GDPR Privacy Policy for UK and EEA

Last Updated December 28, 2021

VeriFone, Inc. and our affiliates (“Verifone”) are committed to protecting your personal information and privacy. Personal information is data that relates to an identified or identifiable individual. This Privacy Policy applies to personal information that we collect and maintain about people located in the European Economic Area and the United Kingdom. It describes the type of personal information we collect or receive, how we use, share and protect personal information, how we use cookies and similar technologies and your rights and choices. If you have any questions on the Privacy Policy, please see the contact information at the bottom of this page.

Personal Information We Collect

Information you provide

We collect or request personal information from you when you:

Contact us by email, telephone, mail or other means;
Request a quotation, support, downloads or information;
Purchase a product, service or solution from us;
Create or manage an account;
Register or activate a device (e.g., payment terminal);
Apply for financing or commercial credit;
Register for events, webinars or services;
Subscribe to newsletters, event notices or information materials;
Participate in surveys, contests or other promotional activities.

The types of personal information we may request will generally be apparent to you at the time you provide it, and may include:

Name;
Contact details (e.g., postal address, email address, telephone number);
Professional or employment-related information (e.g., job title)
Online identifiers, including login credentials (e.g., user name);
Financial details (e.g., credit or payment card number, bank account number, billing address);
Identification data and documents (e.g., photo, passport, driver's license, national ID);
Demographic information (e.g., birthdate).

If you choose to participate in one of our online surveys, which we conduct to better understand the needs of our customers, we may request additional categories of personal information from you.

Information we collect automatically

In addition to personal information that you provide us, our web servers automatically collect certain internet and electronic network activity information. This includes the domain names of all visitors to the Verifone Sites and we also use third party web analytics services which may collect information like your IP address, device type, device ID, and other technical information through the use of cookies and similar tracking technology. In the European Economic Area, some of this information may be considered personal information under applicable data protection laws.

Collecting this information enables us to better understand the visitors who come to our Sites, where they come from, and what content on our Sites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Sites to our visitors. Some of this information may be collected using cookies and similar tracking technology. For more information, please see our Cookie Policy here.

Information we collect from third parties

From time to time, we may receive personal information about you from third party sources (including resellers, distributors and other third parties that sell or service Verifone products or solutions), but only where these third parties are legally permitted or required to disclose your personal information to us. The types of information we may collect from third parties include contact details, billing information and delivery details. We use the information we receive from these third parties to provide the requested product, service or solution.

How We Use the Information

In general, we will use the personal information we collect from you only for the purposes described in this Privacy Policy or for similarly compatible purposes, or for purposes that we explain to you at the time we collect your personal information.

In particular, we will use your information for our legitimate business and commercial purposes, including to:

Provide the products, services or solutions you purchase, to carry out the terms of our agreements with you and to manage our business relationship (e.g., processing and fulfilling orders and transactions);
Maintain and service your account (including activating, registering or updating products you have purchased from us, e.g., payment terminal);
Provide customer service (including sending important notices regarding our terms, conditions and policies; informing you of upcoming events, updates, news and the latest product, service, solution and other offerings where this is in accordance with your communications preferences);
Improve, upgrade and enhance our service (including developing new products and services and analyzing our products);
Conduct auditing (including credit reference checks and other financial due diligence);
Perform accounting, auditing, billing reconciliation and collection and other internal business functions;
Undertake internal research for technological development (including performing data analysis and processing, market and consumer research, customer satisfaction research, trend analysis, financial analysis);
Undertake activities to verify and maintain the quality and safety of our service;
Detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity (including protecting against fraud and other unlawful activity, claims and other liabilities; establishing, exercising and defending legal rights; to comply with our legal and regulatory obligations under applicable law; and maintaining the physical security of our premises and electronic security);
Operate and manage our websites and perform debugging to identify and repair errors;
Other short-term transient use.

We may also use your information in an anonymized, de-identified, or aggregated manner that does not enable identification of any individual customer to evaluate and improve our offerings.

