- What type of Personal Information we collect about visitors or users of our websites, mobile applications, and online services (collectively referred to herein as the "Services");
- How we collect Personal Information;
- How we use Personal Information;
- Who we share Personal Information with; and
- How we store and protect Personal Information.
Glossary of Terms Used Herein
"Affiliate" means a company owned and/or controlled by Heartland.
"Business Partners" means, collectively, third parties with whom we conduct business, such as merchants, marketers or other companies.
"Cookie" means a small amount of information that a web server sends to your browser that stores information about your account, your preferences, and your use of the Services. Some cookies are temporary, whereas others may be configured to last longer. Session Cookies are temporary cookies used for various reasons, such as to manage page views. Your browser usually erases session cookies once you exit your browser. Persistent Cookies are more permanent cookies that are stored on your computers or mobile devices even beyond when you exit your browser.
"Device Data" means information concerning a device you use to access, use, or interact with the Services, such as operating system type or mobile device model, browser type, domain, and other system settings, the language your system uses and the country and time zone of your device, geo-location, unique device identifier or other device identifier, mobile phone carrier identification, and device software platform and firmware information.
"Non-Identifying Information" means information that alone cannot identify you, including data from Cookies, Pixel Tags and Web Beacons, and Device Data. Non-Identifying Information may be derived from Personal Information.
"Partner or School" means a school, school district, or organization of schools or school districts for which Heartland provides the Services.
"Personal Information" means information about you that specifically identifies you or, when combined with other information we have, can be used to identify you. This includes the following types of information: (1) contact information, including your name, postal addresses, email addresses, social networking website user account names, telephone numbers, or other addresses at which you are able to receive communications; (2) financial information, including information collected from you as needed to process payments and to administer your participation in the Services. We collect such information as your payment card number, expiration date, and card verification number; and (3) demographic information.
"Pixel Tags and Web Beacons" means tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed specific actions.
"Services" means the websites, mobile applications, or online services owned or operated by Heartland and its Affiliates.
"Third-Party Ad-Servers" means Vendors and other third parties that provide the technology to place ads on websites and track ad performance.
"Vendors" means, collectively, third parties that perform business operations on behalf of Heartland, such as transaction processing, billing, mailing, communications services (email, direct mail, etc.), data processing and analytics.
- How Heartland Collects Information
- How Heartland Uses Information
- When and Why Heartland Discloses Information
- Security of Personal Information
- Ownership of Student Records
- Third-Party Websites and Services
- Your Choices
- Accessing Personal Information; Retention of Data
- Social Networks
- Notice to Residents of Countries outside the United States of America
- California Privacy Rights
- Children's Privacy
- Contact Us
1. How Heartland Collects Information
We will collect information, including Personal Information and Non-Identifying Information, when you interact with us and the Services, such as when you:
- access or use the Services;
- register, subscribe, or create an account with us;
- open or respond to our emails or communicate with us;
- provide information to enroll or participate in programs provided on behalf of, or together with, Business Partners;
- visit any page online that displays our ads or content
We also may collect Personal Information when you contact us via email or our online customer service options.
When you access these pages or open email messages, we use Pixel Tags and Web Beacons to generate a notice of that action to us, or our Vendors. These tools allow us to measure response to our communications and improve the Services.
Device Data may be collected when your device interacts with the Services and Heartland, even if you are not logged into the Services using your device. If you have questions about the security and privacy settings of your mobile device, please refer to instructions from your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
Online tracking. We currently do not process or comply with any web browser's "do not track" signal or other similar mechanism that indicates a request to disable online tracking of individual users who use the Services.
2. How Heartland Uses Information
- Operate, maintain and improve the Services;
- Facilitate transactions you initiate or request through the Services;
- Answer your questions and respond to your requests;
- Communicate and provide additional information that may be of interest to you concerning your chosen Services.
- Send you reminders, technical notices, updates, security alerts, support and administrative messages, service bulletins, and requested information.
- If you elect to participate, administer rewards, surveys, contests, or other promotional activities or events sponsored by us or our Business Partners;
- Enhance other information we have about you directly or from Other Sources to help us better understand your chosen Services to you.
3. When and Why Heartland Discloses Information
We (or our Vendors on our behalf) may share your Personal Information as required or permitted by the School to provide the Services in compliance with the federal Family Educational Rights and Privacy Act and/or other applicable state and/or federal law.
- With Schools in which the student is or has been affiliated.
