means:
Information you give us; we receive and store any personal information (including financial information) you provide to us including when you (or your business) enquire for or make an application for the ChangeBlast Services; register to use and/or use any ChangeBlast Services; upload and/or store information with us using the ChangeBlast Services; and when you communicate with us through email, SMS, a website or portal, or the telephone or other electronic means. Such information may reference or relate to you or your customers’ and includes:
• Name including first name and family name, date of birth, email address, billing address, username, password and/or photograph, address, nationality, and country of residence;
• Card primary account number, card expiry date, CVC details (card security code), bank and/or issuer details;
• Information relating to any items purchased, including the location of the purchase, the value, the time, and any feedback that is given in relation to such purchase, including travel-related personal information when you or your customer are transacting for airline tickets or other travel-related services;
• Points or rewards earned or redeemed in any Loyalty scheme;
• Photos and videos, taken during ChangeBlast Inc. events you have registered for, for distribution to event participants and in our promotional materials for future events; and
• Any other information that you or your customer provide.
Information we collect; about you automatically: ChangeBlast Inc. receives and stores certain information automatically whenever you interact with ChangeBlast Inc.; for example by way of “cookies” or similar technology. We also obtain certain information when your web browser accesses ChangeBlast Services or advertisements and other content provided by or on behalf of ChangeBlast Inc. on other websites, or when clicking on emails. Collecting this information enables us to better understand the visitors and customers who use and interact with ChangeBlast Inc., where they come from, and how they use our services. We use this information for our analytics purposes and to improve the quality and relevance of our services for our visitors and customers. This information includes:
• Technical information, including the Internet protocol (IP) address used to connect your computer or device to the Internet, your login information, browser type, and version, time zone setting, browser plug-in types and versions, operating system platform;
• Information about your visit or whether you opened an email, including the full Uniform Resource Locators (URL) clickstream to, through, and from our site (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the site page and any phone number used to call our customer service number.
Please also refer to our Cookie Policy for more information. Otherwise, please Contact Us.
Information collected through our applications; if you download or use mobile or desktop applications provided by ChangeBlast Inc., we may receive information about your location and your device or the service you are using (including where a payment transaction takes place). Some devices allow applications to access real-time location-based information (for example GPS). Our mobile and desktop apps may collect such information from your mobile device or your computer at any time while you download or use our apps if your device has real-time location data access enabled. Where required, we will always seek to notify you if it is our intent to collect real-time location information and, also where required by law, obtain your consent. We may use such information for regulatory purposes, our own due diligence checks, to better understand transaction patterns, and to optimize your experience.
Email and Other Communications; we may receive information about you and your use of ChangeBlast Services when we communicate with each other, including when you open messages from us and from the use of electronic identifiers (sometimes known as “device fingerprints”), for example, Internet Protocol addresses or telephone numbers.
Information from Other Sources; we may receive information about you from other sources and add it to our account information. For example, we work closely with and receive information from, third parties like business partners, financial institutions, merchants, subcontractors in technical, payment, and delivery services, advertising networks, analytics providers, search information providers, credit reference, and fraud prevention agencies. Credit reference and fraud prevention agency use are further explained below. We may also review public comments and opinions made on social networking sites (e.g. Facebook and Twitter) to better understand our customers and our provision and development of ChangeBlast Services.
Information about other people; if you give us information about other people, you must have informed them in advance (for example, by giving them this privacy notice) and must ensure you have the right to do so.
We may use and share the personal information we collect for the following purposes:
• To provide our ChangeBlast Services to you and your business, including fulfilling ChangeBlast Inc. obligations to you or to financial or other institutions in connection with the ChangeBlast Services we provide to you (and/or your business). In this context we record and track details of transactions you (and/or your customers) carry out in relation to the ChangeBlast Services; analyze and report on your (and/or your customers) use of any Loyalty service; facilitate the collection or redemption of any points or other rewards currency in respect of any Loyalty program; notify you about important changes or developments to our website or our goods and services.
• To improve and develop our business, including without limitation to optimize our websites/portals, products, and services. This may include using the information you insert into forms but do not submit to us, for example by using that information to optimize our website(s) and contacting you for customer services purposes in relation to that form. We can also use your personal information to develop and test new products and services.
