Privacy Policy

Please read this carefully

Dispute Automation Privacy Statement

Last updated: July 26th, 2022

View archived privacy statement

Contents
  1. Overview
  2. Our Role as Data Controller and Data Processor
  3. Personal Data We Collect about You
  4. How We Use Your Personal Data
  5. Do We Share Your Personal Data and Why?
  6. How Long Do We Retain Your Personal Data?
  7. Personal Data International Transfers
  8. How Do We Use Cookies and Tracking Technologies?
  9. Your Data Protection Rights
  10. How Do We Protect Your Personal Data?
  11. Can Children Use Our Services?
  12. Updates to this Privacy Statement
  13. Contact Information
  14. Definitions
1. Overview

This Privacy Statement aims to provide you with sufficient information regarding Chargehound LLC’s (“we,” “us” or “our”) use of your Personal Data when you visit our website, apply for, or use our Services. Our Services include the Dispute Automation by Chargehound products and services and all products and services offered by Chargehound LLC (including our fraud and chargeback handling service provided through our customer portal on the Site, as well as all related applications, widgets, software, tools, and other services provided by us and on which a link to this Privacy Statement is displayed). We encourage you to read this Privacy Statement and to use it to help you make informed decisions.

This Privacy Statement does not apply to any third-party websites, services or applications, even if they are accessible through our Site or Services. When you click on links to third-party websites, products, or services, your Personal Data will become subject to the privacy policies and practices of those third parties. We have no responsibility or liability for the content and activities of these linked sites . You should therefore read the privacy notices provided by any third-party offerings.

Certain capitalized terms that are not otherwise defined in this Privacy Statement are explained in Section 14 (“Definitions”) at the end of this Statement.

2. Our Role as a Data Controller and Data Processor

We are a Data Controller of Personal Data collected and processed when you access our Site, sign up for a product demonstration, send us an email, register with us as a Merchant, interact with us on social media, or provide information directly when you communicate with us, such as by calling or emailing the customer service. This means that we are determining the purposes and means of the processing of Personal Data

We also receive information about individuals indirectly in connection with providing our Services to Merchants. In these cases, we serve as a service provider or data processor. This means that we will access your Personal Data on behalf of our Merchant customers. This Privacy Statement does not cover Personal Data for which we act in those capacities. In such cases, the privacy statements published by the Merchant or the payment processor that the individual did business with should be reviewed to learn about how the Merchants or the payment processor have decided to collect, use, or share the individual’s Personal Data.

3. Personal Data We Collect about You

We may collect Personal Data about you when you visit our Site, create an account through or for use on the Site, use our Services, interact with us on social media, or provide information directly when you communicate with us, such as by calling or emailing customer service.

We also may receive an individual’s Personal Data from our Merchants and their payment processors in connection with providing our Services. In that case, we act a service provider or data processor, and use and disclose that Personal Data according to the Merchant’s instructions.

The types of Personal Data we collect about you may include the following:

Personal data collected from you such as:

  • Your name and email address;
  • Professional or employment-related data, such as your company’s name and physical address and tax identification number;
  • Audio, electronic, visual, or similar data, such as call recordings when you talk to customer service, and photo IDs and profile pictures you provide;
  • Any other information you voluntarily provide us through our Services.

Personal data automatically collected such as:

  • Technical Usage Data. Information such as response time for web pages, download errors, date and time when you used the Site, your IP address, statistics regarding how pages are loaded or viewed, the websites you visited before coming to the Site and other usage and browsing information that may be collected through Cookies.
  • Information from your device. Information about your language settings, IP address, browser ID, device ID, cookie preferences, time zone, operating system, platform, screen resolution and similar information about your device settings, and data that may be collected from cookies or other tracking technologies.

Personal data collected from others such as:

  • Transaction or purchase history related to a Merchant using our Services.
4. How We Use Your Personal Data

We may Process your Personal Data for a variety of reasons that are permitted under data protection laws in the applicable jurisdictions and in accordance with the applicable lawful bases.

