Privacy Notice

 

Last Update Posted: January 28, 2020

Please note that Fiserv, Inc. recently acquired First Data Corporation. The Privacy Notice available on the legacy First Data site at https://www.firstdata.com/en_us/privacy.html remains applicable to those with First Data relationships. The Privacy Notice on this page remains applicable to those with Fiserv relationships.

 

Introduction.  Fiserv, Inc., on behalf of itself and its affiliates, (together, "Fiserv" or "we" or "us") is the operator of the websites with home pages at https://www.fiserv.com/en.html. We know privacy is important to you; it is also vital to our business. This Privacy Notice describes who we are, the types of "Personal Information" (information that is identifiable to a particular person) that Fiserv collects (directly or through service providers) in connection with the Site, how that Personal Information is used, shared and protected, and how you can exercise your privacy rights. This Privacy Notice is considered part of the Terms and Conditions of Use at https://www.fiserv.com/en/about-fiserv/terms-of-use.html (the “Terms"). If you have any questions or concerns about our use of Personal Information about you, then please contact us using the contact details provided at the bottom of this Privacy Notice. We recommend that you read this Privacy Notice in full to ensure you are fully informed.

1. What does Fiserv do?

Fiserv, Inc. is a global leader in financial services technology solutions headquartered in Brookfield, Wisconsin, United States but with subsidiaries and affiliates ("group companies") all around the world. Our services to enterprise customers enable today's consumer to move and manage money with ease, speed and convenience.

For more information about Fiserv, please see the "About" section of our Site at https://www.fiserv.com/en/about-fiserv.html.

2. What Types of "Personal Information" We Collect, and How We Collect, Use and Disclose It.  The Personal Information that we may collect about you broadly falls into the following categories:

a. Personal Information you directly submit to us. Fiserv may provide you the opportunity to do such things as subscribe to email alerts regarding Fiserv events or company news, to request company information, or to request product or service information through an email contact form. Such information may include your name, your company's name, your personal or company email address or other contact information. It is up to you whether to provide this information. Such information will be used and disclosed as reasonably necessary to meet your needs and respond to your requests, such as disclosing it to our email service provider to send you emails or to one of our affiliated entities to provide you with requested product information.

b. Information that we collect automatically: When you visit the Site, we may collect certain information automatically from your device or the browsing software that it uses. In some countries, including countries in the European Economic Area, this information may be considered Personal Information (or "personal data") under applicable data protection laws. Details about this information are provided in section 5 below (Cookies, browser information and tracking technology).

c. Personal Information that we obtain from third party sources: From time to time, we may receive Personal Information about you from third party sources, but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose Personal Information about you to us.

Disclosure. Fiserv may disclose Personal Information about you to its group companies, third party service providers and partners who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Site), or who otherwise process Personal Information for purposes that are described in this Privacy Notice or notified to you when we collect Personal Information about you. Parties with whom we may share Personal Information are bound to contracts requiring them to use and disclose Personal Information only for the permitted purposes set forth in the contract and to use reasonable security measures to protect Personal Information from unauthorized access and use. Information about our group companies is available at http://investors.fiserv.com/.

Fiserv may also disclose Personal Information about you to an actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use Personal Information only for the purposes disclosed in this Privacy Notice.

Fiserv may also use and disclose Personal Information to comply with laws, regulations, court orders and lawful instructions from government agencies, where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.

3. Legal basis for processing Personal Information.  If you are a visitor to our Site from the European Economic Area (EEA), our "legal basis" under EEA law for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.

However, we will normally collect or otherwise process Personal Information from you only (i) where we need to process the information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, (iii) where we have a legal obligation to process the information, (iv) where we need to process the information to protect your vital interests or those of another person or (v) where we have your consent to do so.

If we ask you to provide Personal Information to comply with a legal requirement or to enter into a contact with you, we will make this clear at the relevant time and advise you whether the provision of Personal Information is mandatory or not (as well as of the possible consequences if you do not provide Personal Information).

If we collect and use Personal Information about you in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate the Site and communicating with our customers as necessary to provide our services and for our legitimate commercial interest, for instance, when responding to your queries, improving the operation or security of the Site, understanding (through analytics) how our Site is used, undertaking marketing, or for the purposes of detecting or preventing fraudulent, abusive or illegal activities. We may have other legitimate interests and if appropriate, we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use Personal Information about you, please contact us using the contact details provided under the “How to contact us" heading below.

4. Minors.  We do not knowingly collect any Personal Information from or about individuals under 13 years of age. Please do not submit such information to us, and as a parent or legal guardian, please do not allow your children to submit Personal Information without your permission.

