We at RBC PayEdge Inc (PayEdge), a direct wholly-owned subsidiary of Royal Bank of Canada, are committed to protecting your privacy. Please read below for a more detailed rundown of our policies. If there is any inconsistency between your Terms of Service and this Privacy Policy (the “Policy”), your Terms of Service will prevail.
We understand that privacy matters, and so we take care with the information you share with us. This Policy explains our policies and procedures with respect to the information that we collect through our Platform.
Consent
By using the Website or our Services you consent to the use of your Personal Data as described in this Policy. By using the Services, you are accepting the practices described in this Policy. If you do not agree with this Policy, you do not have PayEdge’s permission to use our Website and/or Platform. Except as set forth in this Policy, your Personal Data will not be used for any other purpose without your consent. You may withdraw your consent to our processing of your Personal Data at any time. However, withdrawing consent may result in your inability to continue using certain features of the Website and/or the Services. Your continued use of our Website or Platform signifies your acceptance of this Policy.
This Privacy Policy will answer the following questions:
- What does this Policy apply to?
- What information does PayEdge collect?
- How does PayEdge collect Personal Data?
- How does PayEdge use the information it collects about me?
- Does PayEdge ever disclose Personal Data or other information?
- How does PayEdge secure collected data?
- How are updates to this Policy handled?
If this Policy raises any further privacy questions, comments, or suggestions or if you wish to request a copy of the Personal Data we hold about you, we encourage you to reach out to us at service@rbcpayedge.com Our policies will continually adjust to the exciting and ever-changing landscape of payments and will be informed by the valuable feedback of our visitors and users.
Please also review the Terms of Service which govern your use of our Services. Capitalized terms in this Policy not otherwise defined herein have the same meanings as the definitions of those terms in your Terms of Service. A note for children under 13 years old. PayEdge does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through this Website. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide Personal Data on this Website without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to PayEdge via this Website, please contact us, and we will endeavour to delete that information from our databases.
What does this Policy apply to?
Application of this Policy
This Policy applies to all interactions and exchanges of information between PayEdge and you via the RBC PayEdge(opens in a new window) website and/or the RBC PayEdge Receivables (opens in a new window) website, including all subpages and successor pages (collectively, the “Website”), and with respect to the infrastructure and applications that enable use of the Services (our “Platform”), including but not limited to sending, receiving and managing payments, communications to and from PayEdge, including communications sent via email and SMS, support and maintenance (collectively, the “Services”) and our gathering of information such as usage statistics in relation to the usage of the Services.
Visitors to the Website who do not use our Platform for any transactions or other activities, such as making, receiving or managing payments, are not required to provide any Personal Data. We may, however, passively collect personally non-identifiable information – information that may correspond to a particular web browsing session, but does not identify the particular person doing the browsing – for the purpose of improving our Website and Platform. Please note that access to your payment history requires validation of your e-mail address.
Exclusions
This Policy does not apply to any unsolicited information you provide to us via this Website or any other means. This includes, but is not limited to, information posted to any public areas of the Website, such as bulletin boards (collectively, “Public Areas”), any ideas for new products or modifications to existing products, cookie-based information brought to RBC PayEdge(opens in a new window) or RBC PayEdge Receivables (opens in a new window) by your web browser, public postings on social media, and other unsolicited submissions. For clarity, this Policy also does not apply to information relating to non-natural persons.
This Website may contain links to other websites not operated or controlled by PayEdge (collectively, “Third Party Sites”). The policies and procedures we describe here do not apply to such Third Party Sites, and furthermore, links from this Website do not imply that PayEdge endorses or has reviewed any Third Party Sites. Please always review the privacy policies and terms of service of any third parties prior to engaging in business or interacting with them.
What information does PayEdge collect?
The term “Personal Data”, as used in this Policy, refers to any information that can be used to identify a specific natural person, and/or that is linked to a specifically identified natural person. Personal Data does not include information that has been aggregated or made anonymous such that it can no longer identify a specific person.
PayEdge will specifically collect the following Personal Data and other non-identifiable information:
Registration Information: We collect Personal Data from you, such as your contact and payment information, when you register for and use our Services.
Transaction Information: When you use our Platform to make or accept payments, we collect information about when the transactions occurred, a description of the transactions, the payment amounts, and the Supplier you designated to receive the payment or the Payor you requested the payment from, as applicable.
Device Information: We collect device-specific information when you access our Platform, including your hardware model, operating system and version, unique device identifiers, mobile network information, and information about the device’s interaction with our Platform. We may also identify other software running on the device (but will not collect any content from such software) for anti-fraud and malware-prevention purposes.
Use Information: We collect information about how you use our Platform, including your access times, browser types and language, and Internet Protocol (“IP”) addresses.
How does PayEdge collect Personal Data and Other Information about me?
Personal Data
In general, PayEdge collects Personal Data about you in two ways: 1) when you provide it directly to us, for example when you register for access to our Services, when you make or receive payments or interact with our client services, or 2) when we receive such data from industry or business partners, for example, if your Supplier or Payor sends us a payment on your behalf. Your usage of this Website and our Platform determines in large part the collection and use of your data – more specific details can be found below in this section. This includes but is not limited to email notifications, SMS notifications, on-site alerts, modal windows, and other mechanisms that PayEdge may elect to utilize.
Other Information
We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Cookies help provide additional functionality to the Website and help us analyze Website usage more accurately. Through Cookies we can offer additional site functionality, and make sure that those who are most interested can find us online. For example, we may set a cookie on your browser that enables you to access this Website without needing to enter a password more than once during a single visit. Cookies also support the integrity of our registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. Based on Website usage and browsing data we collect through Cookies, PayEdge can also target specific advertisements directly related to your interest in us.
On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Website’s more advanced features. If you choose to delete or switch off cookies you may not have access to certain features or areas of the Website.
We may also collect information using web beacons. Web beacons are electronic images that may be used in our Platform or emails. We may use web beacons to deliver cookies, count visits, understand usage and campaign effectiveness, and determine whether an email has been opened and acted upon.
How does PayEdge use the information it collects about me?
Payment-related data, including your cardholder data, is securely stored for accounting and auditing purposes, and certain information may be made available to your Suppliers or Payors via our secure Platform. Suppliers paid and Payor that pay through PayEdge may customize the information they collect from you via PayEdge at time of payment. This information is subject to change at any time and may include but is not limited to your full name, home address, phone number, and invoice number. You agree to allow PayEdge to share this collected information with the Supplier or Payor, as applicable.
PayEdge, its subsidiaries, and affiliates, including, without limitation, Royal Bank of Canada may also use your Personal Data and other personally non-identifiable information collected through this Website, the Service, and/or the Platform to improve our Service, Website and Platform; to verify your identity and understand and investigate your financial situation and background; to provide the Service; to determine, and make decisions about, your eligibility for the Service or other products and service provided by PayEdge or an affiliate, such as Royal Bank of Canada; to communicate to you any benefit, feature or other information about the Service or other products and service provided by the PayEdge or an affiliate, such as Royal Bank of Canada; and as required or permitted by Applicable Laws.
We may use your contact information in the future to notify you of important things, including but not limited to new or expanded Platform capabilities, pending payment deadlines, or promotions from PayEdge or our partners. We may contact you via email, mail and/or through SMSs or text messages. If we do so, when required, communication we send you will contain instructions permitting you to “opt-out” of receiving future marketing communications. This will remove your contact information from all future out-going marketing communications. Additionally, if for any reason you find our “opt-out” instructions unclear, and wish to cease receiving any marketing communications from PayEdge, or you wish to have your name deleted from our marketing mailing lists, please contact us as at service@rbcpayedge.com. We retain the right to contact you regarding your use of the Services notwithstanding any “opt-out” instructions regarding marketing communications received from you.
PayEdge will occasionally conduct research on our customer demographics, interests and behaviour based on Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and PayEdge may share this aggregate data with its affiliates, agents and business partners. Importantly, this aggregate information cannot be used to personally identify any PayEdge user. We may also disclose aggregated user statistics in order to describe our Platform to current and prospective business partners, and to other third parties for other lawful purposes.
Does PayEdge ever disclose Personal Data or other information?
PayEdge does not sell or rent your Personal Data to marketers or third parties for marketing purposes. Other than set out above and in your Terms of Service, we sometimes share information with trusted third parties to perform functions related to this Website and our Platform. These trusted third parties may include, but are not limited to, credit card associations, banking and processing partners, security and audit providers, as well as any other entities that you have directly authorized to receive your Personal Data. We take efforts to limit the amount of information that is shared with third parties to what is necessary to accomplish the specific business purpose.
We may disclose your Personal Data to law enforcement, government officials, regulators and/or other third parties from the jurisdiction in which you reside or from other jurisdictions if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) act in urgent circumstances to protect the personal safety of users of this Website or the public, or (iv) protect against legal liability.
In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
From time to time we may employ third parties to help us improve the Website and/or the Services. These third parties may have limited access to databases of user information solely for the purpose of helping us to improve the Website and/or the Services.
How does PayEdge secure Personal Data?
Credit and debit card data is stored and managed in compliance with strict Payment Card Industry (PCI) standards. PayEdge utilizes tokenization, a payments industry-standard procedure, to limit exposure of sensitive cardholder data. Your credit and/or debit card information is sent directly to our secure, encrypted data vault, which generates a random, cryptographically secure token that is used by our payment application to submit payments on your card. Once information is deposited into the vault, it cannot be directly retrieved by our payment application or any third parties.
Although no data transmission or storage can be guaranteed 100% secure and error-free, PayEdge takes great care to protect Personal Data collected via this Website from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, in both transit and at rest. Connections to this Website are secured with an Extended Validation (EV) SSL certificate with 256-bit encryption, and our data centers, located in Canada and the United States, boast enterprise-level security with top-level industry certifications and fault-tolerant, distributed systems. Other security safeguards include, but are not limited to, encrypted vault storage for sensitive data, strict hardware firewalls, and limited physical access to buildings, servers, and files.
As some of our data centers are located in Canada, your Personal Data may be available to the Canadian government or its agencies under a lawful order, irrespective of the safeguards we have put in place for the protection of your Personal Data.
We at PayEdge do our best to secure your data, and we ask that you take reasonable precautions as well. Ensure your personal computing device has up-to-date security and anti-virus software, and please consider carefully what information you choose to send anyone via the Internet and log of your account when you are finished using the Services and do not share your password with anyone.
How are updates to this Policy handled?
This Website and Services may change from time to time, which may necessitate revisions to this Policy. PayEdge reserves the right to update or modify this Policy at any time without prior notice. Please review this policy periodically, and especially prior to providing any Personal Data. If you use the Website and/or Services after a revised Privacy Policy is posted, you will be bound by the terms of the revised Privacy Policy.
Access and Accuracy
You have the right to access the Personal Data we hold about you in order to verify the accuracy of that information. Upon receipt of your written request, we will provide you with a copy of your Personal Information. We will endeavour to deal with all such requests for access in a timely manner.
Having accurate Personal Data about you enables us to give you better service. We will make every reasonable effort to keep your Personal Data accurate and up-to-date.
Retention
We will keep your Personal Information for as long as it remains necessary for the operation of the Website and Services or as required by law, which may extend beyond the termination of our relationship with you. Subject to the foregoing, in general, once you inform us that you no longer wish to use the Website or Services, we will delete your records from our systems as soon as practicable.
Updating your Information; Contacting Us
Please keep us informed of any changes such as a change of address or telephone number. If you would like to access your information, if you have any questions, comments or suggestions of if you find any errors in our information about you, please contact us at: service@rbcpayedge.com