The information we collect about you may be used in any of the following ways:

  • To provide our Services and maintain our Site;
  • To compile statistics and analysis about the use of our Site and our Services;
  • To personalize your experience — your Personal Data helps us to better respond to your individual needs;
  • To improve our Site and our Services — we continually strive to improve our offerings based on the information and feedback we receive from you;
  • To improve customer service — your Personal Data helps us to more effectively respond to your customer service requests and support needs;
  • To send periodic emails — the email address you provide may be used to send you information, notifications that you request about changes to our Services, to alert you of updates, and to send periodic emails containing information relevant to your account;

We may also use Personal Data to contact you regarding products, services, and offers that we believe you may find of interest. You may opt out from receiving marketing communications from us as described in Section 9 (“Your Data Protection Rights”) below.

We may also use your Personal Data where we believe doing so is necessary for us to comply with a legal obligation. This may include sharing information with government and regulatory authorities or other third parties when required by law or in response to legal process, obligation, or request. We may disclose your Personal Data to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable.

We will request your consent before we use or disclose your Personal Data for a materially different purpose than those set forth in this Privacy Statement. Consent may be obtained by any legally sufficient method. For example, depending on the circumstances and applicable laws, consent may be obtained by providing you with notice and the opportunity to opt-out.

5. Do We Share Personal Data, and Why?

We may share your Personal Data or other information about you with others for the following reasons:

  • With third-party service providers that provide services for us, and function at our direction and on our behalf. We limit Personal Data provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to maintain the confidentiality of the Personal Data transferred to them.
  • With our parent company, PayPal, Inc. and affiliates and subsidiaries it controls, but only for purposes allowed by this Privacy Statement;
  • Other parties for our business purposes or as permitted or required by law, including to support our audit, compliance, and corporate governance functions.
  • When we believe it is appropriate to comply with the law, enforce our policies, or protect our or others’ rights, property, or safety. For example, we may share your Personal Data with regulators and law enforcement to respond to legal process, or government requests, to detect, investigate, or prevent potentially illegal and fraudulent acts, and other violations of our policies and terms.
  • With your consent or at your direction, for example when you authorize our disclosure of your data to an agent or representative in connection with a power of attorney.
  • In the event of a transfer, change of ownership, reorganization or assignment of all or part of our businesses or assets. This will occur if the parties have entered into an agreement under which the collection, use and disclosure of the information is limited to those purposes of the business transaction, including a determination whether or not to proceed with the business transaction. You will be informed of any such change in ownership or control of your Personal Data as required or permitted by law.
6. How Long Do We Retain Your Personal Data?

We retain Personal Data for as long as needed or permitted in context of the purpose for which it was collected and consistent with applicable law. If we are involved in litigation or a governmental or regulatory investigation, then we keep data throughout the period of litigation or investigation and for 5 years after that. If a settlement means that we must keep data for longer, then we keep data for the period required to administer the settlement. If we provide data to law enforcement agencies, then we keep a record of the disclosure for one year beyond the end of the investigation.

7. Personal Data International Transfers

While Chargehound LLC is based in the United States, we operate in many countries, and may transfer, store, or process your Personal Data in countries outside of the country where you live. We use third-party service providers and may process your information in the United States, India, and other countries. Some of these countries do not always afford an equivalent level of privacy protection. If we transfer your Personal Data from the EEA to the United States or other jurisdictions, we do so in accordance with the requirements of the General Data Protection Regulation.

8. How Do We Use Cookies and Tracking Technologies?

When you interact with our Site or open email we send you, we and our partners use cookies and other tracking technologies such as pixel tags, web beacons, and widgets (collectively, “Cookies”) to recognise you as a user, customise your online experiences and online content, mitigate risk and prevent potential fraud, and promote trust and safety across our Site and Services.

Although most browsers automatically accept cookies, you can change your browser options to stop automatically accepting cookies or to prompt you before accepting cookies. Please note, however, that if you don’t accept cookies, you may not be able to access all portions or features of the Site or the Services or they may not work properly.

