- Platform
- Solutions
- Capabilities
- Resources
- Company
This Privacy Notice for certain regions supplements the Helios General Privacy Notice.
A. The following notice ("California Notice”) applies to you only if you are a resident of the State of California and in accordance with the California Consumer Privacy Act of 2028, as amended from time to time (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”).
We collect certain information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you as a particular individual or with a household ("Personal Data”), as further described below. In addition, we may collect data that is not identifiable to you or otherwise associated with you, such as aggregated data, and is not Personal Data. To the extent this data is stored or associated with Personal Data, it will be treated as Personal Data; otherwise, the data is not subject to this notice.
California’s “Shine the Light” law, permits our users who are California residents to request and obtain from us a list of what Personal Data (if any) we disclosed to third parties for their own direct marketing purposes in the previous calendar year and the names and addresses of those third parties. Requests may be made only once per year per person, must be sent to the email address below, and are free of charge. However, we do not disclose Personal Data protected under the “Shine the Light” law to third parties for their own direct marketing purposes.
In the last twelve (12) months, we may have collected the following categories of Personal Data:
Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar federal identifiers.
Personal Data categories listed in the California Customer Records statute (Cal. Civ. Code 1798.80(e)), such as name, contact information, signature, government ID numbers, insurance and financial account information, and education and employment information;
Protected classifications under California or federal law, such as age, gender and marital status of our employees or our client’s employees.
Commercial information, such as products or services purchased, transaction information and transaction history.
Internet or other electronic network activity information, including, browsing history, search history, and information regarding a consumer’s interaction with our website.
Geolocation data, such as device location.
Audio, electronic, visual or similar information, such as CCTV and video recordings for security purposes.
Inferences drawn from any of the information above to create a profile about an individual reflecting an individual’s preferences and characteristics.
Sensitive Personal Data such as Personal Data that reveals a consumer’s social security, driver’s license, state identification card, or passport number; account log-in, financial account, debit card, or credit card in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; and biometric information of certain employees.
We will not collect additional categories of Personal Data other than those categories listed above. If we intend to collect additional categories of Personal Data, we will provide you with a new notice at or before the time of collection.
We retain personal data for no longer than necessary to provide the Services and to carry out the processing activities described above, including but not limited to compliance with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, and to the extent we reasonably deem necessary to protect our and our partner's rights, property, or safety, and the rights, property, and safety of our users and third parties.
Your personal data will not be kept in a form that allows you to be identified for any longer than we reasonably consider necessary to accomplish the purposes for which it was collected or processed, or as permitted or required by applicable laws related to data retention. The retention period for your personal data is determined based on the purpose of processing of the particular data, for example, where you are using our Services we will generally delete or anonymize your account information after the relationship ends, unless a longer retention period is applicable under mandatory law.
Thereafter, as a general matter, your personal data might be archived and stored to be used and otherwise processed in the event of legal regulatory requirements, statutes of limitations, disputes, or actions, and can be stored and, if applicable, used and otherwise processed until reasonably after the end of any such requirement, limitation, dispute, or action, including any potential periods of review or appeal.
Following the end of the relevant retention period, we will delete or anonymize your personal data, or archive it as permitted by applicable law.
We use reasonable and appropriate physical, technical, and organizational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability, and resilience of Personal Data. Those safeguards include: (i) the pseudonymization and encryption of Personal Data where we deem appropriate; (ii) taking steps to ensure Personal Data is backed up and remains available in the event of a security incident; and (iii) periodic testing, assessment, and evaluation of the effectiveness of our safeguards.
However, no method of safeguarding information is completely secure. While we use measures designed to protect Personal Data, we cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that Internet Data transmission is not always secure, and we cannot warrant that information you transmit utilizing the Services is or will be secure.
We may collect and process your Personal Data for the following business and commercial purposes:
Providing, predicting, or performing, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, and processing payments.
Marketing our products and services to you, including sending you messages about the products and services we offer, which may include special offers for products and services.
Communicating with you by email, mail, text message (SMS, MMS), telephone, and other methods of communication, about products, services, order status, and information tailored to your requests or inquiries.
Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
Debugging to identify and repair errors that impair existing intended functionality.
Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
Undertaking internal research for technological development and demonstration.
Undertaking activities to verify or maintain the quality or safety of the services or devices owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the services or devices owned, manufactured, manufactured for, or controlled by us.
Complying with applicable laws, regulations, rules and requests of relevant law enforcement and/or other governmental agencies, or for other purposes, as permitted or required by law.
As necessary or appropriate to protect the rights, property, and safety of our users, us, and other third parties.
We will not use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you with notice.
We may collect Personal Data:
Directly from you. When you provide it to us directly whether online, by email, phone, or in-person, for example, when you sign-up to receive emails from us or contact us.
Automatically or indirectly from you. For example, through analytics tools, cookies, pixel tags (such as Google Analytics and DoubleClick), or through your interactions with us on social media websites (such as Facebook, Instagram, Twitter, and LinkedIn).
Operating Systems and Platforms. For example, we automatically collect information relating to the device used to access our Services, such as IP address, device identifiers, and browser information.
From Third Parties such as Advertising Networks. For example, ad networks (such as Google Ads) to serve advertisements across the Internet. These advertisers use cookies, pixel tags, and other tracking technologies to collect information about your online activity and provide online behavioral advertising.
From Third Parties such as Social Networks. For example, from social media networks (such as Facebook, Instagram, Twitter, and LinkedIn), including if you contact us for customer service support through our social media pages.
From Third Parties such as Data Analytics Providers. For example, through technology and analytics providers (such as Google Analytics and LinkedIn Analytics). These providers use cookies, pixel tags, and other tracking technologies to collect information about your online activity to allow us to personalize your online experience, including sending you messages about the products and services we offer.
