Mastercard Qkr! Mobile App Privacy Notice

 

 

Effective Date: 25 May 2018

Mastercard Europe SA, its affiliates and other entities within the Mastercard’s group of companies (“Mastercard”, “we”, “us”, or “our”) respect your privacy. 

 

 

1. Personal Information We May Collect

 

 

2. How We May Use Your Personal Information

 

 

3. How We Share Your Personal Information 

 

 

4. Your Rights and Choices

 

 

5. How We Protect Your Personal Information

 

 

6. Data Transfers

 

 

7. Features and Links to Other Websites

 

 

8. Updates to This Privacy Notice

 

 

9. How to Contact Us

 

 

This Privacy Notice applies to the processing of Personal Information collected in the context of the Qkr! Mobile App (“the App”) available through your App Store. This Privacy Notice does not cover the collection and use of your Personal Information by Mastercard in the context of other programs, by third parties on other Mastercard branded websites, by your Mastercard Card issuers (e.g., your bank), or any other information or communications that may reference Mastercard outside of the App. The App uses your Masterpass Wallet (“Masterpass”) to facilitate your payments. For more information, please visit the Masterpass Privacy Notice available at https://wallet.masterpass.com/Wallet/masterpass/en-ie/privacy.html.

 

This Privacy Notice describes the types of Personal Information we collect in connection with the App, the purposes for which we collect that Personal Information, the other parties with whom we may share it and the measures we take to protect the security of the data. It also tells you about your rights and choices with respect to your Personal Information, and how you can reach us to update your contact information or get answers to questions you may have about our privacy practices.

 

Your use of the App and your participation in the program is subject to this Privacy Notice and to our Terms of Use. You can find the Terms of Use directly in the Qkr! App, under Menu > Legal. For more information about Mastercard’s privacy practices, please visit Mastercard’s Global Privacy Notice at https://www.mastercard.us/en-us/about-mastercard/what-we-do/privacy.html.

 

 

 

 

 

1.     Personal Information We May Collect

We may collect the following Personal Information:  

 

  • Your name, email address, password, country, and postal address.
  • Your payment card information.
  • Your photograph.
  • Information provided by merchants about your transactions using the App, including order details, merchant name, payment cards registered with Masterpass, and information about whether or not the order was completed.
  • Your preferences, interests and behavior, including information related to your use of the App collected via cookies and other similar technologies.

 

 

For the purpose of this Privacy Notice, “Personal Information” means any information relating to an identified or identifiable individual. In connection with the App, we obtain Personal Information relating to you from various sources described below.

 

Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not be able to benefit from the App if that information is necessary to provide you with the service or if we are legally required to collect it.

 

a.     Personal Information Provided by You

 

In connection with the App, we ask you to provide certain Personal Information when you register, such as your name, email address, password, country, postal address, and payment card information. You also have the option to provide a photograph of yourself during the registration process that will display on your account. We also receive details of your order when you use the App to order items from a merchant. 

 

b.     Personal Information Provided by Participating Merchants in Connection with Your Use of the App

 

We receive certain data from merchants about your transactions using the App, including description of items, quantity, price, subtotal, payment cards registered with Masterpass, merchant name, currency, date and time of order, and information about whether or not the order was completed.

 

c.     Personal Information Obtained from Your Interaction with the App

 

When you use the App, we may collect certain information by automated means via cookies and similar technologies, such as IP address, MAC address, device ID, Qkr! ID, location data, information on actions taken on the App, dates and times of actions, and other mobile analytics. We use this information to improve the App by assessing how many users access or use our service, which content, products, and features of our service most interest our visitors, what types of offers our customers like to see, and how our service performs from a technical point of view. For example, if you have provided your consent, we may collect the IP address or GPS coordinates assigned to the device by the Internet access provider to determine your location in order to provide you with up-to-date lists of merchants using Qkr! at your current location.

 

d.     Tailored Content and Services

 

If you sign up for the App, we may use Personal Information provided by you or by participating merchants in connection with your use of the App, or publicly available information, to analyze your preferences, interests, and behavior in order to provide you with personalized content and the most relevant offers, content, or messages. We will not subject you to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you.

 

 

2.     How We May Use Your Personal Information

We may use Your Personal Information to: 

 

  • Communicate with you.
  • Provide, improve, and develop the App. 
  • Enable you to collect rewards and redeem coupons.
  • Validate your Masterpass payment and shipping information.
  • Protect against fraud and ensure safety and security.
  • Send you marketing materials and provide you with personalized content.
  • Assist third parties in the provision of products or services that you request from third parties.
  • Perform data analysis.
  • Enforce our Qkr! Terms of Use (under Menu > Legal) and Masterpass Terms of Use and comply with our legal obligations.