5. Cookies, Browser Information and Related Issues.

a. Cookies: We use "cookies" (small data files placed on your computer or other device by the server when you visit the Site) and similar tracking technology described below to collect and use information about you and the device you use to access the Site. In some countries, including countries in the European Economic Area, this information may be considered Personal Information (or "personal data") under applicable data protection laws. For further information about the types of cookies we use, why, and how you can control cookies, please see our Cookie Statement.

b. Browser Data: We collect certain standard information that your browser sends to every website you visit, such as the originating IP address, browser type and language, access times and referring website addresses. This data may be used, among other reasons, to improve the operation and security of the Site by assisting in "authenticating" who you are when you access the Site, particularly if you register for access to a section of the Site with restricted access and are issued or create a username and password.

c. Device Data. In addition, we may collect technical data about the device used to access the Site ("Device Data") (such as unique device ID, device model, operating system version, application types and versions, plug-ins, and time zone and geolocation information). Device Data may be used as part of our security controls to uniquely identify the device and authenticate the user when accessing the Site. Device Data may be shared (along with information about any fraudulent transactions using the device) with one or more third-party service providers. These providers will compare and add the Device Data and fraud data to a database of similar device and fraud information in order to identify and block access to the Site by devices associated with fraudulent or abusive activity. We will not share with service providers any information that personally identifies the user of the device.

d. Site Usage Data. We may also collect information about how your device has interacted with our Site, including the pages accessed and links clicked. Collecting this information enables us to better understand the visitors who come to our Site, where they come from, and what content on our Site is of interest to them. We use this information for our internal analytics purposes and to improve the security, quality and relevance of our Site to our visitors.

e. Widgets: Our Site includes Social Media Features, such as the Facebook Like button, and Widgets, such as the "Share this" button, or interactive mini-programs. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

f. Tracking: With respect to information about an individual's online activities over time and across different websites or online services, when a visitor uses this Site, except as required by law: (1) parties other than the operator of this Site are not permitted to collect such information, and (2) the operator of this Site does not collect such information (except information reasonably necessary to process and document user transactions). Therefore, this Site has no need to respond to and does not respond to Web browser "do not track" signals or other mechanisms that enable individuals to exercise choice regarding the collection of such information.

6. How We Protect Personal Information About You.  To protect Personal Information about you from unauthorized access and use, Fiserv maintains physical, electronic, and procedural safeguards, and requires those to whom we disclose Personal Information (including our employees and service providers) to do the same. The measures we use are designed to provide a level of security appropriate to the risk of processing Personal Information.

7. International data transfers. Personal Information about you may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different than the laws of your country.

Specifically, our Site servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect Personal Information we may process it in any of these countries.

However, we have taken appropriate safeguards to require that Personal Information will remain protected in accordance with this Privacy Notice. These include implementing the European Commission’s Standard Contractual Clauses (found at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en) for transfers of Personal Information between and among our group companies, which require all group companies to protect Personal Information from the EEA in accordance with European Union data protection law. We have implemented similar appropriate safeguards with our third party service providers and partners.

8. Data retention. We retain Personal Information about you where we have an ongoing legitimate business need to do so, for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements.

When we have no ongoing legitimate business need to process Personal Information about you, we will either delete or anonymise it or, if this is not possible, for example, because the Personal Information has been stored in backup archives, then we will securely store the Personal Information and isolate it from any further processing until deletion is possible.

9. Your data protection rights. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

If you are a resident of the European Economic Area, you have the following data protection rights under European Union law:

a. If you wish to access, correct, update or request deletion of Personal Information about you, you can do so at any time by contacting us using the contact details provided under the "How to contact us" heading below.

b. You may object to processing of Personal Information about you based on our legitimate interests, or for direct marketing.

c. You may also ask us to restrict processing of Personal Information about you or request portability of Personal Information about you. You can exercise these rights by contacting us using the contact details provided under the “How to contact us" heading below.

d. You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe" or “opt-out" link in the marketing e-mails we send you. To opt-out of other forms of marketing, please contact us using the contact details provided under the “How to contact us" heading below.

e. You have the right to withdraw any consent we have relied on at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of Personal Information conducted in reliance on lawful processing grounds other than consent.

f. You have the right to complain to a data protection authority about our collection and use of Personal Information about you. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

10. Keeping Up to Date with Our Privacy Notice. Fiserv may update this Privacy Notice from time to time in response to changing legal, technical or business developments by posting a revised version on this Site, which will be effective at the time it is posted for all Personal Information collected thereafter unless a delayed effective date is expressly stated in the revision. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws. You can see when this Privacy Notice was last updated by checking the “last updated" date displayed at the top of this Privacy Notice.

