ANNOUNCEMENT
NEW Global Onboarding: Acquire merchants at scale and make smart decisions fast

Privacy Notice

Last revised: September 30, 2024


Your privacy is important to us. This privacy notice explains how G2 Web Services, Inc. (d/b/a G2 Risk Solutions) and its Affiliates (as defined below) (collectively, “G2RS”, “we”, “us”, and “our”) collect, use and disclose personal data that we handle on our own behalf collected via www.g2risksolutions.com and other G2RS web properties that link to this privacy notice (collectively, the “website”). This privacy notice does not apply to other online services and applications operated by G2RS, and any information that we handle as a processor or service provider to our customers. We have also provided below notices related to our processing of Customer Proprietary Network Information (“CPNI”) and certain privacy notices applicable to G2RS employees and customers who are California residents for purposes of the California Consumer Privacy Act of 2018, as amended (“CCPA”).

The Affiliates that comply with this privacy notice include the following: G2 Bankruptcy Risk Solutions, Inc. and Fintellix India Private Limited. Any additional Affiliates which handle personal data on their own behalf processed through the website shall also adhere to this privacy notice. As used herein, (a) ”Affiliate” means an entity that controls, is controlled by or under common control with G2RS; and (b) “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of voting securities, by contract or otherwise.

Use of the website constitutes your agreement to the terms of this privacy notice. If you do not agree with the terms of this privacy notice, please do not use the website.

1. Personal information we collect

When you interact with us, we may collect information to help identify and contact you, including, but not limited to, your name, email address, physical address, and telephone number (landline and/or mobile).

We also collect information about the device you use to access the website. This includes device ID, advertising ID, your browser, your browsing history while using the website (for example, the pages you view, how long you stay on each page, how often you return, and/or the site you visit when you leave us), the ads or online content you viewed, accessed, or clicked.

We collect your IP address and information related to that IP address, such as geographical information, domain information, and the internet service provider used. We may also use various technologies to determine your location, including IP address, Wi-Fi access points, and cell towers.

As a data solutions provider, we collect different types of personal information about you from various sources. The below chart describes the categories of personal information we may have collected in the past 12 months, and from whom we collected the personal information, listed by category of personal information.

Category of personal informationPersonal information we collect;
From whom we collect it
Identifiers What we collect

• Name (first, last, and/or maiden name) or that of a family member or child; home address, billing address, or other physical address; email address(es); telephone number(s)
• Device identification information used to access the website; we may associate this device with a mobile telephone number
• Information collected passively via cookies and similar technology
• IP addresses, device identifiers, and application identifiers
• Information about your business, such as license numbers, URLs, or domain names

From whom we collect it (by category of sources):
• Information you provide
• Information collected passively via cookies and similar technology
• Affiliates

Personal information categories listed in the California Customer Records statute

Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, an individual’s name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Note that personal information in this category may overlap with other categories.
Note that personal information in this category may overlap with other categories

What we collect


• Name (first, last, and/or maiden name) or that of a family member or child; home address, billing address, or other physical address; email address(es), telephone number(s)
• Device identification information, which we may associate with a mobile telephone number
• Information collected passively via cookies and similar technology
• IP addresses, device identifiers, and application identifiers
• Information about your business, such as license numbers, URLs, or domain names

From whom we collect it (by category of sources) • Information you provide
• Information collected passively via cookies and similar technology
• Affiliates

Internet or other similar electronic network activityWhat we collect

• Information about your interactions with the website. For example, when you view or search content, we receive and track that information; web session; log file information; information such as the website you visited, when you visited the website, how long you stayed, your behavior while you are on our website and from what device you accessed the website
• Information collected from advertising partners
• Information about your interactions with online forms; for example, the use of autofill, number of pauses, length of time to complete a field, number of errors, number of changed answers, typing fluency and number of repeat interactions

From whom we collect it (by category of sources)

• Information directly collected from you
• Information collected passively via cookies and similar technology
• Affiliates
Geolocation dataWhat we collect

