Last Updated: July 1, 2020
Table of Contents
Personal Information We Collect
Information you provide to us: Personal information you voluntarily provide to us through the Services, or otherwise, include:
- Identifiers, such as your name, postal address, IP address, email address, phone number, and online account information;
- Commercial information, such as records of the Services you have licensed or use, credit card, debit card, and related payment information;
- Professional information, such as the name of your employer and your job title;
- Internet and other electronic network activity information, such as your IP address, your device information, the length of time you spend with our Services, how often you use our Services, and other usage data; and
Cookies and other information collected by automated means. We, our service providers, and our business partners may automatically log information about you, your computer, or mobile device, and activity occurring on or through the Service. The information that may be collected automatically includes information about your computer or mobile device that may provide insight into the device operating system type and version number, manufacturer and model, device identifier, browser type, IP address, general location information such as city, state, or geographic area, and information about your use and actions on the Services, such as parts of the Services you viewed, how long you spend on a page or screen, navigation between pages or screens, information about your activity on a page or screen, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.
We provide important information for individuals located in the European Union, European Economic Area, and United Kingdom (collectively, “Europe’ or “European”) below.
How We Use Your Personal Information
To operate the Services. We use your personal information to:
- Provide, operate, and improve the Services;
- Provide information about our products and Services;
- Establish and maintain your payer or biller profile on the Services;
- Enable security features of the Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in;
- Communicate with you about the Services, including by sending you announcements, updates, security alerts, and administrative messages;
- Communicate with you about events or surveys in which you participate;
- Understand your needs and interests, and personalize your experience with the Services and our communications;
- Provide support and maintenance for the Services; and
- To respond to your requests, questions, and feedback.
For research and development. We analyze use of the Services to improve the Services and to develop new products and services. This includes studying user demographics and use of the Services.
To send you marketing and promotional communications. We may send you Invoice Cloud-related marketing communications, as permitted by law. You will have the ability to opt-out of our marketing and promotional communications as described in the “Opt-out of marketing communications” section below.
To display advertisements. From time to time we may work with advertising partners to display advertisements elsewhere online. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Service or your activity elsewhere online. If we utilize targeted advertising, you will have the ability to opt-out as described in the “Opt-out of targeted online advertising” section below.
To manage our recruiting and process employment applications. We use personal information, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity and monitoring recruitment statistics.
To comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For compliance, fraud prevention, and safety. We may use your personal information as we believe necessary or appropriate to: (a) protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Services; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.
To create Aggregate and De-Identified Information. We may aggregate and/or de-identify any information collected so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties at our discretion.
How We Share Your Personal Information
Customers. We may share your personal information to enforce or apply the terms of any of our customers’ service or license agreements.
Partners. We may share your personal information with our partners that help us offer the Services to you or who offer related services to you. These third parties may use your personal information consistent with their privacy policies.
Co-branded resources. We may share your personal information with third party companies that partner with us on co-branded resources (such as case studies). These third parties may use your personal information consistent with their privacy policies.
Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services they render to us.
To comply with law. We may share your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For compliance, fraud prevention and safety. We may share your personal information for the compliance, fraud prevention and safety purposes described above.
Business transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.
Aggregate/De-Identified information. We may share Aggregate/De-Identified data from your personal information and other individuals whose personal information we collect for our lawful business purposes, including to analyze and improve the Service and promote our business.
In this section, we describe the rights and choices available to all users. Users who are located within Europe can find additional information about their rights below. Users who are California residents can refer to our “Privacy Notice for California Residents” below, or our California Privacy Statement also below for more information on their rights and choices.
Opt-out of marketing communications.You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at privacy@InvoiceCloud.com. In some cases, we may need to send you “transactional” emails related to normal business operations. For example, we may email you a reminder about an action you need to take related to the Services or about updates to the technology we use to provide the Services.
Opt-out of targeted online advertising. You may opt-out of targeted online advertising by contacting us at privacy@InvoiceCloud.com. Opting-out of this type of advertising will not prevent you from seeing ads. Ads that you do see will be randomly generated or based on the digital property in which they are displayed, rather than being tailored to you.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Choosing not to share your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our services. We will tell you what information you must provide to receive the Services by designating it as required at the time of collection or through other appropriate means.
