October 18, 2010
Information that we collect and how we use it
- Registration information - When you sign up for Google Checkout, we ask for your personal information so that we can provide you with the service. If you register a credit or debit card, the information that we require to register for the service includes your name, credit or debit card number, card expiry date, card verification number (CVN), address, phone number and email address. If you register a Carrier Billing Account, the information that we require to register for the service includes your mobile telephone number, and the name and billing address associated with that number. For sellers, we also require you to provide your bank account number and, in some situations, your personal address, your business category, a government-issued identification number (for example, social security number or taxpayer identification number for US residents) and certain information about your sales or transaction volume. This information allows us to process payments and protect users from fraud. In some cases, we may also ask you to send us additional information or to answer additional questions to help verify your information. The information we collect is stored in association with your Google Account.
- Information obtained from third parties - In order to protect you from fraud or other misconduct, we may obtain information about you from third parties to verify the information you provide. For example, we may use card authorisation and fraud screening services to verify that your credit or debit card information and address match the information that you provided to us. Also, for sellers, we may obtain information about you and your business from a credit bureau or a business information service such as Dun & Bradstreet. . We also may obtain information from third parties in connection with providing Google Checkout to you, such as information from the Carrier in connection with Carrier Billing.
- Transaction information - When you use Google Checkout to conduct a transaction, we collect information about each transaction, including the transaction amount, a description provided by the seller of the goods or services being purchased, the names of the seller and buyer and the type of payment used.
- Information about your use of the service - In order to protect you from fraud, phishing and other misconduct, we may collect information about your interaction with the service to help validate your identity or detect potentially fraudulent conduct. For example, in some circumstances we may try to determine service usage patterns (such as how quickly you type) so that we can try to detect and prevent unauthorised attempts to access your account (such as automated hacking attacks or the use of stolen usernames or passwords). Any such information that we collect will only be used to detect and prevent fraud or other misconduct, unless you explicitly grant us permission to use it in another manner.
- Log information - When you use Google Checkout, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
- User communications - When you send an email or other communication to us, we may retain those communications in order to process your enquiries, respond to your requests and improve our services.
- Links - We may present links in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of our search technology, customised content and advertising. For more information about links and redirected URLs, please see our FAQs.
In addition to the above, we use the information that we collect to:
- Provide our products and services to you, including the display of customised content and advertising;
- Perform auditing, research and analysis in order to maintain, protect and improve our services;
- Ensure the technical functioning of our network; and
- Develop new services.
We process personal information on our servers in the United States of America and in other countries. In some cases, we process personal information on a server outside your own country. We may process personal information to provide our own services. In some cases, we may process personal information on behalf of and according to the instructions of a third party, such as our advertising partners.
We will not sell or rent your personal information to companies or individuals outside of Google. If you are making a purchase through Google Checkout, we may share portions of your credit card number with the retailer to identify the transaction, but we will not share your full credit card number with the retailer without your opt-in consent, except in the limited circumstances described below. In addition, we will only share your personal information with other companies or individuals outside Google in the following circumstances:
- As necessary to process your transaction and maintain your account. As with any credit card payment, if you process a credit card transaction through the service, we need to share some information (for example, your name and credit card number) with the banks and other entities in the financial system that process credit card transactions. For payment transactions processed through your Carrier Billing Account, we will need to share information with the Carrier holding your Carrier Billing Account in order to charge your Carrier Billing Account and for other purposes related to processing Carrier Billing transactions, such as purchases, reversals, refunds, adjustments, disputes and customer support. Some retailers require that their buyers provide a telephone number in order to process a transaction. In those cases, we will share your telephone number with the merchant and you will be notified before you complete your transaction. . At a merchant’s request, we may also serve Checkout transaction data through a web beacon so that the merchant can analyze or audit its web traffic. We will provide you with a notice when a web beacon is served within Google Checkout. For more information on web beacons, click here.
- To detect, prevent or otherwise address fraud, security or technical issues.
- We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
- We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.
- We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent or otherwise address fraud, security or technical issues or (d) protect against imminent harm to the rights, property or safety of Google, its users or the public as required or permitted by law.
- If you are using a credit card issued by the merchant from whom you are making a purchase (a 'private label credit card'), that merchant will receive your entire credit card number in association with your purchase.
- We may share aggregated non-personally identifiable information with third parties. For example, we may disclose that a certain percentage of our users have a billing address in a particular geographic area or that a certain percentage of users use a particular type of credit or debit card. However, if we do share this aggregated information, we do not include personally identifiable information without your explicit opt-in consent or in the limited circumstances described above.
When you shop at a seller for the first time and complete an order, you’ll be given a choice whether you'd like to receive promotional emails from the seller. If you decide later that you don't want to receive promotional emails from a seller, you will need to contact the seller directly.
We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical and technical security measures to guard against unauthorised access to systems where we store personal data. For example, your credit card number will always be stored in an encrypted form (except when you provide it to us in a communication outside our web page interface).
The security of your account also depends on keeping your account password confidential and you should not share your account name or password with anyone. If you do share your account information with a third party, they will have access to your account and your personal information.
Accessing and updating personal information
You can review and update your payment information by logging in to your Google Account and going to the 'Purchase History' page, where you can update or remove your address and method of payment. You can also view your previous transaction history on the 'Purchase History' page.
You can disable Google Checkout by contacting us. If you do so, your payment information and transaction history will no longer be viewable through Google Checkout. However, in order to meet our reporting and auditing obligations and to detect, deter as well as prevent fraud or other misconduct on our systems, the information will be retained in our systems. If you disable Google Checkout, your personally identifiable information will not be used by Google or shared with third parties except for these purposes. We may delete these records over time if permitted or required by law.
Sharing Between Affiliates
We operate the Google Checkout service through wholly owned subsidiaries of Google. For US users, that subsidiary is Google Payment Corporation and for European users that subsidiary is Google Payment Limited (based in the United Kingdom). For countries outside of the United States and Europe, please consult the Terms of Service made available to you within the service to learn more about the corporate entity offering the service.
We provide you with the right to opt out of certain sharing between Google and its subsidiaries. Specifically, you may choose to opt out of:
- The sharing between Google and its subsidiaries of information that does not pertain to your transactions or experiences with Google Checkout (also called 'non-transactional information', e.g. information we may obtain from third parties to verify your identity) and
- The use by Google of information shared between Google and its subsidiaries to promote Google products and services.
If you don't want us to share non-transactional data between Google and its subsidiaries, please click here.
If you don't want us to use any information shared between Google and its subsidiaries to promote Google products and services to you, please click here.
Changes to this policy
If you have any questions about this Policy, please feel free to contact us through our website or write to us at Privacy Matters, c/o Google Inc., 1600 Amphitheatre Parkway, Mountain View, California, 94043 USA.
Google and its subsidiaries adhere to the US Safe Harbour privacy principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement and are registered with the US Department of Commerce's Safe Harbour programme.