• To manage and enforce our rights, terms of use, or any other contracts with you (and/or your business), including to manage any circumstances where transactions, rewards, or points are disputed; manage, investigate and resolve complaints; or recover a debtor in relation to your insolvency;
• To manage and mitigate our credit risk, if you apply for one of our financial products we will assess your financial position (and/or of your business), to the extent, this is provided for in the applicable Terms of Use. This credit check will also affect any linked parties such as directors, shareholders, and principals. We can do so by receiving and sharing information from and with credit reference agencies and fraud prevention agencies. This credit check will affect also anyone with whom you have a joint account or similar financial association. If it is a joint application, and such a link does not already exist, then one may be created. These links will remain until you file a “notice of disassociation” at the credit reference agencies. For your information, the agencies will record our inquiries which may be seen by other companies who make their own credit inquiries; and a “footprint” may be placed on your credit file, whether or not you are accepted as our customer. If you are a Director, we will seek confirmation from credit reference agencies that the residential address that you provide is the same as that held by the relevant companies’ registry (where applicable). In addition, where you take services from us, we will give information on how you manage your accounts to the credit reference agencies. If you do not repay any money in full and on time, credit reference agencies will record the outstanding debt and may share this information with other organizations that perform checks similar to ours. Records remain on file at such agencies for 6 years after they are closed, whether settled by you or defaulted. If you would like further information on our use of credit reference agencies, please contact us;
• To prevent, detect and prosecute fraud or crime, ChangeBlast participates in anti-fraud initiatives, which involve assessing you (and/or your customers) and monitoring your transactions and/or locations, to detect patterns requiring investigations or otherwise profile and assess the likelihood of fraud occurring. We can do so by utilizing products and services from third parties. Besides, if you give us false or inaccurate information about you, or we identify or suspect fraud or a crime, we may pass your information to fraud prevention agencies and to law enforcement agencies, and we may decide to take legal action against you;
• To prevent or mitigate information security risk;
• To send marketing messages, to provide you with the information on products and services you have requested or we think may be of interest to you; to obtain your views on our goods, services, and our website/s; in respect of marketing, market research, and similar activities, we may use your personal information for such purposes whether or not you are accepted as or continue to receive ChangeBlast Services. If you no longer wish to receive marketing or promotional information from ChangeBlast Inc., you can always stop it. You can find more information on that in the section on “Your Data Protection Rights”;
• To comply with local and national laws;
• To comply with requests from law enforcement and regulatory authorities on public interest grounds, to establish, exercise, or defend legal claims, or to protect your vital interests or those of other persons, for example, to help those authorities in the fight against crime and terrorism; and
• To comply with card scheme rules.
If you provide information to be published or displayed on public areas of the website/portal or transmitted to other users of the website/portal or third parties, you understand that such information can be used by any third parties accessing the information for any purposes. This information is posted by you at your own risk and you must comply with the terms of use of such site.
DISCLOSURE OF YOUR INFORMATION
We do not disclose information that could identify you personally, to anyone except as described in this notice and for the purposes described in this notice, including:
• Within the ChangeBlast Inc. to help us provide our services and for our own internal customer relationship management, analytical and reporting purposes;
• Credit reference agencies(where permitted under any Terms of Use or another contract) as described above. If you would like further information on how we use credit reference agencies please contact us;
• Fraud prevention agencies as described above, including Action Fraud, Financial Fraud Action and the Financial Fraud Bureau;
• Third-Party Credit and Financial Institutions(where allowed under any Terms of Use or other contracts), including the credit institution where you (or your business) maintains your bank account(s) and the card schemes governing the issue and use of credit, debit, charge, purchase or other payment cards, alternative payment schemes and any other financial institutions who may process payments and who are not operating under ChangeBlast Inc. control nor for whom whose actions or omissions ChangeBlast Inc. has liability;
• Third Party Service Providers, including suppliers who assist us with the provision of ChangeBlast Services, including processing orders, fulfilling orders, processing payments, managing credit, security, sector and fraud risk, and marketing, market research, and survey activities carried out on behalf of ChangeBlast Inc.;
• Where we are required or permitted to do so by law, ChangeBlast Inc. may be required by law to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so. Such disclosures may also include requests from governmental or public authorities, or with commercial organizations with whom you may have had dealings and who are seeking to mitigate fraud risk, or for the purposes of litigation or legal process, national security or where we deem it in the national or public interest or otherwise lawful to do so;
• Business transfers, ChangeBlast Inc. may buy or sell business units or affiliates. In such circumstances, we may transfer customer information as a business asset. Without limiting the foregoing, if our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners. In these circumstances we will inform the recipient that your information must be treated in accordance with the standards described in this notice; and
• With your permission, your information may also be used for other purposes for which you give your specific permission.
