CardFlex Inc. dba Cliq (“Cliq”) is committed to protecting your personal information. We have prepared this Privacy Statement (“Statement”) so you can learn more about what information is collected about you, how it is used, and what choices you have in accessing or correcting it.
Note: This Statement is deemed effective as of January 1, 2020, and
contains important changes that may affect your rights.
The following tables summarize, at a very high level, the contents of our complete and unabridged Privacy Statement, which can be found in its entirety below. They are included for convenience only.
|Why?||Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.|
|What?||The types of personal information we collect and share depend on the product or service you have with us. This information can include:
When you are no longer our customer, we continue to share your information as described in this notice.
|How?||All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Cliq chooses to share; and whether you can limit this sharing.|
|Reasons we can share your personal information||Does Cliq share?||Can you limit this sharing?|
|For our everyday business purposes— such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus||Yes||No|
|For our marketing purposes— to offer our products and services to you||Yes||No|
|For joint marketing with other financial companies||No||We do not share|
|For our affiliates’ everyday business purposes— information about your transactions and experiences||No||We do not share|
|For our affiliates’ everyday business purposes— information about your creditworthiness||No||We do not share|
|For our affiliates to market to you||No||We do not share|
|For non-affiliates to market to you||No||We do not share|
|Who we are|
|Who is providing this notice?||CardFlex Inc. dba “Cliq” (cliq-2019.360-biz.com)|
|What we do|
|How does Cliq protect my financial information?||To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.|
|How does Cliq collect my financial information?||We collect your personal information, for example, when you:
We also collect your personal information from other companies.
|Why can’t I limit all sharing?||Federal law gives you the right to limit only:
State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
|Affiliates||Companies related by common ownership or control. They can be financial and nonfinancial companies.|
|Nonaffiliates||Companies not related by common ownership or control. They can be financial and nonfinancial companies.
Cliq does not share with non-affiliates so they can market to you.
|Joint marketing||A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
Cliq does not jointly market bank products with other financial Companies.
1. SCOPE/APPLICATION: This Privacy Statement describes how we may collect, store, process and use any personal information or data (defined below) that you provide to us.
1.1 Coverage: This Policy covers your use of our services, products, technologies, website and marketing content (collectively referred to as our “Services”), which are primarily targeted towards U.S. residents (and green-card holders) over the age of 18. It may, in certain limited circumstances, also apply to individuals residing outside the United States (e.g. the European Union) if and to the extent that such persons voluntarily choose to utilize one or more of our products/services. The Policy applies to: i) individuals that provide their own PII to us; or (ii) any agent that provides PII for other individuals or on their behalf.
1.2 Consent: By using any Service, including without limitation, applying or signing up for an account, making use of our website or smartphone app, or conducting transactions via any card or instrument issued to you, you accept all terms outlined in this Privacy Statement without reservation, exception or alteration. You also expressly consent to the collection, use, disclosure, sharing, processing and retention of your personal information/data as permitted by applicable law or regulation. If you do not agree with the terms of this or any future Privacy Statement, or to our data collection and use policies in general, you should refrain from using our Services.
1.3 “Personal Information” (aka “PII”) defined: Any information relating to or associated with an identified or identifiable natural person, whether alone or in combination with other information. PII includes, without limitation, things such as: (i) your first and last name; (ii) your telephone number; (iii) your date of birth; (iv) your email address; (iv) your Social Security number; (v) your Driver’s License or Passport number; (vi) your height, weight and other physical characteristics; (vii) your Internet browsing or search history; (vii) geolocation information; (viii) your employment history; (ix) certain audio, electronic, visual, thermal, olfactory or similar information; (x) biometric data (such as fingerprints); or (xi) purchase records for products or services, including purchasing or consuming histories or tendencies. It also includes, in certain jurisdictions (most notably California) information that is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular household, such as a physical address, an Internet Protocol address, or property records. “PII” also includes information that would constitute “personal data” under applicable law.
1.4 Changes to this Statement: We may make changes to this Statement from time-to-time to reflect changes in applicable laws or regulations, and changes to our business or our services. When any changes are made, we will post a revised version of this Statement and update the “Last revision” date provided below. Any changes will become effective when posted unless indicated otherwise. We encourage you to check our website regularly to ensure that you are aware of the latest updates, and whenever you use any of our Services. Your continued use of Services following an update will be treated as your acceptance of any revision or update up to and including the date of said use.
1.5 Supplemental Policies: In addition, this Statement may be supplemented by additional statements, policies or notices that may apply to one or more of your Services and, by extension, to you. Such additional statements, policies or notices are intended to be read together with, and incorporated by reference into, this Privacy Statement. One such Supplemental Policy covers our Prepaid card offerings, and is available by clicking here: https://cliq-2019.360-biz.com/wp-content/uploads/2016/08/Prepaid-Privacy-Notice-12-30-2014-11.pdf
1.6 Third-Party Websites: This Statement only applies to Cliq and persons or entities that it owns, manages or otherwise controls. Cliq does not and cannot speak for companies or people that it does not own or control, may contain links to other destinations on the Internet whose privacy practices may be different from Cliq’s, and that have varying scopes of coverage. If you disclose information to any other party, different terms may apply to their use and disclosure of information, and Cliq has no control over any information (personal or otherwise) that you submit to external sites. As such, you are encouraged to carefully review the privacy policies of each site you visit.
