Privacy Policy
Effective Date: April 28, 2023
At PostMerchant LLC, we take our users' privacy very seriously. This Privacy Policy describes how we collect, use, and disclose information when you use our Software-as-a-Service (SaaS) product Lift (the "Platform"), including our policies and procedures surrounding the collection and handling of data about any living individual who can be identified from that data or from that data and other information either in our possession or likely to come into our possession (“Personal Data”).
This Privacy Policy applies only to our Platform and to the products and services provided through our website www.lift.postmerchant.com. It does not apply to any third party site or service linked to our Platform or recommended or referred by our Platform, through our products or services, or by our staff. And it does not apply to any other website, product, or service operated by our company, or to any of our offline activities.
By use of our Platform, you agree to the collection and use of information described in this Privacy Policy.
Data We Collect
We collect the following personal data from users who buy our products or services or contact us through the contact forms at our Platform: first name, last name, and e-mail address, and telephone information. We also collect information necessary for servicing our user's businesses operations such as, dbas, addresses, bank account information, logos, e-mail addresses, telephone, user IP addresses, processors, processor pricing, 3rd party passwords and other credentials needed for integegrations, portfolio data including partner and agent names, addressses, telephone numbers, e-mail addresses and banking information. Finally, the Platform collects merchant information including application forms, product and pricicing information, business names, addresses, phone numbers, e-mail addresses, telephone numbers, banking information, owner names, social security numbers, dates of birth and ownership percentages.
We also collect data on how our website is used: number of page visits and duration, type of browser, etc. (collectively, “Usage Data”). This Usage Data may include personal data, like your Internet Protocol (IP) address.
We also use “cookies” to collect certain information from all users, including web visitors. Data collected through cookies may include Usage Data (whether or not personal) and Personal Data. A cookie is a string of data our system sends your computer and then uses to identify your computer when you return to our Platform. You can set up most browsers to refuse all cookies or to notify you of any cookies you receive. But if you don’t accept cookies, you won’t be able to make as efficient use of our Platform, and you may not be able to use some features at all.
Our Platform is not intended to collect data from children or from anyone under 18. If you are aware of children’s information collected through our Platform, please contact us immediately at privacy@postmerchant.com.
User instructions to Lift will be generally followed, which instructions may include explicit or implicit consent to distribute Personal Data to third parties.
Lift will not use Personal Data other than as per the Terms of Use.
Use of Personal Data
We use your Personal Data to create your account, to communicate with you about products and services of the Platform. We also use that information to the extent necessary to enforce our Platform terms of service and to prevent imminent harm to persons or property.
We use cookies so that our Platform can remember you and provide you with the information you’re most likely to need. In addition to personalization, we also use information gained through cookies to compile statistical information about use of our Platform, such as the time users spend at the site and the pages they visit most often. And we use cookies to assist in branding of the site.
Do Not Track Notice Do Not Track (“DNT”) is a setting in a web browser that directs websites not to track your behavior. You can activate the DNT settings through most browsers.
Retention of Personal Data
We retain your Personal Data so long as it serves the purposes listed in this Privacy Policy, including to operate our services, send you notices other general messages (unless you’ve unsubscribed), to collect and monitor traffic and other usage statistics at our Platform, to resolve disputes, to enforce the terms of this Platform’s contracts, and to comply with our legal obligations.
Transfer of Personal Data
We may store or process your data outside your city, province, state, or country. Data storage venues include, without limitation, the United States and the European Union. These and other data storage jurisdictions may operate under privacy and data protection laws different from those of your home jurisdiction. Your submission of data to our Platform and your consent to this Privacy Policy include consent to such storage and processing outside of your jurisdiction.