 

 

We may use the Personal Information we obtain about you to:


  • Create and manage your Qkr! account, provide our services and functionalities that you request, communicate with you, and respond to your inquiries.
  • Protect against and prevent fraud, unauthorized transactions, claims and other liabilities.

·       Send you marketing communications about products, services, offers, programs and promotions of Mastercard, its issuers, acquirers, retailers and partners (including contests, sweepstakes and any other marketing activities).

·       Provide you with personalized services and recommendations. For example, we may suggest products or other special marketing activities that would be of particular interest to you based on your interaction with our app, your online behavior and other Personal Information we may obtain about you.

·       Enable you to collect rewards and redeem coupons offered by merchants using Qkr!

·       Validate your Masterpass payment and shipping information.

·       Assist third parties in the provision of products or services that you request from third parties.

  • Operate, evaluate, and improve our business (including by developing new products and services; managing our communications; determining the effectiveness of our advertising; analyzing our products, services, apps, and websites; facilitating the functionality of our apps and websites; and performing accounting, auditing, billing, reconciliation, and collection activities).
  • Monitor the use of and improve our interactive assets, including the App.
  • Perform data analyses (including anonymization of Personal Information).
  • Enforce our Qkr! Terms of Use (under Menu > Legal) and Masterpass Terms of Use
  • Comply with applicable legal requirements and industry standards and our policies.
  • Perform auditing, research, and analysis in order to maintain, protect, and improve our services. 


We will only process your Personal Information for the above purposes when we have a valid legal ground for the processing, including if: 

 

  • You consented to the use of your Personal Information. For example, we may seek to obtain your consent for our uses of cookies or similar technologies, to send you marketing communications or personalize our offerings, or to process Personal Information deemed sensitive pursuant to applicable law. 
  • We need your Personal Information to provide you with products and services, or to respond to your inquiries.
  • The processing is necessary for compliance with a legal obligation such as to prevent and monitor fraud in payment transactions.

·       We, or a third party, have a legitimate interest in using your Personal Information, such as to ensure and improve the safety, security, and performance of our products and services, to protect against and prevent fraud, to anonymize Personal Information and carry out data analyses.

 

 

3.     How We Share Your Personal Information

We may share Personal Information with:  

 

  • Mastercard’s headquarters in the U.S., our affiliates and other entities within Mastercard’s group of companies.
  • Our service providers acting on our behalf.
  • Other participants in the payment ecosystem, including payment card issuers and merchants.
  • Third parties for fraud monitoring and prevention purposes, or other lawful purposes.
  • Third parties in the event of a sale or transfer of our business or assets.

 

 

We do not sell or otherwise disclose Personal Information we collect about you, except as described in this Privacy Notice or otherwise disclosed to you at the time the data is collected. We share information to provide access to the App and the functionalities that you request (e.g. payment with Masterpass), and to perform and/or facilitate payment card transactions (including card fraud detection and prevention).

 

We may share the Personal Information we collect with our headquarters and affiliates, including Mastercard International.

 

We may share the Personal Information we collect with financial institutions that issue payment cards or merchants that process payment card transactions. For example, in the course of supplying the App, we may provide an individual’s card data to financial institutions about their cardholders’ transactions that Mastercard processes. In the course of supplying some of our products we may also provide Personal Information to a merchant to facilitate a payment card transaction that you request. We may also share aggregated or de-identified data with participating merchants and financial institutions that issue your card.

 

We also may share Personal Information with our service providers who perform services on our behalf and in relation to the purposes described in this Privacy Notice. We require these service providers by contract to only process Personal Information in accordance with our instructions and as necessary to perform services on our behalf or comply with legal requirements.  We also require them to safeguard the security and confidentiality of the Personal Information they process on our behalf by implementing appropriate technical and organizational security measures and confidentiality obligations binding employees accessing Personal Information.

 

We also may disclose data about you: (i) if we are required to do so by law or legal process, (ii) in response to a request from a court, law enforcement authorities, or government officials, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

 

We also reserve the right to transfer Personal Information we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to direct the transferee to use Personal Information you have provided to us in a manner that is consistent with this Privacy Notice. 

 

 

 

4.     Your Rights and Choices

Subject to applicable law, you have the right to: 

 

·       Access your Personal Information, rectify it, restrict or object to its processing, or request its deletion.

·       Receive the Personal Information you provided to us to transmit it to another company. 

·       Withdraw any consent provided. 

·       Where applicable, lodge a complaint with your Supervisory Authority.

 

If you are located in the EEA or Switzerland, you can exercise your rights via Mastercard’s “My Data Center” Portal. You may also submit a request as described in the “How to Contact Us” section.

