Privacy Policy
Our Commitment to Privacy
Your privacy is important to us. CardOne Plus, its subsidiaries and affiliates are committed to maintaining the privacy, security and accuracy of the personal information which we collect, use and disclose in accordance with our own Privacy Policy. This Policy is based on the principles of the Payment Card Industry (PCI) / Data Security Standard (DSS), the Canadian Standards Association (CSA) Model Code for the Protection of Personal Information, Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), and the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Information, for the benefit of our Cardholders, Individual clients, and Service providers.
Our Employees Responsibilities
Each and every one of our employees is responsible for maintaining the confidentiality of all personal information to which they have access. As a condition of employment, our employees are required to sign a confidentiality agreement as well as a Code of Ethics, binding them to this responsibility which governs their actions even if they leave or retire from CardOne Plus. Only those employees who need personal information to provide service to merchants and cardholders have access to it.
We keep our employees informed about our policies and procedures for protecting personal information and reinforce the importance of complying with them. All employees are also required, as a condition of employment, to conform to these policies and procedures.
Why CardOne Plus asks for your information
We ask you for information to establish and serve you as our customer.
We obtain most of our information about you directly from you. The information we ask for depends upon the merchant services you are providing or entitled to. For every service, we require your name, contact information, birth date, SIN/SSN, passport information, driver's license information or other government issued identification. This information is required as part of the registration process in order to verify your identity and perform necessary background checks, as set out in your Merchant Application Package or Cardholder Agreement.
Disclosure of information
The personal information you provide to us is NEVER disclosed to any third party, without your explicit consent. We do not sell, trade or share any of your personal information with any other entities.
CardOne Plus may be compelled to share information with governmental or regulatory agencies or other companies assisting us in fraud prevention or an investigation. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or, (3) investigating fraud which has already taken place. Information is never provided to these organizations for any other purposes.
How we obtain your consent
It is important to understand the different ways that CardOne Plus may obtain your consent to collect, use and disclose personal information.
Depending upon the situation and the sensitivity of the information, express consent may be obtained verbally, online or in writing. Implied consent may be obtained through your use of a product, or when you approach us to obtain products or services from us. We will only rely upon implied consent if your intentions are obvious based on your actions or instructions.
CardOne Plus will not make your consent a condition of obtaining a product or service, unless it is reasonably or legally required, and we will clearly indicate when this is the case.
Keeping personal information secure
CardOne Plus has thorough security standards to protect our systems and your information against unauthorized access and use.
CardOne Plus uses a variety of security measures, including, but not limited to restricting employee access to files and data centers, using fireproof and locked file cabinets, and employing a variety of electronic security measures, such as advanced network security controls, strong passwords, and data encryption techniques.
Our systems have been designed to ensure that your Personal Identification Number (PIN), password and other access codes are always private and confidential. When you use your PIN at an automated banking machine (ABM/ATM), it is scrambled after you enter it. For your further protection, your access codes are known only to you - our employees cannot gain access to them and they will not ask you to reveal them.
All our suppliers, contractors and agents, as part of their contracts with CardOne Plus, are bound to maintain your privacy and may not use the information for any unauthorized purpose.
When CardOne Plus provides information in response to a written legal enquiry or order, we ensure that the order is valid and we disclose only the information that is legally required.
To secure the transfer of personal information on the Internet, CardOne Plus uses a Secure Socket Layer (SSL) Server Certificate to ensure that any information entered is collected within a secure page. This means that your information is encrypted while being transferred to the CardOne Plus server. The server is protected by an enterprise firewall that is immediately updated when new patches and fixes are released.
Our procedures and security measures are audited both internally as well as by independent Third Parties on a regular basis to ensure that they are being properly administered and that they remain effective, appropriate to the sensitivity of the information and compliant with current industry standards.
Retention of information
CardOne Plus retains your information only as long as necessary for the fulfillment of the purposes identified at the time the information was collected from you.
The length of time CardOne Plus retains information varies depending upon the product or service, the nature of the information and the governing laws relating to your information. This period may extend beyond the end of your relationship with us but only for as long as it is legally required for us to have sufficient information to respond to any issue that may arise at a later date. When your information is no longer needed, we have procedures in place to destroy, delete, erase or convert it to an anonymous form.
Keeping your information accurate
CardOne Plus will make every reasonable effort to keep your information accurate and up-to-date.
Having accurate information about you enables us to offer the best possible service and minimize the possibility that erroneous information may be used in any decision-making process which may have impact upon you.
CardOne Plus has policies and procedures to help us maintain the accuracy of your information. For most updates, we rely on you for information. You can help by keeping us informed of any changes, such as changes to address or telephone numbers. If you find any errors in our information about you, let us know by submitting a "Profile Change Request" located within the Cardholder interface. We will update our records, and ensure the new information is conveyed to any relevant and appropriate parties. For information that remains in dispute, please contact security@cardoneplus.com.
Information that does not identify you
CardOne Plus collects certain technical information from your computer's Web browser when you visit www.cardoneplus.com, or any URL which is established specifically for a merchant card program on the Internet. This information includes the amount of time spent on the site by a visitor with a unique Internet identifier, the pages visited and returned to, the operating system and Web browser used, and the referrer website. These server logs do not contain any personal information and can only be accessed by CardOne Plus. Server log files are used solely to track visits to our website and improve the content and layout of our site. CardOne Plus makes no attempt to link this traffic information to the individuals visiting our website.
Cookies are text files that many websites transfer to your computer's hard disk in order to remember your preferences the next time you visit. CardOne Plus does not require you to accept cookies in order to use our site. If you prefer, you can set your Internet browser to refuse cookies.
E-mail comments, questions or responses
When you send us an e-mail or when you ask us to respond to you by e-mail, we learn your exact e-mail address and any information you have included in the e-mail.
CardOne Plus uses your e-mail address to acknowledge your comments and/or reply to your questions, and we will store your communication and our reply for future reference. We will not sell your e-mail address, or share your information with anyone outside CardOne Plus, unless compelled to do so by law.
Please keep in mind that e-mail sent over the Internet is generally unencrypted. If CardOne Plus requests that you transmit confidential information to us over the Internet when completing an activation form online, we ensure that such transmission is encrypted. We recommend that you use caution when forwarding free-format e-mail messages to us and that you do not include confidential information (such as account numbers, unique identification details, etc) in those messages, as they are not encrypted.
Important Information about Preventing E-mail Fraud
From time to time, fraudulent e-mails may be circulated to you claiming to have been issued by Canadian banks, requesting customers to verify their personal and/or banking information (This is known as, "Phishing" or "E-mail Spoofing"). Customers are often asked to click on a link in the e-mail that directs them to a pop-up window or modified online banking login page to enter their respective bank's login ID and password.
CardOne Plus will never send e-mail messages to customers requesting confidential information such as passwords or account numbers. Please do not act on any such e-mails as you may compromise your banking information by following links to a counterfeit Internet site. Please forward these e-mails to, security@cardoneplus.com, so we may investigate this Fraud.
Privacy Contact Information
If you have any questions, concerns, or comments about our privacy policy please contact us using the information below:
By E-mail: security@cardoneplus.com
By Phone: 416.667.1814
By Fax: 416.667.8595
By Mail:
CardOne Plus
40 Eglinton Ave. East, Suite 502
Toronto, Ontario, M4P 3A2
CANADA
Please Note: We reserve the right to make changes to this policy at any time. All changes to this policy will be posted on our website
Deliver flexible payment solutions for your industry.