We use Cookies to collect your device information, internet activity information, and inferences as described above. Cookies help us to do the following:

  • Remember your information so you do not have to re-enter it
  • Track and understand how you use and interact with our online services and emails
  • Tailor our online services to your preferences
  • Measure how useful and effective our services and communications are to you
  • Otherwise manage and enhance our products and services

Do Not Track (DNT) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third parties. At this time, our Site is not designed to respond to DNT signals or similar mechanisms from browsers.

9. Your Data Protection Rights

Under applicable data protection law, you have certain rights to control our collection and use of your Personal Data. Your rights include:

Access, rectification, deletion, objection, portability, and restriction of your information

  • We recognize the importance of your ability to control use of your personal data and provide you with the ability to exercise your rights to access (right to know), rectification (correction or update), deletion (erasure), objection, portability (transferring), and to restrict process in whole or in part.
  • If you choose to delete your Personal Data, you acknowledge and agree that we may retain archived copies of your Personal Information to satisfy our legal obligations, or where we reasonably believe that we have a legitimate and lawful reason to do so.

Consent

  • Generally, if we use your Personal Data with your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on a lawful processing grounds other than consent.

Lodging a complaint generally

  • You have the right to lodge a complaint with the data protection authority that is authorized to hear those concerns.

Right to object to Direct Marketing

  • If we use your Personal Data for direct marketing, you can always modify your permissions, object, and opt out of future direct marketing messages using the unsubscribe link in electronic communications.
  • You may also opt out from receiving marketing messages by contacting us as set forth at the end of this Privacy Statement. We also offer user account functionality on any of our Services and may allow you to view and modify settings relating to the nature and frequency of promotional communications.
  • Please note that if you opt out of receiving marketing or promotion e-mails from us, it may take up to ten business days to process your request, and you may receive our marketing emails during that period. Additionally, even after you opt out from receiving marketing or promotional messages, you will continue to receive administrative messages from us regarding your relationship with us or the Services.

Right to object to Legitimate Interest processing

  • If we use your Personal Data to pursue our legitimate interests or those of a third-party, you have the right to object to our use for that purpose.

To exercise your data protection rights, please contact us at privacy@chargehound.com. We may need to request additional information to verify your identity and your authorized agent’s identity (where applicable) before responding to your request.

California Residents

If you live in California, in addition to the rights of access and deletion referenced above:

  • You can ask us for a list of the categories of personal information we have about you, the categories of sources from which we get personal information, the business purposes for which we collect personal information, and the categories of third parties with whom it is shared.
  • California law gives you the right to opt out of the sale of your personal information. However, Chargehound does not sell any of your personal information.
  • We will not discriminate against you for exercising your data protection rights.
  • You may submit a request to exercise your rights by yourself or via an authorized agent at privacy@chargehound.com or (844) 746-9191 (toll-free number).

Information we received indirectly in connection with providing our Services

We may also receive information about an individual indirectly in connection with providing our Services to Merchants. In these cases, we serve as a service provider or data processor and have no direct relationship with the individual whose Personal Data we are processing. An individual who seeks to access, correct, amend, or delete Personal Data provided to us by a Merchant, or exercise other data subject rights under the applicable law, should direct their query to the Merchant.

If you are a Merchant, you may:

10. How Do We Protect Your Personal Data?

We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorisation controls. In addition, we maintain a SOC 2 Type 2 certification. SOC 2 is an auditing procedure that assesses our ability to securely manage your Personal Data.

While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and account registration information and verifying that the Personal Data we maintain about you is accurate and current.

11. Can Children Use Our Services?

Our Services are all directed to Merchant and their representatives who are at least 18 years old or older. If you are under the age of 18, do not use our Services. We do not knowingly collect Personal Data from children under the age of 18 or your country’s age of minority. If you nevertheless believe that your child has provided us with their Personal Data, please contact us immediately so we can remove it from our system.