• Your location via IP address, Wi-Fi access points, and cell towers

From whom we collect it (by category of sources)

• Information directly collected from you
• Information collected passively via cookies and similar technology
• Affiliates
Inferences drawn from other personal informationWhat we collect

• Site preferences, behavior, characteristics, personal preferences

From whom we collect it (by category of sources)

• Information directly collected from you
• Information collected passively via cookies and similar technology
• Affiliates


2. Purpose and use of personal information

We collect your personal information for different purposes. For example, we may use it in the following ways:

  • To communicate with you and internal parties, on a strict need to know basis, when G2RS believes it to be necessary for technical, administrative or security reasons and for legitimate interests
  • To verify your identity
  • To prevent, detect and fight fraud, security threats, or other illegal or unauthorized activities
  • To record and demonstrate how we have conducted the dispute and complaint resolution process and arrived at a resolution
  • To comply with legal requirements, for example, to report on equal employment opportunities
  • For any other purpose specified in this privacy notice and/or in our terms of use
  • To provide certain services (such as in connection with Google’s Financial Services Verification)

We describe the purpose for collecting personal information, listed by categories of personal information, in the chart below. Please note that a specific piece of personal information may fall into one or more categories of personal information.

Category of personal informationPurpose of collection
Identifiers and personal information categories listed in the California Customer Records statute• To verify your identity
• To display, optimize, and provide personalized advertisement
• To communicate with you
• For fulfillment of your requests and other communications about our websites
• To provide certain services (such as Google’s Financial Services Verification)
Characteristics of protected classifications under state or federal law• To verify your identity
• To display, optimize, and provide personalized advertisements
• To communicate with you
Commercial information• For fulfillment of your requests and other communications about the website
• To provide certain services (such as Google’s Financial Services Verification)
Internet or other similar electronic network activity• To display, optimize, and personalize advertisements
• To measure advertising effectiveness
• To perform website analysis
Geolocation data• To verify your identity
• To display, optimize, and provide personalized advertisements
• To communicate with you
Sensory data• For customer service purposes
• To ensure best customer service delivery
• To ensure legal and compliance obligations
• To help answer questions and resolve disputes
• For customer service training purposes and to ensure customer satisfaction
Professional or employment information• To display, optimize, and provide personalized advertisements
• To communicate with you
• For fulfillment of your requests and other communications about the website
• To provide certain services (such as Google’s Financial Services Verification)
Inferences drawn from other personal information• To verify your identity
• To display, optimize, and provide personalized advertisements
• To communicate with you
• For fulfillment of your requests and purchases and other communications about our websites


3. Legal basis for processing

We will process your personal information on our own behalf where we have a legal basis to do so. The following are the legal bases pursuant to which we process your information:

Consent—where no other legal basis for processing applies, we may process your personal information based on your consent as you will be asked to provide from time to time.

  • As permitted by applicable law
  • Legal obligation—we may process your personal information as necessary to comply with the law (not including contractual obligations)
  • Performance of a contract to which G2RS and you are parties
  • Legitimate interests—we may use your personal data where we have legitimate interests to do so. For instance, we analyze users’ behavior on the website to continuously improve it and we process information for administrative, fraud detection and other legal purposes.
  • Consent—where no other legal basis for processing applies, we may process your personal information based on your consent as you will be asked to provide from time to time.


4. Information we share

We do not sell or otherwise disclose personal data that you provide to us or that we collect through the Financial Services application/verification process, except as described here. We may share personal data you provide to us or that we collect through the Financial Services application/verification process with:

Our business partners and affiliates.You may sign up to receive our email newsletter containing information about our products and services, as well as industry related news. When you sign up, we request your email address. We use this information to send you the newsletter.

  • Service providers that perform services on our behalf; and
  • Our business partners and affiliates.

