Last updated: April 17, 2019
- Information collected through mediums other than our Services;
- Information collected by any person or entity other than us, even if related to our Services (such as a third-party website, application, widget or lead form); or
Information We Collect and Receive About You
We may receive or collect several types of information about you, such as your name, contact details, payment information, location information, and demographic information. This information is collected as described below.
Information You Provide
The following are situations in which you may provide Your Information to us:
- When you fill out forms, fields, or profile information through our Services;
- When you sign up for any newsletters or other materials through our Services;
- When you provide information to us through a third-party application, service or website;
- When you communicate with us or request information about us or our Services, whether via email or other means;
- When you participate in online surveys;
- When you participate in any of our marketing initiatives, including, contests, events, or promotions;
- When you participate in forums or provide user generated content or submissions.
- When you create an account to purchase merchandise; and
- When you otherwise use our Services.
In addition, if you use our App (only available in the United States) and link your financial institution information with our App, we will be able to view information from you such as your banking or credit account information, credit limits, and the previous ninety (90) days of individual transaction data. Over time, we may continue to collect individual transaction data from these accounts until you turn the appropriate feature off by following the applicable instructions on the App you are using.
Information Third Parties Provide
We may collect information about you from sources other than you, such as from social media websites (i.e. Facebook, LinkedIn, Twitter or others), blogs, other users and our business customers (e.g., credit card issuers).
General Use and Preference Information
We may collect, receive and store information regarding your general use of our Services (such as details of how and when you used our Services, interactions with our Services, resources that you access, your Internet protocol address, your browser type, and your device type), as well as your preferences.
In general, personal information you submit to us is used to provide the Services, to respond to requests that you make, and to aid us in serving you better. For example, we use your personal information to provide you with access to certain areas and features of the Services; communicate with you about your use of the Services and any changes to our policies; tailor content, advertisements, rewards, and offers as a part of the Services; improve the Services; provide you with marketing materials and promotions of interest; process applications and transactions; and for other internal business purposes.
When you use our Services through your computer, mobile phone or other device, we may collect information regarding and related to your device, such as hardware models and IDs, device type, operating system version, the request type, the content of your request and basic usage information about your use of our Services, such as date and time and store them in log files. In addition, we may collect information regarding application-level events and associate that with your account to provide customer service. We may also collect and store information locally on your device using mechanisms such as browser web storage and application data caches.
We and our service providers collect and store information about users’ interactions with unaffiliated websites and applications that use our technologies, including cookies and similar tracking technologies. This allows us to infer the presence of a common user or household behind multiple devices or browsers, for instance, and then link those browsers and devices into a device graph. We do so in order to allow users to use our service on one device and pick up seamlessly where they left off on another device and/or -to provide personalized advertising on each device that is inferred from the browsing patterns on all of the devices.].
If you enable the collection of location information on your device, then we may collect information about your actual location, such as your mobile device’s GPS coordinates. We may also use other technologies to determine your location (such as through the location of nearby Wi-Fi access points or cell towers), or obtain your location information from third parties. If you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, if your device gives you that option.
Log Files, Cookies and Anonymous Identifiers
Technologies such as cookies, beacons, tags and scripts are used by us and our partners, affiliates, advertisers, analytics teams, or service providers. These technologies are used, at an individual and aggregated level, for analyzing trends, administering the site, tracking users’ movements, and for gathering user demographic information.
We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use LSOs such as HTML5 to collect and store information.
We use certain web analytics services, including third-party services such as Google Analytics, to help us understand and analyze how visitors use the Site. We may receive reports based on the use of these technologies on both an individual and aggregated basis. These analytics services, including third-party services such as Google Analytics, also use this information to place advertisements for our products on other websites that you visit after your use of the Site. These advertisements may be based on the pages you visited during your use of the Site. For further information about how Google may use data it collects through the Site you may click here. You also may choose to install the Google Analytics Opt-Out Browser Add-on to opt out of Google Analytics data collection.
How We Use Information
We may use Your Information, where we have a lawful business purpose, to:
- Engage in customer support. For example, we might confirm and complete transactions requested by you, verify information you provide to us and provide you with administrative notices.
- Fulfill a request initiated by you. For example, if you initiate a query for a list of credit card offers, we may use Your Information to provide you with the information you’ve requested.
- Contact you to provide you with information. For example, we might provide or contact you through email, postal, or other communications with Service updates, account related confirmations or verifications, promotional materials, surveys, offers, quotes, personalized information and other information from us or our business customers.
