Terms & Conditions
Effective as of February 9th, 2023
At Merchant Ground, privacy and security are of paramount importance. This User Privacy Policy (“Policy”) serves to inform and educate you, the end-user, on the collection, utilization, and sharing of your personal information by Merchant Ground. We strongly encourage you to read this Policy carefully and thoroughly.
It is important to note that this Policy pertains to Merchant Ground Ltd. and its affiliates, including Merchant Ground LLC, operating under the name Merchant Ground (collectively referred to as “Merchant Ground”, “we”, “our”, and “us”). To determine the relevant Merchant Ground entity responsible for processing your information, kindly refer to the section titled “Contacting Merchant Ground”.
A Brief Introduction to Merchant Ground
At Merchant Ground, our mission is to empower individuals towards financial freedom. Our innovative technology provides a seamless way for you to connect your financial accounts to various applications, allowing for a simplified experience when it comes to tasks such as saving for retirement, tracking spending, streamlining credit applications, or transferring funds. These applications and platforms are developed and offered by our business customers, powered by Merchant Ground. Our goal is to provide access to standardized, high-quality financial account data, enabling developers to concentrate on creating user-centric experiences.
Purpose of this Policy
The purpose of this Policy is to provide a clear and concise understanding of the information collected by Merchant Ground from end-users (“End User Information”), as well as our procedures for using and sharing said information. We place a strong emphasis on transparency and aim to supply you with a straightforward explanation of how your personal information is treated by Merchant Ground.
It is important to note that this Policy only pertains to the information collected, used, and shared by Merchant Ground. The privacy practices of developers or third-party entities utilizing the End User data provided by Merchant Ground are not covered within this Policy. We recommend reviewing the privacy policies or notices of such entities for information regarding their practices.
Data Practices at Merchant Ground
Information Collected and its Sources
Merchant Ground has collected various types of End User Information, including but not limited to identifiers, location data, commercial information, electronic network activity data, professional details, inferences, and other similar information.
Information Provided by You
Upon connecting your financial accounts to a developer application or through Merchant Ground, we may collect identifiers and login information required by your account provider, such as your username and password, or a security token. In certain instances, we may also require additional information, including your telephone number, email address, security questions and answers, and one-time password (OTP), to verify your identity before connecting your financial accounts. By providing this information, you grant the developer and Merchant Ground the authority to access and transmit your End User Information from your financial institution on your behalf. Additional information, including your name, email address, and telephone number, may also be provided by you upon contacting Merchant Ground or entering such information on our websites.
Financial Account Data Collection
The data we gather from the financial institutions keeping your financial accounts can vary based on various factors, including the specific Merchant Ground services utilized by developers and the information made accessible by those institutions. However, generally speaking, we collect the following types of identifiers, commercial information, and personal data from your financial product and service providers:
- Account owner identifiers and information, such as name, email, phone number, birth date, and address details.
- Account transaction information, including amount, date, payee, type, quantity, price, location, involved securities, and a transaction summary.
- Professional information, in limited cases, such as information about your employer, if you’ve linked your payroll accounts or provided us with your pay stub data.
- Note: the data collected from your financial accounts encompasses information from all accounts (e.g. checking, savings, credit card) accessible through a single set of account credentials.
Device Data Collection
When you access our services via a developer’s application on your device, we obtain device identifiers and network activity information, including IP address, time zone, device location, hardware model, OS, accessed service features, browser data, and other technical information. We also utilize cookies or similar tracking technologies to obtain usage statistics and to improve our services.
Data from External Sources
We also receive identifiers and commercial information directly from the relevant developer or third-party sources, such as service providers, bank partners, and identity verification services. For instance, developers may provide data like your full name, email address, phone number, or information about your financial accounts and transactions. Bank partners or service providers may provide information such as the status of a transaction initiated by you.
Inferences from Collected Data
We may use the information we gather to make inferences, such as your location or annual income based on data from you or other sources.
Information Utilization
We use your End User Information for various business and commercial purposes, including operating, improving, and protecting our services, and developing new services. Specifically, we use your End User Information for the following purposes:
- Operating, providing, and maintaining our services.
- Improving, enhancing, modifying, and developing our services.
- Protecting you, developers, partners, Merchant Ground, and others from fraud, malicious activity, and privacy/security concerns.
- Developing new services.
- Providing customer support and responding to inquiries.
- Investigating misuse of our services or developer applications, including violations of our Developer Policy, criminal activity, or unauthorized access.
- Complying with legal obligations and contractual agreements under applicable law, and for other purposes with your consent.
The Legal Grounds for Processing (Exclusive to INDIAN End Users)
The basis for processing your End User Information, as an individual located in India, shall vary depending on the information in question and the context in which it was collected or processed. However, we will typically only gather and handle End User Information when:
Our contractual duties and obligations towards you necessitate such collection and processing, for instance, to comply with the end-user services agreements we have with you.
Our legal obligations under the relevant laws demand it.
The processing is essential for our legitimate interests, and does not undermine your data protection interests or fundamental rights and freedoms, e.g. to secure our services, communicate with you, or update and provide our services.
Your consent has been obtained for such collection and processing. You reserve the right to withdraw your consent at any time, as per the instructions provided in this policy.