From our Service Providers For example commercial email providers, security consultants, payment processors and other Service Providers we engage.
Within the last twelve (12) months, we have shared the following categories of Personal Data for a business purpose with the following categories of third parties:
Category 1 (Identifiers): Service Providers and Third Parties.
Category 2 (California Customer Records): Service Providers.
Category 3 (Protected Classifications): Service Providers.
Category 4 (Commercial Information): Service Providers and Third Parties.
Category 5 (Internet or Network Activity): Service Providers and Third Parties.
Category 6 (Geolocation Data): Service Providers and Third Parties.
Category 7 (Audio, Visual or Similar Information): Service Providers.
Category 8 (Inferences): Service Providers and Third Parties.
Category 9 (Sensitive Personal Data): Service Providers.
We also share Personal Data with third parties (i) when we obtain your prior approval or consent; (ii) when required by laws or regulations; (iii) when it is necessary to protect the rights or property of the Company, you or other third parties, and it is difficult to obtain your consent; (iv) when it is necessary for advanced public health or children's healthy development, and it is difficult to obtain your consent; (v) when it is necessary to cooperate with statutory work required by laws and regulations performed by any national or local government office, or their subcontractors, and it is difficult to obtain your consent; or (vi) due to a merger, restructuring or other similar strategic transactions.
Finally, we may also share Personal Data with government agencies or regulators when permitted or required to do so by law; in response to a request from a law enforcement agency or authority or any regulatory authority; and/or to protect the integrity of the Services or our interests, rights, property, health, or safety, and/or that of our users, visitors and others.
We may use analytics systems and providers and participate in advertising networks that process Personal Data about your online activities over time and across third-party websites or online services, and these systems and providers may provide some of this information to us. To prevent Google Analytics from using your information for analytics generally, you may install the Google Analytics Opt-out Browser Add-on by clicking here. However, we do not currently recognize or respond to any web browser’s "do not track” signal or similar mechanisms.
The CCPA provides California residents with the below rights. For more information about how to exercise your CCPA rights, see the section “Submitting a Verified Consumer Request” below.
Right to Access: You have the right to request, twice in a 12-month period, that we disclose to you the Personal Data we have collected, used, disclosed, and sold about you during the past 12 months.
Right to Correct: You have the right to request that we correct the Personal Data we maintain about you, if that information is inaccurate.
Right to Delete: You have the right to request that we delete certain Personal Data we have collected from you.
Right to Opt-Out of Sale or Sharing: You have the right to opt-out of the sale of your Personal Data or the sharing of your Personal Data for cross-context behavioral advertising purposes.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment by us for the exercise of your CCPA privacy rights.
Some of our products and Services, however, may require your Personal Data. If you choose not to provide your Personal Data that is necessary to provide any aspect of our products or Services, you may not be able to use those products or Services. In addition, as described in the section captioned “Your Choices” in the General Privacy Notice, it is possible to change your browser settings to block the automatic collection of certain information.
We shall not (a) sell or share client Personal Data as the terms "sell" and "share" are defined by the CCPA, except as required to provide Services to a client or as instructed by a client, or (b) retain, use, or disclose client Personal Data for any "commercial purposes” as defined by the CCPA, or outside of its direct business relationship with client and under client’s prior written authorization only. The foregoing restrictions will not apply to "aggregate consumer information" or "deidentified personal information" as each term is defined by the CCPA.
To exercise your rights, you must provide us with sufficient information to allow us to verify your identity, and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. Once we receive the information you provide to us, we will review it and determine if more information is necessary to verify your identity as required by law, and we may request additional information in order to do so.
If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us by:
Calling us toll-free at: +1 888 263 5517
Emailing us at: Legal@helios.io
Mailing us at:
Helios Global Payments Solutions Inc.
8 The Green, STE B, Dover
DE 19901, USA
This California Notice replaces all previous disclosures we may have provided to you about our information practices with respect to the Services. We reserve the right, at any time, to modify, alter, and/or update this California Notice, and any such modifications, alterations, or updates will be effective upon our posting of the revised California Notice. We will use reasonable efforts to notify you in the event material changes are made to our processing activities and/or this California Notice, such as by posting a notice on the Services or sending you an email. Your continued use of the Services following our posting of any revised California Notice will constitute your acknowledgement of the amended California Notice.
If you have any questions or concerns about this California Notice and/or how we process Personal Data, please contact us.
For more information about how users with disabilities can access this Privacy Notice in an alternative format, please contact us.
Nevada law permits our users who are Nevada consumers to request that their Personal Data not be sold (as defined under applicable Nevada law), even if their Personal Data is not currently being sold. Requests may be sent to the email address indicated herein or in the General Privacy Notice, by calling the toll-free number indicated herein or in the General Privacy Notice, or by submitting the request at www.helios.io, and are free of charge.
Residents of Canada are permitted to request and obtain from us information respecting the existence, use, and disclosure of their Personal Data as well as access to that information (subject to certain exceptions pursuant to applicable laws). Without limiting the above, residents of Canada will, upon request:
Be informed of whether we hold Personal Data about you;
Be provided with an account of third parties to which we have disclosed your Personal Data;
Be able to challenge the accuracy and completeness of your Personal Data and have it amended as appropriate; and
Be provided with information about our policies and practices with respect to the management of Personal Data, including: the name or title, and address, of the person who is accountable for our privacy policies and practices; the means of gaining access to Personal Data; a description of the type of Personal Data held by us, including a general account of its use; a copy of any brochures or other information that explain our policies, standards, or codes; and what Personal Data is made available to related organizations.
Last updated: May 2024