- Analyze, improve and manage our Services and operations. For example, we might obtain feedback regarding our Services, understand and anticipate your needs and preferences, better understand your use of our Services, customize and tailor Service content and advertising, improve our marketing and promotional efforts, engage in statistical analysis and provide feedback to our vendors, advertisers and other third parties.
- We may take Your Information and de-identify it either by combining it with information about other individuals (aggregating Your Information with information about other individuals), or by removing identifying characteristics (such as your name) that make the information personal to you (de-identifying Your Information). We may share, loan, rent, sell, or otherwise disclose such information to third parties for any lawful purpose, without notice or compensation to you.
Create ad targeting Profiles (“Profiles”) based on your interactions with our Services. Profiles will not include personal information you provide to us such as your name or email address, and do not have legal or similarly significant effects. Profiles are associated with a persistent user identifier and may include information such as spending habits, shopping intent, demographic information and other information inferred from your online characteristics and behavior. We may share these Profiles with advertisers, advertising networks and other third parties for their and our own marketing purposes.
How We Disclose Information
General Disclosure of Your Information
We may disclose Your Information:
- To third party financial institutions, credit bureaus, or credit card issuers when you use our Services to apply for a consumer financial product (e.g. a credit card) from one or more of those third parties (each a “Service Provider”), such as by clicking “Apply Now” or other similar buttons at the end of a form, and we may be compensated for such disclosure (only applicable in the United States);
- Where we have obtained necessary consent, to third parties like our business customers that are interested in contacting you or providing offers to you that may be related to our Services or about products or services you may find of interest; If you do not want us to share your personal information with these companies, contact us at firstname.lastname@example.org.
- On an anonymous, aggregated basis, to third parties for purposes that include research, analysis, retail marketing, and relevant advertising;
- To any person who, in our reasonable judgment, is authorized to receive Your Information as your agent, including as a result of your business dealings with that person (for example, your attorney);
- To our third-party vendors so that they may provide support for our internal and business operations, including for the handling of data processing, data verification, data storage, surveys, research, internal marketing, delivery of promotional, marketing and transaction materials, and our Services’ maintenance and security. These companies are authorized to Use Your Information only as necessary to provide these services to us and are contractually obligated to keep Your Information confidential;
- As required by law such as to comply with a subpoena, bankruptcy proceedings, or similar legal process or ordered by a court, regulatory, or administrative agency;
- As we deem necessary, in our sole discretion, if we believe that you are violating any applicable law, rule or regulation, or are otherwise interfering with another’s rights or property, including, without limitation, our rights or property;
- If requested by authorities in the event of any act of terrorism or instance of local, regional or national emergency;
- To enforce or protect our rights;
- In connection with a Business Transfer, as defined below (see Business Transfers below); and
- To our affiliated companies (i.e., companies under common control or management with us).
Requests for Quotes and Services from Requested Service Providers
As noted above, we may share Your Information with Service Providers when you use our Services to request an approval, rate, quote, services or information from one or more third parties (a “Request”). IF YOU SUBMIT A REQUEST, SERVICE PROVIDERS MAY CONTACT YOU DIRECTLY WITH QUOTES VIA MAIL, TELEPHONE, TEXT MESSAGE, FAX, EMAIL AND OTHER MEANS OF COMMUNICATION. YOU MAY RECEIVE TELEMARKETING CALLS AS A CONSEQUENCE OF SUBMITTING A REQUEST THROUGH OUR SERVICES, EVEN IF YOU ARE ON THE NATIONAL DO NOT CALL REGISTRY OR ANY OTHER DO NOT CALL REGISTRY.
If you are matched with a Service Provider, you expressly consent to the Service Provider conducting any research necessary to provide you with information about your Request. Service Providers may need to share Your Information to conduct such research. As an example, if you request credit card offers, consumer reports may be ordered in connection with your request. Such reports may provide information that may assist in determining eligibility for credit card offers. Consumer reports may also be used for updates, renewal or extensions of credit card offers. If you do not want Service Providers to conduct necessary research to provide you with a quote for your Request, then you should not submit a Request.
Please note that if you submit a Request through our Services and we share Your Information as described above in connection with your Request, you will not have the opportunity to opt out of the disclosure of Your Information in connection with that Request.
Sharing with Friends
When you enter sensitive information (such as last four digits of your social security number), we encrypt the transmission of that information using secure socket layer technology (SSL). We implement appropriate technical and organizational measures to protect the personal information submitted to us, both during transmission and once we receive it.
No method of transmission or electronic storage is 100% secure, and we cannot guarantee absolute security. Additionally, by way of example (without limiting the foregoing), we may be forced to disclose your Information to the government, regulators, or third parties under certain circumstances, or third parties may unlawfully intercept or access transmissions or private communications.