1.7 “Selling” or “Sale” defined: “Selling” of PII means, for purposes of this Policy, selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.
1.8 “Deidentified” and “Pseudonymized” Information: “Deidenitifed Information” refers to PII that cannot reasonably identify, relate to, describe, or be capable of being associated with, or be linked, directly or indirectly to, a particular individual person. “Pseudonymized” means PII that it is no longer attributable to a specific individual without the use of additional information, provided that said additional information is kept separately and is subject to technical and organizational measures to ensure that it is not attributed to an identified or identifiable individual. While “pseudonymized” information can, under certain circumstances, be considered “deidentified,” the information must be subject to technical safeguards and business processes that prohibit reidentification of the person to whom the information pertains and seek to prevent any inadvertent releases of said deidentified information.
2. WHAT INFORMATION IS COLLECTED AND PROCESSED: Cliq® collects and processes various forms of personally-identifiable information when you register with Cliq and use its products or services. Some examples are as follows:
- Identifying details about you, such as your name, address, date of birth, social security or tax ID number, government-issued identification (such as a driver’s license or passport), email address and telephone number (collectively known as “profile data”);
- Information collected through one or more technical processes, such as the name of your Internet Service Provider (“ISP”), your Internet Protocol (“IP”) address, geolocation information, details on the type of Internet browser you are using (Chrome, Firefox, IE, Safari, etc.), the specific web page(s) you accessed from our site, and the Media Access Control (“MAC”) address of your computer, smartphone or other device (collectively known as “technical data”);
- Information you submit to us as part of an inquiry about our products and services (collectively “inquiry data”);
- Information concerning what products and services of ours you use, your current funds balance(s), and past account history (collectively, “account data”);
- Information on one or more specific transactions made via your account (collectively, “transaction data”).
- Information obtained via cookies and similar technologies, as described in greater detail below (“cookie data”); and
- Information about any communications, notices and professional interactions we have with you, whether by e-mail, telephone or otherwise (“correspondence data”).
3. LEGAL BASIS FOR SUCH COLLECTION AND USE: The use, collection and processing of personal data is done by obtaining user consent, as denoted above. We also have a number of legitimate business justifications for performing these activities that directly benefit users, such as processing customer transactions, accounting and reporting tasks, maintaining security, improving our products and services, and providing customer support. In addition, we may collect, use and process such information in order to comply with certain legal obligations, such as where a court, law enforcement agency or regulator asks us to do so.
5. YOUR CHOICES: In most cases, you may access, change, or correct any of your profile data by simply logging into your account. If you are unable to access your account due to technical difficulties or otherwise, you may send a written request to us using the contact details below. Please include a list of the specific data item(s) you would like to have corrected or changed and a brief summary of the reasons for doing so. Be advised that we will take steps to confirm your identity before accessing, changing or correcting any of your personal data. Also, from time to time, if we send you notifications concerning updates and helpful information concerning our Services, our policies/procedures, or industry developments that may have a material effect on the foregoing, these messages will include a link or other method for “opting-out” of future messages, which you are free to do at any time. CALIFORNIA RESIDENTS: California residents should also refer to the section below concerning their rights under the California Consumer Privacy Act (“CCPA”).
6. INFORMATION SHARED WITH THIRD PARTIES: Cliq limits access to your personal information wherever possible to only those individuals or entities that we reasonably believe have a legitimate need to know the information. Cliq neither sells, rents, licenses, loans nor otherwise distributes any personally-identifiable information about any of its users to third parties for marketing or similar purposes. As discussed above, we may share certain personal data with third parties in order to:
- Comply with a valid subpoena, court order, investigative demand, discovery request, or other form of legal inquiry;
- Establish or exercise our rights or those of our affiliates;
- Defend ourselves or our affiliates against legal claims;
- Investigate or take action concerning any potentially unlawful activities, including the violation of any agreement we or our affiliates have with you;
- To rectify any potential threats to our safety, your safety, or the safety of others;
- Satisfy the requirements of any law or regulation;
- Effectuate a merger, acquisition, financing, transfer, or other form of ownership change involving all or any portion of Cliq’s stock or assets;
7. COOKIES: Cliq may set and access first-party “cookies” and similar preference-preservation items on your computer. We use this information to customize your visit to our website, and to help us see how the site is used. If you do not want cookies placed on your device, this can often be prevented by changing certain settings in your Internet browser. Please consult the pertinent “help” files or user documentation for assistance in this regard. Be advised, however, that certain aspects of our website and other Services may not be available or provide the same level of interactivity and customization if these tools are disabled.
