Last updated May 26, 2023
© FOGHORN PAYMENTS INC.
20 Bloor Street East
PO Box 75039
Personal information is required to support transaction processing and communications, and to satisfy valid information requests from Interac®, banks, regulators, and other organizations who are legally entitled to make such requests.
When we initiate a transaction, there is a requirement to obtain the following Consumer information from the Client, in order to (a) successfully address and deliver a message to a Consumer if required, and (b) to meet risk management, fraud monitoring and tracing requirements of the payment network (Interac):
We ask for the Client’s account number, in order to (a) help the Consumer verify their billing details, though only the last four digits of the Client account number are presented to the Consumer, and (b) uniquely identify a Consumer and therefore to detect and avoid duplicate transactions.
When transactions are returned from the sending bank, we receive the Consumer’s name and bank of record, which we maintain associated with the transaction in case tracing of transactions is required, or in case the Client requests such information.
When completing a Clik2pay transaction through the Internet or through a mobile device, we may collect device level information about that Consumer. This information will help to identify higher risk transactions and monitor potential fraud or suspicious transactions.
Having Consumer information helps us determine preferences and consider enhancements or other service offerings, such as instalments, receipts and deferral plans.
When a Consumer is using our website, we may monitor and/or record browsing habits to better understand usage of our on-line assets.
If the Client provides us information about a specific Consumer to resolve a complaint, we may learn additional Consumer information. We will only use this information to address comments and/or reply to questions, and we may store the communication and our reply in case we correspond further.
If a Consumer receives an email claiming to be from Clik2pay that they believe to be fraudulent, they should not open, respond or click any links or open attachments contained within the email. Consumers may be instructed to notify us immediately by forwarding a copy of the email to us at email@example.com and then delete the email.
In order to provide certain services on mobile devices, we may require location information. If the Client or Consumer does not consent to collection of this information, then they cannot use the corresponding Services. Clients and Consumers can stop our collection of location information at any time by changing the preferences on their mobile devices. If the preferences are changed, our Services may no longer function. Clients and Consumers also may stop our collection of location information through the Services by following the standard uninstall process to remove all Clik2pay mobile applications from their devices.
We may send cookies to Client or Consumer computers or mobile devices. Cookies are small data files that are stored on a hard drive or in device memory when a Client or Consumer visits a website or views a message. Cookies support the integrity of our registration process, retain Client and Consumer preferences, and help evaluate and compile aggregated statistics about user activity.
The account number of the Client and transaction data will be shared with Interac and the Client’s bank to facilitate the Clik2pay payment transaction.
Client and Consumer information may be disclosed in response to valid demands or requests from governments, regulators, courts and law enforcement authorities.
We do not sell or rent customer lists or personal information to others.
We have security standards to protect our systems and Client and Consumer information against unauthorized access and use.
Our systems have been designed to ensure that email address, mobile number, first name and Client account number are always private and confidential. Nevertheless, Clik2pay cannot guarantee that unauthorized third parties will never be able to defeat our security measures or use Client or Consumer personal information for improper purposes. If any information in our possession or under our control is compromised as a result of a security breach, we will take reasonable steps to investigate the situation and, where appropriate,
notify those individuals whose information may have been compromised and take other steps in accordance with applicable laws or regulations.
When we provide information in response to a legal inquiry or order that we believe to be valid, we disclose only the information that is legally required.
Client and Consumer data is stored on Amazon Web Services (AWS), encrypted in accordance with information security standards, and located in Canada. It is accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.
We retain information only if it is required for the reasons it was collected. We are required to retain transaction data for a period of 7 years following completion of the transaction. We will destroy, delete, erase or convert it to an anonymous form after that point.
Upon request, a Client or Consumer shall be informed of the existence, use, and disclosure of his/her personal information and shall be given access to that information, and be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Usually, the best way to address the complaint is to raise the issue as soon as it comes up with the person the Client or Consumer is dealing with. Even if the Client or Consumer doesn’t notice the issue right away, the Client or Consumer can always get in touch with us at any time to voice their complaint.
Before beginning, be ready to have any supporting documents available and consider what solution may be appropriate.
If the resolution provided is unsatisfactory, the complaint can be escalated in the following ways:
Founder & CEO
If the results of our investigation or any resulting corrective measures remain unsatisfactory, the Client or Consumer may be entitled to make a written submission to the Privacy Commissioner in their jurisdiction or to the Office of the Privacy Commissioner of Canada at the address below:
Office of the Privacy Commissioner of Canada
30 Victoria Street