This Policy explains:
Personally Identifiable Information ("PII"). PII means information or a combination of information that can be used to identify, contact, or locate a specific person. We may collect the following types of PII from you:
Sometimes, we may combine PII you provide with information from third-party sources. For example, we may confirm your address with the postal service or verify your personal information with a credit-reporting agency. We will treat the combined information in accordance with the terms of this Policy.
Other Information ("OI"). OI is any information other than PII that does not reveal your identity or directly relate to a person. We may collect the following OI from you:
OI may also include PII we have de-identified or aggregated to the point where it no longer identifies a particular individual. If we ever combine OI with any PII, we treat it as PII is treated under this Policy. In some jurisdictions, some OI may be considered PII by law. In those cases, we will treat the information as PII is treated under this Policy.
We collect PII when you provide it to us. This can occur when you fill out applications, create accounts, complete a purchase, add money to your account, send in forms, take surveys, or fill in various online fields on our Sites. We also collect PII when you contact us with inquiries, customer support requests, or employment applications.
We may also collect the PII of third parties when you provide it to us. For example, if you choose to use our service to send a gift to a friend or register a family member for an account, we will ask you for your their name and address or email address. In addition, we may collect third party PII through our "Refer a Friend" program. Blackhawk stores this information for the sole purpose of completing the transaction. If you provide PII of a friend or family member and they want us to delete this information, they should contact us at firstname.lastname@example.org. We may not always be able to remove their PII. We will let them know if we cannot do so and why.
We may use PII we collect for the following purposes:
We and certain third-party service providers with whom we have agreements may collect OI in a variety of ways, including:
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received, including encrypting the transmission of any sensitive information, such as payment card information. If you have any questions about the security of your personal information, you can contact us at email@example.com.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Some of our websites offer you the ability to upload your own image to be used to create a personalized product. You may have the option to make these images available in publicly-accessible directories. You should be aware that any information you provide in these areas may be read, collected and used by others who access them. To request removal of your personal information from these public forums, please email us at firstname.lastname@example.org or contact us by postal mail at the contact information listed below. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Upon request Blackhawk will provide you with information about whether we hold any of your personal information. You may access, correct, update, amend, remove, ask to have it removed from a public forum, directory or testimonial on our site or deactivate it by making the change on your account page, emailing us at email@example.com or by contacting us by postal mail at the contact information listed below. We will respond to your request within a reasonable time.
Blackhawk acknowledges that you have the right to access your personal information. Blackhawk may have no direct relationship with some individuals whose personal data it processes. In those situations, an individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to Blackhawk's partner who has the direct relationship (the data controller). If requested to remove data we will respond within a reasonable timeframe.
Many browsers provide you an option to request that a web application disable either its tracking and/or cross-site user tracking of an individual user. We do not track your online activities across different Sites, and we only track your activity within a Site to the extent you log into your account.
Therefore, our practices remain the same whether or not you enable the "Do Not Track" feature.
Our Sites are not directed to individuals under the age of thirteen (13), and we request that such individuals do not provide PII through our Sites. We do not knowingly collect information from children under 13.
If you live in the European Economic Area ("EEA") or in Canada, the data that we collect from you may be transferred to and stored at a location outside the EEA and Canada. It may also be processed by staff operating outside the EEA and Canada who work for us or for one of our service providers. Among other things, such staff may process and store your information and provide support services. By submitting your personal data, you agree to this transfer, storing or processing. We will ensure that your data is treated securely and in accordance with this Policy.
Blackhawk (and its subsidiary companies Blackhawk Network, Inc., Blackhawk Network California, Inc., Blackhawk Engagement Solutions, Inc., Cardpool, Inc., CardLab, Inc., and Omni Prepaid, LLC) participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Blackhawk is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List. https://www.privacyshield.gov/list
Blackhawk is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Blackhawk complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Blackhawk is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Blackhawk may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Blackhawk complies with the U.S. - Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. Blackhawk has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Blackhawk's certification, please visit https://safeharbor.export.gov/swisslist.aspx.
This Policy is subject to change. Please review it from time to time. If we make changes, we will revise the "Late Updated" date at the top. Any changes will become effective when we post the revised Policy. If we make any material changes we will notify you by email or by means of a notice on this Site prior to the change becoming effective.
Chief Privacy Officer Blackhawk Network, Inc. 6220 Stoneridge Mall Road Pleasanton, CA 94588 firstname.lastname@example.org