Privacy Policy

PRIVACY POLICY

Last Updated: March 2026

Banc Card of America, Inc. and its subsidiaries and Affiliates (herewith referred to as “we”, us”, “our”, or “Banc Card”) are committed to protecting your privacy as a customer and guest as set forth below.

This Policy covers all aspects of Banc Card’s business, including but not limited to, the use of our website including any related domains, mobile applications, mobile sites, online services, and applications that we maintain.

 

Our affiliates and their services:

Affiliate Service
Oracle America, Inc. (NetSuite) Accounting and ERP
Network Merchants, Ltd Customer Relationship Management (IRIS CRM)
Salesforce, Inc Customer Relationship Management

1. Information We Collect

We collect and process personal information from and about you through the following methods:

  • Direct Interactions — information you provide when completing forms on our Website, placing service orders, registering an account, subscribing to services, applying for a vacancy, posting material, requesting support, or contacting us by phone or email.
  • Technical Interactions — as you interact with our services, we may collect technical data about your device, browsing activity, and usage patterns through cookies, server and network security device logs, and similar technologies.
  • Business Partners and Affiliates — we may receive information about you from authorized Banc Card partners or affiliates who provide goods or services to you.
  • Third Parties and Publicly Available Sources — as described in Section D below.

A. Information You Provide to Us

  • Identity Data — first name, last name, username or similar identifier, title, date of birth, gender, marital status, and social security number or similar government-issued identification number.
  • Contact Data — billing and shipping address, email address, and telephone numbers.
  • Financial Data — bank account details, tax ID/FEIN or equivalent, payment card details, and credit check information.
  • Transaction Data — details about payments to and from you, and other details of products and services you have purchased.
  • Commercial Information — products or services purchased, obtained, or considered, and other purchasing or consumption histories or tendencies.
  • Profile Data — username and password, purchase and order history, interests, preferences, feedback, uploaded images, and survey responses.
  • Correspondence — any personal communications you send us, such as emails, text messages, or letters, which we may retain in a file associated with you.
  • Marketing and Communications Data — your preferences regarding marketing communications from us and third parties, and your general communication preferences.
  • Inferences — profile information derived from the above data reflecting your preferences, characteristics, behavior, attitudes, abilities, and aptitudes.
  • Additional Information — any other information collected as described to you at the point of collection or with your consent.

 

B. Sensitive Personal Information

  • Identification Documents — driver's license, passport, social security number, or similar government-issued identification.
  • Geolocation Information — location information collected or derived through your use of our services, such as through your IP address.
  • Authentication Data — log-in credentials used to create and access your account, including username, account number, and password.
  • Payment Information — debit or credit card details collected in combination with any required security or access code necessary to process your payments.

 

C. Personal Information We Collect Automatically

  • Technical Data — your Internet Protocol (IP) address, login data, browser type and version, time zone and location settings, browser plug-in types and versions, operating system and platform, and other information about the devices you use to access the site.
  • Usage Data — information about how you interact with our site, products, and services, including pages and items viewed, interactions with advertisements, date and time stamps, navigation patterns, and other activity information. We may also monitor and log your preferences and transactional data relating to your use of the site.
  • Click-Through URLs — some of our emails contain links that route through our web server before directing you to the destination page. We may use this data to gauge interest in particular topics and evaluate the effectiveness of our communications.

 

D. Personal Information We Collect from Other Sources

We may collect personal information from a variety of third-party and publicly available sources, including business partners, referring banks, data analytics providers (e.g., Google), managed security service providers, Internet service providers, operating systems and platforms, government entities, public databases, sales and marketing insight providers (e.g., Salesforce), credit reference agencies (e.g., Experian), and verification agencies (e.g., LexisNexis, LSEG, Giact). For example, we may receive your name, contact information, and certain transaction details from banks and other referral partners we work with.

Where permitted by applicable law, we may combine information gathered from these sources with other data we hold about you. We also collect, use, and share aggregated data for internal business purposes. Although aggregated data may be derived from your personal information, it does not directly or indirectly identify you and is therefore not considered personal data under applicable law.

We do not knowingly collect other special categories of personal data, including information relating to race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, or genetic data, beyond what is described above. Where required by applicable law, we will obtain your consent before processing any such sensitive information

 

 

 

2. How We Use Your Information

  • Services and Support — to provide, operate, maintain, and manage your account, fulfilling your requests, processing charges and fees, providing troubleshooting and technical support, and supporting our day-to-day operations.
  • Account Management — to facilitate the creation and security of your account, manage payments, fees, and charges, and create any required accounts on your behalf.
  • Communications — to respond to your inquiries, provide customer support, deliver requested materials and newsletters, and send administrative notices regarding our services, site, or material changes to our Terms and Conditions and policies.
  • Marketing and Advertising — to send you promotional information about our services and those of our affiliates or other parties we believe may be of interest to you. You may opt out of marketing communications at any time by updating your account profile or using the unsubscribe link in any email we send.
  • Compliance and Legal Process — to comply with applicable legal and regulatory obligations, including responding to subpoenas, warrants, court orders, and requests from law enforcement or governmental authorities.
  • Referrals — to share certain personal information with business partners, including other merchant services businesses, as part of a referral program.
  • Auditing and Internal Operations — to conduct financial, tax, and accounting audits; assess our privacy, security, and operational controls; support risk and compliance functions; and fulfill underwriting and risk monitoring obligations.
  • User Feedback — to request, receive, and, with your prior consent, publish feedback about your experience with our services.

