Consumer Privacy Policy
OPY USA Inc (“Opy”) values your privacy and we want to be transparent with you in the way that we collect and use your personal information. This Consumer Privacy Policy explains how we collect, use, protect, and disclose personal information about consumers when you receive services through us or when you use our website or mobile application as well as any rights you may have about these practices.
Last Updated Date: October 2021
Contents.
1. Federal Privacy Notices.
If you are an OpyPay applicant or borrower, the federal Gramm-Leach-Bliley Act (“GLBA”) and Fair Credit Reporting Act (“FCRA”) regulate how we and the third-party originating bank for OpyPay collect, use, and disclose personal information about you. Pursuant to those laws, information about our collection and sharing practices as well as your right to opt out of certain practices are described in our Privacy Notices, which will be provided to you in accordance with applicable law.
2. Online Privacy Policy.
2.1.What are the types of personal information we collect?
The following are examples of the types of personal information and other information we may collect about you:
- Your name and identifying information, such as your date of birth, driver’s license number, and social security number;
- Your contact information, such as your address, email, and phone number;
- Financial information, such as your bank account, debit card, or credit card number;
- Your OpyPay account transaction and payment history;
- Technical information in connection with your visit to our website or use of our mobile application, such as your device ID, the Internet Protocol (IP) address used to connect your computer to the internet address, the files requested, browser type and version, browser plug-in types and versions, and operating system; and
- Information about your visit and your behaviour on our website, such as the webpages that you click on, the website you visit before and after visiting our website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, and weblogs.
2.2.How do we use the information we collect about you?
We collect personal information and other information about you from a number of sources, including:
- When you give us your personal information to receive services or information, such as when you register for a user account, submit an application for OpyPay, or contact us by phone, email or other means;
- Third parties, such as marketing agencies, market research companies, credit reporting agencies, and identity verification service providers; and
- Cookies, web beacons, mobile application plug ins, or other similar technologies.
2.3. How do we use the information we collect about you?
We use the information collected about you in a number of ways, including to:
- Engage in marketing, market research, and business development;
- Process your requests for credit;
- Communicate with you about your OpyPay account and credit transactions;
- Process your payments;
- Provide you customer support and respond to your inquiries;
- Resolve complaints and disputes;
- Detect, investigate and prevent potentially prohibited or illegal activities, such as fraud;
- Engage in risk profiling and other data analytics;
- Operate, improve, maintain, and ensure the security of our website and mobile application;
- Recognize you when you return to our website or mobile application, store information about your preferences, and customise the website according to your individual interests;
- Comply with laws and regulations;
- Exercise or defend our legal rights –this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so; and
- Use in connection with any other legitimate business purpose permitted by applicable law.
2.4. With whom do we share information about you?
We may share the personal information and other information we collect about you with:
- Our affiliates;
- Service providers, including companies that assist us with marketing, identity verification and fraud prevention, delivering text communications, payment processors, debt collection, suppliers of technical and support services, and suppliers of analytical services;
- Merchants that partner with Opy;
- Credit reporting agencies;
- Other companies in connection with a merger, acquisition, or the sale of assets;
- Third parties, including governmental authorities and law enforcement, to (i) protect or defend our legal rights, interests or property; (ii) protect the safety and security of our customers or members of the public; (iii) protect against fraud; and (iv) comply with applicable law, subpoena or legal process;
- Third parties in an anonymized and aggregated manner; and
- Other third parties for any business purpose permitted by applicable law.
2.5. Cookies.
Some pages on our website use cookies, which are small files placed on your internet browser when you visit our website. We use cookies to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. Where we use cookies on our website, you may be able to block their use. To do so, you can activate the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website or to use all the functionality provided through our website.
2.6. Do Not Track Signals.
Many web browsers possess a do-not-track feature that lets your browser tell websites you visit that you do not want to have your online activities tracked. At this time, our website does not respond to browser do-not-track signals.
2.7. Security.
Unfortunately, no data transmission over the internet can be guaranteed as totally secure. While Opy strives to protect such information and keep your information confidential, it does not warrant and cannot ensure the security of any information transmitted to it by you. Accordingly, any information transmitted to Opy is transmitted at the risk of the sender. Nevertheless, once Opy receives transmissions from you, it will take reasonable steps to preserve the security and confidentiality of your information.
2.8. Links to Third-Party Websites.
Our website and mobile application may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of such third-party websites or any association with their operators. This Privacy Policy only applies to the personal information that we collect or which we receive from third party sources, and we cannot be responsible for personal information about you that is collected and stored by third parties. Third-party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third-party websites or third-party terms and conditions or policies.
2.9. Minors.
You must be 18 years of age or older to register as an account user and receive services through our website and mobile application. Our website and mobile application are not directed at persons under 18 years of age and we do not knowingly collect any information about such persons.