Legal basis for processing personal information

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific purpose for which we collected or requested it.

However, we will normally collect personal information from you only where:

we have your consent to do so;
we need the personal information to provide a service or to perform a contract or agreement with you; or
where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

If you have questions about or need further information concerning the legal basis on which we collect or use your personal information, please contact us using the contact details provided under the “Changes and Contact” heading below.

Information We Share

We may disclose your personal information to the following categories of recipients, including for the business purposes described above:

to our group companies, third party services providers and partners who provide data processing services to us or who otherwise process personal information for purposes that are described in this Privacy Policy or notified to you when we collect your personal information. Service providers and partners include repair or installation, anti-fraud services, resellers or distributors, debt-collection agencies, couriers, contract manufacturers, and product suppliers. A list of our current group company locations is available here.
to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
in connection with any proposed purchase, merger, reorganization, acquisition, dissolution or liquidation of any part of our business, provided that we inform the third party that it must use your personal information only for the purposes disclosed in this Privacy Policy; and
to any other person with your consent to the disclosure.

How We Protect Personal Information

We take data protection and privacy seriously. We maintain appropriate organizational, technical and physical safeguards designed to protect the personal information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Because submissions of information over the Internet are never entirely secure, we cannot guarantee the security of information you submit via the Internet and such submissions are made at your own risk.

Data retention

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service or solution or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Your Rights and Choices

If you are located in the European Economic Area, you may:

have the right to access certain personal information we maintain about you and obtain a copy of that information;
update or correct inaccuracies in that information;
object to our use of your personal information;
block or delete your personal information from our database;
object to processing of your personal information;
ask us to restrict processing of your personal information; or
request portability of your personal information.

If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You also have the right to report a complaint to your local data protection authority about our collection and use of your personal information. For more information, please contact your data protection authority. Contact details for data protection authorities in the European Economic Area, Switzerland, the United Kingdom and certain non-European countries, are available here.

To exercise these rights, please contact privacy@verifone.com and we will consider your request in accordance with applicable data protection laws. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information.

You can also request to exercise your rights under applicable data protection laws by completing an on-line form available here.

Unsubscribe from our mailing lists

You also have the right to opt-out of marketing communications we send you at any time. You can do so by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.

Links to Other Websites

Our sites may contain links to third-party sites. We are not responsible for the content or the privacy practices employed by other sites.

International Transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our website servers are located in the United States and our third party service providers and affiliates operate around the world. This means that when we collect your personal information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy. If you are located in the European Economic Area, where we transfer your personal information to other countries, we rely on:

European Commission adequacy decisions, which acknowledge that the non-EEA countries listed here have national laws that protect personal information to a substantially similar standard required by European Union law;
the European Commission’s 2021 Standard Contractual Clauses, which require non-EEA recipients of personal information to continue to protect the personal information they receive to the standard required by European Union law; or
other lawful data transfer mechanisms or derogations from data transfer restrictions.

Further details can be provided upon request. Please see contact information below.

Changes and Contact

We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy.

If you are a cardholder that has used one of our terminals at a point of sale and would like information on payment processing, please contact the merchant/retailer directly.

If you are a retailer or merchant of a Verifone affiliate company, you can review the applicable privacy policy at the links provided below.

InterCard AG – Privacy Policy is available here

2Checkout – Privacy Policy is available here.

If you have any questions about this Privacy Policy, please contact us at:

VeriFone, Inc.
Attn: Legal Department
2560 N. 1st Street, Suite 220
San Jose, CA 95131
United States

Verifone (Dimebox)
Attn: Legal Department
Singel 250
Amsterdam, Noord-Holland 1016AB
The Netherlands

Verifone UK, Ltd.
Attn: Legal Department
3 Roundwood Avenue
Stockley Park
Uxbridge
UB11 1AF
UK

You may also contact our Data Protection Officer at privacy@verifone.com.