Contractor and Other Third Party Access to Personal Data
We give certain independent contractors access to Personal Data. Those contractors assist us with hosting and storage of this Platform, tracking Platform use, and marketing to and communications with Platform users. All those contractors are required to sign contracts in which they promise to protect Personal Data using procedures reasonably similar to ours. (Users are not third party beneficiaries of those contracts.) We also may disclose Personal Data to attorneys, collection agencies, or law enforcement authorities to address potential AUP violations, other contract violations, or illegal behavior. And we disclose any information demanded in a court order or otherwise required by law or to prevent imminent harm to persons or property. Finally, we may share Personal Data in connection with a corporate transaction, like a merger or sale of our company, or a sale of all or substantially all of our assets or of the product or service line you received from us, or a bankruptcy.
Microsoft Azure
Our Platform is hosted using Microsoft Azure, this includes the Platform back office portal, merchant facing application and website and APIs. All data collected through our Platform is processed within Azure. Most data, with exception of some Personally Identifiable Infomration ("PII") is stored within Azure. For information on Microsoft Azure's’ privacy practices, please visit https://privacy.microsoft.com/en-us/privacystatement.
Skyflow
Our Platform uses Skyflow as a secure data vault for storing sensitive information, including social security numbers, dates of birth, banking information and documents with PII. For information on SkyFlow's privacy practices, please visit https://www.skyflow.com/privacy-policy.
Twilio
Our independent contractors also include Twilio, which sends bulk e-mails for us. For information on SendGrid's use of personal data, please visit the Twilio Privacy Policy web page at https://www.twilio.com/en-us/legal/privacy.
We are not responsible for the conduct of Microsoft, Skyflow, or Twilio.
As noted above, we compile Platform usage statistics from data collected through cookies. We may publish those statistics or share them with third parties, but they don’t include Personal Data. Except as set forth in this Privacy Policy, we do not share Personal Information with third parties.
Protection of Personal Data
We protect the data you send in contact forms (name and e-mail address) by storing it on password-protected computers and by sharing it only with contractors who have agreed to use it only as we instruct and within the law. However, you should be aware that, once we use information in a contact form to send you an e-mail, that information is outside of our control and our contractors’ control and could be compromised online.
We do not directly store the personal data that may be included in usage data collected by cookies and other mechanisms at our site. That data is collected and stored on our behalf by our contractors, including Microsoft, Skyflow and Twilio, under their security procedures. See Section "Contractor and Other Third Party Access to Personal Data" above for more information on those contractors and their policies.
Unfortunately, even with these measures, we cannot guarantee the security of Personal Data. By using our Platform, you acknowledge and agree that we make no such guarantee, and that you use our Platform at your own risk.
Accessing and Correcting Your Personal Data
You can access and change any Personal Data we store by contacting us via e-mail, at privacy@postmerchant.com.
Special Terms related to the European Economic Area
Our platform is intended for Users and businesses located within the United States, however if you are in the European Economic Area (“EEA”), the provisions of this Section H apply to you, effective May 25, 2018.
Legal Basis for Processing
We may process your Personal Data because you have given us permission to do so (e.g., by sending data through our contact or order forms), because the processing is in our legitimate interests and it’s not overridden by your rights, or because we need to process your Personal Data to comply with the law.
Your Rights Under the General Data Protection Regulation (“GDPR”)
If you wish to know what Personal Data we hold about you, to have us remove it, or otherwise to exercise your rights, please contact us at privacy@postmerchant.com. In some cases, you also have the following rights related to your Personal Data:
- The right to access, update, or delete your Personal Data.
- The right of rectification—to have your information altered if it is inaccurate or incomplete.
- The right to object to our processing of your Personal Data.
- The right of restriction—to request that we restrict how we process your Personal Data.
- The right to data portability—to receive a copy of the information we have on you in a structured, machine-readable, and commonly used format.
- The right to withdraw consent to our processing of your Personal Data.
- The right to complain to an EEA data protection authority (a government agency) about our management of your Personal Data.
Amendment of This Privacy Policy
We may change this Privacy Policy at any time by posting a new version on this page or on a successor page. The new version will become effective on the date it’s posted, which will be listed at the top of the page as the new Effective Date.
Contacting Us
For questions about this Privacy Policy, please contact us at privacy@postmerchant.com.