12. Updates to this Privacy Statement

We revise this Privacy Statement from time to time to reflect changes to our business, Services, or applicable laws. If we are going to use your Personal Data in a manner materially different from that stated at the time of collection or in this Statement, or if the revised version otherwise requires notice in accordance with applicable law, then we will notify you by posting a notice on our Site prior to such use or by other means as required by law. Otherwise, the revised Privacy Statement will be effective as of the published effective date.

13. Contact Information

If you have any questions, comments, or concerns about this Privacy Statement, please contact us at privacy@chargehound.com.

PayPal (Europe) S.à.r.l et Cie S.C.A. has been appointed as Chargehound’s local representative in the EU. It is registered in Luxembourg with registration number B 118349 and can be contacted at 22-24 Boulevard Royal L-2449, Luxembourg.

Residents of Australia may contact the Office of the Australian Information Commissioner (“OAIC”) in relation to the handling of their personal information. You may contact OAIC on: Phone: 1300 363 992; Mail: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001.

14. Definitions
  • “Merchant” means a purchaser of our Services.
  • “Personal Data” means information that can be associated with an identified or directly or indirectly identifiable natural person. “Personal Data” can include, but is not limited to, name, postal address (including billing and shipping addresses), telephone number, email address, payment card number, other financial account information, account number, date of birth, and government-issued credentials (e.g., driver’s license number, national ID, passport number.
  • “Process” means any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as by recording, categorization, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.
  • “Site” means the Dispute Automation website, mobile apps, official social media platforms, or other online properties through which we offer the Services and which has posted or linked to this Privacy Statement.
  • “You” means a person or entity accessing our Site or using our Services.
  • Any reference made to “we”, “ours”, “us”, or “Chargehound LLC” or “PayPal Inc.” included in this Privacy Statement means the group of companies which each directly or indirectly controls, is controlled by, or are under common ownership.

BACKSPACES, INC., Chargehound.com Privacy Policy (archived)

Last updated: March 17th, 2021

Effective through July 29th, 2022 for merchants who signed up for Chargehound before June 29th, 2022

Your privacy is important to us.

Protecting your privacy is really important to us. With this in mind, we’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information that we receive through our Services. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services. Our Data Protection Officer is Dmitri Cherniak.

In this Privacy Policy:

  • We’ll refer to our website as the “Site”.
  • We’ll refer to Backspaces, Inc. d/b/a Chargehound as Chargehound or “we” or “us” or “our”.
  • We’ll refer to all the products and services we provide (including our fraud and chargeback handling service provided through our customer portal on the Site, as well as all related applications, widgets, software, tools, and other services provided by us and on which a link to this policy is displayed), individually and collectively, as the “Services”.
  • We’ll refer to you, the person or entity accessing our Site or using our Services, as “you” or “your” or (if you are a purchaser of our Services, our “customer”).

Some other definitions we’ll be using in this Privacy Policy

What is a Data Controller? For general data protection regulation purposes, the “Data Controller” means the organization who decides the purposes for which and the way in which any personal data is processed. Our customers are the Data Controllers.

What is a Data Processor? A “Data Processor” is an organization which processes Personal Information for a Data Controller. We are the Data Processor for our customers. As a Data Processor, we are bound by the requirements of the General Data Protection Regulations (the “GDPR”).

What is Data Processing? Data processing is any operation or set of operations performed upon Personal Information (whether automated or not). Examples of data processing explicitly listed in the text of the GDPR are: collection, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction.

What is Personal Information? Personal information is any information which is about you, from which you can be identified. Personal Information includes information such as an individual's name, address, telephone number, or e-mail address. Personal Information also includes information about an individual's activities, such as information about his or her activity on Site or our Services, and demographic information, such as date of birth, gender, geographic area, and preferences, when any of this information is linked to personal information that identifies that individual. Personal Information does not include "aggregate" or other non-personally identifiable information. Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed.

