Digital Retail Apps SelfPay®
Digital Retail Apps
80 St. Clair Ave. West, Suite 1
Toronto, ON, Canada, M4V 1N3
Attention: Privacy Officer
Email: [email protected]
Telephone: +1 (855) 994-4771
We at DRA may collect, store and disclose some or all of the following information from users of SelfPay® and our website for the purposes of providing a better in-aisle mobile payment and shopping user experience, to aggregate user data to better understand general shopping patterns and report them in an aggregate, unidentifiable form, to retailers, brands and market researchers. We may also keep track of and use your shopping history to provide you with relevant product offers and suggestions and payment method offers and suggestions, such as new payment card or payment methods, options or offers. We may also disclose and transfer your Personal Information in the course of a potential or actual merger, sale or acquisition of our business.
“Personal Information” as used in this policy means information about an identifiable individual, such as your name, your login credentials, your email address, shopping history, location of your device, payment method selected (such as your issuing bank card), your Account Password and Payment PIN, your tokenized card numbers, your merchant social media or retailer branded in-store shopping page interactions, and includes non-personal information that we link to Personal Information.
How We Collect Data
Personal Information may be collected through a variety of methods including:
– Interactions such as in-app field text entry or scanning and/or purchasing items within the SelfPay® app
– Data entered in while in-app through the use of a third party application programming interface (“API“) such as that used to enter in payment card data through the use of the device camera
– Data generated through use of the mobile device via device-native features such as location information
– Permissions to link the SelfPay® account with third parties such as social media services
Data Collected, Storage and Use
A variety of data is collected that relates to the identity of the user, login credentials, payment method and card data, location of the device, shopping history, retailer social media accounts and in-store shopping page interactions through the use of SelfPay®. We do not employ cookies.
Digital Retail Apps may collect data relating to your name, email address, device ID and location. This information is used to create an account for use with SelfPay®, to contact you for in-app product and payment method suggestions or promotions, or as a method of verifying payment method credentials against the information stored with the payment method provider. This data is stored securely in our server database. You may change your email address within the SelfPay® app. Any name changes must be made by contacting our Privacy Officer at [email protected].
Login credentials involve your creation of a username in the form of providing your email address, creating a SelfPay® password (the “Account Password”), and a 4-digit PIN used at payment in the SelfPay Wallet when using your bank issued credit card or credit card branded debit card (the “Payment PIN”). These are all entered in by the user on the mobile device. The login credentials are stored securely on the DRA server, to be verified through an Internet connection. The Payment PIN is also stored securely on the mobile device. The login credentials are used to make it more convenient for the user to sign in to the SelfPay® app the next time. The Payment PIN is required to add, edit or delete a payment card or method, and to use a payment card or method at checkout. You may change your email address, Account Password and Payment PIN all within the SelfPay® app. We recommend that you also implement a secure password on your mobile device to lock it to protect it from unauthorized access and to protect the information, passwords and PINs stored on your device.
To change your Login credentials, see “Updating Personal Information” below, for more information.
Payment Method and Card Data
Redacted card numbers consisting of a maximum of the first 6 and last 4 numbers of a user’s payment card, and expiry dates, are stored safely and securely with DRA in our server database and on the user’s mobile device protected behind the Payment PIN.
This payment card or method data is stored with DRA and the external payment provider until the user deletes the payment method, closes his/her account or the payment method expires.
Location of Device
DRA, through the SelfPay® app, collects data relevant to your mobile device location. This data is collected through the use of location services being turned on in the mobile device settings and is used for security purposes to identify the user present for the payment method, to notify the user that they are nearby a supported retail location, and to open the retailer branded in-store shopping page or the main navigation page on SelfPay® based on the user’s location. You cannot shop without turning your location on. If you don’t turn on your mobile device location services, you won’t have SelfPay® app functionality and you will not be able to shop or buy anything using SelfPay®.
The location data history of the mobile device while in SelfPay® is stored on the DRA server until the user deletes his/her account.
DRA, through the SelfPay® app, collects data relevant to a user’s shopping history such as products or services browsed or purchased, participating retail locations visited while in app, payment card brand and issuing bank, and uses that data for the purposes of providing a better in-aisle mobile payment and shopping user experience, to aggregate user data to better understand general shopping patterns and report them in an aggregate, unidentifiable form, to retailers, brands and market researchers. We may also keep track of and use your shopping history to provide you with relevant product offers and suggestions and payment method offers and suggestions, such as new payment card or payment process options or offers. User shopping history is stored securely on the DRA server until the user deletes his/her account.
Retailer Social Media Accounts
You may link a participating retailer’s social media account to SelfPay®, which will take you outside of the app, and you can use your mobile browser to open the participating retailers’ social media pages, such as Twitter, Facebook and Pinterest. Once outside SelfPay®, we are not responsible for, nor do we endorse or have any control over, those social media pages or their content or any information collected by those pages, and any use of those pages or sites is at your own risk. The manner in which any posts are made or data is collected on those pages, are governed by the privacy policies and terms of the respective retailer.
Links to Third Party Sites
At times, SelfPay® or the DRA website may provide links to other websites. Digital Retail Apps is not responsible for the content or privacy practices of these websites. This policy applies only to the services of and data collected by the SelfPay® app and the DRA Website.
Third Party Usage
Digital Retail Apps may share some non-sensitive app usage and browsing data in an anonymous manner with third party partners. This data may be shared with retailers and brands, but it may not be used to contact the user outside regular in-app use. While third parties may receive some data relating to general purchase habits and scan histories in aggregate, they will never receive the user’s Personal Information and will not be able to contact the user outside of regular app use. Some payment data however, may be shared with payment service providers for reasons relating to fraud prevention.
DRA may preserve or disclose your information (including, but not limited to, your Personal Information), in order to cooperate fully with local, provincial and federal officials in any investigation relating to any purported unlawful activity.
Protection, Retention and Destruction of Personal Information
All data except for that relating to that which is already shared with other parties or that which is required to be stored by law or as part of payments best standards may be deleted in a confidential manner by closing the user’s SelfPay® account. DRA will take commercially reasonable efforts to ensure that Personal Information collected is protected against loss and unauthorized access. Personal Information is collected and stored in a secure manner as required by DRA.
Updating or Deleting Personal Information
If you feel that you need to update or delete your Personal Information for any reason, please send an email detailing the request to [email protected]. Once we receive your request, we will take reasonable steps as required by and in compliance with all applicable laws, to update or delete any Personal Information you have submitted. If you wish to have your Personal Information deleted, we will need to disable your SelfPay® account to do so. Some information may need to be retained by law as reasonably required for tax, record keeping and evidentiary purposes. Subject to such data retention requirements, your Personal Information will be deleted from the DRA servers once all liability relating to payments made using old credentials expires.
© 2013-2017 Digital Retail Apps Inc.
SelfPay® is a registered trademark of Digital Retail Apps Inc.