Last Updated: October 18, 2024
At Total System Services, LLC (“TSYS”), a Global Payments company, we respect your concerns about privacy. Except as otherwise indicated, this Privacy Notice (“Notice”) relates to the collection of personal information from users of our U.S. and Canadian websites, portals, mobile applications (“Apps”), email, branded U.S. and Canadian social media sites or pages and other U.S. and Canadian online or mobile services that link to or expressly reference this Notice (collectively the “Sites and Apps”).
For the purpose of this Notice, TSYS, “we” and “us” refer to Total System Services, LLC and its subsidiaries and affiliates, as the context requires. Our privacy practices vary depending on the services we provide. For some products and services, where required, we will provide additional privacy notices before collecting personal information about you. TSYS maintains specific privacy notices for job applicants, employees, and contractors through Global Payments. If you are a job applicant, employee, or contractor and need a copy of the applicable privacy notice, please contact us at privacy@globalpay.com.
Please read this Notice carefully. If you have any questions, you may contact us at privacy@globalpay.com or by the methods provided in the “Contact Us”
section below.
TSYS products and services enable financial transaction processing for customers (“Customers”) to include payment tools for credit, debit, and healthcare accounts, (collectively referred to as the “Services”). For our Customers, information about disclosures, transfers and other processing of personal information as part of the Services is set out in the documentation provided to them at or before onboarding. This Notice is a supplement, not a replacement, to that documentation and relates specifically to information we collect through our Sites and Apps.
Please be aware that not all of the information in this Notice will be directly applicable to our handling of personal information about you. This Notice provides an overview of the possible circumstances in which we may interact with personal information. If you have any questions about our processing of personal information about you, please contact us at privacy@globalpay.com.
TSYS collects personal information from users of our Sites and Apps who might be our Customers, prospective Customers, and Customer end users (“End Users”) who engage with our Sites and Apps as part of the Services we provide to our Customers.
Because TSYS’ relationship with End Users is indirect, we process such personal information relating to End Users only for the purposes of providing the Services to our Customers, in accordance with our Customer’s instructions. Under applicable privacy laws, in this context, TSYS would be considered a service provider or processor. If you are an End User who has a relationship with one of our Customers and you have a question about how personal information about you is collected, used, or disclosed, or would like to exercise any rights you may have with respect to such personal information, please contact the Customer directly. If you are a Customer, additional privacy terms are included in or provided as a supplement to the contract terms that govern the Services we provide to you.
Select one of the links below to jump to the relevant section:
“Personal information” is information that identifies you as an individual or relates to an identifiable individual. Through our Sites and Apps, subject to your consent if required by law, we may collect the following categories of personal information:
Data anonymization and aggregation. Subject to your consent if required by law, we may anonymize or aggregate personal information about you so that you are not identified or identifiable from it. We may use anonymized or aggregated data for statistical analysis including to analyze trends, for product development, and for risk assessments and cost analysis. We may disclose anonymized or aggregated data to our parent, subsidiaries, affiliates, service providers, or with other third parties. This Notice does not restrict TSYS’ use or disclosure of any anonymized or aggregated information.
We collect personal information from the following categories of sources:
Information that you provide to us: We collect personal information that you provide to us when you set up an account with us, use our Services, or communicate with us. For example, if you register for an online account with us, we may request your name, contact information and commercial information. Providing us with personal information is voluntary, and you can always choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the Services.
Information collected from third parties: We may collect information about you from third parties in the course of providing our Services. For example, we may collect personal information like your name and contact information from a referral partner or other third party in order to contact you about the Services we provide.
Information collected through technology: When you visit our Sites or Apps or interact with an email we send to you, we may collect certain information automatically such as your account or device identifier, and usage information such as pages that you visit, information about links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services. You have the ability to express your preference regarding some of the ways we collect information through technology in some of our Services (see “Cookies and Other Tracking Technologies” for more information).
Subject to your consent if required by law, we may use personal information about you for the following business purposes:
We are a multinational business headquartered in the United States, with subsidiaries and affiliates in countries around the world. Personal information about you may be disclosed to recipients located outside of your country, including to our global subsidiaries and affiliates (see “Our Relationship with Affiliate Companies” below) as described in this Notice.
For each category of personal information we collect, we may disclose such information in the manner and for the purposes described below:
Subject to your consent if required by law, we may appoint an affiliate company to process personal information in a service provider role. In most cases, we will remain responsible for that company’s processing of personal information pursuant to applicable data privacy laws.