We may share personal data with service providers that perform services on our behalf such as payment service providers, analytics providers, hosting providers and advisers.  All service providers have entered into legally binding agreements requiring them to use or disclose personal data only as necessary to perform services on our behalf or comply with applicable legal requirements.  

We may share personal data with our business partners for whom we have agreed to provide the G2 Financial Services Verification service. We have entered into legally binding agreements with our partners requiring them to use or disclose personal data only as necessary to perform services on our behalf or comply with applicable legal requirements.

In addition, we may disclose personal data about you (a) if we are required to do so by law or legal process, for example due to a court order or a request from a law enforcement agency, (b) when we believe disclosure is necessary or appropriate to prevent physical harm, and (c) in connection with an investigation of suspected or actual fraudulent or other illegal activity.  


5. Corporate reorganization

If we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, we may share your personal information. We may also share your personal information if we undergo bankruptcy or liquidation, during such proceedings.


6. Cookies, pixels, and similar technology

A cookie is a small text file that is stored in your web browser that allows G2RS or a third party (such as G2RS third-party service providers) to recognize you. Cookies might be used for the following purposes: (1) to enable certain functions; (2) to provide analytics; (3) to store your preferences; and (4) to enable ad delivery and behavioral advertising. Cookies can either be “session cookies” or “persistent cookies.” A session cookie expires automatically when you close your browser. A persistent cookie will remain until it expires, or you delete your cookies. Expiration dates are set in the cookies themselves; some may expire after a few minutes while others may expire after multiple years. Cookies placed by the website you’re visiting are sometimes called “first-party cookies,” while cookies placed by other companies are sometimes called “third-party cookies.”

When you access and/or use the website, G2RS or a third party may place a number of cookies in your browser. Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies will always be used. Each cookie serves one of four different purposes:

  • Strictly necessary cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
  • Targeting cookies: These cookies may be set through the website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They do not store personal information directly but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
  • Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of the website. They help us to know which pages are the most and least popular and see how visitors move around the website. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
  • Functional cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to the website’s pages. If you do not allow these cookies, then some or all of these services may not function properly.

We use additional technologies to help track user activities and preferences. For example, we use web beacons (also known as clear gifs, pixel tags or web bugs). Web beacons are tiny graphics (about the size of period) with a unique identifier that are embedded invisibly on web pages or emails. They are used to track user activities and communicate with cookies. You cannot opt out of web beacons used in webpages, but you can limit their use by opting out of the cookies they interact with. You can opt out of web beacons used in emails by setting your email client to render emails in text mode only.

Finally, we may set cookies that monitor links to our website that we send to you (if you have consented to receiving emails from us). These cookies are used to track visitors to our website sourced from these emails. To avoid these types of cookies, please follow the explanation below on how to change your browser cookies settings.

In addition, we may use a tracking technology (pixels) in emails to understand how often our emails are opened and clicked on by our customers. If you do not wish this tracking to be effected, please change your email software or service (such as Outlook, Gmail etc.) settings to not automatically download images (to the extent it is not already your default) In some instances, depending on your email or browser settings, cookies in an email may be automatically accepted (for example, when you have added an email address to your address book or safe senders list). Please refer to your email browser or device instructions for more information on this.

Third-party companies like analytics companies and ad networks generally use cookies to collect user information on an anonymous basis. They may use that information to build a profile of your activities on the website and other websites that you have visited.

If you do not like the idea of cookies or certain types of cookies, you can change your browser’s settings to delete cookies that have already been set and to not accept new cookies. To learn more about how to do this, visit the help pages of your browser. Some useful information can also be found here: https://www.allaboutcookies.org/. Please note, however, that if you delete cookies or do not accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.


7. Advertising (cookie-based) opt-out requests

You have the choice to opt out of G2RS’ marketing email communications at any time by using the opt-out provision at the bottom of every G2RS email.