How do we collect Personal Information?

In our service as a Data Processor, we collect Personal Information from Data Controllers in 4 ways:

  • API (https://api.chargehound.com)
    • We receive data through a RESTful API that is encrypted using HTTPS and requires secret key authentication.
  • Dashboard (https://www.chargehound.com)
    • Customers with a Chargehound account may input data manually into our system.
  • Using officially sanctioned payment processor integrations
    • Customers who elect to connect their payment processors to us using their payment processor’s official integrations allow us to collect relevant data directly from the payment processor if it exists. We take caution to only save data that it needs to generate representment documentation.
  • Integrations with Customer Relationship Management (CRM) software
    • Customers who elect to connect their CRMs allow us to collect relevant data directly from the CRM if it exists. We take caution to request the least privledges required to perform this task, and only save data needed to generate representment documentation.

We accept Personal Information from our customers using all of these services for the purpose of managing, generating, and aggregating statistics for the controller, and perform our duties as expected by the Data Controller. We then submit the generated documentation to the Data Controller’s payment processor through the official payment processor integration or to the controller directly.

We may also receive information about you, including Personal Information, from third parties, and may combine this information with other Personal Information we maintain about you. If we do so, this Privacy Policy governs any combined information that we maintain in personally identifiable format.

What information do we collect?

We may collect the following types of Personal Information from you:

  • Your name, username and email address
  • You company’s name and physical address
  • Information you choose to provide us through our services
  • We may retain server logs which include the IP address of every request to our server.

We may also collect and aggregate information about the use of our Site and our Services. That information could include information such as your Internet Protocol (IP) address (an IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet), browser type, operating system, the web page that you were visiting before accessing our Site, the pages or features of our Site which you browsed and the time spent on those pages or features, search terms, the links on our Site that you clicked on and other statistics. If you access our Site using a mobile device, we may collect information such as a device identifier, user settings and the operating system of your device, as well as information about your use of our Services.

What do we use your Personal Information for?

We will use your Personal Information, in compliance with this Privacy Policy, to help us deliver the Services to you. Any of the information we collect from you may be used in any of the following ways:

  • To respond to chargebacks
  • To provide analytics for our customers
  • To help our customers manage their disputes
  • To compile statistics and analysis about your and other customers’ use of our Site and our Services.
  • To personalize your experience — your Personal Information helps us to better respond to your individual needs.
  • To improve our Site and our Services — we continually strive to improve our site offerings based on the information and feedback we receive from you.
  • To improve customer service — your Personal Information helps us to more effectively respond to your customer service requests and support needs.
  • To send periodic emails — The email address you provide may be used to send you information, notifications that you request about changes to our Services, to alert you of updates, and to send periodic emails containing information relevant to your account.
  • If you purchase our Services, then to enable you to purchase, renew and appropriately use a commercial license to our Services.
  • We may also use Personal Information you provide to contact you regarding products, services, and offers that we believe you may find of interest. We allow you to opt-out from receiving marketing communications from us as described in the "Choice" section below.

We may also use your Personal Information where necessary for us to comply with a legal obligation, including to share information with government and regulatory authorities when required by law or in response to legal process, obligation, or request.

  • We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose your Personal Information to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

We will request your consent before we use or disclose your Personal Information for a materially different purpose than those set forth in this Policy. Consent may be obtained by any legally sufficient method. For example, depending on the circumstances and applicable laws, consent may be obtained by providing you with notice and the opportunity to opt-out.

Choice

If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us by sending us an email or by writing to us at the address given at the end of this policy. Additionally, if we offer user account functionality on any of our Services, we may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us. Please be aware that if you opt-out of receiving commercial e-mail from us, it may take up to ten business days for us to process your opt-out request, and you may receive commercial e-mail from us during that period. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding our Services.

How do we protect your Personal Information?

