Last Updated: Nov 19, 2013

Overview

Instadebit International Solutions Ltd. ("iDebit" or "we") is a web-based payment service that allows you to pay for goods and services on the Internet without disclosing private payment information to the online merchant. Protecting your private information is the cornerstone of the iDebit payment service.

This privacy statement governs the gathering, use, and disclosure of any private information you provide through the http://www.idebitpayments.com site in the course of creating an account, monitoring your account, and conducting transactions.

By accepting the Privacy Policy and Terms of Use at registration, you expressly consent to our use and disclosure of your personal information in the manner described in this Privacy Policy. This Privacy Policy is incorporated into and subject to the terms of the iDebit Terms of Use Agreement.

If you object to your personal information being transferred or used as described in this Privacy Policy, please do not register for the iDebit service.

Information Collection and Use

iDebit is the owner of the information collected on this site. We will not sell, share, or rent this information unless otherwise disclosed in this statement. Whenever we ask for additional or optional information, we identify those fields appropriately so that you know what information is required to provide the requested service. To maximize the value of our services, we may request or collect information from you. This privacy statement tells you what is being collected, how it is collected, by whom it is being collected, why it is being collected, and to whom it may be disclosed.

In order to operate the iDebit service and to reduce the risk of fraud, we must ask you to provide us information about yourself and your bank account.

Note: iDebit is not responsible for the operations of our registered merchants including, but not limited to, their information practices. Users submitting information to or through these third-party Web sites should review the privacy statement of these sites before providing them with personally identifiable information. These sites are governed by their own privacy statements.

Notification of Changes

This policy may be revised over time to support new services, as required by law, or as deemed necessary by iDebit. We will post the amended Privacy Policy prominently on our Web site so that you can always review what information we gather, how we might use that information, and whether we will disclose it to anyone. Please check the iDebit website at www.idebitpayments.com at any time for the most current version of our Privacy Policy. Should you object to any of these changes, please contact us by any means outlined below and we will treat your objection as a notice to terminate your account with iDebit.

Personal Information We Collect

In order to complete a transaction using iDebit you must provide your name, address, phone number, date of birth, last 4 digits of a government issued ID number and e-mail address. In order to receive any funds from merchants via iDebit, you must provide your payment information details.

Information You Provide that We Do Not Store

In order to authorize a payment from your bank account through iDebit, you will be required to enter your online banking Login Information which may include your debit card number, online banking username, government issued ID number, account number, mother's maiden name, password, personal identification number (PIN), answers to security questions or other information. This information will only include information you have already provided to your bank for online access. We do not store this information and simply transfer this information to the bank server. We have no access to this information after transfer and do not use this sensitive data for any other purpose.

iDebit will NOT store any of your secure online banking access information, including but not limited to: your password, PIN, or security question answers. Since we do not store your login information, you will be required to enter this information each time you authorize a payment through the iDebit system.

Transaction Information

We retain transaction information (payment date, amount, merchant name, etc.) for each of your transactions through iDebit. This information is necessary to reconcile payments, settle transaction disputes, or errors and to provide our customers with access to transaction reports. We also collect and log the internet address (IP address), internet service provider (ISP), and routing information of the computer or device used for each transaction. This information may be shared with merchants, third parties and law enforcement authorities ONLY in the event of any suspected abuse of the system and/or suspected illegal activities.

Information Collected from Third Parties

In order to protect all our customers against potential fraud, we may verify with third parties the information you provide. In the course of such verification, we receive personally identifiable information about you from such services. In particular, we receive information from a credit bureau - to the extent permissible by law – along with other sources that provide information surrounding fraud screening services for the purposes of identity verification and identification of suspicious activity and illicit behaviour.

Web Site Traffic Information

When you arrive at or leave the iDebit Web site, we automatically receive the Web address of the site that you came from or are going to. We also collect information on which pages of our Web site you visit while you are on the iDebit site, the type of browser you use and the times you access our Web site. We use this information only to try to understand our customers' preferences better and to manage and improve our service levels.

Our Use of "Cookies"

The Cookies used by iDebit do not personally identify users. A Cookie is a piece of information which a web server may place on your computer when you visit a web site. Cookie data is stored on your computer's hard drive as a file or folder called "Cookies" and you can delete this file anytime you choose. The Cookies used on our Web sites are only valid for the current session and cannot be read by any other Web site you use. These Cookies allow us to recognize you if you visit multiple pages in our Web site during the same session, so that you do not need to re-enter your password multiple times. Once you log out or close your browser, the Cookies for that session expire and no longer have any effect. Cookies are not tied to your personally identifiable information.

Customer Service Correspondence

If you send us correspondence, including e-mails and faxes, we retain such information in the records of your account. We will also retain customer service correspondence and other correspondence from iDebit to you. We retain these records in order to measure and improve our customer service, and to investigate potential fraud and violations of our Terms of Use. We may, over time, delete these records if permitted by law.

Questionnaires, Surveys and Profile Data

From time to time, we may offer optional questionnaires and surveys to our users for such purposes as collecting demographic information or assessing users' interests and needs. The use of the information collected will be explained in detail in the survey itself. If we collect personally identifiable information from our users in these questionnaires and surveys, the users will be given notice of how the information will be used prior to their participation in the survey or questionnaire.

How We Use Information

Internal Uses

We collect, store and process your personal information on servers located in Canada. We use the information we collect about you in order to:

  • Verify your identity
  • Provide our services and process your transactions
  • Provide customer service
  • Improve our services
  • Protect you from fraud

We limit access to personal information about you to those employees and agents who need to know the information to provide products and services to you. We maintain physical, electronic, and procedural safeguards to protect personal information and we regularly review our security standards and procedures to protect against unauthorized access to personal information.