You must be at least 18 years of age to use our Services. The Services are not intended for children under 18 years of age. No one under 18 years of age may provide any personal information to or on the Services. We do not knowingly collect personal information from children under 18. If you believe that we may have any information from or about a child, please contact us at email@example.com.
User Generated Content
We offer publicly accessible blogs and other interactive media through our Services. To request removal of Your Information from our blog or community forum, contact us at firstname.lastname@example.org. While we will always take reasonable steps to ensure deletion, we may not be able to remove Your Information, in which case we will let you know if we are unable to do so and why.
From time to time, we may participate in or use advertising networks, such as third-party advertising servers, advertising agencies, technology vendors and research firms. We may use these third-party advertising networks for marketing, advertising and promotional purposes, as well as to serve advertisements to you. Advertising networks often gather data about consumers who view advertisements to make inferences about a consumer’s interests and preferences, which enables their computers to deliver advertisements directly targeted to the consumer’s specific interests. This practice is often referred to as “online behavioral advertising.” For example, a third-party advertising network might collect the type of Internet browser you use, the type of computer operating system you use, the domain name of a website you visit, whether or not you visit specific pages of a website, the location of your Internet service provider’s presence, the date and time of a visit to a website and other interactions between you and a website. Please see the “Online Behavioral Advertising” subsection of Choices About How We Use and Collect Your Information below to read about how you can prevent certain third-party advertising networks from collecting information about you.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. Below are some mechanisms that provide you with control over certain information:
If you do so, please note that some parts of our Services may then be inaccessible or may not function properly.
- Email Offers from Us. If you do not wish to receive email offers or newsletters from us, you can opt out of receiving email information from us (other than emails related to the completion of your registration, correction of user data, change of password and other similar communications essential to your transactions through our Services) by using the unsubscribe process at the bottom of the email.
- Accessing and Correcting Personal Information.
You also have the right to amend or update inaccurate or incomplete personal information, request deletion of your personal information, or request that we no longer use it. Under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event, we will respond to your request within a reasonable timeframe and provide you an explanation.
If your personal information changes, or if you no longer desire our service, you may correct, update, amend, delete/remove by sending us an email at email@example.com. We will respond to your request within 28 days. In addition, if the portion of our Services allows you to create an account with us, then you can review and update Your Information by logging into that portion of our Services, visiting your account profile page and making changes.
- Online Behavioral Advertising. Certain third-party advertising networks that deliver behavioral advertising are members of the Digital Advertising Alliance (“DAA”). You can prevent DAA member companies from collecting preference data about you by clicking here and following the DAA’s directions. Note that if you opt out through the DAA, you will still receive advertising. In addition, if you opt out through the DAA and later delete your cookies, use a different browser or buy a new computer, you will need to renew your opt out choice.
Information You Disclose to Third Parties
Links to Third-Party Websites
Third Party Widgets and Plug-ins
We will retain your information for as long as your account is active or as needed to provide you services. Alternatively, will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice.
We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Operation of our Services in the United States
Our Services are operated in the United States. If you are located in the EEA, the UK, Canada, or elsewhere outside of the United States, please be aware that any information you provide to us will be transferred to the United States.
If you have questions or concerns about our privacy practices or wish to make a request regarding Your Information, please contact The Points Guy, LLC at 251 Park Avenue S, New York, NY, 10010, Attn: Legal Department, or firstname.lastname@example.org.
SPECIAL NOTIFICATION FOR CALIFORNIA RESIDENTS — YOUR CALIFORNIA PRIVACY RIGHTS
Individuals who are residents of California and have provided their personal information to us may request information regarding our disclosures, if any, of their personal information to third parties for direct marketing purposes. Such requests must be submitted to us at email@example.com or in writing at:
The Points Guy
251 Park Avenue S
New York, NY 10010
Attn: Legal Department
California privacy rights requests must include the reference “Request for California Privacy Information” on the subject line and in the body of the message and must include the email address or mailing address, as applicable, for us to send our response. This request may be made no more than once per calendar year. We reserve the right not to respond to requests submitted other than to the address specified above.
For the avoidance of doubt, TPG “Apps” and Sweepstake are only available in to US users of our Services.
For the purposes of data protection law, the controller is The Points Guy, LLC of 251 Park Avenue South, New York, New York 10010.
Legal Basis for Processing
Our lawful basis for collecting and using personal data as described above will depend on the data concerned and context in which we collect it, but it will typically be one of the following:
Where you have agreed to our use of your personal data (for example, when you sign up to receive our newsletter and promotional emails).