We implement a variety of security measures to maintain the safety of your Personal Information when you enter, submit, or access your Personal Information. In addition, we are certified as SOC 2 compliant. SOC 2 is an auditing procedure that ensures that we securely manage your Personal Information. Upon becoming aware of a breach of your Personal Information, we will notify you as quickly as we can and will provide timely information relating to the breach as it becomes known or as is reasonably requested by the you.

Do we use cookies?

Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow). These cookies enable the site to recognize your browser and, if you have a registered account, associate it with your registered account. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Site. We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Site or the Services. We may also collect information via standard server logs or clear GIFs (also known as “Web beacons”). If we link or associate any information gathered through passive means with Personal Information, we treat the combined information as Personal Information under this Privacy Policy. Otherwise, we use information collected by passive means in non-personally identifiable form only.

Who at Chargehound may access your Personal Information?

Designated members of our staff may access Personal Information to help our customers with any questions they have, including help using the product, investigating security issues, or following up on bug fixes with the customer. This activity is logged in our system for compliance, and we maintain different levels of access for its employees depending on their role in our company. For certain payment processors, only the Data Protection Officer has the ability to access additional business metrics from the payment processor (for purposes of investigating potential security breaches and fraud, or otherwise with the permission of the customer).

Do we disclose any information to outside parties?

Except as set out below, we do not sell, trade, or otherwise transfer to outside parties your Personal Information. Non-personally identifiable visitor information, however, may be provided to other parties for marketing, advertising, or other uses.

Customers belong to organizations on Chargehound and may invite other team members. Team members will have access to the organization’s data (including Personal Information) that we process on behalf of the Data Controller. Each customer can designate team administrators who can control who has access to the Personal Information.

We may disclose Personal Information to third-party service providers (for example, payment processing and data storage and processing facilities) that assist us in our work. We limit the Personal Information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such Personal Information. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.

We may also release your Personal Information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

Your Personal Information may also be transferred to another company in the event of a transfer, change of ownership, reorganization or assignment of all or part of our businesses or assets. This will occur if the parties have entered into an agreement under which the collection, use and disclosure of the information is limited to those purposes of the business transaction, including a determination whether or not to proceed with the business transaction. You will be notified via email or prominent notice on our websites for thirty (30) days of any such change in ownership or control of your Personal Information or as otherwise may be required or permitted by law.

How do we handle global transfers and process of your Personal Information?

Although we welcome people from all over the world, keep in mind that no matter where you live or where you happen to use our services, your Personal Information may be shared. This means that we may collect your Personal Information from, transfer it to, and store and process it in the United States and other countries outside of where you live. For example, some of our third-party providers may be located in different countries. Where this is the case, we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this Privacy Policy. By submitting your Personal Information, you’re agreeing to this transfer, storing or processing. If we transfer your Personal Information from the E.U. and process it in the United States, we do so in accordance with applicable law. With respect to information received or transferred, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We will not transfer your Personal Information outside the European Economic Area (“EEA”) unless it takes such measures as are necessary to provide adequate protection for such Personal Information consistent with the requirements of applicable laws. To the extent that we process (or causes to be processed) any Personal Information originating from the EEA in a country that has not been designated by the European Commission as providing an adequate level of protection for Personal Information, the Personal Information shall be deemed to have adequate protection (within the meaning of EU Data Protection Legislation) by virtue of the European Commission’s Standard Contractual Clauses for data transfers between EU and non-EU countries, whereby you will be regarded as the Data Exporter and we will be regarded as the Data Importer. In the event that the Contractual Clauses are deemed to no longer be a valid mechanism to legitimize transfers of personal data outside the European Economic Area, we will amend this Policy in order to establish a legitimate transfer of personal data outside the European Economic Area.

Principle of Onward Transfer

In the context of an onward transfer of data to a third party, we have responsibility for the processing of Personal Data we receive and subsequently transfer to a third party acting as an agent on our behalf. We shall remain liable under applicable law if our agent processes such Personal Data in a manner inconsistent with applicable law, unless we prove that we are not responsible for the event giving rise to the damage.