3. Changes.
We may update this Privacy Policy from time to time. Any changes we make to our Privacy Policy in the future will be posted on this webpage. We will also notify you of any changes to Privacy Policy, including the Federal Privacy Notices, in accordance with applicable law. Please check back frequently to see any updates or changes to our Privacy Policy.
4. Questions.
If you have questions about our privacy practices, please contact us at privacy@opy.com or through our customer portal.
5. California Consumers.
5.1. California Consumer Privacy Act.
If you are a California resident who is a natural person, the California Consumer Privacy Act (“CCPA”) provides certain rights concerning your personal information, unless an exception applies. These exceptions include information subject to the GLBA and FCRA. In addition to the exceptions under the CCPA, the CCPA does not consider information to be personal information if it cannot be reasonably linked to any consumer or household. Most of the information that Opy collects, uses, and shares is exempt from the CCPA as it is subject to the GLBA, subject to the FCRA, or it is not considered personal information. Below is a description of the remaining information collected by Opy that is considered personal information under the CCPA, as well as your rights pertaining to this information.
5.2. Personal Information Under the CCPA Collected by Opy.
Your Email Address If You Signed Up to Receive Updates and News From Opy. If you signed up to receive email updates from us, we collected your email address. We use this email address to market products and services as well as provide information about Opy. We may share this information with a marketing service provider. We do not sell this information to third parties.
5.3. CCPA Right to Know.
Under the CCPA, California residents have the right to know:
- The specific pieces of information that have been collected about you;
- The categories of personal information we collected about you over the past 12 months;
- The categories of sources from which such personal information has been collected over the past 12 months;
- The categories of personal information about you that we have shared or sold over the past 12 months;
- The business or commercial purpose for collecting or selling such personal information over the past 12 months; and
- The categories of third parties with whom we shared or sold your personal information over the past 12 months.
5.4. CCPA Right to Delete
Under the CCPA, California residents have the right to request that we delete any of your personal information that we have collected and retained, subject to certain exceptions.
5.5. CCPA Right to Opt Out of the Sale of Personal Information
Under the CCPA, California residents have the right to direct companies that sell their personal information to not sell their personal information. We do not sell personal information subject to the CCPA.
5.6. CCPA Right to Non-discrimination.
Under the CCPA, California residents have the right to not be discriminated against for having exercised the rights established by the CCPA.
5.7. Submitting a CCPA Request.
To submit a CCPA request, email us at CCPA@opy.com and provide in your email:
- Your name;
- Your address;
- Whether it is a “Request to Know,” a “Request to Delete,” or both; and
- Your account number (if any).
We may request additional information to verify your identity. If you are a California resident, you may designate an authorized agent to exercise any of the rights listed above on your behalf. We will require authorized agents to have a written authorization confirming that authority and may seek to further verify the request..
Effective Date: October 2021
Privacy Notice Opy.
Rev. 10/2021
What does Opy USA Inc (“Opy”) Do with your personal information?
Why?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What?
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
- Social Security number and income
- Account balances and payment history
- Credit history and credit scores
How?
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons OPY chooses to share; and whether you can limit this sharing.
If you can’t see the full table below, please swipe to view the information continued to the right.
| Reasons we can share your personal information | Does OPY Share? | Can you limit this sharing? |
|---|---|---|
| For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
| For our marketing purposes—to offer our products and services to you | Yes | No |
| For joint marketing with other financial companies | Yes | No |
| For our affiliates’ everyday business purposes—information about your transactions and experiences | Yes | No |
| For our affiliates’ everyday business purposes—information about your creditworthiness | No | N/A |
| For our affiliates to market to you | No | N/A |
| For nonaffiliates to market to you | No | N/A |
To limit our sharing.
- Call 1-800-983-2533 —our menu will prompt you through your choice(s) or
- Visit us online: opy.com/us/online-privacy/
Please note:
If you are a new customer, we can begin sharing your information 30 days from the date we sent this notice. When you are no longer our customer, we continue to share your information as described in this notice.
However, you can contact us at any time to limit our sharing
Questions?
Call 1-800-983-2533 or go to opy.com/us/online-privacy/
Who we are.
Who is providing this notice?
OPY USA Inc
What we do.
How does OPY protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does OPY collect my personal information?
We collect your personal information, for example, when you
- open an account or apply for a loan
- use your credit or debitcard or provide account information
- give us your contact information
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies.
Why can’t I limit all sharing?
Federal law gives you the right to limit only
- sharing for affiliates’ everyday business purposes—information about your creditworthiness
- affiliates from using your information to market to you
- sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing.
What happens when I limit sharing for an account I hold jointly with someone else?
