Privacy Policy
This document sets forth the privacy protocols concerning the handling of personal data by Spring Payment Technologies LLC ("Spring Solutions" or "Spring"). It applies to the personal information we collect from those who visit and use our website. We are dedicated to responsibly managing your personal data with the utmost respect for your privacy.
Our commitment to your privacy is paramount. This Privacy Policy outlines our handling of personal information collected from visitors and users of our website. At Spring, we understand the importance of privacy and are dedicated to safeguarding the personal data entrusted to us. By engaging with our website, you are entrusting us with certain personal information, and this document explains how we collect, use, and protect that information.
Data Security
Spring's systems used in the delivery of Services (the “Spring System”) and Client’s networks and computer systems (“Client Systems”) contain information and computer software that are proprietary and confidential information of the respective parties, their suppliers, and licensors. Each party agrees (a) not to attempt to circumvent the devices employed by the other party to prevent unauthorized access thereto, including without limitation modifications, decompiling, disassembling, and reverse engineering thereof and (b) to reasonably maintain its respective systems in order to provide or receive, as applicable, the Services as set forth in the Agreement.
Spring's Obligations
-
Spring has implemented and shall maintain an information security program that is designed to meet the following objectives: (i) protect the security and confidentiality of Client information; (ii) protect against any anticipated threats or hazards to the security or integrity of such information; (iii) protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer; and (iv) ensure the proper disposal of Client information. Upon Client’s written request, Spring shall allow Client to review any associated audit reports, summaries of test results, or equivalent measures taken by Spring to assess whether its information security program meets the foregoing objectives, to the extent and on the same terms such information is made generally available to Spring’s other clients. In accordance with Spring’s incident management and response program, Spring shall investigate security events impacting the Services and, where appropriate, provide notification and updates to Client regarding such events. Spring shall also take appropriate actions to address incidents of unauthorized access to Client information, including notification to Client as soon as possible of any such incident.
-
While assigned to provide Services at a Client location or otherwise visiting Client’s facilities, Spring employees will comply with Client’s reasonable safety and security procedures and other reasonable Client rules applicable to Client personnel at those facilities to the extent such procedures and rules are provided to Spring in writing and in advance and are consistent with both the terms of the Agreement and Spring’s policies.
-
Spring may make changes in its methods of delivering the Services, including but not limited to operating procedures, type of equipment or software resident at, and the location of Spring’s service center(s). Spring will notify Client thirty days prior to implementing any material change that affects Client’s normal operating procedures, reporting, or internal service costs.
-
If Spring accesses Client Systems, Spring will: (i) use this access only to provide Services to Client; and (ii) ensure that the Spring System includes up-to-date anti-viral software designed to prevent viruses from reaching Client Systems through the Spring System.
-
Spring may use a third party to provide monitoring, penetration and intrusion testing with respect to certain Services. Upon Client’s written request, Spring agrees to provide Client with a copy of its most recent security certification, if any, for the applicable Spring service center providing such Services.
-
Spring warrants that: (i) Services will conform in all material respects to the specifications set forth in the Schedules to this Exhibit and to the generally-available documentation describing the functionality of the Services (as updated by Spring from time to time and provided to Client); and (ii) Spring personnel will exercise due care in provision of Services. If Client notifies Spring in writing of any alleged warranty defect hereunder within 30 days after the date the Services were performed, then Spring shall correct the Services at no additional charge to Client.
Client Obligations
-
Client has implemented and shall maintain an information security program that is designed to meet the following objectives: (i) protect the security and confidentiality of Client information; (ii) protect against any anticipated threats or hazards to the security or integrity of such information; (iii) protect against unauthorized access to or use of such information that could result in substantial harm or inconvenience to any customer; and (iv) ensure the proper disposal of Client information. Upon Spring’s written request, Client shall allow Spring to review any associated audit reports, summaries of test results, or equivalent measures taken by Client to assess whether its information security program meets the foregoing objectives. Client agrees to give Spring prompt notice if there is unauthorized access to Client information.
-
Client currently follows and will continue to follow industry standards and requirements of applicable laws (including, but not limited to, using appropriate firewall and antivirus software; maintaining said practices, operating systems and other applications with up to date virus definitions and security patches; installing and operating security mechanisms in the manner in which they were intended) designed to prevent compromises of its data files and other elements of the Client Systems by unauthorized users, viruses or malicious computer programs which could in turn be propagated via computer networks, email, magnetic media or other means to Spring.