8. CHILDREN’S PRIVACY: With the sole exception of one strategic relationship (BusyKid), Cliq does not direct or target any of it Services, including, without limitation, this website, at children under 13 years of age. Cliq will not knowingly collect PII from children under the age of 13. If you are a parent or guardian and feel that we have received or used any personal information concerning your child without proper consent, please notify us in writing via any of the methods listed below so that we may investigate and, if needed, take corrective measures. CALIFORNIA RESIDENTS: If you are a minor between 14 and 16 years of age and reside in California, you may have certain “opt-out” and disclosure rights under California Law, as described in Section 11 below. Please drop us a line at email@example.com to learn more about these rights and steps you can take to exercise them.
9. SECURITY: Cliq takes I.T. security very seriously. We use commercially reasonable physical, electronic, and procedural safeguards to protect and limit access to our systems and information. Safeguards are implemented in accordance with all applicable laws and regulations, such as the Gramm-Leach-Bliley Act (“GLBA”) and PCI-DSS, and may include, without limitation, network firewalls, encryption, anti-virus software and procedures for controlling physical access to our facilities. In addition, our staff receives regular training in sound security practices and the proper handling of customer information. Please note, however, that no data transmission or storage system can be guaranteed to be 100% secure, and it is therefore important for you to take affirmative steps on our your own to help protect your personal information. For example, you should always use “strong” passwords, and never share them with anyone. You should also let us know immediately in writing if your personal information has been compromised in any way.
10. PCI-DSS COMPLIANCE: Cliq complies with the PCI-DSS as a “Level 1” merchant/agent. Proof of said compliance is available at: https://www.visa.com/splisting/searchGrsp.do or upon written request.
11. CALIFORNIA AND NEVADA RESIDENTS: These states permit residents additional controls over the use of their personal information.
YOUR PRIVACY RIGHTS IF YOU LIVE IN CALIFORNIA
California law entitles California residents to request additional information from a business which shares “personally identifiable information” (“PII”) with unaffiliated third parties for their direct marketing purposes. Be advised that Cliq does not share any PII with unaffiliated third parties, whether for its own or any third parties’ direct marketing purposes.
We may, from time-time, share PII with some affiliates that are wholly owned by, or under common control of, Cliq. We may also share PII with Service Providers to facilitate transactions and/or perform services that you request from us. Any such service providers are (or will be prior to any disclosure) bound by written, signed agreements restricting any use/disclosure beyond the specific context justifying the original disclosure. We will, upon written request, provide you with information about these affiliates and/or services providers, including but not limited to a list of the categories of any PII that we may have shared with them and the purpose(s) for such sharing.
California Residents are also entitled to request a list of all the categories of PII that we (Cliq) currently have on our systems, or have had within the past twelve (12) months. They may also request that any such PII be deleted within a reasonable timeframe. California Residents should send an email explaining the desired request(s) to: firstname.lastname@example.org.
YOUR PRIVACY RIGHTS IF YOU LIVE IN NEVADA
12. E.U. RESIDENTS: Cliq’s products and services are primarily targeted toward citizens and residents of the United States. However, if and to the extent that a European resident or national makes use of one or more of said product/service offerings, and Cliq is required by law or other rule, including inter alia the EU General Data Protection Regulation (“GDPR”), to give data subjects any rights or options concerning their personal data that differ or exceed those discussed herein under U.S. law, we will, upon written request, take all commercially reasonable steps to enable these rights or options in accordance with said law or regulation.
- International Transfer Considerations: Cliq’s main corporate offices are located in Southern California. It also maintains an offsite data center in the greater Phoenix, AZ area. As such, the company does not transfer the personal data of any European users it may have out of the European Union. Typically, the only “onward transfer” of personal data concerning an EU resident would be done by the resident him/herself, whether completing an application, performing a transaction, or visiting his/her account management page. However, if you are an EU resident or national and have a good faith belief that the company, or any third party acting on its behalf or under its direction or control, has effectuated an onward transfer of your personal data to a location outside the EU without proper consent, please let us know by written request via any of the methods listed below.
13. CONTACT: Please feel free to contact us at any time with questions or concerns regarding this Statement or any of the topics discussed herein.
14. RETENTION: We will retain certain PII stored on our servers in accordance with our general archival practices and as required or permitted by law. We will store PII only for as long as is required to fulfill the purposes set out above. However, where we are required by law to retain a PII longer or where PII is required for us to assert or defend against legal claims, we will retain the said PII until the end of the relevant retention period or until the claims have been resolved.
Mailing address: 2900 Bristol St., Building F, Costa Mesa, CA 92626, U.S.A.
Fax: 1(714) 862-1224
Privacy Choices: Customer Request Form
Note: Please put “PRIVACY INQUIRY” as the subject of your message.
Last revision date: January 1, 2020