-
Scope
This Privacy Policy governs the access and use of our Services by different users, including:
- Customers and Prospective Customers, and their Representatives. To the extent an AffiniPay Customer or prospective customer, or its representative, provides their own Personal Information as part of account management, this Privacy Policy applies.
- End Users. End Users are individuals associated with Customers who use the Services, at the direction of a Customer, to make payments to Customer or to allow Customers to manage their cases. AffiniPay does not have a direct, legal relationship with these End Users, but we may collect and process Personal Information from End Users to process payments or provide the Services to Customers. AffiniPay is a data processor or “service provider” (as those terms are understood under applicable law) with respect to such End User-submitted Personal Information.
-
Information We Collect
Representatives of Customers may provide Personal Information to us, generally in the form of business to business contact information. End Users may provide Personal Information to our Customers, who may share this Personal Information with us to provide Services. Or, End Users may provide Personal Information directly to us when accessing or using Services, including when requesting information on our Site, submitting a payment, or registering for a promotion. We may also collect Personal Information about you from third parties, including third-party sites and advertisers, as discussed below.
Categories of Personal Information Collected | Purpose of Collection |
---|---|
General Identifiers: real name, alias, postal and email address, telephone number, photo, date of birth, unique personal identifiers, online identifiers (i.e. login, password), Internet Protocol (“IP”) address, device identifiers, job title, function, and/or professional memberships account credentials, or other similar identifiers. |
We and our Customers may use this Personal Information to establish and maintain your account, to verify your identity, to fulfill the reason you provided the data (e.g., respond to an inquiry or manage a legal case), to send you information and promotional materials related to the Services, and to improve our Services and to develop new Services. We may also use this information to notify you of any changes to relevant agreements, policies, or other terms, and to enforce such terms, and to comply with legal obligations, court orders, or to exercise or defend against any legal claim, or in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets. |
Payment Information: information collected when processing a payment or storing payment data in a vault or wallet, including billing data, credit or debit card data, ACH or bank data, and other details related to payments by Customers and End Users or their respective financial account information. Payment data may be considered sensitive Personal Information. |
We and our Customers use this Personal Information to process and complete payments submitted through our Services and to facilitate and expedite any future payments you authorize. We may also use this information to enforce and protect our rights, including as needed in dispute resolution. We may use limited and/or de-identified payment information for reporting, and to develop and improve our Services, provided, however, that such processing shall not include unmasked account numbers or payment credentials. |
Information for Identity Verification: information that can be used to verify your identity, such as your social security number, tax identification number, images of your driver’s license, government issued ID, passport, national ID card, birthdate, and other authentication information. |
We use this information to (a) maintain the safety, security, and integrity of our Services, databases and other technology assets, (b) provide background and screening services, (c) fulfill “know your customer” processes that are required for certain payment services, (d) complete underwriting and account maintenance, (e) enable you to make and receive payments, (f) prevent or investigate fraud, or for risk management purposes, and (g) comply with other regulatory requirements. |
Credit application data: information collected when you apply for the LawPay Visa® Business Card or any other business credit-related product or service we may offer from time to time, which may include identifiers like credit history, bankruptcy history, tax identification number, account balances and data, and other details related to your application for and use of such products or services. |
We use this information to (a) maintain the safety, security, and integrity of our credit-related Services, databases and other technology assets, (b) determine your firm’s creditworthiness and otherwise evaluate your application, (c) complete underwriting and account maintenance, (d) comply with applicable law, network rules, and requirements of the financial institution who issues the LawPay Visa® Business Card or any other credit product. |
Customer Records: information you provide when you contact us with an inquiry, participate in our communities, or otherwise interact with us, including your name and contact information, your job function, your comments or inquiry, and account details. |
We use this information to respond to your inquiries and for billing and transaction purposes in connection with providing our Services. We may also use this information to enforce and protect our rights, including as needed in dispute resolution. |
Commercial Information: commercial information including products and Services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
We use this information to manage your account with us, market and improve our services and to develop new Services. |
Information we Collect from Other Entities: we may also collect information from other sources such as our data analytics service providers and advertising providers, or information about you from publicly available sources. |
We use this information to help us provide our Services, tailor our communications to you, market our Services, and to improve our Services and to develop new Services. |
Audio, Electronic, Visual, or Similar Information: audio, electronic, video, visual, or similar information. For example, if you contact us, we may have dictation software create a transcript and/or retain a copy of that call recording. When you interact with the chat function that we make available on our website, AffiniPay and our service providers may record and have access to the communications for providing you customer service and improving consumer interactions with AffiniPay. Use of the chat function constitutes consent to be recorded. |
