Last Updated: October 19, 2020
2. Notice of Information Collected and Use
We will inform you when we need information that personally identifies you (personal information) or allows us to contact you or provide you with the Services. Generally, this information is requested when you register for our Services or when you fill out our contact form on our Public Site.
Company may receive certain information about you from Customers during the implementation and provision of Services. For example, Customers may provide basic information, manually or through provision of our integration services, when they are setting up the Service for their use.
You may be able to log into our Services using single sign-on providers or single sign-on features of other products. These products will authenticate your identity and may share certain personal information with us such as your name and email address.
We use various methods and technologies to store or collect usage information (“Tracking Technologies”). A few of the Tracking Technologies used with the Services, include, without limitation, cookies, web beacons, embedded scripts, browser fingerprinting, entity tags, UTM codes (i.e. a code that you can attach to a custom URL in order to track a source, medium, and campaign name), and recognition technologies that make assumptions about users and devices.
Location-Based Information. In connection with use of our Services we may use location-based services in order to verify your location and, if we deem appropriate, deliver relevant content based on your location. We also share your location with third-parties (as set out below) as part of the location-based services we offer and for other commercial purposes. You can change the settings on your Device to prevent it from providing us with such information. This location data is collected in a form that personally identifies you and will be used by us, our Customers, and our partners and licensees to provide and improve the Services or for other commercial purposes. You should consider the risks involved in disclosing your location information and adjust your mobile and browser settings accordingly.
Information Collected and Stored – Text Messages. After you sign up for our Services (subject to your consent where required by applicable law), we may send you text messages as part of a two-part authentication process. We, our third-party service providers, and Customers use a variety of technologies that automatically (or passively) store or collect certain information whenever we send you a text message. This information will be stored or accessed using a variety of technologies that will be downloaded to your mobile device whenever you receive a text message.
California Do Not Track Disclosures. Various third-parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browsers do not track signals). Currently, we do not monitor or take any action with respect to these signals or other mechanisms.
3. What We Do With the Information You Share
We will use your information to provide the Services, and we may provide information to companies that assist us in providing Services, such as a hosting provider or a customer service provider. These companies are authorized to use your information only as necessary to provide these Services and to assist with supporting our users. We may share your information in response to subpoenas, court orders, and other legal processes or governmental requests, or to establish or exercise our legal rights or defend against legal claims. Company may share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, protecting and defending the rights or property of Company, its Services and its users, violations of our Terms, or as otherwise required by law.
4. Access and Consent
Upon request, we will grant you reasonable access to personal information about you and was collected on the Public Site or in conjunction with the Services. We will take reasonable steps to permit individuals to correct, amend, or delete information about them that is shown to be inaccurate or incomplete.
In addition, we allow users to modify the level of communications that you receive related to our Services. You may contact our Support Team through our support portal to obtain current information about how to modify the types of information that you receive from us.
5. International Use and Data Transfers
We will not disclose any personally identifiable information to a third party who is not a Company contractor or agent (“Agent”) except as outlined above.
Our Services are operated from and directed toward Companies in the United States, for exclusive use by Employees. Any Personal Data we collect may be transferred to, processed, used, handled, and stored in the United States or other countries through our service providers. Personal Data protection laws in the United States may differ from those of the country you are located in and your Personal Data may be subject to government requests or subpoenas, court orders, or law enforcement according to United States law.
Principally, your any personally identifiable information is forwarded to other controllers only if required for the fulfillment of a contractual obligation, or if we ourselves, or a third party, have a legitimate interest in the data transfer, or if you have given your consent. Additionally, data may be transferred to other controllers when we are obliged to do so due to statutory regulations or enforceable administrative or judicial orders.
Company takes reasonable technical, administrative and physical measures to protect the security of your personal information from unauthorized use, disclosure and alteration. When you place orders or access your personal account information, you're utilizing a secure connection via SSL, which encrypts your personal information before it's sent over the Internet.
Company provides information and training to all employees who have access to personally identifiable data maintained by Company, and Company employees are responsible for the internal security of such information. Company takes all reasonable measures to ensure that such information is reliable for its intended use, and is accurate, complete and current. Inside the Company, data is stored in password-controlled servers with limited access. You also have a significant role in protecting your information. No one can see or edit your personal information without knowing your user name and password, so do not share these with others.
7. Children's Privacy
Company does not knowingly collect or maintain information acquired through our site from persons under 18 years of age (the “Approved Age”), and no part of the site or services is directed to persons under the Approved Age. Any user under the Approved Age should not use or access our site at any time or in any manner. If we learn that personally identifiable information of persons less than the Approved Age has been collected from our site without verified parental consent, we will take the appropriate steps to delete this information.
8. Dispute Resolution
Any questions or concerns regarding the use or disclosure of personal information should be directed to Company pursuant to the contact information below. Company will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with the principles contained in this Policy.
All disputes arising out of or related to the Agreement shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce by one arbitrator appointed in accordance with such rules. The place of arbitration shall be Birmingham, Alabama, USA. The arbitration shall be conducted in English. The arbitrator shall award to the prevailing party, if any, as determined by the arbitrators, its reasonable attorneys’ fees and costs, including the costs of the arbitration. Judgment on any arbitral award may be entered in any court having jurisdiction.
The parties shall keep confidential: (i) the fact that any arbitration occurred; (ii) any awards awarded in the arbitration; (iii) all materials used, or created for use in the arbitration; and (iv) all other documents produced by another party in the arbitration and not otherwise in the public domain, except, with respect to each of the foregoing, to the extent that disclosure may be legally required (including to protect or pursue a legal right) or necessary to enforce or challenge an arbitration award before a court or other judicial authority.
9. In the Event of Merger, Sale, or Bankruptcy
In the event that all or part of Company is acquired by or merged with a third party entity, Company may transfer or assign the personally identifiable information held by Company as part of such merger, acquisition, or other change of control. In the unlikely event of Company's bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors' rights generally, Company may not be able to control how personal information is treated, transferred, or used.
11. Contact Information
If you have any questions about how Vendrix uses Personal Data or Usage Data, please contact us. If you prefer physical mail you can reach us at Vendrix Inc, 1500 1st Ave N, Birmingham AL, 35203.
12. Defined Terms
- Vendrix Account means the corporate account maintained by the Company to use Services and manage Cards.
- Cards means physical or virtual payment cards issued by a bank issuer and managed through your Vendrix Account.
- Company means a company that applies for the Services, opens a Vendrix Account, and that authorizes Users to access and use Services.
- De-Identified Data means data derived from Personal Data that has been anonymized or aggregated with other data and that can no longer be used to identify a specific individual.
- Employees means the employees, contractors, and agents of a Company.
- Services means the expense and corporate card management services, Cards and other services provided through your Vendrix Account.
- Third-Party Data means data provided by financial services providers, identity verification services, data aggregators, or other Third-Party Service Providers.
- Third-Party Services means services provided by Third-Party Service Providers.
- Third-Party Service Provider means an affiliate or other third party that assists us in providing the Services to you, that supports our internal operations, or that provides other services related or connected to, or provided through the Services and a Vendrix Account.
- Usage Data means information we collect when you visit our website and use the Services, and may contain Personal Data.