Gravity Payments
Why Gravity?
Merchants
Developers
Partners
Industries
Pricing
Get Started
Company
Resources
Support

Gravity Capital: See what’s possible with a little extra flexible funding. 

Gravity Payments

Pricing

Get Started

Privacy Policy

Last updated December 2, 2025

Thank you for choosing to be part of our community at Gravity Payments, Inc. (“Company”, “we”, “us”, or “our”). We
are committed to protecting your personal information and your right to privacy. If you have any questions or
concerns about our policy or our practices with regards to your personal information, please contact us at [email protected].

When you visit our website https://www.gravitypayments.com, and use our services, you trust us with your personal
information. We take your privacy very seriously. In this privacy policy, we seek to explain to you in the clearest
way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take
some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you
do not agree with, please discontinue use of our Sites and our services.

This privacy policy applies to all information collected through our website (such as
https://www.gravitypayments.com), and/or any related services, sales, marketing, or events (we refer to them
collectively in this privacy policy as the “Services”).

Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal
information with us.

1. WHAT INFORMATION DO WE COLLECT?

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining
information about us or our products and services, when participating in activities on the Services or otherwise
contacting us.

The personal information that we collect depends on the context of your interactions with us and the Services, the
choices you make and the products and features you use. All personal information that you provide to us must be
true, complete, accurate, and you must notify us of any changes to such personal information.

Information automatically collected:

In Short: Some information — such as IP address and/or browser and device characteristics — is collected
automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not
reveal your specific identity (like your name or contact information) but may include device and usage information,
such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs,
device name, country, location, information about how and when you use our Services and other technical information.
This information is primarily needed to maintain the security and operation of our Services, and for our internal
analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies. Our use of cookies and
similar technologies is discussed below.

2. HOW DO WE USE YOUR INFORMATION?

In Short: We process your information for purposes based on legitimate business interests, the fulfillment of our
contract(s) with you, compliance with our legal obligations, and/or your consent.

We use personal information collected via our Services for a variety of business purposes described below. We process
your personal information for these purposes in reliance on our legitimate business interests, to enter into or
perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the
specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

To send you marketing and promotional communications. We and/or our third-party marketing partners may use the
personal information you send to us for our marketing purposes if this is in accordance with your marketing
preferences. You can opt-out of our marketing emails at any time (see the “WHAT ARE YOUR PRIVACY RIGHTS” below).

Fulfill and manage your orders. We may use your information to fulfill and manage your orders, payments, returns, and
exchanges made through the Services.

To post testimonials. We post testimonials on our Services that may contain personal information. Prior to posting a
testimonial, we will obtain your consent to use your name and testimonial. If you wish to update, or delete your
testimonial, please contact us at [email protected] and be sure
to include your name, testimonial location, and contact information.

Deliver targeted advertising to you. We may use your information to develop and display content and advertising (and
work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness.

Request Feedback. We may use your information to request feedback and to contact you about your use of our Services.

To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for
example, for fraud monitoring and prevention).

To enforce our terms, conditions and policies for Business Purposes, Legal Reasons and Contractual.

To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to
inspect the data we hold to determine how to respond.

For other Business Purposes. We may use your information for other Business Purposes, such as data analysis,
identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our
Services, products, marketing, and your experience. We may use and store this information in aggregated and
anonymized form so that it is not associated with individual end users and does not include personal information. We
will not use identifiable personal information without your consent. Additionally, some of our products rely on
location-based information in order to function properly, and in such cases your personal information will be
de-identified solely for the purposes of providing those products or services.

3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?

In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect
your rights, or to fulfill business obligations.

We may process or share data based on the following legal basis:
Consent: We may process your data if you have given us specific consent to use your personal information in a
specific purpose.

Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business
interests.

Performance of a Contract: Where we have entered into a contract with you, we may process your personal information
to fulfill the terms of our contract.

Legal Obligations: We may disclose your information where we are legally required to do so to comply with applicable
law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court
order or a subpoena (including in response to public authorities to meet national security or law enforcement
requirements).

Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take
action regarding potential violations of our policies, suspected fraud, situations involving potential threats to
the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
More specifically, we may need to process your data or share your personal information in the following situations:

Vendors, Consultants and Other Third-Party Service Providers: We may share your data with third party vendors,
service providers, contractors or agents who perform services for us or on our behalf and require access to such
information to do that work. Examples include payment processing, data analysis, email delivery, hosting services,
customer service and marketing efforts. We may allow selected third parties to use tracking technology on the
Services, which will enable them to collect data about how you interact with the Services over time. This
information may be used to, among other things, analyze and track data, determine the popularity of certain content
and better understand online activity. Unless described in this Policy, we do not share, sell, rent or trade any of
your information with third parties for their promotional purposes.

Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any
merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Phone Numbers: Mobile Opt in, SMS Consent, and phone numbers collected for SMS communication purposes will not be
shared with any third party or affiliates for marketing purposes.