When it is in legitimate interest to collect and use your personal data, and our interests do not override your data-protection interests or fundamental rights and freedoms. (For example, for providing, enhancing, and securing our products and services, and for our marketing activities).
We will only keep your personal data when we have a legitimate business or legal need to do so. Specific retention periods vary depending on the type of data and purpose for which it was collected, as well as your ongoing interactions with us.
When we no longer have a legitimate business need to process your personal data, we will either anonymize or securely delete it.
We operate in the United States and transfer, store and process personal data outside of the EEA/UK. By submitting your personal data, you agree to this transfer, storing and processing.
We rely on approved data transfer mechanisms (for example, the EU Standard Contractual Clauses) to ensure that personal data you submit is adequately safeguarded.
EU-U.S. Privacy Shield
The Points Guy participate in and has certified our compliance with the EU-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and the United Kingdom in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.
We are responsible for the processing of personal data received, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and UK, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
EEA/UK Data Rights
In addition to your rights of access and correction (rectification) described in “Choices About How We Use and Disclose Your Information”, EEA and UK residents have certain other rights defined in the General Data Protection Regulation (GDPR).
Consent Withdrawal – You have the right to withdraw your consent in relation to our processing of your personal data based on your consent.
- You can unsubscribe from thepointsguy.com emails at any time using our email preferences page, or by clicking on the “unsubscribe” link in any marketing emails we send you.
- If located in the United Kingdom or European Union, you can opt out of EDAA members online advertising networks and behavioral advertising through the European Interactive Digital Advertising Alliance (EDAA)’s consumer opt-out page here (http://youronlinechoices.eu).
Erasure – You have the right to ask us to right to request deletion of your personal data in certain circumstances.
Restriction of Processing – You have the right to request that we restrict the processing of your data in certain circumstances.
Object to Processing – You have the right to object to the use or disclosures of your personal data.
Data Portability – You have the right to request we transmit your personal data to you or another company in certain circumstances.
We process all requests in accordance with the law, and there may be legal reasons why we cannot fulfil all requests.
Please contact us firstname.lastname@example.org if you wish to make a request. We have one month to respond to you. You are not required to pay any charge for exercising your rights.
Questions & Concerns
If you have any comments or questions, or are concerned about the way in which we have handled any privacy matter, please use our contact form to send us a message, or email our Data Protection Officer at email@example.com.
If you are an UK or EEA resident and are not satisfied with the way we have handled a complaint in relation to your personal data, you may be able to refer your complaint to the ICO (Information Commissioner’s Office), the UK’s data protection regulator.
Cookies on our services
Managing cookies Opens another site in a new window that may not meet accessibility guidelines.
Our Services also occasionally use “local shared objects” (also known as “Flash cookies”). Like browser cookies, Flash cookies may be used for coordinating content delivery, website functionality, maintaining preferences, advertising, or analytics. Unlike browser cookies, “Flash cookies” are not stored in the browser. You may be able to manage these Flash cookies by visiting the Adobe website.
Managing Flash cookies Link opens another site that may not meet accessibility guidelines.
There are four types of cookies used on our Services:
- Essential cookies – These cookies enable you to use our Services. These cookies are essential to enable you to browse our Services and use certain features. Disabling them may prevent you from using certain parts of the Services. Without these cookies, services such as shopping activity and paying activity cannot be provided. These cookies also help keep our Services safe and secure.
- Preference cookies – These cookies store information such as your preferred country and language selection, login data and website preferences. Without these cookies, our Services may not be able to remember certain choices you’ve previously made (such as a saved country / language preference) or personalize your browsing experience by providing you with relevant information. These cookies can also be used to recognize your device so that you do not have to provide the same information more than once.
- Performance cookies – These cookies collect information about how you use our Services such as which pages you visit regularly. These cookies are used to provide you with a high-quality experience by doing things such as tracking page load, site response times, and error messages.
- Content / advertising cookies – These cookies gather information about your use of our Services so we may improve your experience and provide you with more relevant content and advertising. They are also used to gather feedback on customer satisfaction through surveys. They remember that you’ve visited our Services and help us understand usage of our Services. Some of these cookies are from third parties that collect information about users of our Services (as described below under “Information collected by third parties on our Services”) in order to provide advertising (on our Services and elsewhere) based on users’ online activities (so-called “interest-based advertising”) on our Services and elsewhere online. The third parties involved in interest-based advertising collect internet browsing information (e.g., websites visited, time of visit) across different websites and over time, and they may use the information they collect on our Services to provide you ads (from us and other companies) across the internet.