Effective Date: January 1, 2020
TABLE OF CONTENTS
We generally collect Personal Information in two ways: 1) information you provide to us, and 2) information we collect automatically, as described further below.
When you use, visit, or otherwise interact with the Greenlight Services, for example, by contacting customer service, you may sometimes give Personal Information directly to us or to our third-party service providers. In order to create an account to use the Greenlight card, as part of the Greenlight Services, you (or a parent or legal guardian if you are under 18) will provide the following Personal Information: account applicant’s full name, email address, street address, phone number, date of birth, and the applicant’s social security number (or, in some cases, only the last 4 digits). This Personal Information is used to verify the applicant’s (primary account holder’s) identity and set up the account. The full name, birth date and (optionally) mobile phone number of individual sub-account users (typically children) or a designee to help manage the account (often a spouse) is also requested to establish such user rights ancillary to the applicant’s account, if so requested by the applicant.
If a minor requests that an account be created, we ask for the minor’s date of birth in order to determine whether the minor is eligible to set up their own account. If the child is younger than 18, we require that the child’s parent or legal guardian complete the account creation process.
To fund the account, in order to use the Greenlight card, we request that the primary account holder transfer funds from a bank account or debit card. This financial information is not provided to Greenlight. We use a third party to effect this transfer of funds, and users provide the information to transfer funds to our third party vendor notified to users at the point of funds transfer.
Additionally, when you use, visit, or otherwise interact with the Greenlight Services, we and our third-party service providers may use technology that stores or collects information sent to us by your computer, browser, mobile phone, or other device. This information may include your IP address, unique device identifiers, or other unique identifier; your device functionality, such as the type of browser, operating system, or hardware used; your device location, which may include a street name and city or GPS-location; mobile network information; your activities within the Greenlight Services, including the Website and Application; your email address and mobile phone number; and other information. When you use the Greenlight Services, we also collect information about your transactions and your activities using the Greenlight card, including financial and payment information.
We may also obtain information about you from third parties, including, but not limited to, identity verification services or social media platforms when you communicate with us about the Greenlight Services via social media.
Whenever you interact with the Greenlight Services, we, as well as our service providers, may use assorted technologies that automatically or passively collect data about how the Greenlight Services are being accessed and used. This data may include browser type, unique number assigned to identify such device, operating system, application version, click path taken through the Greenlight Services, your use of features or applications within the Greenlight Services, and other usage information. This information helps us manage, improve and customize the Greenlight Services’ features and functionality and can be used to identify you like Personal Information.
These technologies include “Cookies” (small data files, including cookies, pixel tags, and/or other local storage provided by your browser or associated applications) on your computer, browser, mobile phone, or other device. We use both session Cookies, which expire and no longer have any effect when you log out of your account or close your browser, and persistent Cookies, which remain on your device until you erase them or they expire. We encode our Cookies so that we or our third-party service providers can interpret the information stored in them. You are free to decline Cookies if permitted by your computer, browser, mobile phone, or other device, although doing so may interfere with your use of the Greenlight Services.
We do not honor “do not track” requests for the Website or Applications, as that is incompatible with our ability to deliver the Greenlight Services and respond to your requests. Third parties, other than our service providers assisting with making the Greenlight Services available, do not have authorization from us to track your use of the services or track what other activities a user may have engaged in before or after using the Greenlight Services (for example, using a different application or website).
We may use your Personal Information for one or more of the following purposes:
Greenlight may also share Personal Information with third parties, as follows:
Greenlight will not share Personal Information with third parties for the third parties’ marketing purposes. Greenlight may share aggregated customer information with third parties for the third parties’ marketing purposes, including so that Greenlight may offer you merchant promotions; such aggregated information does not identify a specific individual and is not intended to contain Personal Information.
Please be aware that users of the Greenlight Services may also themselves disclose Personal Information to others:
The Greenlight Services may contain links to the websites of our business partners, advertisers, social media sites, and other third parties. If you follow a link to any of these websites, please note that these third parties have their own privacy policies, and that Greenlight does not accept any responsibility or liability for such third party privacy policies or practices. Please check the individual policies before you submit any information to or through any linked third party website.
Greenlight maintains the preferences you have provided to us regarding the use, collection, and sharing of information, including how we may contact you.
We use reasonable administrative, technical, and physical security measures to protect such Personal Information against loss, misuse, and unauthorized access, but no online or mobile communication is guaranteed to be 100% secure.
We comply with the U.S. Children’s Online Privacy Protection Act and the regulations implementing it (“COPPA”), to the extent applicable to us and to Greenlight Services. We do not knowingly collect “personal information,” as defined under COPPA, directly from users under the age of 13. If a primary accountholder creates a sub-account for an individual under the age of 13, only the primary accountholder (i.e., the parent or legal guardian), not the sub-account cardholder, provides information to Greenlight necessary to establish the sub-account for the minor. Subsequent to the creation of the sub-account, Greenlight will only collect and use personal information related to the minor for the limited purpose of providing the Greenlight Services, and such information will not be shared with third parties for any purpose not required or permitted by law, including marketing.
California residents may also use the contact information shown below under “NOTICE TO CALIFORNIA RESIDENTS.” A number of states are currently considering enacting laws similar to the California laws under “NOTICE TO CALIFORNIA RESIDENTS” below. If you are a resident of a state that enacts such a law, please feel free to contact us using the contact information for California residents below.
Collection and Use of Personal Information
In particular, as part of the Greenlight Services, we have collected the following categories of Personal Information from California residents within the last twelve (12) months:
|1. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||YES|
|2. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.||YES|
|3. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||YES|
|4. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|5. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||NO|
|6. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||YES|
|7. Geolocation data.||Physical location or movements.||YES|
|8. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||NO|
|9. Professional or employment-related information.||Current or past job history or performance evaluations.||YES|
|10. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||NO|
|11. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||YES|
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Your CCPA Rights and How to Exercise Them
If you are a California resident, you have certain rights, pursuant to the California Consumer Privacy Protection Act (“CCPA”). These CCPA rights may only apply in certain circumstances and are subject to certain exemptions. Please see the information below for a summary of your rights, how to exercise your rights and the information we require in order to respond to your requests. Please note that we may ask for certain information to verify the request in accordance with applicable law.
Disclosure or Sale of Personal Information
In the last 12 months, we have disclosed or sold personal information to third parties as follows:
Under the CCPA, a “sale” means providing to a third party Personal Information for valuable consideration. It does not necessarily mean money was exchanged for the transfer of Personal Information. We work to identify whether any of our data sharing arrangements would constitute a “sale” under the CCPA; however, due to the complexities and ambiguities in the CCPA, we will continue to evaluate some of our third party relationships as we wait for final implementing regulations and guidance. For example, it is currently unclear whether the use of certain types of advertising partners would be considered a sale under CCPA.
Third-Party Marketing Disclosure
Under California Civil Code Section 1798.83 (the “Shine the Light” law), California residents with whom we have a business relationship can request certain information regarding what types of personal information, if any, we shared with third parties for the direct marketing purposes of the third parties and the identities of the third parties with whom the business has shared such information in the immediately preceding 12 months. You may request this information by contacting us using the contact information at the top of this “NOTICE TO CALIFORNIA RESIDENTS” section or contact us.
We do not exchange your Personal Information for money with anyone so that they can license or sell the Personal Information to additional parties.
After your trial ends, pay just $4.99/month for the whole family. Includes up to five kids.