Because our affiliate companies are located around the globe, personal information may be transferred to and stored in another country outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.
We will take appropriate steps to transfer personal information in accordance with applicable law, such as transferring personal information to countries which are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
Subject to your consent if required by law, we will collect and process personal information as necessary to set up and administer your sign up to, and use of, the log in facility available on our Sites and Apps. We will use “cookies” to “remember” the machine or other device you use to access our Sites and Apps (see “Cookies and Other Tracking Technologies” below). Please remember that if we contact you, we will never ask you for your password in an unsolicited email, message or phone call. If you choose to use the log in facility available on our Sites and Apps, you are required to adhere to the security procedures we establish in the documentation we provide you as part of the Services.
We maintain administrative, technical and physical safeguards designed to protect the personal information you provide via the Sites and Apps against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
Any suspected attempt to breach our policies and procedures, or to engage in any type of unauthorized action involving our information systems, is regarded as potential criminal activity. Suspected computer mischief may be reported to the appropriate authorities.
Please remember that communications over the internet such as emails are not secure. We seek to keep secure personal information submitted to us through the Sites and Appsin accordance with our obligations under applicable laws and regulations. However, like all website operators, we cannot guarantee the security of any data transmitted through the Sites and Apps.
We retain the personal information we collect for different periods of time depending on what it is and how we use it. In some contexts, we will provide additional information about retention as you use the Services. When we collect personal information, we will retain it only for as long as is necessary to complete the legitimate business or legal purposes for which we collected it. The criteria used to determine our retention periods include:
Cookies and similar tracking technologies are used to help us retain information about your use of our Sites and Apps. Using cookies, we collect information like country location, language preference and other settings. Cookies can also help us to operate our Services more efficiently and securely, remember you for future visits and enhance your user experience by providing real-time tools including user guides and chatbots. We also gather statistical information about the use of our Services in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them.
The cookies and tracking technologies that we may use fall into the following categories:
Strictly Necessary. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions taken by you such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but blocking them may impede the functionality of the Sites and Apps.
Performance. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functional. These cookies enable the Sites and Apps to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some of these services may not function properly.
How to Delete or Block Cookies and Other Tracking Technologies. We do not currently respond to browser Do-Not-Track signals. If you do not want information collected through the use of cookies, you can use the Cookie Settings banner or icon on the Site to make selections about the use of cookies. Additionally, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of our Services. You also may not receive advertising from us that are relevant to your interests and needs.
TSYS may provide links on our Sites and Apps to third-party websites or services that are not under our control. We do not endorse or make any warranty of any type regarding the content contained on such third-party websites or services or the products and services they offer. We make no representation regarding your use of such websites or services. Please be aware that we are not responsible for the privacy practices of the operators of other websites or services. We encourage our users to be aware when they leave our Sites and Apps. You should read any other applicable privacy and cookies notices carefully before accessing and using third-party websites and services.
Subject to your consent if required by applicable law, we may use personal information to provide you with direct marketing information about our products and Services as well as those of our global affiliates and third parties. Our direct marketing may occur through email, telephone, post or SMS or such other method(s) as may become relevant.
We will take steps to ensure that any direct marketing from us and which is sent by electronic means will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in emails, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. In addition, if we need your consent for direct marketing communications under applicable law, and if you provide your consent, you will be able to change your mind at any time. Please note that if you opt out of receiving marketing-related communications from us, we may still send you administrative, transactional, or information messages, from which you cannot opt out.
If you are an End User who interacts with our Sites or Apps for the purpose of engaging with our Customers and have questions about legal rights you may have with respect to personal information collected by our Customer, please consult the Customer with whom you have a relationship.
If you interact with our Sites and Apps for the purpose of engaging in a direct relationship with us, subject to certain exceptions, and in some cases dependent upon the processing activity we are undertaking, you may have the right to:
You may contact us using the information in the “Contact Us” section of this Notice for additional information about how to exercise your rights. In addition, if you are a resident of California or other jurisdiction with similar laws, please see the “Region-Specific Information” section below for further details on how to exercise your privacy rights.
Our Sites and Apps are not directed to children or intended for use by children. We do not solicit or knowingly accept any personal information from persons under the age of 18. Please do not use the Sites or Apps or Services if you are under the age of 18.