11. Scope.

a. Supplemental Privacy Policies. Some areas, features and services on the Site may be offered on the condition that you view and agree to privacy terms and disclosures specific to those areas, features and services. Those specific privacy terms and disclosures will be deemed to supplement the terms and disclosures in this Privacy Notice.

b. Other Fiserv Sites. This Privacy Notice is applicable to this Site, as specified above. However, an Other Fiserv Site (as defined in the Terms) may have its own privacy notice or other privacy-related terms posted. As with the Terms, those other privacy terms and conditions shall apply to privacy-related issues regarding that Other Fiserv Site and the use of any services, functionalities or other offerings made in connection with that Other Fiserv Site, and this Privacy Notice shall not apply in such circumstances. This Privacy Notice also does not apply to any websites Fiserv creates for any individual client; such websites shall be subject to the terms and conditions set forth in the applicable agreement between Fiserv and that client.

c. Links to Third-Party Sites. This Site may provide links to other sites operated by third parties over whom Fiserv has no control and whose privacy policies may differ from ours. These links are provided for your convenience. If you browse on or submit Personal Information to any of those sites, information about you may be collected by them and will be governed by their privacy policies.

12. How to contact us.

For questions European privacy inquiries, you may contact our Data Protection Officer at dpo@fiserv.com.

For California resident data inquiries please refer to “How to exercise your rights” below.

For all other privacy inquiries related to this Notice, please contact us at dataprivacyoffice@fiserv.com.

We also maintain a Data Privacy Hotline, which is available 24 hours per day from the United States, at +1 800-368-1000. The Hotline is the most appropriate contact for an urgent concern, such as to report a suspected data breach regarding your personal data; or, if you are a merchant, data of your customers.

For questions about your credit or debit card or your purchase, please contact the financial institution that issued your card or the merchant.

13. Information for California Residents

We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of the personal information. 

Your California privacy rights

As a California resident, you have the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by the CCPA.

  • Information.  You can request the following information about how we have collected and used your Personal Information during the past 12 months:
    • The categories of Personal Information that we have collected.
    • The categories of sources from which we collected Personal Information.
    • The business or commercial purpose for collecting and/or selling Personal Information.
    • The categories of third parties with whom we share Personal Information.
    • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of recipient.
    • Whether we’ve sold your Personal Information; and, if so, the categories of Personal Information received by each category of recipient. 
  • Access.  You can request a copy of the Personal Information that we maintain about you.
  • Deletion.  You can ask us to delete the Personal Information that we maintain about you.
  • Nondiscrimination.  You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights. However, the CCPA allows us to charge you a different price or provide a different service quality if that difference is reasonably related to the value of the Personal Information we are unable to use.

How to exercise your rights

You may exercise your California privacy rights as follows:

Right to information, access and deletion

You can request to exercise your information, access and deletion rights by:

  • www.fiserv.com/CCPA
  • 1-888-999-1114
  • Identify verification. The CCPA requires us to verify the identity of the individual submitting the request before providing a substantive response to the request. A request must be provided with sufficient detail to allow us to understand, evaluate and respond. The requester must provide sufficient information to allow us to reasonably verify that the individual is the person about whom we collected information. A request may also be made on behalf of your child under 13.
  • Authorized agents.  California residents can empower an “authorized agent” to submit requests on their behalf.  We will require the authorized agent to have a written authorization confirming that authority.

Sale of Personal Information

We do not sell your Personal Information to third parties as defined in the CCPA. 

Personal information that we collect, use and share

The chart below summarizes our collection, use and sharing of Personal Information during the last 12 months before the effective date of this Privacy Notice. We describe the sources through which we collect, use and disclose your Personal Information in section above titled What Types of "Personal Information" We Collect, and How We Collect, Use and Disclose It.

Category

Do we collect this information?

Do we share this information for business purposes?

Identifiers

Yes

Yes

Online Identifiers

Yes

Yes

Protected Classification Characteristics

No

No

Commercial Information

No

No

Biometric Information

No

No

Internet or Network Information

Yes

Yes

Geolocation Data

Yes, possible

Yes

Sensory Information

No

No

Professional or Employment Information

No

No

Education Information

No

No

Inferences

No

No

Financial Information

No

No

Medical Information

No

No

 


 

Glossary

Categories of Personal Information Date Elements within the Category
Biometric Information  An individual's physiological, biological or behavioural characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish an individual's identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a face print, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
Transaction History  Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Financial Information Bank account number, debit or credit card numbers, insurance policy number, and other financial information. 
Geolocation Data Precise location, e.g., derived from GPS coordinates or telemetry data.
Identifiers Real name, alias, postal address, unique personal identifier, customer number, email address, account name other similar identifiers. 
Government-issued ID Social security number, driver's license, passport, or other government-issued ID, including an ID number or image.
Medical Information Personal information about an individual's health or healthcare, including health insurance information.  
Internet or Network Information Browsing history, search history, and information regarding a consumer's interaction with an Internet website, application, or advertisement.
Online Identifiers An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device.
Physical Description An individual's physical characteristics or description (e.g., hair color, eye color, height, weight).
Professional or Employment Information Information relating to a person's current, past or prospective employment or professional experience (e.g., job history, performance evaluations), and educational background.
Protected Classification Characteristics Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Sensory Information Audio, electronic, visual, thermal, olfactory, or similar information.

Have a question for us?

If you have questions about this Privacy Policy, please contact us.

Contact Us