Disclosure to Third Parties

iDebit will not sell or rent any of your personally identifiable information to third parties. We do not share your name, address, date of birth, phone number, last 4 digits of your government issued ID number or payment information or email address information with our merchants unless we are compelled to do so by legal action relating to fraud or other illegal activity alleged against the customer.

iDebit will not share any of your personally identifiable information with third parties except in the limited circumstances described below, or with your express permission. These third parties are limited by law or by contract from using the information for secondary purposes beyond the purposes for which the information is shared.

  1. We share information with companies that help us process the transactions you request and protect our customers from fraud, such as sharing your identity details with credit bureaus that screen for identity inconsistencies, suspicious transaction patterns and account fraud.
  2. We disclose information that we in good faith believe is appropriate to cooperate in investigations of fraud or other illegal activity, or to conduct investigations of violations of our Terms of Use. Specifically, this means that if we conduct a fraud investigation and conclude that a customer has engaged in deceptive practices, we can give that person's contact information to victims who request it.
  3. We disclose information in response to a subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action.
  4. We disclose information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
  5. As with any other business, it is possible in the future for iDebit to merge with or be acquired by another company. If such an acquisition occurs, the successor company would have access to the information maintained by iDebit, including customer account information, but would continue to be bound by this Privacy Policy unless and until it is amended as described in this policy.
  6. We may share your information with our parent, and subsidiaries to help coordinate the services we provide to you, enforce our terms and conditions, and promote trust and safety.
  7. We may share your information with service providers: In some cases, we will employ or work with service providers such as marketing or security consultants, temporary workers, third-party software developers or customer support services to complete a business process or provide a service on our behalf. For example, we may use service providers to provide telephone support on our behalf. While this may require that we share some information, we will only share information that the service provider must have to perform the requested services. These service providers are strictly prohibited from using your information for any purpose other than to act on our behalf.
Geographical, IP, ISP and Routing Information

iDebit uses sophisticated geo-location tracking systems to identify the IP address, Internet service provider, and routing information for all transactions on our system. Your IP address is disclosed to a third party service provider, but not in a manner that associates it with personally identifiable information. In the case of fraudulent or other illegal activity, iDebit will inform law enforcement authorities and share any information that is requested by such authorities to assist in their investigations.

We may use IP addresses, browser types and access times to analyze trends, administer the site, improve site performance, and gather broad demographic information for aggregate use. This information is only used an analyzed in aggregate and is therefore not personally identifiable information.

Our Contact with iDebit Customers

We communicate with users on a regular basis via e-mail to provide requested services, and we also communicate by phone to resolve customer complaints or investigate suspicious transactions. We use your e-mail address to confirm your various transactions, to send you notice of funds received into your account, to send information about important changes to our products and services, to alert you to public security or privacy threats (such as email solicitation), and to send notices and other disclosures required by law. Users cannot opt out of these types of communications, but they will be administrative in nature rather than promotional. As a value added service, from time to time, we will contact you via e-mail to notify you of new merchants we have added to our merchant network, to deliver special offers and discounts available from our merchants or to inform you of new products and services available. You will be provided with the option of opting out of such update notices.

How Your Information Is Stored

Information Security

iDebit is committed to handling your customer information with high standards of information security. Your personal and transaction information are stored on computers that are not connected to the Internet. We restrict access to your personally identifiable information to employees who need to know that information in order to provide products or services to you and have been trained in information security and privacy policies. We maintain physical, electronic and procedural safeguards to guard your non-public personal information. We test our security systems regularly and also contract with outside companies to audit our security systems and processes.

When you enter your bank and login information on our site to complete your transaction, these pages will be SSL encrypted to maintain the security of this sensitive data. We do not store your bank login, password or other authentication information.

Your Responsibilities for Maintaining Your Security

The security of your iDebit account also relies on your protection of your iDebit password. You should not share your iDebit password with anyone. iDebit will never ask you to send your password or other sensitive information to us in an e-mail, though we may ask you to enter this type of information on the iDebit website, which will always have a URL beginning with https://www.idebitpayments.com/.

Any e-mail or other communication requesting your password, asking you to provide sensitive account information via email, or linking to a website with a URL that does not begin with https://www.idebitpayments.com/ should be treated as unauthorized and suspicious and should be reported to iDebit immediately. If you do share your iDebit password with a third party for any reason, including because the third party has promised to provide you additional services such as account aggregation, the third party will have access to your account and your personal information, and you will be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account at www.idebitpayments.com, and contacting us right away as described below.

Updating or Correcting Your Information

You can review the personal information you provided us and make changes to some information, or to the settings for your iDebit account, at any time by logging in to your account on the iDebit Web site and changing your preferences of your account. In order to protect you we restrict the alteration of some information, which can only be changed by calling the iDebit customer service department. If you close your iDebit account, we will mark your account in our database as "Closed," but will keep your account information in our database. This is necessary in order to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account. However, if you close your account, your personally identifiable information will not be used by us for any further purposes, nor sold or shared with third parties, except as necessary to prevent fraud and assist law enforcement, or as required by law.

Contacting Us

If you have any questions about this privacy statement, our information practices, or our disclosure policies you can contact us via e-mail at support@idebitpayments.com. Our mailing address is iDebit Payments, Inc., P.O. Box 301 157 Adelaide Street West, Toronto, ON M5H 4E7

To report privacy or security violations, loss or disclosure of passwords, or any unauthorized account access or transactions please immediately contact us at security@idebitpayments.com.