Additionally, if you prefer to opt-out of receiving marketing messages, we recommend that you visit the Association of National Advertisers (ANA) and register on their consumer web site: https://dmachoice.thedma.org/. In addition, you may choose to opt out of digital advertising through the NAI’s Consumer Opt-Out Program, DAA’s Consumer Choice Page, or the European Union/European Economic Area (EU/EEA) Opt-Out. By clicking on the “Opt-Out” links below, you will be directed to the respective third-party website where your computer will be scanned to determine who maintains cookies on you. At that time, you can either choose to opt out of the cookie-based targeted advertising or you can choose to opt out of cookie-based targeted advertising by selecting individual companies


8. Links to other sites or services

This notice does not apply to other third-party sites or services. If you click on a link or browse to a third-party site from our site/service, your activity and interaction is subject to that third party’s rules and policies. We recommend that you review the online privacy statements on these other sites to understand their privacy practices and treatment of personal information so that you can make an informed decision regarding your use or interaction with their site/service.


9. Securing personal information

We maintain a comprehensive Information Security Program with administrative (policies, standards, and processes), physical, and technical controls designed to protect the confidentiality, integrity, and accessibility of your personal information.


10. Retaining personal information

We retain your personal information for as long as reasonably necessary to fulfill the purposes for which it was collected or processed, as described in this notice. For instance, we retain your personal information, collected through our services and websites, for as long as your account is active or as needed to provide services to you and our customers. When determining retention periods, we consider our relationship with you and your information, the nature and sensitivity of the information, and what is reasonably necessary and proportionate to provide and improve our services. We also adjust retention periods to comply with our legal, reporting, or accounting obligations, to resolve disputes, and to enforce our agreements. We regularly review our retention periods and assess our data minimization practices, retaining the least amount of information for the shortest retention period, while still upholding all our obligations.


11. Consumer privacy rights

In some instances, G2RS offers its services to customers as a service provider/processor or subject to other exceptions under the applicable state privacy laws. Where G2RS is acting as a service provider/processor, we are processing data on behalf of others who may provide you applicable privacy rights.

Where G2RS acts as a controller of your personal information, You may have the rights prescribed below in relation to personal data processed by us if you are a data subject in certain jurisdictions, such as the European Economic Area, or if your personal data is otherwise governed by certain privacy laws, such as the EU General Data Protection Regulation 2016/679 (“GDPR”):

  • The right to be informed about how your personal data is being used;
  • The right of access to your personal data processed by us, which includes the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and the purposes of the processing; categories of personal data concerned; recipients or categories of recipient to whom the personal data have been or will be disclosed; where possible, the envisaged period for which the personal data will be stored; the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing; the right to lodge a complaint with a supervisory authority; where the personal data are not collected from the data subject, any available information as to their source; the existence of automated decision-making, including profiling; the appropriate safeguards relating to the transfer of your personal data outside the EEA.
  • The right to request the correction of inaccurate personal data we hold about you;
  • Under some circumstances, the right to request that we delete your data;
  • The right to restrict processing of your personal data;
  • The right to object to processing activities, if the processing is based on our legitimate interest;
  • The right to withdraw consent for processing at any time, if the processing is based on consent;
  • The right to object to processing of personal data for direct marketing purposes at any time;
  • In some circumstances, the right to request that we transfer or port elements of your data either to you or another service provider – if the processing is based on your consent, and is made by automated means.
  • The right to file a complaint with your relevant government agency or Supervisory Authority (in the EEA, as prescribed by GDPR).

You may exercise these rights to the extent these rights apply to you by contacting G2RS via the contact information listed below. We will undertake to respond to your request within the applicable time frame prescribed by applicable law, and in any event we will make efforts to respond within 30 days of receipt of your request. Although G2RS will make reasonable efforts to accommodate your requests, in some circumstances we may deem your request unfounded or not eligible under applicable law. If that should happen, G2RS expressly reserves the right to refuse your request personal data. Before G2RS is able to accommodate any request, provide you with any information or correct any inaccuracies we may verify your identity by requesting certain information or identification.