                        

 

Subject to applicable law, you have the right to: 

 

  • Request access to and receive information about the Personal Information we maintain about you, to update and correct inaccuracies in your Personal Information, to restrict or to object to the processing of your Personal Information, to have the information anonymized or deleted, as appropriate, or to exercise your right to data portability to easily transfer information to another company. In addition, you may also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place. 

 

  • Withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal. 

 

  • You may opt out from receiving marketing communications by clicking on the unsubscribe link contained in such communications.  

 

Those rights may be limited in some circumstances by local law requirements.

 

At any time, you can view or change your Personal Information and manage your marketing preferences by logging into your account. If you are located in the EEA or Switzerland, you can easily exercise your rights via Mastercard’s “My Data Center” Portal. You may also submit a request to exercise your rights, update your preferences, ask us to remove your information from our mailing lists or delete your account by contacting us as specified in the “How to Contact Us” section below.

 

 

5.     How We Protect Your Personal Information

We maintain appropriate security safeguards to protect your Personal Information and only retain it for a limited period of time.

 

 

We maintain appropriate administrative, technical, and physical safeguards to protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. We restrict access to Personal Information about you to those employees who need to know that information to provide products or services to you.

 

We also take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it in the context of the services or when you request their deletion, unless we are required by law to keep the information for a longer period. We complete periodic review of our databases, and have established specific time limits for data deletion, taking into account the type data collected, the type of services provided in the context of the App, the length of the customer relationship, possible re-enrolment with the program, mandatory retention periods, and the statute of limitations.

 

 

6.     Data Transfers

We may transfer your Personal Information outside of the EEA, including to the United States, in compliance with our Binding Corporate Rules and other data transfer mechanisms.

 

 

Mastercard is a global business. We may transfer or disclose Personal Information we collect about you to recipients in countries other than your country, including to the United States where our global headquarters are located. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer or disclose your Personal Information to other countries, we will protect that information as described in this Privacy Notice.

 

We comply with applicable legal requirements providing adequate safeguards for the transfer of Personal Information to countries other than the country where you are located. In particular, we have established and implemented a set of Binding Corporate Rules (“BCRs”) that have been recognized by EEA data protection authorities as providing an adequate level of protection to the Personal Information we process globally. A copy of our BCRs is available here. We may also transfer Personal Information to countries for which adequacy decisions have been issued, use contractual protections for the transfer of Personal Information to third parties, such as the European Commission's Standard Contractual Clauses, or rely on third parties’ certification to the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks where applicable. You may contact us as specified in the “How to Contact Us” section below to obtain a copy of the safeguards we use to transfer Personal Information outside of the EEA.

 

 

7.     Features and Links to Other Websites

You may choose to use certain features for which we partner with other entities that operate independently from Mastercard.

 

You may choose to use certain features for which we partner with other entities or participating merchants, or click on links to other websites for your convenience and information.  These features, which may include social networking and geographic location tools, and other apps or websites, may operate independently from Mastercard. They may have their own privacy notices or policies, which we strongly suggest you review. To the extent any features or linked websites you visit are not owned or operated by Mastercard, we are not responsible for the apps’ or sites’ content, use, or privacy practices.

 

 

8.     Updates to This Privacy Notice

This Privacy Notice may be updated periodically to reflect changes in our privacy practices.

 

 

This Privacy Notice may be updated periodically to reflect changes in our Personal Information practices. We will notify you of any significant changes to our Privacy Notice and indicate at the top of the notice when it was most recently updated. If we update this Privacy Notice, in certain circumstances, we may seek your consent.

 

 

9.     How to Contact Us

You can e-mail us at privacyanddataprotection@mastercard.com. If you are located in the EEA or Switzerland, you may submit your request to exercise your rights in relation to your Personal Information on Mastercard’s “My Data Center” Portal.

 

 

Mastercard Europe SA is the entity responsible for the processing of your Personal Information.

 

If you are located in the EEA or Switzerland, you can easily exercise your rights via Mastercard’s “My Data Center” Portal. You may also submit a request to exercise your rights or share any questions, comments, or complaints about this Privacy Notice or our privacy practices  by e-mailing us at privacyanddataprotection@mastercard.com, or writing to us at:

 

Data Protection Office 

Mastercard Europe SA

Chaussée de Tervuren 198A

B-1410 Waterloo

Belgium

 

 

 

For more information on Mastercard’s privacy practices in other contexts, please refer to our Global Privacy Notice available at https://www.mastercard.us/en-us/about-mastercard/what-we-do/privacy.html.

 

For all other enquiries about your Mastercard card and your purchase, you must contact your issuing bank or the participating merchant. More information about how to contact them can be found on their respective websites.