Retention of your Personal Information

We retain your Personal Information for as long as we need to fulfill our Services. In particular, we need to retain Personal Information in order to help our customer perform their duties in responding and representing fraudulent chargebacks. The Personal Information we hold can be tied to potential fraudulent activity on our customers’ platforms, as well as financial data. As such, we may need to retain that Personal Information for a long period of time, because that Personal Information can be requested or audited by our customers’ risk or finance departments, and for tax audit purposes. In addition:

  • We may keep data linked to cookies and other online identifiers up to three years.
  • If we are involved in litigation or a governmental or regulatory investigation, then we keep data throughout the period of litigation or investigation and for 5 years after that. If a settlement means that we have to keep data for longer, then we keep data for the period required to administer the settlement. If we provide data to law enforcement agencies, then we keep a record of this for one year beyond the end of the investigation.

Third-party Links

Occasionally, at our discretion, we may include or offer third-party products or services on our Site. This Privacy Policy only applies to our Site, so when you link to other websites you should read those separate and independent privacy policies. We have no responsibility or liability for the content and activities of these linked sites. However, we seek to protect the integrity of our site and welcome any feedback about these sites.

Children’s Online Privacy Protection Act Compliance

Our Site, products and services are all directed to people who are at least 18 years old or older. We strive to comply with the requirements of COPPA (Children’s Online Privacy Protection Act). If this server is in the United States, and you are under the age of 13, do not use this site. We do not knowingly collect Personal Information from children under the age of 18 or your country’s age of minority. If you nevertheless believe that your child has provided us with their Personal Information, please contact us and we will delete it.

Online Privacy Policy Only

This Privacy Policy applies only to information collected through our site and not to information collected offline.

Your Consent

By using our site, you consent to this Privacy Policy.

Your Rights

Other rights you have include the rights to:

  • Ask for a copy of your Personal Information
  • Ask us to correct your Personal Information
    • It is your right to lodge an objection to the processing of your Personal Information if you believe that the legal ground “relating to your particular situation” applies. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defense of a legal claims.
  • Ask us to erase certain categories or types of information
    • If you choose to remove your Personal Information, you acknowledge that we may retain archived copies of your Personal Information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so.
    • Our customers may request that one of their users be removed from our system entirely. The tool is available at: https://www.chargehound.com/security/person-removal.
  • Ask us to restrict certain processing
    • You have the right to object to processing of Personal Information. Where we have asked for your consent to process information, you have the right to withdraw this consent at any time.
  • “Opt out” of certain sharing of Personal Information
    • You may limit or "opt-out" of our sharing your Personal Information with third parties.
  • Obtain the information you provide in a structured, machine readable format, and
  • Ask us to transfer your Personal Information to other organizations.

We are committed to resolving any complaints about our collection or use of your Personal Information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Policy should first contact our Privacy Officer as follows: Backspaces Inc., Attn: Chargehound.com Privacy Issues, 548 Market St, PMB 35891, San Francisco, CA 94104; or privacy@chargehound.com. If we are unable to satisfactorily resolve any complaint, or if we fail to acknowledge your complaint in a timely fashion, you can submit your complaint to JAMS, which provides an independent third-party dispute resolution service based in the United States. JAMS has committed to respond to complaints and to provide appropriate recourse at no cost to you.To learn more about JAMS's dispute resolution services or to refer a complaint to JAMS, visit here

.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page. If we are going to use Personal Data collected through the Site in a manner materially different from that stated at the time of collection, then we will notify users via email and/or by posting a notice on our Site for 30 days prior to such use or by other means as required by law.

Contacting Us

If you have any questions, comments, or concerns about this privacy policy, please contact us using the following contact information:
Backspaces Inc.
Attn: Chargehound.com Privacy Issues
548 Market St, PMB 35891
San Francisco, CA 94104
privacy@chargehound.com


Please get in contact if you have any questions. We're here to help: help@chargehound.com


Are you a developer? Check out our integration documentation as well as our full API reference.