Other Sites, Mobile Applications, and Services
The Services may contain links to other websites, mobile applications, and other online services operated by third parties as well as our affiliates or partners. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.
The security of your personal information is important to us. We employ a number of administrative, technical, and physical safeguards aligned with industry best practices designed to protect the personal information we collect. We also employ regular security testing and vulnerability prevention best practices to proactively guard against threats. However, security risk is inherent in all Internet and information technologies and we cannot guarantee the absolute security of your personal information.
California Privacy Statement
California residents have certain rights under the California Shine the Light law and the California Consumer Privacy Act (“CCPA”).
California Consumer Privacy Act. Please refer to our “Privacy Notice for California Residents” below for more information about your rights under CCPA.
Shine the Light Law. We do not share personal information as defined by California Civil Code Section 1798.83 (“Shine the Light law”) with third parties for their direct marketing purposes absent your consent. If you are a California resident, you may request information about our compliance with the Shine the Light law by sending an email or postal mail as explained in the “How to Contact Us” section below. Please provide your name, e-mail address, phone number, the nature of your inquiry, and, if you are disabled, any accessibility accommodations you require.
International Data Transfers
European Union users should read the important information provided below about transfer of personal information outside of the European Union.
The Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of 16. If you are under16, please do not provide us your personal information. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at privacy@InvoiceCloud.com. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us as outlined below.
Notice to European Users
The information provided in this “Notice to European Users” section applies only to individuals in Europe.
Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal information”.
To operate the Services
|Processing is necessary to perform the contract governing our provision of the Services or to take steps requested by our customers, merchants, software providers, or partners prior to signing up for the Services. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing the Services.|
● For research and development
● To send you marketing and promotional communications
● To display advertisements
● To manage our recruiting and process employment applications
|These activities constitute our legitimate interests. We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
|To comply with law||Processing is necessary to comply with our legal obligations.|
|With your consent||Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time by contacting us as outlined below.|
Sensitive personal information. We ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services, or otherwise to us.
We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
When we no longer require the personal information we have collected about you, unless prohibited by applicable law, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.
Information for Visitors from Outside of the United States
We are located in the United States, where the laws may be different and, in some cases, less protective than the laws of other countries. By providing us with your Personal Information and using the Services, you acknowledge that your Personal Information will be transferred to and processed in the United States and other countries where we and our vendors operate. If we receive or transfer your personal information from Europe or Switzerland to a third country and are required to apply additional safeguards to your personal information under European data protection legislation, we use good faith efforts to do so.
How to Contact Us
You may also write to us via postal mail at:
Invoice Cloud, Inc.
30 Braintree Hill Office Park, Suite 101
Braintree, MA 02184
We reserve the right to change these Terms from time to time at our sole discretion. Please check this page periodically for any updates.
Last Updated: July 1, 2020
What are cookies?
What types of cookies does Invoice Cloud use?
Our Services may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).
More specifically, the following types of cookies may be used when you visit the Services:
Advertising cookies are placed on your computer by advertisers and ad servers in order to display advertisements that are most likely to be of interest to you. These cookies allow advertisers and ad servers to gather information about your visits to the Services and other websites, alternate the ads sent to a specific computer, and track how often an ad has been viewed and by whom. These cookies are linked to a computer and do not gather any personal information about you.
Analytics cookies monitor how users reached the Services, and how they interact with and move around once on the Services. These cookies let us know what features on the Services are working the best and what features on the Services can be improved.
Our cookies are “first-party cookies” and can be either permanent or temporary. These are necessary cookies, without which the Services may not work properly or be able to provide certain features and functionalities. Some of these may be manually disabled in your browser but disabling these cookies may affect the functionality of the Services.
Personalization cookies are used to recognize repeat visitors to the Services. We use these cookies to record your browsing history, the pages you have visited, and your settings and preferences each time you visit the Services.
Security cookies help identify and prevent security risks. We use these cookies to authenticate users and protect user data from unauthorized parties.