Except as necessary for the performance of its services and as described above, ChangeBlast Inc. does not sell, rent, share or otherwise disclose personal information about its customers to third parties for commercial purposes.
MONITORING
We may monitor or record telephone calls, emails, web chat, or other communications with you for regulatory, security, quality assurance, or training purposes. When visiting our offices, CCTV, access control systems, and/or other monitoring systems may be in operation for security reasons and for health and safety management purposes.
WHERE WE STORE YOUR PERSONAL INFORMATION
We, our service providers, and other parties with whom we may share your personal information (as described above) may process your personal information in territories that are outside the European Economic Area (“EEA”) or otherwise outside of the territory in which you reside. It may also be processed by staff operating outside the EEA or the territory in which they were collected who work for us or one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of orders, the processing of payment details, and support services in the provision of the ChangeBlast Services. These countries may have data protection standards that are different to (and, in some cases, lower than) those in which you reside.
In these circumstances, we will take appropriate steps to protect your personal information in accordance with this privacy notice and applicable data protection laws; including through the use of any appropriate safeguards required by law to ensure that any international data transfers are lawful. ChangeBlast Inc. generally uses “Model Clauses” as approved by the European Commission when contracting with third-party data recipients outside the EEA who are receiving data from within the EEA for the purpose of processing personal information transferred outside the EEA. Occasionally, when the recipient is located in the United States, we may use the Privacy Shield with companies that have joined that scheme.
HOW WE KEEP YOUR PERSONAL INFORMATION SECURE
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure.
The safety and security of your information are also dependent upon you. If we have given you (or if you have chosen) a password or access code for access to certain parts of our website/portal or mobile applications and similar, you are responsible for keeping this password and/or access code confidential. You must not share your password and/or access code with anyone. You must ensure that there is no unauthorized use of your password and access code. ChangeBlast Inc. will act upon instructions and information received from any person that enters your user id and password and you understand that you are fully responsible for all use and any actions that may take place during the use of your account. You must promptly notify ChangeBlast Inc. of any information you have provided to us which has changed.
The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site, unless you are communicating with us through a secure channel that we have provided. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
HOW LONG WE RETAIN YOUR PERSONAL INFORMATION
The periods for which we retain your personal information are determined based on the nature and type of information, the ChangeBlast Service, and the country in which they are provided as well as any applicable local legal or regulatory requirements. In general, once no longer needed, your information will be deleted, or we may anonymize or aggregate it with other information to make it non-personal.
If you use ChangeBlast Services, we will retain your personal information as long as necessary to provide you with the services of your choice. That would generally mean we retain your personal information as long as you are our customer and for a period of time afterwards.
When our relationship with you ends, we still need to retain certain of your personal information for a time that depends on the legal and regulatory requirements of the country where you are located. For example, we will retain your information for the time allowed by the local laws to start a legal claim (so-called “statute of limitation”), or for as long as we are ordered pursuant to an order from the courts, or by law enforcement agencies or our regulators.
We can also continue sending you direct marketing, subject to local laws and where you have not objected to such marketing.
YOUR DATA PROTECTION RIGHTS
You have many rights that you can exercise in relation to your personal information. If you wish you can access, correct, or update your personal information. In certain circumstances, you can also ask us to delete your personal information, object to its processing or temporarily restrict its processing while exercising your other rights. In addition, you can request to transfer certain of your personal information to another service provider (so-called, data portability).
