Effective Date: September 25, 2020
Last Reviewed on March 18, 2022
Ant Money, Inc., dba ATM.com® (“ATM.com”, “us”, or "we”) knows that you care about how your personal information is used and shared. We want to provide you with answers to your questions and concerns regarding how your personal information is used. You may direct any privacy-related questions to support@ATM.com.
Information You Provide to Us
ATM.com collects information from you when you do certain things, such as:
Our “Data Messenger” Service
ATM.com helps subscribers earn money (“Dividends”) with our Services. One way subscribers earn money with our Services is by matching with a brand and opting in to receive messages from brands through the ATM.com application (“Data Messenger”). This is how our Data Messenger works. First, we compile information from you regarding your unique personal interests. Then, we link this information to a proprietary token that doesn't identify you to the outside world. We do not share any of your personal information with brands in this process; your personal information remains inside our secure vault (see below DATA SECURITY; HOW WE PROTECT YOUR INFORMATION). You may decide to opt-in to receiving in-app messages, notifications, and emails from any brand you may select through the Data Messenger.
Types of Information
The types of information we collect will depend upon the Services you use, how you use them, and what you choose to provide. The types of data we collect directly from you may include:
Information We Automatically Collect
When you use the Services, we may automatically collect certain information as described in this Section. As discussed further below, we and our service providers (which are third party companies that work on our behalf to provide and enhance the Services) use a variety of technologies, including cookies and similar tools, to assist in collecting this information.
When you use the Services, our servers automatically record certain information in server logs. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type and settings, referring / exit pages and URLs, number of clicks and how you interact with the Services, metadata associated with uploaded Content, domain names, landing pages, pages viewed or moused-over, mobile carrier, date and time stamp information, and other such information.
When you access the Services using a computer or mobile device, we may collect specific device information, including your MAC address and other unique device identifiers. We also collect information such as the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may associate this device identifier with your ATM.com Account and will use data associated with your device identifier to customize our Services to your device and to analyze any device-related issues. We may also gather information from your device to assist us with cross-device tracking, as described further below.
We may collect different types of information about your location, including general information (e.g., IP address, zip code) and more specific information (e.g., GPS-based functionality on mobile devices used to access the Services), and may use that information to customize the Services with location-based information, advertising, and features. For example, if your IP address indicates an origin in Los Angeles, the Services may be customized with Los Angeles-specific information and advertisements. If you access the Services through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this. See your device manufacturer's instructions for further details. Even if you disable this, we may make certain assumptions about your location from your IP Address, or other information related to your use of the Services.
Information We Collect from Third-Party Integrations
If you choose to use third-party integrations through the Services, such as our transaction partners, such providers may allow us and our service providers to have access to and store additional information about your interaction with those services and platforms as it relates to use of the Services. As part of its Services to you, ATM.com monitors and analyzes all of your shared data.
Information We Collect from Affiliates and Non-Affiliated Third Parties
ATM.com may receive additional information about you, such as demographic information, from third parties, such as business partners, marketers, researchers, analysts, and other parties that we may use to supplement the information that we collect directly from you.
When you link your Bank Account to your ATM.com Account, ATM.com may also receive information about you and your Bank Account from the financial institution holding your Bank Account as necessary to provide the Services to you.
Collection of Information Across Devices
Sometimes, we may use the information we collect -- for instance, usernames, IP addresses and unique mobile device identifiers - to locate or try to locate the same unique users across multiple browsers or devices (such as smartphones or tablets), or work with service providers that do this, in order to provide you with a seamless experience across devices.
To collect the information in the “Information We Automatically Collect” section above, we and our service providers use Internet server logs, cookies, tags, SDKs, tracking pixels, and other similar tracking technologies. A web server log is a file where website activity is stored. An SDK is a section of code that we embed in our applications and software to allow third parties to collect information about how users interact with the Services. A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer; (ii) store your preferences and settings; (iii) understand which web pages of the Services you have visited; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform analytics; and (vi) assist with security and administrative functions. Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information like ad impressions or clicks, email open rates, measure popularity of the Services and associated advertising, and to access user cookies. As we adopt additional technologies, we may also gather information through other methods.
Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser toolbar (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). If you choose to decline cookies, please note that you may not be able to sign in, customize, or use some of the interactive features of the Services. Flash cookies operate differently than browser cookies, and cookie management tools available in a web browser will not remove Flash cookies. To learn more about how to manage Flash cookies, you can visit the Adobe website and make changes at the Global Privacy Settings Panel.
The Services may permit you to submit content, send emails and other communications, and provide other information for publication or distribution to third parties (collectively, "User Content"). ATM.com may view and share your User Content for any reason, including: (i) to maintain, provide and improve the Service; (ii) to resolve a support request from you; (iii) if we have a good faith belief, or have received a complaint alleging, that such Content is in violation of our Terms of Service; (iv) as reasonably necessary to allow ATM.com to comply with or avoid the violation of applicable law or regulation; or (v) to comply with a valid legal subpoena, request, or other lawful process. We may also analyze your User Content in order to better understand the manner in which our Service is being used.
For the purposes discussed in this Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.
De-Identified and Aggregated Information
We may de-identify and aggregate information collected through the Services from our subscribers so that such information can no longer be linked to you or your device. We may (i) monetize this information collected as survey data and share the results in part with our subscribers, and (ii) use it for purposes of market or scientific research.
We use third-party web analytics services on our Services to collect and analyze some of the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Similar Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends across ATM.com websites and mobile devices, assisting with fraud prevention, and providing certain features to you.