 

 

3. How We Share Your Information

  • Affiliates, Subsidiaries, and Business Partners — we may share personal information with our corporate affiliates, subsidiaries, and business partners in connection with the purposes described in this Policy.
  • Vendors and Service Providers — we may share personal information with our agents, contractors, and service providers who support our operations, including acquiring banks, payment processors, fraud detection providers, authentication providers, project management and productivity providers, and sales, marketing, and analytics providers.
  • Referral and Marketing Partners — we may share personal information with partners we work with for referral and marketing purposes, including those who may offer services in connection with certain transactions.
  • Business Transfers — in the event we, our partners, or our affiliates are acquired, merged with, or invested in by another company, or if any of our assets are transferred, we may disclose or transfer your personal information to the relevant party in accordance with applicable law. We may also share certain personal information prior to the completion of such a transaction with lenders, auditors, and third-party advisors.
  • Compliance and Legal Obligations — we may disclose personal information to the extent required by applicable law, including in response to subpoenas, court orders, and lawful requests from regulators, government entities, and law enforcement authorities.
  • Security and Protection of Rights — we may disclose personal information where necessary to protect our services, rights, and property, or the rights, property, and safety of others, including to detect, prevent, investigate, and respond to fraud, unauthorized access, illegal activity, and misuse of our services.
  • Other Disclosures — we may disclose personal information in other circumstances where we have notified you, obtained your consent, or where disclosure is otherwise authorized or required by law.

We do not sell your personal data to third parties in exchange for payment. However, as noted above, we may share data with partners that assist us in promoting our products and services to you.

 

 

4. Data Practices

A. Sensitive Information

We limit our collection, use, and disclosure of sensitive personal information to what is reasonably necessary and proportionate for the following purposes:

  • To perform the services you have requested;
  • To ensure the security and integrity of our services, including detecting, preventing, and investigating security incidents;
  • To detect, prevent, and respond to malicious, fraudulent, deceptive, or illegal conduct;
  • To verify or maintain the quality and safety of our services;
  • To comply with applicable legal obligations;
  • To support our service providers who perform functions on our behalf;
  • To conduct know-your-customer and creditworthiness reviews; and
  • For purposes that do not involve inferring characteristics about you.

We do not collect, use, or disclose sensitive personal information for any purpose beyond those listed above or otherwise authorized by applicable law. The table below summarizes the categories of sensitive personal information we may collect and the primary purpose for which each is used:

 

Sensitive Personal Information Category Purpose
Identification documents (driver's license, passport, Social Security Number or similar government-issued ID) Identity verification, fraud prevention and security, providing services, and complying with legal obligations
Geolocation / Location Data Fraud detection and security, complying with law, and providing services
Account log-in, financial account details, security access codes, passwords, or credentials Providing services, complying with law, enforcing terms of service, and other purposes consistent with consent and applicable law
Payment card / debit or credit card information Processing payments for products or services

 

B. Sale of Personal Information

We do not sell your personal information. Any sharing of personal information is limited to the service partners necessary to establish and provide the services you have requested.

C. Data Security

We maintain appropriate technical and organizational security measures designed to protect your personal data against accidental loss, misuse, unauthorized access, alteration, or disclosure. Access to your personal data is restricted to those employees, agents, contractors, and third parties who have a legitimate business need, and all such parties are required to process your data only on our instructions and are bound by a duty of confidentiality.

While we take every reasonable precaution to safeguard your data, no method of internet transmission is completely secure. Any data transmitted to our site is done so at your own risk, and we cannot guarantee its security in transit. Once received, we apply strict procedures and security controls to prevent unauthorized access.

Please be cautious when communicating with us outside of any secure channels provided within the site, as standard emails and messages are not guaranteed to be secure against interception. We will never ask for your bank account number, password, or other sensitive information via email. If you receive such a request appearing to be from us, treat it as potentially fraudulent.

If you believe your personal information has been accessed or obtained by an unauthorized party, please contact us immediately so that appropriate action can be taken.