When you give us consent to use your personal information, you can withdraw at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent. For example, you can stop any marketing communication we send you by clicking on the “unsubscribe” or “opt-out” link in the communications you receive, or according to the instructions that we provide every time, but we will continue to send you operational or service messages in relation to your ChangeBlast Services.
Please consider that depending on the country from where you use the ChangeBlast Services, not all the above rights may be available to you. Also, there might be cases where these rights cannot be enforced: for example, you cannot object to us using your information when it is required by the law, or manage a complaint; similarly, you cannot ask us to delete your information if you want to continue using our ChangeBlast Services.
You always have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Also, you can commence a court action to claim compensation for damage or distress caused by our failure to comply with data protection legislation.
If you want to know more about your rights, or you want to exercise them, you can reach us at the details provided in the Contact Us section.
AUTOMATED DECISION MAKING
In some instances, our use of your personal information may result in automated decisions being taken (including profiling) that legally affect you or similarly significantly affect you.
Automated decisions mean that a decision concerning you is made automatically on the basis of a computer determination (using software algorithms), without our human review. For example, we use automated decisions to complete credit assessments on you when you apply to certain ChangeBlast Services or to carry out anti-fraud checks, as explained in the section “What We Use Your Personal Information For”. We have implemented measures to safeguard the rights and interests of individuals whose personal information is subject to automated decision-making. In addition, if you are using the ChangeBlast Services in the European Union, when we make an automated decision about you, you have the right to contest the decision, to express your point of view, and to require a human review of the decision. You can exercise this right by contacting us at the details below.
LEGAL BASIS FOR PROCESSING
ChangeBlast Inc. will only process your personal information where we have lawful authority to do so. Such laws vary across different territories and further specific information is available on request. In general, ChangeBlast Inc. will either process:
• On the basis of your consent, for example, to send you marketing messages about products and services in accordance with your interests and preferences;
• Where necessary for the performance of, or entry into, any contract we have with you, for example in order to provide you with the ChangeBlastServices you have subscribed;
• Where ChangeBlast Inc. has a legitimate interest to process data, subject to such processing not overriding your own rights and freedoms in objecting to such processing, for example, to keep you informed about your use of the services, improve and develop our services and manage and enforce any claim;
• Where ChangeBlast Inc. has a legal obligation to collect your personal information or otherwise needs your personal information to protect your vital interests or those of another person. For example, when necessary to comply with the rules imposed by our regulators; or
• Exceptionally, we may share your information with a third party when necessary in the public interest, for example when law enforcement agencies request information to investigate a crime.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information for any specific processing activity, please contact us using the contact details provided under the Contact Us section below.
CHANGES TO OUR PRIVACY NOTICE
We may, from time to time, change our privacy notice. If we make material changes to how we treat your information, we will notify you through a notice on this website/portal. The date the privacy notice was last modified is at the bottom of the page. You are responsible for ensuring you periodically visit our website/portal and this privacy notice to check for any changes. However, if we are required by law to give you enhanced notice of any changes to this privacy notice and/or seek your consent to changes in our uses of your personal information, then we will do so.
LINKS TO THIRD PARTY SITES
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. If you follow such a link, please note that these websites have their own privacy and cookies policies and ChangeBlast does not accept any responsibility or liability for these third-party websites.
GLOBAL NOTICE
This notice is global in scope but is not intended to override any legal rights or prohibitions in any territory where such rights or prohibitions prevail. In such event, the rights and obligations set out in this notice will apply, subject only to amendment under any applicable local law having precedence.
CONTACT US
All comments, queries, and requests relating to our use of your information are welcomed. If you wish to exercise any of your rights or receive further information as to the applicable ChangeBlast Inc. to which this notice applies, you should write to the address below, or through Contact Us.
ChangeBlast Inc.’s Data Protection Officer is as stated below and can be contacted via the Contact us link above or at the address below:
Mr Alen J. Davis
ChangeBlast Inc.
30th Floor, 1289 Willis ST, STE 107, Redding, CA 96001.