Service Management Cookies
Site management cookies are used to maintain your identity or session on the Services so that you are not logged off unexpectedly, and any information you enter is retained from page to page. These cookies cannot be turned off individually, but you can disable all cookies in your browser.
Third-party cookies may be placed on your computer by our service providers and business partners when you visit the Services. These cookies allow the third parties to gather and track certain information about you. These cookies can be manually disabled in your browser.
Other Tracking Technologies
In addition to cookies, we may use web beacons, pixel tags, and other tracking technologies on the Services to help customize the Services and improve your experience. A “web beacon” or “pixel tag” is tiny object or image embedded in a web page or email. They are used to track the number of users who have visited particular pages, viewed emails, or acquire other statistical data. They collect only a limited set of data, such as a cookie number, time and date of page or email view, and a description of the page or email on which they reside. Web beacons and pixel tags cannot be declined. However, you can limit their use by controlling the cookies that interact with them.
In addition to cookies, our Services may use other technologies, such as Flash technology, to collect information automatically.
Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Services may not work properly.
For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org. If you do not accept our cookies, you may experience some inconvenience in your use of the Services. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you use the Services.
In addition, you may opt-out of some third-party cookies through the Network Advertising Initiative’s Opt-Out Tool.
Please direct any questions or comments about this Cookies Policy, or Invoice Cloud’s privacy practices, to privacy@InvoiceCloud.com. You may also write to us via postal mail at:
Invoice Cloud, Inc.
30 Braintree Hill Office Park, Suite 101
Braintree, MA 02184
Invoice Cloud, Inc. Privacy Notice for California Residents
Last Updated: July 1, 2020
This Privacy Notice for California Residents (the “CA Notice” or the “Notice”) describes how Invoice Cloud uses and discloses the personal information that we collect from or about California residents.
Throughout his Notice, “Invoice Cloud,” “we” or “us” refers to Invoice Cloud, Inc.
Notices to Payers
Invoice Cloud provides online payment services as a Service Provider under Cal. Civ. Code § 1798.140(v), which help our business customers collect payments from individuals who pay their bills online (“Payers”). For example, we may help your electric company collect and process your payments for your monthly electricity bill.
If you are a Payer and make payments through our services, we may collect personal information about you, such as your name, address, email, payment information, and payment history. Our business customers (such as your electric company) are primarily responsible for how we use and disclose the personal information we collect in our role as a service provider. For example, we only collect and process your payment information so that we can facilitate the payment of your bill on behalf of the business entity (our business customer) who is billing you.
If we process your personal information on behalf of one of our business customers, and you have questions about how we process your personal information, we may direct any inquiries about our use of your personal information to that business customer.
Notices to Non-Payers
How We Collect and Use Personal Information
- Identifiers, such as name, postal address, IP address, email address, phone number, and online account information;
- Commercial information, such as records of the Services purchased from us;
- Professional information, such as employer name and job title;
- Internet and other electronic network activity information, such as IP address, device information, the length of time spent with our Services, how often the Services are used, and other usage data;
- Geolocation data, such as physical location made available through IP address or other means;
- Sensory information, such as audio, electronic, visual, olfactory, or similar information;
- Biometric information, such as facial imagery, a voiceprint, or similar information.
- Inferences drawn from Personal Information to create a profile, such as reflecting preferences, characteristics, attitudes, behavior, etc.
- If an account exists, we may have used identifiers, commercial information, and internet and other electronic network activity information to create, register, manage, and service that account.
- If our services have been used, we may have used identifiers, commercial information, and internet and other electronic network activity information to provide customer support services.
- From time to time, we may have used identifiers, commercial information, and professional information to send information and updates regarding our services.
- If an inquiry was submitted, feedback provided through a survey, or otherwise contacted us, we may have used identifiers and the other information provided to respond and /or implement that request.
We may also have used personal information to verify identity, maintain the security of our platforms, enhance user experience, deliver personalized content, and otherwise improve our websites, portals and other services.
Do Not Track Signals
Please note that our websites are not presently configured to respond to Do Not Track or “DNT” signals from web browsers or mobile devices. As such, we do not recognize or respond to Do Not Track requests.