Sharing of Your Information
We may share your End User Information for various business reasons, including:
With the developer of the application you are utilizing, and as directed by them (such as with another third party if instructed by you).
To enforce the contract with you.
With our data processors, service providers, partners, or contractors, in connection with the services they perform for us or the developers.
With your linked financial institution(s), to establish or maintain a connection you have elected to make.
If in good faith, disclosure is deemed necessary to comply with applicable law, regulation, or legal process (such as a court order or subpoena).
In conjunction with a change in ownership or control of all or part of our business (such as a merger, acquisition, reorganization, or bankruptcy).
Between and among Merchant Ground and our current and future parents, affiliates, subsidiaries, and other companies under common control or ownership, as deemed reasonably appropriate to protect the rights, privacy, safety, or property of you, developers, our partners, Merchant Ground, and others.
For any other purpose, with your notified and obtained consent.
We may gather, use, and share End User Information in an aggregated, de-identified, or anonymized manner, which does not personally identify you, for any purpose allowed under the applicable laws. This encompasses creating or utilizing aggregated, de-identified, or anonymized data based on the collected information, to develop new services and to support research.
We do not trade or lease personal information we have collected. In the last 12 months, we have disclosed the following categories of personal information, for business purposes, to the following categories of recipients:
PERSONAL INFORMATION CATEGORIZATION AND DISCLOSURE PARTNERS
Classification of Personal Data
Distinct Identifiers
Financial Details
Commercial Insights
Geographical Information
Occupational Details
Electronic Network Activity Information
Assumptions
Developer(s) utilized by you and directed by the developer
Financial Institutions
Payment Service Providers
Associates and contractors in association with the services they offer for us or the developers
Advisory Professionals
Data Analytics Service Providers
Cloud Storage Providers
Software Development Service Providers
Fraud Prevention Service Providers
Identity Verification Service Providers
Merchant Ground Group Entities
Third parties compelled by law, such as law enforcement or other government agencies
Retention Procedures
The End User Information is retained for no longer than what is required to fulfill its purpose of collection and usage, as stated in this Policy, unless a longer retention period is legally mandated or allowed. Even if you stop using an application or cancel your account with a developer, we may still hold on to your information (if you still have an account with another developer), as per the legal framework. However, your information will only be processed as mandated by law or according to this Policy.
For your data protection options, including the right to request deletion of End User Information, please refer to the “Your Data Protection Rights” section. You can also get in touch with us regarding our data retention practices using the contact information below.
Miscellaneous Information
International Data Transfer
As we operate on a global scale, the information we collect about you will be transferred across international borders, including from the EEA or UK to the United States, for processing and storage. If the information collected about you is transferred from the EEA to territories/countries for which the EU Commission has not concluded that the legal framework in the said territory/country provides adequate protection for individual rights and freedoms, the transfer of such data will comply with relevant data protection laws, following a prior assessment of the level of data protection available in the context of the transfer. This may involve the use of EU Commission-approved standard contractual clauses, in conjunction with additional safeguards, if necessary. You can request a copy of these standard contractual clauses by contacting us as set out below.
Your Data Protection Entitlements
Under the applicable law and subject to the legal limitations and exceptions, if you are located in the EU, and certain other jurisdictions, you may have the following rights related to the End User Information collected about you and its usage:
Gain Insight into the End User Information Accrued about You
Request Clarification or Updating of your End User Information that may be Incomplete or Inaccurate.
Entreat Restriction of Processing or Erasure of your End User Information under Certain Circumstances.
Raise Objections to the Processing of your End User Information under Specific Conditions Dictated by Law.
Retract Consent for Processing of your End User Information in Cases where it is based on Consent.
Demand Provision of End User Information Accrued about you in a Structured, Readable, and Machine-readable Format for Transfer to Another Company if Technically Feasible.
File a Complaint Concerning our Data Protection Procedures with a Supervisory Authority (if you reside in the EU).
Under the purview of the California Consumer Privacy Act (“CCPA”), if you are a California resident, and subject to specified limitations and exemptions, you may possess the following rights with respect to End.
User Information that constitutes personal information under the CCPA:
Inquire about Further Details on the Categories and Specific Pieces of Personal Information that may have been Collected about you in the Last 12 Months (including information disclosed for business purposes)
Call for the Deletion of your Personal Information
Opt-out of the “Sale” of your Personal Information, if a business is engaging in the sale of your information
Avoid Discrimination for Exercising these Rights
To execute your rights to access or deletion, if applicable, you can submit a request using our online form accessible here. You can also reach us through the “Contacting Merchant Ground” section below to exercise any of your data protection rights, if applicable. Additional information may be necessary to verify your identity before we can respond to your request.
We will give due consideration to all requests and respond within a reasonable time frame (and within any time frame required by applicable law). However, please note that some information may be exempt from such requests, for instance, if we need to retain the information to comply with our legal obligations or to establish, defend, or execute legal claims.
Amendments to this Policy
We may revise or make changes to this Policy from time to time. In the event of any updates or changes, we will post the updated policy on Merchant Ground’s website at https://www.merchantground.com. We will also inform developers of any significant changes in accordance with our developer agreements, as they are in a better position to inform their end-users of any changes to this Policy, as appropriate.
Contact Merchant Ground
In case you have any questions or complaints regarding this Policy or our privacy practices, you can reach us at info@merchantground.com.