-
Client agrees to comply with Spring’s then-current data encryption policies and controls regarding transmission to and from Spring of tapes, images, and records maintained and produced by Spring for Client in connection with the Services (“Client Files”), or other data transmitted to and from Spring in connection with the Services (collectively with Client Files, “Data”). If Client requests or requires Spring to send, transmit, or otherwise deliver Data to Client or any third party in a non-compliant format or manner, or Client (or third party on Client’s behalf) sends, transmits or otherwise delivers Data to Spring in a non-compliant format or manner, then, notwithstanding any other provision of this Agreement: (i) Client understands and accepts all risk of transmitting Data in an unencrypted or otherwise noncompliant format; and (ii) Client releases, discharges, and shall indemnify and hold harmless Spring and its employees, officers, directors, agents, and Affiliates from any and all liability, damage, or other loss suffered by or through Client or any of the indemnified entities arising out of the transmission, destruction, or loss of such Data, including without limitation any information security or privacy breach related to such Data.
Data Collection & Usage Policy for Personally Identifiable Information
Spring collects personal information that is vital or beneficial for delivering the products, services, or information you seek and for the creation of new offerings tailored to your future needs. This information is gathered directly from you upon our request. As part of our service provision, we may require details such as your name, physical address, ZIP code, telephone number, email address, and the types of services you have utilized or inquired about. By submitting this information online, you grant your consent for us to process the information in accordance with the terms set out in this Privacy Policy.
Utilization of Your Information
Spring is prudent in the collection of information, ensuring that only necessary data is gathered. We may also procure non-personal information that is pertinent to you. If there's a need to collect personal data beyond the scope outlined in this policy, your explicit consent will be sought in accordance with the law.
The information we collect primarily enables us to deliver the requested products, services, or information. It also enhances your experience across our websites and applications, supports customer service, fosters website improvement, upholds our agreements and policies, manages disputes, refines our marketing strategies, and assists in the development of new services for future use.
Additionally, Spring may use your information to inform you about new offerings, special promotions, Spring-related updates, scheduled maintenance, and potential service-affecting incidents.
Information Sharing & Confidentiality Commitment by Spring Solutions
At Spring, we recognize the importance of understanding customer service needs to deliver superior design, development, and service offerings. To this end, we share information within our company responsibly and with the sole purpose of enhancing our services. Your personal information is utilized strictly for the purposes specified, and we steadfastly refrain from selling, renting, or leasing our customer lists to third-party entities without obtaining your explicit consent.
For the provision of our products and services, we engage with third-party service providers for essential operational tasks such as mailings, customer support, transaction processing, and data analysis. In these collaborations, Spring discloses only the necessary personal information to fulfill the service requirements. These providers are bound by confidentiality agreements to ensure the protection and security of your personal information, limiting its use to the intended service only. Upon completion of their services, these providers are obliged to either securely dispose of the personal information or return it to Spring.
In certain scenarios, Spring may be compelled to access or disclose your personal information, if mandated by law or in a bona fide effort to:
(a) adhere to legal obligations or respond to legal processes directed at Spring;
(b) defend the rights or property of Spring;
(c) act swiftly to safeguard the safety of our service users or the public;
(d) handle legal requests; or
(e) facilitate a transfer of assets in the event of a sale of our company wherein our website(s) are included.
While we strive to ensure that the handling and disclosure of your personally identifiable information align with this Privacy Policy, we cannot guarantee complete security against unforeseen disclosures not depicted within this policy.
Automated Data Collection & Cookie Usage at Spring Solutions
As part of enhancing your experience with Spring, our systems automatically gather certain information while you navigate our website(s). This includes details such as the type of web browser you use, your operating system, platform version, your Internet service provider’s domain name, your computer’s Internet Protocol (IP) address, the duration of your visit, the pages you explore, search queries, and other significant engagement metrics.
In our commitment to offering a seamless browsing experience, we employ cookies—small data files that record information when you visit websites. These cookies help us identify repeat visitors and enable us to analyze site activity to improve our services. While cookies enhance your experience by personalizing your interactions with our website(s), you retain control over their use. You can receive alerts about cookie usage and adjust your browser settings to refuse cookies if you prefer. Access to our website(s) is not contingent upon the use of cookies.
Consent for Personal Information Use at Spring Solutions
When you share your personal data with Spring, you are giving us your consent to process your information for the purposes described in this policy. Our website(s) are designed to avoid the undisclosed collection of personally identifiable information; we collect data only when you willingly provide it. While your provision of personal information is not mandatory, please note that opting out or withdrawing consent may impact your ability to receive certain services or engage in activities on our website(s).
The information we gather enables participation in website activities, such as subscribing to newsletters or receiving updates on services and promotions. Your email address, once provided for such purposes, will be included in our marketing communications. We respect your preferences and provide the option to opt-out of marketing emails at any time. Unsubscribing will cease all such communications. Should you choose to withdraw or withhold consent, please be aware that this may reduce our ability to offer you certain services and might limit the full functionality of our website(s) that could be beneficial to you.
Children’s Privacy at Spring Solutions
Spring recognizes the importance of protecting the privacy of young individuals. Our website(s) and the services provided are primarily aimed at businesses and adults, not children. Consistent with this focus, we do not intentionally gather any information from children under the age of 13.