D. Data Storage

The data we collect is stored with the following service providers:

 

Affiliate Storage Location
Oracle America, Inc. (NetSuite) USA
Integrated Reporting Is Simple, LLC (IRIS CRM) USA
Salesforce, Inc USA

 

5. Your Privacy Rights

Depending on your location and subject to applicable law, you may have the following rights regarding your personal information:

  1. Right to be Informed — you have the right to receive clear and concise information about how we collect, use, and handle your personal data.
  2. Right to Know and Access — you may have the right to request confirmation of whether we process your personal information, obtain details about our collection and use practices, and receive a copy of the personal information we hold about you.
  3. Right to Data Portability — where processing is carried out by automated means, you may have the right to receive your personal information in a structured, commonly used, machine-readable format and to transmit that data to another data controller.
  4. Right to Correction — you may have the right to request that we correct any inaccurate personal information we maintain about you.
  5. Right to Deletion — you may have the right to request that we delete certain personal information we hold about you, subject to exceptions and limitations permitted under applicable law.
  6. Right to Opt Out of Targeted Advertising and Profiling — you may have the right to opt out of the processing of your personal information for targeted advertising or profiling that produces legal or similarly significant effects concerning you.
  7. Right to Limit Use of Sensitive Personal Information — you may have the right to request that we restrict our use and disclosure of your sensitive personal information to what is necessary to perform the services or as otherwise authorized by law.
  8. Right to Restrict Processing — you may have the right to request that we suspend processing of your personal data where you wish to establish its accuracy, where our processing is unlawful but you do not want the data erased, or where you have objected to our processing and we are assessing whether we have overriding legitimate grounds to continue.
  9. Right to Object — you may object to our processing of your personal data where we rely on a legitimate interest as the legal basis, or where we are processing your data for direct marketing purposes.
  10. Right to Withdraw Consent — where we rely on your consent to process your personal data, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of any processing carried out prior to withdrawal.
  11. Right to Non-Discrimination — you have the right not to be discriminated against for exercising any of your privacy rights. We will not deny you goods or services, charge different prices, or provide a lower quality of service as a result of you exercising your rights.
  12. Right to Appeal — you may have the right to appeal our denial of any request made under this section. To do so, please contact us using the information in the Contact Us section at the end of this Policy. If your appeal is denied, you may escalate your complaint to the Attorney General or another appropriate supervisory authority.

How to Exercise Your Rights

To exercise any of the rights described above, please contact us using the information in the Contact Us section at the end of this Policy. Your request must include sufficient information to reasonably verify your identity and clearly describe what you are requesting so that we can properly evaluate and respond.

We may require additional information to verify your identity before granting access to your personal information or fulfilling your request. For requests involving specific pieces of personal information, we may ask you to sign a declaration under penalty of perjury.

Requests may be submitted by you directly or, where permitted by applicable law, by an authorized agent acting on your behalf. If you designate an authorized agent, we may require written proof of authorization and may still ask you to verify your identity with us directly.

We aim to respond to all legitimate requests within 30 days. If your request is particularly complex or you have submitted multiple requests, it may take us longer, in which case we will notify you and keep you informed of our progress.

There is no fee to access your personal data or exercise any of your rights. We reserve the right to charge a reasonable fee or decline to act on requests that are clearly unfounded, repetitive, or excessive.

 

 

6. Data Retention

We retain your personal data as long as necessary to provide the services to you and for a reasonable period thereafter. The specific retention period for any given data depends on the type of information and the purpose for which it was collected.

We may continue to retain your personal data after your relationship with us ends where required to comply with our legal and regulatory obligations; to support fraud monitoring, detection, and prevention activities; or to meet our tax, accounting, and financial reporting requirements, including any retention periods mandated by our agreements with financial partners.

 

 

7. Third-Party Links

Our services may contain links to third-party websites, plug-ins, and applications. These links are provided for your convenience only and do not constitute an endorsement of any third-party website, product, or service. We have no control over third-party sites and are not responsible for their content or privacy practices, including how they collect or handle your personal information.

 

 

8. Policy Updates

We reserve the right to update this Policy periodically to reflect changes in our services, privacy practices, or applicable laws. The "Last Updated" date at the top of this Policy identifies when the most recent material changes were made. Any updates will be posted on this page. Where changes materially affect how we handle previously collected personal information, we will provide appropriate notice, which may include a prominent announcement on our site.

Your continued use of the site or services following any update constitutes your acceptance of the revised Policy.

In the event of any conflict or inconsistency in how we process your data, the following order of precedence applies: (1) any signed Data Processing Agreement (DPA) between the parties; (2) any signed data transfer agreement between the parties; (3) this Privacy Policy; (4) any other declarations regarding our processing of your information.

 

Contact Us
If you have any questions or suggestions about this Privacy Policy, please contact us at:

Banc Card of America, Inc.

7347 Charlotte Pike

Nashville, TN 37209

support@banccard.com

(888) 741-2262