How We Disclose Your Personal Information
In order to provide our services, we may disclose personal information to third parties for certain business purposes. In the past 12 months, we have disclosed personal information to the following categories of third parties for the business purposes described above in “How We Collect and Use Personal Information”:
- To our service providers: We may have shared personal information with third-party service providers, such as payment processors, clearinghouses, payment settlement organizations, platform hosting providers, and website analytics providers, who help us provide Services to business customers. We require that our service providers not use or disclose personal information for any purpose other than for providing services to us.
- To your respective Payers: We may have shared personal information with business customer respective payers only to the extent necessary to process transactions.
- To our affiliates for operational or other business purposes: We may have shared personal information with our affiliates for operational or business purposes such as those outlined above.
- As part of a reorganization event: In the event we go through a business transition, such as a merger, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or sale of all or a portion of our assets, we may have disclosed Personal Information to the party or parties of such transaction.
- To law enforcement or other governmental authorities: From time to time, we may have disclosed personal information to law enforcement or government agencies (i) when we, in good faith, believed there was unlawful activity; (ii) when we believed it was necessary or appropriate to satisfy any law, regulation or other governmental request; (iii) to respond to government-issued subpoenas, warrants or court orders; (iv) to otherwise comply with our legal obligations; and (v) when we believed disclosure was necessary to protect the health and safety of our personnel, our users and the general public.
We do not sell personal information or share personal information to third parties for their own marketing and/or advertising purposes.
Notices to All Parties
Your California Privacy Rights
As a California resident, you may be able to exercise the following rights under the California Consumer Privacy Act of 2018 (“CCPA”) in relation to the personal information we have collected about you:
- Right to Know: You have the right to request, twice per year, any or all of the following information relating to your personal information in the past 12 months, subject to the verification of your identity:
- The specific pieces of personal information we have collected about you.
- The categories of personal information we have collected about you.
- The categories of sources of the personal information.
- The business or commercial purpose for collecting or sharing the personal information.
- The categories of third parties to which we have shared your personal information.
- The categories of your personal information we have disclosed or shared to third parties.
- Right to Delete: You have the right to request, twice per year, that we delete the personal information that we have collected or maintain about you, subject to the verification of your identity. We may deny your request under certain circumstances, such as if we need to comply with our legal obligations or complete a transaction for which your personal information was collected. If we deny your request, we will let you know the reason why.
- Right to Opt Out of Sale: You have the right to opt out of the sale of your personal information. However, we do not sell your personal information.
If you choose to exercise your rights, we will not discriminate against you, charge you a different price, or provide a different quality of services unless those differences are related to your personal information. That means, that if you exercise some of these rights, it may limit our ability to process your personal information and provide certain features of our services to you.
How to Exercise Your California Privacy Rights
To exercise any of these rights you may,
- Complete the online request form found at invoicecloud.net/data-privacy-request-form;
- Call toll-free 1-888-603-0094;
- Or send an email to firstname.lastname@example.org. Please include,
- Requestor’s first and last name;
- Mailing address;
- Primary e-mail address;
- Primary phone number; and
- Type of request.
We will take steps to verify your identify before processing your request to know or request to delete.
We will not fulfill your request unless you have provided sufficient information for us to reasonably verify your identity. For example:
- If you have an account with us, we may use our existing account authentication practices to verify your identity.
- If you do not have an account with us, we may request additional information about you to verify your identity. We will only use the personal information provided in the verification process to verify your identity and to track and document request responses, unless you have initially provided the information for another purposes.
You may use an authorized agent to submit a request to know or a request to delete. When we verify your agent’s request, we may verify both your agent and your identity and request a signed document from you that authorizes your agent to make the request on your behalf. To protect your personal information, we reserve the right to deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.
Minors Under 16 Years Old
We have no actual knowledge of collecting or otherwise processing the personal information of minors under 16 years of age.
Updates to this Notice
We will update this Notice from time to time. When we make changes to this Notice, we will change the “Effective” date at the beginning of this notice. All changes shall become effective from the Effective date, unless otherwise provided in the Notice.
If you have any questions or concerns in connection with this Notice or other privacy-related matters, please email us at data-access-request@InvoiceCloud.com or by calling 1-888-603-0094.