If you receive email from us, we may use certain analytics tools to capture data, such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
Third parties or affiliates may administer ATM.com banner advertising programs and other online marketing on non-ATM.com websites and services. To do so, these parties may set and access first-party cookies delivered from an ATM.com domain, or they may use third-party cookies or other tracking mechanisms. For example, a third-party provider may use the fact that you visited the ATM website to target online ads (retargeted ads) for ATM.com services to you on non-ATM.com websites or across mobile apps. Or a third-party ad network might collect information on the Services and other websites to develop a profile of your interests and target advertisements to you based on your online behavior (retargeted ads). These parties that use these technologies may offer you a way to opt out of ad targeting as described below. You may receive retargeted ads on your computer through a web browser.
If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative's Consumer Opt-Out link, the Digital Advertising Alliance's Consumer Opt-Out link, or TRUSTe's Advertising Choices Page to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, you can visit the Google Ad Settings page. Please note that we do not control any of the above opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms
California Do-Not-Track Disclosure Requirements.
We are committed to providing you with meaningful choices about the information collected on our Services for third-party purposes, and that is why we provide above the Network Advertising Initiatives Consumer Opt-out link, Digital Advertising Alliances Consumer Opt-Out Link, TRUSTe's Advertising Choices page, the Google opt-out link. However, we do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations and solutions.
Affiliates and Subsidiaries
We may share your information with our affiliated entities such as subsidiaries. Affiliated entities are entities that we legally control (by voting rights) or that control us.
We may provide access to or share your information with select third parties who perform services on our behalf. These third parties provide a variety of services to us, including without limitation, billing, customer service, data storage, security, fraud prevention, payment processing through the Automated Clearing House Network, and legal services.
We may disclose your information in response to any subpoenas, court orders, or other legal process we receive, or to establish or exercise our legal rights or to defend against legal claims.
When you initiate a connection with a third-party integration through the Services, we will share information about you that is required to enable your use of the third-party integration through the Services.
De-Identified and Aggregated Information
As stated above, we may share and monetize De-Identified and Aggregated Information collected as survey data from our subscribers.
We may also disclose your information to third parties with your prior consent.
The Services contain links to third-party apps or websites or services, and also contain third-party integrations. If you choose to use these, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by ATM.com, ATM.com is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your personal and other information will be subject to the privacy policies of the third- party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third parties.
The Services are not intended for individuals under the age of 18. We do not knowingly solicit or collect information from individuals under the age of 18.
If you want to learn more about the information collected through the Services, or if you would like to access or rectify your information and/or request deletion of information we collect about you, or restrict or object to the processing of your information, please contact us using the contact information below.
Where you have provided consent, you may withdraw your consent at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing your consent.
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law.
We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Policy accessible through the Services, so you should review the Policy periodically. If we make a material change to the Policy, you will be provided with appropriate notice and we will seek your consent to the updated Policy in accordance with legal requirements.
To access, review, update and/or delete certain user profile information, you may update and/or delete certain user profile information by logging into the Website and updating your ATM.com Account. Please remember, however, if we have already disclosed some of this user profile information to third parties, we cannot force the deletion or modification of any such user profile information by the parties to whom we have made those disclosures.
We will implement reasonable and appropriate security procedures consistent with prevailing industry standards to protect information from unauthorized access by physical and electronic intrusion. Unfortunately, no data transmission over the Internet or method of data storage can be guaranteed 100% secure. Therefore, while we strive to protect your information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us or archive at this site. If you have any questions about how we protect your information, you can contact us at support@ATM.com.
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to support@ATM.com.
Additionally, California law permits residents under the age of 18 who are registered users with us to request and obtain removal of content or information they have publicly posted on our Services. To make such a request, please send an email with a detailed description of the specific content or information to support@ATM.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
Our website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("Personal Information").
In particular, we indicate below the categories of Personal Information collected from California residents within the last twelve (12) months.
CATEGORY A: Identifiers
Examples: A real name, Internet Protocol address, email address, or other similar identifiers.
CATEGORY B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.
CATEGORY C: Protected classification characteristics under California or federal law.
Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
CATEGORY D: Commercial information.
Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
CATEGORY E: Biometric information.
Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
CATEGORY F: Internet or other similar network activity.
Examples: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
CATEGORY G: Geolocation data.
Examples: Physical location or movements.
CATEGORY H: Sensory data.
Examples: Audio, electronic, visual, thermal, olfactory, or similar information.
CATEGORY I: Professional or employment-related information. Examples: Current or past job history or performance evaluations.
CATEGORY J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
CATEGORY K: Inferences drawn from other Personal Information.
Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Personal information does not include:
We collect the categories of Personal Information listed above from the following categories of sources:
We may use, or disclose the Personal Information we collect for one or more of the following business purposes (a business purpose is defined as “the use of Personal Information for the business's or a service provider's operational purposes, or other notified purposes, provided that the use of Personal Information shall be reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or processed or for another operational purpose that is compatible with the context in which the Personal Information was collected”):
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
In the preceding twelve (12) months, Company has disclosed the following categories of Personal Information for a business purpose:
The CCPA provides consumers (California residents) with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS), we will disclose to you:
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS below), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.
We will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
For instructions on exercising sale opt-out rights, see PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS below.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
You have the right to direct us to not sell your personal information at any time (the “right to opt-out). To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by contacting us (see our CONTACT INFORMATION below).
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. However, you may change your mind and opt back into Personal Information sales at any time by visiting our website and sending us a message. We will only use Personal Information provided in an opt-out request to review and comply with the request.
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the website and update the notice's effective date. YOUR CONTINUED USE OF OUR WEBSITE FOLLOWING THE POSTING OF CHANGES CONSTITUTES YOUR ACCEPTANCE OF SUCH CHANGES.
If you have any questions, comments, or concerns regarding this Privacy Notice for California Residents, please contact us at support@ATM.com or Ant Money, Inc., 4600 Campus Drive, Suite 107, Newport Beach, CA 92660.