We use this information for internal training purposes, to improve Customer and End User experience and communication, to market and improve our Services and to develop new Services. |
Information We Collect Automatically: we may use cookies, web beacons, or other technologies to collect certain information about visitors to and users of our Sites. We automatically collect certain information from you, such as the type of web browser and operating system you use, the name of your Internet Service Provider, Internet Protocol (“IP”) address, software version, geolocation information, the domain name from which you accessed our Sites, and information about your browsing behavior. |
We use this information to tailor our Services and enhance your online experience and to help us identify and deliver features, advertisements, and offers that may be of particular interest to you. We may also use this Personal Information to market and improve our services and to develop new Services. |
Inferences: drawn from the information collected, including preferences, characteristics, behavior, attitudes, and aptitudes. |
We use this information to tailor our Sites and enhance your online experience and to help us identify and deliver Sites features, advertisements, and offers that may be of particular interest to you. We also use this information to provide, support, and develop our Human Resources programs and systems. We may also use this Personal Information to improve our services and to develop new Services. |
Sensitive Personal Information within meaning of applicable law, which may include certain identifiers like Social Security number, Driver's License number, or other government issued identification. |
We only use and disclose Sensitive Personal Information as necessary in connection with the performance of Services, to comply with federal, state, or local laws, to prevent, detect, and investigate security incidents, to fight fraud and other illegal acts, for short-term, transient use, to maintain the quality of our Services, and to improve, upgrade, or enhance the Services. |
Information Customers Choose to Share with us as Inputs while using our IQ Features: when Customers use our AI-powered IQ services (MyCase IQ, Docketwise IQ, etc.), the Customer chooses which information it submits to the platform to be processed by its Large Language Model (LLM) provider. Based on our Customer base, such information may include Sensitive Personal Data relating to cases managed by such Customer. |
We use and disclose this information as necessary in connection with the performance, development and improvement of Services, and to comply with federal, state, or local laws. |
-
How We Disclose Information
We may disclose Personal Information to the following categories of third parties:
- Corporate affiliates, including corporate parents, subsidiaries, other affiliated entities, and associated entities for the purposes described in this Privacy Policy. Affiliates are required to treat the information in accordance with this Privacy Policy.
- Service providers help us administer, provide, maintain, develop, improve, and market the Services. Certain service providers may contact you about products or services you may be interested in, or they may provide personalized and tailored advertising services or make available certain features, as permitted by law, including by using select information collected automatically through our Sites. We also work with such providers to match information we hold with their information to tailor advertising to your interests. We may provide certain reports including de-identified and/or aggregated Personal Information to service providers who help us maintain, market, and improve the Services. Service providers may not use your Personal Information for any other reason than providing or marketing the Services as described herein, and services providers must have appropriate safeguards to protect your Personal Information. In addition, certain business partners may also receive basic business contact information or de-identified usage data to offer or provide their services, such as integrated features. In all cases, we do not disclose your personal information to these third parties for monetary compensation, and you may opt out as detailed below.
- Parties you directly authorize to provide or receive the applicable Information, such as when you request for us to process a payment. The use of your Personal Information by an authorized third party is subject to the third party’s privacy policy, and AffiniPay is not responsible for the third party's actions or policies.
- Third-party entities in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock, including in connection with any bankruptcy or similar proceedings. In such cases, AffiniPay will require the recipient to use Personal Information it receives in accordance with this Privacy Policy.
- As we believe necessary: (i) under applicable law; (ii) to enforce applicable terms and conditions; (iii) to protect our rights, privacy, safety, or property, and that of our affiliates, you, and others; (iv) to detect, prevent, or otherwise address fraud, security or technical issues; and (v) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.
- Pursuant to your express consent.
-
All the above categories exclude text messaging originator opt‐in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.
-
Your Rights and Choices
Depending on your place of residence, you may have certain rights related to the collection and processing of your Personal Information. The rights vary but may include:
- Right to know whether, and for what purposes and from what source, we collect and process your Personal Information.
- Right to access, modify, or correct your Personal Information.
- Right to know with whom we have shared your Personal Information, for what purpose, and what Personal Information has been shared.
- Where processing of Personal Information is based on consent, the right to withdraw your consent to such processing.
- Right to opt-out of the sale or sharing of your Personal Information.
- Right to object to decisions based on profiling or automated decision-making that produce legal or similarly significant effects on you.