- with a purchaser of Heartland or any of Heartland Affiliates (or their assets);
- to comply with legal orders and government requests, or as needed to support auditing, compliance, and corporate governance functions;
- to combat fraud or criminal activity, and to protect our rights or those of our Affiliates, users, and Business Partners, or as part of legal proceedings affecting Heartland;
- in response to a subpoena, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States and other countries where we operate; or
- with your consent.
- Upon your election to participate, with relevant Business Partners to facilitate a direct relationship with you, including in connection with any program we administer on behalf of the Business Partner;
- Upon your election to participate, with relevant Business Partners to enable electronic communications with you as part of purchase, a sponsored reward, offer, contest, program, or other activity.
- Upon your consent, with any third party for any reason other than to provide the Services.
Heartland and its Vendors do not engage in targeted advertising on its websites, services, or application based upon any Personal Information or upon your use of Heartland’s websites, services, or applications.
Heartland and its Vendors do not use Personal Information or any other information, regardless of the source, to amass a profile about a K-12 student except in furtherance of the applicable K-12 School purposes.
We encourage Business Partners to adopt and post privacy policies. However, their use of Personal Information which may be obtained by them from you is governed by their privacy policies and is not subject to our control.
4. Security of Personal Information
Heartland maintains reasonable administrative, technical and physical safeguards to protect the confidentiality of information transmitted online, including but not limited to encryption, firewalls and SSL (Secure Sockets Layer). Heartland has implemented policies and practices pursuant to various security rules and regulations relating to the security and safeguarding of payment cardholder data, including the Payment Card Industry Data Security Standards (PCI-DSS).
To ensure that the only individuals and entities who can access Personal Information are those that have been specifically authorized by Heartland to access Personal Information, Heartland has implemented various forms of authentication to identify the specific individual who is accessing the information. Heartland individually determines the appropriate level of security that will provide the necessary level of protection for the Personal Information it maintains. Heartland does not allow any individual or entity unauthenticated access to Personal Information at any time.
In the event of a breach, for which Heartland is responsible, of the within defined Personal Information, Heartland shall notify the School and you as required by governing state and/or federal law as to the nature of the breach and the steps Heartland has taken to minimize said breach.
Heartland is not liable for loss of passwords due to user negligence. If you believe your password has been lost or compromised, we recommend that you immediately change your password.
5. Ownership of Student Records
Student records are and continue to be the property of and under control of the School.
6. Third-Party Websites and Services
7. Your Choices
In addition, you may choose to unsubscribe from promotional email messages by using the opt-out instructions at the bottom of promotional emails. Please note that even if you unsubscribe from promotional email messages, we may still need to contact you with important transactional information related to your account. For example, even if you have unsubscribed from our promotional email messages, we will still send you confirmations when you utilize the Services.
You may manage how your browser handles Cookies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available.
You may manage how your mobile device and mobile browser share certain Device Data with Heartland, as well as how your mobile browser handles Cookies by adjusting the privacy and security settings on your mobile device. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
If you wish to opt out of receiving offers directly from our Business Partners, with whom you have elected to participate, you can follow the opt-out instructions in the emails that they send you.
8. Accessing Personal Information; Retention of Data
For some of our Services, you may access, update and delete information in your profile by logging into your account and accessing your account profile.
If you have questions or requests related to your information, please contact us as set forth in Section 13 below. While we are ready to assist you, please note that we cannot always delete records. For example, we are required to retain records relating to certain transactions involving the Services for financial reporting and compliance reasons.
We will retain your Personal Information for as long as your account is active or as needed to provide you with the Services and to maintain a record of your transactions for financial reporting purposes. We will retain and use your Personal Information only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
9. Social Networks
10. Notice to Residents of Countries outside the United States of America
11. California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of personal information that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. In particular, the law provides that companies must inform consumers about the categories of personal information that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by Heartland pursuant to Section 1798.83 of the California Civil Code, please contact us via the email or address stated above. Please allow 30 days for a response.
12. Children's Privacy
Heartland does not intend that any portion of the Services will be accessed or used by children under the age of thirteen, and such use is prohibited. The Services is designed and intended for adults. By using Heartland's Services, you represent that you are at least eighteen years old and understand that you must be at least eighteen years old in order to create an account and utilize the Services. We will promptly delete information associated with any account if we obtain actual knowledge that it is associated with a registered user who is not at least eighteen years old.
13. Contact Us
The Site is operated by Heartland Payment Systems, Inc.
Our postal address is
570 Devall St., Suite 202
Auburn, Alabama 36830
If you feel that this site is not following its stated information policy, you may contact us at the above addresses or phone number.