StoreFinancial


Privacy Policy

Privacy Policy

Effective January 2012


Scope

This policy applies to all personally identifiable information processed, stored, and transmitted by StoreFinancial using Company-owned assets, systems, and applications.


Policy

StoreFinancial complies with all applicable laws and regulations regarding the collection, storage, processing, transmission, dissemination, and protection of personally identifiable information, which is that information which can be used to identify living individuals.

Information We Collect & How We Use It:

StoreFinancial is a payment systems processor and program manager for prepaid card programs, primarily handling anonymous forms of payment; however, certain lines of business within the Company may require the collection, processing, and transmission of personally identifiable information, including, but not limited to, the information set forth below –

Loyalty Program Data – StoreFinancial, as part of its loyalty, rewards, and incentives business line, obtains the name, address, phone number, and e-mail address of award recipients from third-party partners, processes the information, and transmits it to manufacturers for shipping and fulfillment. The data is not used for any marketing purposes, nor shared with any third-parties outside of the order fulfillment supply chain.

Cardholder Data – In some cases, such as with high-value transactions and for large orders, Federal, State, and Local Law requires that merchants, on behalf of StoreFinancial, collect the purchaser’s name and phone number. This information is collected solely for fraud protection purposes. Additionally, if consumers elect to register their cards either directly through StoreFinancial, or locally from merchants when a card is purchased, and consumers voluntarily provide personally identifiable information, this information is also stored by the Company. All of this data is not shared with any third parties, and it is only referenced in the event of a fraud investigation, or lost or stolen card report.

Individually Identifiable Health Information – StoreFinancial processes and stores explanation of payments data in order to process payments for healthcare providers. This information includes individual patient names; the identification number of each patient’s healthcare insurance provider; each payee’s name and full address; and the amounts charged and owed for services provided, including any deductible amounts, co-pays, and charges covered by co-insurance. This data is not used for any marketing purposes, and it is not shared with any third-parties outside of the payment processing chain.

All data is stored, processed by, and transmitted to and from assets located within the United States Of America.

StoreFinancial may use any of this collected data to provide, maintain, protect, and improve our services, and develop new services.

Information Security: StoreFinancial employs a variety of physical and logical security measures and controls, including data encryption, to protect against the loss of confidentiality, availability, or integrity of data. Policies and procedures are in place to direct how data is to be protected within the organization, the processes by which data protection mechanisms are employed, and to outline disciplinary measures for violations.

Access to data is managed according to the principle of least privilege, and is restricted to only those employees, contractors, and associates with a need to know. Internal and external compliance reviews of StoreFinancial’s data collection, storage and processing practices and security measures are performed on a regular basis.

Information Disclosure: StoreFinancial will only disclose data within the scope of this policy to external entities under the following circumstances:

  • The individual has provided consent to StoreFinancial for the disclosure.
  • The disclosure is required for processing and/or to render services to clients. StoreFinancial employs a rigorous process for vetting third-parties and partners, and requires compliance with all Company policies and procedures before data is shared.
  • There is a good-faith belief that the disclosure is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request; (b) detect, prevent, or otherwise address fraud, security or technical issues; or (c) protect against harm to the rights, property or safety of StoreFinancial, its clients or the public, as required or permitted by law.

Compliance: StoreFinancial has a duty to protect the privacy of its clients, and undergoes regular reviews to ensure Company adherence to documented internal policies and procedures, as well as compliance with all applicable laws, regulations, and requirements, as dictated by Federal, State, Local, and regulatory authorities.

The official version of this policy will be maintained on StoreFinancial’s Website, http://www.storefinancial.com/, and will be provided to anyone upon request.

Policy Changes: This policy may be updated as needed; however, previous versions of this policy are on-file at the StoreFinancial Corporate Headquarters, and are available upon request. A notice of any changes will be prominently posted on the front page of StoreFinancial’s Website, http://www.storefinancial.com/.

Individually Identifiable Health Information Notice & Patient Rights: Individuals who believe his or her privacy rights in regards to his or her Individually Identifiable Health Information have been violated can contact StoreFinancial, as outlined in the “Contact Information” section below. Individuals can also contact the United States Department Of Health and Human Services at http://www.hhs.gov/.

Individuals have the following rights related to his or her Individually Identifiable Health Information:

  • The right to review and obtain a copy of his or her protected health information, which is maintained as part of StoreFinancial’s designated record set.
  • When information is deemed inaccurate or incomplete, individuals have the right to request an amendment to his or her protected health information.
  • The right to request a disclosure of all entities with which his or her protected health information was shared, except where exempted by law.
  • The right to request a restriction of the disclosure of his or her protected health information.
  • The right to request an alternative means for the communication of protected health information, other than one which has been chosen by StoreFinancial.

Contact Information: StoreFinancial’s Information Security Lead is the Company’s designated Privacy Officer, and handles all inquiries regarding privacy and security within the organization. All requests for further information, questions, complaints, or amendment requests can be e-mailed to the following address:

privacy@storefinancial.com

All requests, complaints, and communications will be evaluated on a case-by-case basis, and will be processed in accordance with all Federal, State, and Local laws and regulatory requirements.




Home  /   Products  /   Services  /   Privacy Policy  /   Contact
Gift Card Programs - Gift Card Company