- Right to restrict the processing of your Personal Information or object to processing of your Personal Information carried out pursuant to (i) our legitimate interest or (ii) performance of a task in the public interest.
- Right to data portability, which means that you can request that we provide certain Personal Information about you in a machine-readable format.
- Right to erasure or the right to be forgotten, which means that you can request deletion or removal of certain Personal Information we process about you.
- Right to appeal the decisions we make regarding the processing of your Personal Information. You may exercise this right be replying to the correspondence you receive from us, or by contacting us at the address listed at the end of this Privacy Policy.
- Right to lodge a complaint with a regulator located in the jurisdiction of your residence, place of work, or where an alleged violation of law occurred.
You may exercise these rights, to the extent they apply to you, by contacting us as outlined at the end of this Privacy Policy. Note, however, that we may request certain reasonable additional information, that may include Personal Information, to help us authenticate your identity and to clarify or understand the scope of the request. If you are an End User, please contact the business (e.g., the law firm or CPA firm) that has directed us to process your Personal Information. As a service provider, we can only process such request with the business's consent.
You also have choices about how we communicate with you and how we process certain Personal Information about you. You may opt out of receiving marketing or other communications from us at any time by following the unsubscribe instructions provided in any email that you receive from us or by contacting us as provided at the end of this Privacy Policy. If you opt-out of receiving email from us or otherwise modify the nature or frequency of promotional communications, it may take up to ten (10) business days for us to process your request and you may continue to receive promotional communications from us during that period. You will continue to receive administrative messages regarding our Services or transactions you have entered into with us, even after opting-out of promotional communications. You also have the right to opt out of cookie collection by scrolling to the bottom of any of our web pages and clicking “Cookies.” Most web browsers automatically accept cookies, but you can usually modify this in your browser’s settings. If you opt out of cookie collection, you may be prevented from taking full advantage of our Services.
-
Information Security
We take reasonable steps to safeguard your Personal Information. Our platforms and payment processor partners comply with the Payment Card Industry Data Security Standard. We also have security features built into the system for our Customers and End Users, including cryptography, encryption of sensitive information, quarterly scans, annual system audits, and specific security controls around payment data.
Unfortunately, transmission of information via the Internet is never wholly secure, and we cannot guarantee or warrant the security of your Personal Information transmitted to or through our Services or otherwise provided to us, and we are not responsible for the theft, destruction, or inadvertent disclosure of such Personal Information. It is your responsibility to safeguard any passwords, ID numbers, or other special access features associated with your use of the Services. Any transmission of Personal Information by you is at your own risk.
If you have any questions about the security on our Services, or if you become aware of any unauthorized use of an account, loss of your account credentials, or suspect a security breach, notify us immediately through the contact details provided at the end of this Privacy Policy. If our security system is breached, we will notify you of the breach to the extent required under applicable law.
-
Information Retention
We retain the Personal Information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purposes for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
-
Cross-Border Information Transfers
We may transfer Personal Information to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protections for cross-border transfers as required by law for international data transfers.
-
Children’s Privacy
We do not provide Services to, or knowingly request or solicit Personal Information from, anyone under the age of 13. If we learn that we have collected Personal Information from anyone under the age of 13 without verifiable parental consent, we will delete that information as quickly as is practical. We reserve the right to request proof of age at any stage so that we can verify that minors are not using the Services.
-
Changes in the Privacy Policy
We may modify and update this Privacy Policy from time to time by posting an amended version on our Sites. Please refer to this Privacy Policy regularly.
-
How to Contact Us
If are not an End User and you wish to exercise any privacy rights applicable to you, please follow this link and provide the requested information. If you are an End User, please contact the business (e.g., the law firm or CPA firm) that has directed us to process your Personal Information. As a service provider, we can only process such request with the business's consent. you have any questions or comments about how we collect or use your Personal Information, or you wish to exercise any applicable rights through another method, please contact us at: privacy@affinipay.com. Please note, however, that we may request certain reasonable additional information, that may include Personal Information, to help us authenticate your identity and to clarify or understand the scope of the request.
- Request to know and/or access the Personal Information we have collected about you, including specific pieces of the Personal Information we have collected about you.
- Request deletion of your Personal Information.
- Request information about the Personal Information about you that we have shared (as such term is defined under California Privacy Law) to third parties.
- Request the correction of inaccurate Personal Information.
- Request the categories of your Personal Information disclosed for a business purpose.
- Request information about the categories of your Personal Information about you that we have shared or sold within the past 12 months and the categories of third parties to whom your Personal Information was shared or sold.
- Opt-out of the sale or sharing of your Personal Information.