Other Covered Entities

Vesta Payment Solutions UK Limited
Vesta Payment Solutions, Inc.
Vesta Payment Solutions, Ltd.
Vesta Payment Solutions, Pte. Ltd.
Vesta Payments Europe Limited

Industries

  • Information and Communications Technology
  • eCommerce Industry
  • Information and Communications Technology
  • Information Technology Services

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 11/15/2016
Next Certification Due Date: 2/2/2022
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 2/4/2020
Next Certification Due Date: 2/2/2022
Data Collected: NON-HR

Purpose of Data Collection

If you are an individual customer, Vesta may collect the following types of information: When you use the Vesta services, you provide us with basic information about you, which may include name, mailing address, postal code, email address, telephone number, credit card number, debit card number, card expiration date, CVV number, bank account number, merchant identification, personal identification number, cookies, time zone, language, browser information, javascript settings, type of mobile device, mobile carrier, demographic information and any other information that Vesta may collect in order to process payments. The specific types of information we collect may change from time to time based on the nature of the services we provide to you. We may reach out to third party service providers for more information based on the information you have given. If you are a merchant, Vesta may collect the following types of information: When your company uses the Vesta services, Vest may collect any or all of the personal information described above regarding your customers. We may collect a variety of information regarding your merchant activities with your customers, including but not limited to information regarding your order amounts and volume; order processing and handling time; abandon rates and completion rates of transactions; chargeback and refund amounts and percentages; customer fraud rates; and payment method patterns and volumes. Vesta uses the information it collects to provide you or your customers with the Vesta services and to help us review, develop and improve the products and services we offer. In addition, when you or your customers use the Vesta services or process payment transactions with Vesta, we use the provided information to facilitate and complete the transactions; to validate customer or card information; to verify and append information to prevent and combat fraud; to comply with government regulations and card association rules; and to perform various research and analytics. We continue to use information you or your customers provide internally for record keeping, internal reporting, and support services, and to compile and disclose information in the aggregate where individual or user information is not identifiable. Vesta may disclose your and your customers' information under the following circumstances: To Vesta employees, contractors and agents to assist with any Vesta products and services provided to you or your customers by us now or in the future. To third party service providers in connection with ongoing merchant activity, including for underwriting, background checks and financial checks. To third party service providers in connection with customer support administration. To payment processors and banks in connection with processing your or your customers' payments and settling funds. In order to help Vesta with fraud prevention, debt collection, emergency services and crime prevention purposes, we may disclose information about you or your customers to debt collection agencies, fraud prevention agencies, security agencies, financial institution, emergency services, crime prevention agencies and telecommunications companies, to other suppliers we engage to process data on our behalf in connection with providing Vesta services to you or your customers. We may provide aggregate information and statistics to third parties, for example, content partners and advertisers. These statistics will not include information that can be used to identify and individual. We may disclose personal information collected from you or your customers to persons or companies that we retain to carry out promotions and other activities for which you or your customers have registered or in which you or your customers have otherwise asked to participate. We may be required to disclose personal information in response to a lawful request by public authorities.

Privacy Policy

HR Data

Data Protection, Sensitive Personal Information and Encryption - Policy (HR)
Description:

The purpose of this policy is to provide classification and encryption around how Sensitive Data (SD) and Sensitive Personal Information (SPI)) are handled at Vesta.

Effective Date: 5/19/2019

Non-HR Data

Description:

The Vesta EU Supplemental Privacy Policy is in addition to the general Vesta privacy policy located on the same website and covers the collection, use and retention of personal information from European Union member countries.

Effective Date: 1/1/2019

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Vesta Corporation at:

Juan Costantini
Dr.
Vesta Corporation
Legal Department, General Counsel
5400 Meadows Road, Suite 500
Lake Oswego, Oregon 97035

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Vesta Corporation to your question or complaint, please contact the independent recourse mechanism listed below


NON-HR RECOURSE MECHANISM



Appropriate statutory body with jurisdiction to investigate any claims against Vesta Corporation regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission