- How we collect Personal Information;
- How we use Personal Information;
- Who we share Personal Information with; and
- How we store and protect Personal Information.
Glossary of Terms Used
"Affiliate" means a company owned and/or controlled by Heartland.
"Business Partners" means, collectively, third parties with whom we conduct business.
"Cookie" means a small amount of information that a web server sends to your browser that stores information about your account, your preferences, and your use of the Services. Some cookies are temporary, whereas others may be configured to last longer. Session Cookies are temporary cookies used for various reasons, such as to manage page views. Your browser usually erases session cookies once you exit your browser. Persistent Cookies are more permanent cookies that are stored on your computers or mobile devices even beyond when you exit your browser.
"Device Data" means information concerning a device you use to access, use, or interact with the Services, such as operating system type or mobile device model, browser type, domain, and other system settings, the language your system uses and the country and time zone of your device, geo-location, unique device identifier or other device identifier, mobile phone carrier identification, and device software platform and firmware information.
"Non-Identifying Information" means information that alone cannot identify you, including data from Cookies, Pixel Tags and Web Beacons, and Device Data. Non-Identifying Information may be derived from Personal Information.
"Partner or School" means a school, school district, or organization of schools or school districts for which Heartland provides the Services.
"Personal Information" means information about you that specifically identifies you or, when combined with other information we have, can be used to identify you. This includes the following types of information: (1) contact information, including your name, postal addresses, email addresses, telephone numbers, or other addresses at which you are able to receive communications; (2) financial information, including information collected from you as needed to process payments and to administer your participation in the Services. We collect such information as your payment card number, expiration date, and card verification number; and (3) demographic information related to billing. For certain school districts, you as the parent of a student may also provide the student’s (1) first and last names, (2) student identification number and (3) school attending.
"Pixel Tags and Web Beacons" means tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed specific actions.
"Vendors" means, collectively, third parties that perform business operations on behalf of Heartland, such as transaction processing, billing, mailing, communications services (e-mail, direct mail, etc.), data processing and analytics.
- How Heartland Collects Information
- How Heartland Uses Information
- When and Why Heartland Discloses Information
- Security of Personal Information
- Data Anonymization and Aggregation
- Third-Party Websites and Services
- Your Choices
- Accessing Personal Information; Retention of Data
- Social Networks
- Notice to Residents of Countries outside the United States of America
- California Privacy Rights
- Children's Privacy
- Contact Us
1. How Heartland Collects Information
We will collect information, including Personal Information and Non-Identifying Information, when you interact with us and the Services, such as when you:
- access or use the Services;
- register, subscribe, or create an account with us;
- open or respond to our emails or communicate with us;
- provide information to enroll or participate in programs provided on behalf of, or together with, Schools or Business Partners; and
- visit any page online that displays our ads or content.
We also may collect Personal Information when you contact us via email or our online customer service options.
When you access these pages or open email messages, we use Pixel Tags and Web Beacons to generate a notice of that action to us, or our Vendors. These tools allow us to measure response to our communications and improve the Services.
Device Data may be collected when your device interacts with the Services and Heartland, even if you are not logged into the Services using your device. If you have questions about the security and privacy settings of your mobile device, please refer to instructions from your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
Because we do not track our Site’s users over time and across third-party sites, we do not respond to browser do not track signals at this time.
2. How Heartland Uses Information
- Operate, maintain and improve the Services;
- Facilitate transactions you initiate or request through the Services;
- Answer your questions and respond to your requests;
- Communicate and provide additional information that may be of interest to you concerning your chosen Services. Send you reminders, technical notices, updates, security alerts, support and administrative messages, service bulletins, and requested information.
- If you elect to participate, administer rewards, surveys, contests, or other promotional activities or events sponsored by us or our Business Partners;
- Enhance other information we have about you directly or from Other Sources to help us better provide your chosen Services to you.
3. When and Why Heartland Discloses Information
We (or our Vendors on our behalf) may share your Personal Information as required or permitted by the School to provide the Services in compliance with the federal Family Educational Rights and Privacy Act and/or other applicable state and/or federal law. We may share your Personal Information:
- With Schools in which the student is or has been affiliated.
- with a purchaser of Heartland or any of Heartland Affiliates (or their assets);
- to comply with legal orders and government requests, or as needed to support auditing, compliance, and corporate governance functions;
- to combat fraud or criminal activity, and to protect our rights or those of our Affiliates, users, and Business Partners, or as part of legal proceedings affecting Heartland;
- in response to a subpoena, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States and other countries where we operate;
- Upon your consent or election to participate, with any third party for any reason.
4. Security of Personal Information
Heartland maintains reasonable administrative, technical and physical safeguards to protect the confidentiality of information transmitted online, including but not limited to encryption, firewalls and SSL (Secure Sockets Layer). Heartland has implemented policies and practices pursuant to various security rules and regulations relating to the security and safeguarding of payment cardholder data, including the Payment Card Industry Data Security Standards (PCI-DSS).
To ensure that the only individuals and entities who can access Personal Information are those that have been specifically authorized by Heartland to access Personal Information, Heartland has implemented various forms of authentication to identify the specific individual who is accessing the information. Heartland individually determines the appropriate level of security that will provide the necessary level of protection for the Personal Information it maintains. Heartland does not allow any individual or entity unauthenticated access to Personal Information at any time.
Heartland is not liable for loss resulting from the loss of passwords due to user negligence. If you believe your password has been lost or compromised, we recommend that you immediately change your password.
5. Data Anonymization and Aggregation
Subject to your consent if required by law, we may anonymize or aggregate your personal information in such a way as to ensure that you are not identified or identifiable from it, in order to use the anonymized or aggregated data, for example, for statistical analysis and administration including analysis of trends, to carry out actuarial work, to tailor products and services and to conduct risk assessment and analysis of costs and charges in relation to our products and services. We may share anonymized or aggregated data with our affiliates and with other third parties. This policy does not restrict our use or sharing of any non-personal, summarized, derived, anonymized or aggregated information (i.e., volumes, totals, averages, etc.).
6. Third-Party Websites and Services
7. Your Choices
In addition, you may choose to unsubscribe from promotional email messages by using the unsubscribe instructions at the bottom of promotional emails. Please note that even if you unsubscribe from promotional email messages, we may still need to contact you with important transactional information related to your account. For example, even if you have unsubscribed from our promotional email messages, we will still send you confirmations when you utilize the Services.
You may manage how your browser handles Cookies by adjusting its privacy and security settings. Browsers are different, so refer to instructions related to your browser to learn about cookie-related and other privacy and security settings that may be available.
You may manage how your mobile device and mobile browser share certain Device Data with Heartland, as well as how your mobile browser handles Cookies by adjusting the privacy and security settings on your mobile device. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
If you wish to stop receiving offers directly from our Business Partners, with whom you have elected to participate, you can follow the unsubscribe instructions in the emails that they send you.
8. Accessing Personal Information; Retention of Data
For some of our Services, you may access, update and delete information in your profile by logging into your account and accessing your account profile.
If you have questions or requests related to your information, please contact us as set forth in Section 13 below. While we are ready to assist you, please note that we cannot always delete records. For example, we are required to retain records relating to certain transactions involving the Services for financial reporting and compliance reasons. We will retain your Personal Information for as long as your account is active or as needed to provide you with the Services and to maintain a record of your transactions for financial reporting purposes. We will retain and use your Personal Information only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
9. Social Networks
10. Notice to Residents of Countries outside the United States of America
11. California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of personal information that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. In particular, the law provides that companies must inform consumers about the categories of personal information that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by Heartland pursuant to Section 1798.83 of the California Civil Code, please contact us via the email or address stated above. Please allow 30 days for a response.
Heartland complies with California Assembly Bill No. 1584 and California Senate Bill No. 1177.
12. Children's Privacy
Heartland does not intend that any portion of the Services will be accessed or used by children under the age of thirteen, and such use is prohibited. The Services is designed and intended for adults. By using Heartland's Services, you represent that you are at least eighteen years old and understand that you must be at least eighteen years old in order to create an account and utilize the Services. We will promptly delete information associated with any account if we obtain actual knowledge that it is associated with a registered user who is not at least eighteen years old.
13. Contact Us
The Site is operated by Heartland Payment Systems, Inc.
Our postal address is
570 Devall St., Suite 202
Auburn, Alabama 36830
If you feel that this site is not following its stated information policy, you may contact us at the above addresses or phone number.