Because we may engage in “profiling,” “targeted advertising,” “cross-context behavioral advertising,” or use sensitive personal information, consistent with the defined terms in applicable state laws, you may also exercise your right to opt-out of such profiling/automated decision making, targeted advertising, or cross-context behavioral advertising, and limit our use of your sensitive personal information.


CCPA/CPRA DISCLOSURE

This section is only applicable to California residents for purposes of compliance with the California Consumer Privacy Act of 2018 (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”). Defined terms used in this section, including but not limited to “Business Purpose”, “Consumers,” “Personal Information” and “Sale” (or “Sell”) are used as such terms are defined by and interpreted pursuant to the CCPA and CPRA.

The categories of Personal Information including Sensitive Personal Information we have collected about Consumers, for of which we have disclosed for a business purpose, in the preceding 12 months are (please refer to the table at the top of this Privacy notice for more detail):

(1) Identifiers, such as name and government identification numbers;

(2) Personal information, as defined in the California safeguards law, such as contact information and financial information;

(3) Characteristics of protected classifications under California or federal law, such as sex and marital status;

(4) Commercial information, such as transaction and account information;

(6) Internet or network activity information, such as browsing history and interactions with the Website;

(7) Geolocation data, such as device location;

(8) Audio, electronic, visual, thermal, olfactory, and similar information, such as video, photography and call and video recordings;

(9) Professional or employment-related information, such as work history and prior employer.

(10) Education information, such as school and date of graduation; and

(11) Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual’s preferences and characteristics.

The sources we have collected this Personal Information from are: directly from California residents or their representatives.

If you are a California resident, you may request that we disclose to you the following information covering the 12 months preceding your request:

(1) the categories of Personal Information that we collected about you and the categories of sources from which we collected such Information;

(2) the business or commercial purpose for collecting Personal Information about you;

(3) the categories of Personal Information about you that we disclosed to third parties for a business purpose and the categories of third parties to whom we disclosed such Personal Information (if applicable); and

(4) the specific pieces of Personal Information we collected about you.

If you are a California resident, you may also request that we delete or correct Personal Information that we collected from you.

Before G2RS is able to accommodate any respond to any request, we may ask to verify your identity by providing us with certain information or identification. In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm that the Personal Information that we maintain relates to you, or if we cannot verify that you have the authority to make a request on behalf of another individual. In other instances, we may decline to honor your request where an exception applies, such as where the disclosure of Personal Information would adversely affect the rights and freedoms of another consumer or where the Personal Information that we maintain about you is not subject to the CCPA’s access or deletion rights, such as information relating to our employees and contractors that is used for our employment and vendor management purposes.

Nonetheless, you have the right to be free from unlawful discrimination for exercising your rights under the CCPA.


CALIFORNIA AND DELAWARE “DO NOT TRACK” DISCLOSURES

California and Delaware law require to indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. G2RS adheres to the standards set out in this Privacy notice and does not monitor or respond to Do Not Track browser requests.

If you are a resident of California, Colorado, Connecticut, Utah, or Virginia, you may take advantage of certain privacy rights, such as to request access, correction, or deletion of your personal information. You also have the right to appeal a denial of your privacy rights.


13. Personal information of children

Our services are not intended for use by individuals under the age of eighteen (18). If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information. We do not knowingly sell personal information of children under the age of eighteen (18) years.


Parent or Guardian Privacy Opt-Out Request (child under 18 years)

If you believe we have collected personal information from individuals under the age of eighteen (18), a parent or guardian may make a data privacy opt-out request or limit our use of sensitive personal information (subject to limitations and exceptions under applicable law) by sending an email to [email protected].


14. Contact information

If you have questions or concerns regarding this notice or the protection of your personal information and privacy rights, you may contact us in the following ways:

Email[email protected]
Postal MailG2RS Data Privacy Request
111 Anza Blvd, Suite 310, Burlingame, CA 94010


15. Notice changes and effective date

This notice is subject to change at any time. If we make any changes to this notice, we will post the revised notice on this page with its effective date.