We reserve the right, in our sole discretion, to modify, update, or otherwise change this Notice. The “Last Updated” legend at the top of this Notice indicates when this Notice was last revised. Any changes will become effective when we post the revised Notice on our Services, including our Sites and Apps.
If you have questions about this Notice, or if you want to exercise your rights as described in this Notice, you may submit a request by completing this form or contact us as follows:
Total System Services, LLC
Attn: Privacy Office
3550 Lenox Road, Suite 3000
Atlanta, GA 30326
privacy@globalpay.com
866-686-4740
If you make a request to exercise a privacy right, we will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may decline to honor your request where an exception applies. In order to honor any access, deletion, or similar request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you would like your agent to make a request on your behalf, if permitted under applicable law, the agent may exercise those rights as noted above. We will process the agent’s request consistent with applicable law. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in this section or confirm that you provided the agent permission to submit the request
Information for Residents of California and Other Similar Jurisdictions
This section supplements the above Notice and further describes how we collect, use, and disclose the personal information we collect about residents of California and other similar jurisdictions.
Categories of Personal Information We Collect and Our Purposes for Collection, Use, and Disclosure
The following chart details which categories of personal information we collect and process, as well as which categories of personal information we disclose to third parties for our operational business purposes, including within the preceding 12 months.
| Categories of Personal Information (See the “Personal Information We Collect” section for a description of each category of Personal Information) | Disclosed to Which Categories of Third Parties for Operational Business Purposes | Processing Purposes |
| Basic Identifying Information; Demographic Data; Device Information and Other Unique Identifiers; Internet or Other Network Activity; Commercial Information; Professional and Employment-Related Information; Information You Provide; Inferences | Please see the “How We Disclose the Personal Information We Collect” section for a list of the categories of third parties to whom we may disclose these categories of personal information. | Please see the “How We Use the Personal Information We Collect” section for a list and description of the applicable processing purposes for these categories of personal information. |
| Government-Issued Identifiers | Affiliates; distributors of our products and Services; service providers; third parties with whom you have a relationship (i.e. our Customers and/or referral partners); regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards including card brands and issuing banks; other parties in litigation |
|
| Health/Medical Information | Affiliates; third parties with whom you have a relationship (i.e. our Customers); service providers; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation |
|
| Audio and Visual Information | Affiliates; distributors of our products and services; service providers; regulators; legal authorities and other third parties in order to comply with laws, regulations, and standards; other parties in litigation |
|
We do not sell your personal information to third parties for monetary compensation, and we do not share your personal information with third parties for cross-context behavioral advertising. We do not knowingly sell or “share” (for purposes of cross-context behavioral advertising) the personal information, including the sensitive personal information, of minors under 16 years of age.
Rights and Requests
| Right to know about personal information collected, used, disclosed, “shared,” and sold |
You have the right to know whether we process personal information about you, and to access such personal information. If you are a California resident, you may also request that we disclose to you:
|
| Right to receive a copy of personal information | You have the right to request that we provide the specific pieces of personal information, including a copy of such personal information in a portable format. |
| Right to opt-out of the sale of personal information | You may request that we do not sell personal information about you to third parties. |
| Right to opt-out of “sharing” of personal information for cross-context behavioral advertising | You may request that we stop “sharing” personal information about you for purposes of cross-context behavioral advertising. |
| Right to request deletion | In some circumstances, you have the right to have personal information about you deleted. |
| Right to equal service and prices (“non-discrimination”) | Your choice to exercise your privacy rights will not be used as a basis to discriminate against you in services offered or pricing. |
| Right to request correction | You have the right to request that we correct inaccuracies in your personal information. |
| Right to limit the use and disclosure of sensitive personal information | In some circumstances, you may request that we limit the use and disclosure of your sensitive personal information. |
| Right to appeal | Depending on your state of residence, if we refuse to take action on your request, you may appeal this refusal within a reasonable period after you have received notice of the refusal. To appeal, you can contact us at privacy@globalpay.com or complete this form and select “Appeal a decision about a previous request” under “Type of Request.” |
You can submit a request for any of the above rights by using the contact information in the “Contact Us” section of this Notice.
California Shine the Light
If you are a resident of California you may request information concerning the categories of personal information (if any) we share with third parties or affiliates for their direct marketing purposes. If you would like more information, please submit a written request to us using the information provided in the “Contact Us” section of this Notice.