Your choices will apply to everyone on your account.
Definitions.
Affiliates
Companies related by common ownership or control. They can be financial and nonfinancial companies.
- Our affiliates include companies with an Openpay name; financial companies such as Openpay Pty Ltd. and Openpay UK Limited
Nonaffiliates
Companies not related by common ownership or control. They can be financial and nonfinancial companies.
- Nonaffiliated companies we share with include financial services companies, marketing companies, and other service providers.
Joint marketing
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
- Our joint marketing partners include merchants, financial service providers, and other consumer service businesses.
Other important information.
For Nevada Residents:
We are providing you this notice under state law. You may be placed on our internal Do Not Call List by contacting us at 800.983.2533 or via eamil at help@opy.com. For more information, visit our Privacy Policy at opy.com/us/online-privacy/.
Nevada law requires we provide the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; Phone number: 702.486.3132; email: aginfo@ag.nv.gov
For California Residents:
We do not sell personal information under California law. We will not share information we collect about you with nonaffiliated third parties, except as required or permitted by law, such as to process your transactions, to maintain your account, or for other purposes described in our Online Privacy Policy. We will limit sharing within our corporate family to the extent required by California law. To make a request under California privacy law, you may email us at help@opy.com. For more information, visit our Online Privacy Policy at opy.com/us/online-privacy/.
For Vermont Residents:
We will not share information we collect about you with nonaffiliated third parties, except as permitted by Vermont law, such as to process your transactions or to maintain your account. We will not share information about your creditworthiness with our affiliates except with your authorization or as required or permitted by law. We may share information about our transactions or experiences with you within our corporate family.
Privacy Notice Cross River Bank
Rev. 11/2018
What does Cross River Bank do with your personal information?
Why?
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share and protect your personal information. Please read this notice carefully to understand what we do.
What?
The types of personal information we collect and share depend on the product or service you have with us. This information can include:
- Social Security number and Account balances
- Payment history and Transaction history
- Account transactions and Wire transfer instructions
When you are no longer our customer, we continue to share your information as described in this notice.
How?
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Cross River Bank chooses to share; and whether you can limit this sharing.
If you can’t see the full table below, please swipe to view the information continued to the right.
| Reasons we can share your personal information | Does Cross River Bank share? | Can you limit this sharing? |
|---|---|---|
| For our everyday business purposes—such as to process your transactions, maintain your accounts), respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
| For our marketing purposes—to offer our products and services to you | Yes | No |
| For joint marketing with other financial companies | Yes | No |
| For our affiliates’ everyday business purposes—information about your transactions and experiences | No | We don’t share |
| For our affiliates’ everyday business purposes—information about your creditworthiness | No | We don’t share |
| For nonaffiliates to market to you | No | We don’t share |
Questions?
Call toll-free 1-877-55CRB55 or go to www.crossriverbank.com
What we do.
How does Cross River Bank protect my personal information?
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
We also maintain other physical, electronic and procedural safeguards to protect this information and we limit access to information to those employees for whom access is appropriate
How does Cross River Bank collect my personal information?
We collect your personal information, for example, when you
- Open an account or Apply for a loan
- Make deposits or withdrawals from your account or Provide employment information
- Give us your contact information
We also collect your personal information from others, such as credit bureaus, affiliates, or other companies
Why can’t I limit all sharing?
Federal law gives you the right to limit only
- sharing for affiliates’ everyday business purposes-information about your creditworthiness
- affiliates from using your information to market to you
- sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.
Definitions.
Affiliates
Companies related by common ownership or control. They can be financial and nonfinancial companies.
- Cross River Bank does not share with our affiliates.
Nonaffiliates
Companies not related by common ownership or control. They can be financial and nonfinancial companies.
- Nonaffiliates we share with can include loan finance companies
Joint marketing
A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
- Our joint marketing partner(s) include loan finance companies.
Other important information.
For Alaska, Illinois, Maryland and North Dakota Customers.
We will not share personal information with nonaffiliates either for them to market to you or for joint marketing-without your authorization.
For California Customers.
We will not share personal information with nonaffiliates either for them to market to you or for joint marketing-without your authorization. We will also limit our sharing of personal information about you with our affiliates to comply with all California privacy laws that apply to us.
For Massachusetts, Mississippi and New Jersey Customers.
We will not share personal information from deposit or share relationships with nonaffiliates either for them to market to you or for joint marketing-without your authorization.
For Vermont Customers.
We will not disclose information about your creditworthiness to our affiliates and will not disclose your personal information, financial information, credit report, or health information to nonaffiliated third parties to market to you, other than as permitted by Vermont law, unless you authorize us to make those disclosures. Additional information concerning our privacy policies can be found at www.crossriverbank.com or call 1-877-55CRB55.