4. WHO WILL YOUR INFORMATION BE SHARED WITH?

In Short: We only share information with the following third parties.

We only share and disclose your information with the following third parties. We have categorized each party so that
you may easily understand the purpose of our data collection and processing practices. If we have processed your
data based on your consent and you wish to revoke your consent, please contact us.

Advertising, Direct Marketing, and Lead Generation:
Google AdSense and Facebook Audience Network

Communicate and Chat with Users:
Drift

Retargeting Platforms:
Google Ads Remarketing, Google Analytics Remarketing, Facebook Custom Audience, Facebook Remarketing and LinkedIn
Website Retargeting

Social Media Sharing and Advertising:
Facebook advertising, Facebook social plugins, Twitter advertising, Twitter social plugins, Instagram advertising,
LinkedIn advertising, LinkedIn social plugins and YouTube social plugins

Web and Mobile Analytics:
Google Analytics, Google Tag Manager, Facebook Ads conversion tracking and Facebook Analytics

Website Hosting:
WordPress.org

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
Specific information about how we use such technologies and how you can refuse certain cookies is set out in our
Cookie Policy.

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy
unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy
policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal
requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or
anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup
archives), then we will securely store your personal information and isolate it from any further processing until
deletion is possible.

7. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from/or market to children under 18 years of age.

We do not knowingly solicit data from/or market to children under 18 years of age. By using the Services, you
represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor
dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been
collected, we will deactivate the account and take reasonable measures to promptly delete such data from our
records. If you become aware of any data we have collected from children under age 18, please contact us at [email protected].

8. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You may review, change, or terminate your account at any time.

If you are resident in the European Economic Area and you believe we are unlawfully processing your personal
information, you also have the right to complain to your local data protection supervisory authority. You can find
their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can
usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or
reject cookies, this could affect certain features or services of our Services. To opt-out of interest-based
advertising by advertisers on our Services visit http://www.aboutads.info/choices/.

9. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or
setting you can activate to signal your privacy preference not to have data about your online browsing activities
monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been
finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically
communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow
in the future, we will inform you about that practice in a revised version of this privacy policy.

10. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, if you are a resident of California, you are granted specific rights regarding access to your personal
information.

This section applies solely to visitors and users of our site who reside in the State of California. We have adopted
this notice to comply with the California Consumer Privacy Act of 2018 (the “CCPA”) and the California Online Privacy Protection Act (“CalOPPA”), and any terms defined in
the CCPA or CalOPPA have the same meaning when used in this notice.

For the purposes of this section “California Data Subject” shall mean: (1) an individual who is in the State of
California for other than a temporary or transitory purpose, and (2) an individual who is domiciled in the State of
California who is outside the State of California for a temporary or transitory purpose.

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or
could reasonably be linked, directly or indirectly, with a particular California Data Subject or device
("personal information").

In particular, we have collected the following categories of personal information from California Data Subjects
within the last twelve (12) months:

Category Examples Do we collect this data?
Identifiers Real name, alias, postal address, unique personal identifier, online identifier, internet protocol (IP)
address, email address, account name, or other similar identifiers		 Yes
Characteristics of protected classifications under California or federal law Race, gender, ethnicity, disability status Yes (only from persons that apply for positions with Gravity)
Commercial information Records of personal property, products, or services purchased, obtained, or considered, or other
purchasing or consuming histories or tendencies		 Yes
Biometric information Fingerprint, facial pattern, voice, typing cadence No
Internet or other electronic network activity information Information regarding usage of a site, software, or app Yes
Geolocation data Physical location Yes
Audio, electronic, visual, thermal, olfactory, or similar information Recordings of a California Data Subject No
Professional or employment-related information Place of work, current occupation, duration of occupation, position/title Yes (only from persons that apply for positions with Gravity)
Education Information Information that is not publicly available personally identifiable information as defined in the Family
Educational Rights and Privacy Act (FERPA)		 Yes (only from persons that apply for positions with Gravity)
Inferences drawn from any of the information identified above Information used to create a profile about the California Data Subject reflecting their preferences,
characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities,
and aptitudes		 No

Sources of Personal Information. We obtain the personal information
listed above from the following sources:

Source Examples Do we receive from this source?
Directly from you From forms you complete or orders for products and services you purchase. Yes
Indirectly from you From observing your actions on our services. Yes
Third Parties We are provided information by our third-party vendors such as: [our Merchant Partners, our Technology
Hosting Partners, and our Marketing Partners]		 Yes

Use of Personal Information. We may use or disclose the personal
information we collect for one or more of the following business purposes:

  1. To fulfill the purpose for which you provided the information. For example, if you share your name and contact
    information to request a price quote or ask a question about our products or services, we will use that personal
    information to respond to your inquiry. If you provide your personal information to purchase a product or
    service, we will use that information to process your payment and facilitate delivery. We may use personal
    information you provide us to provide technical support. In addition, we may use the above information:

    1. To provide, support, personalize, and develop our websites, products, and/or services;
    2. To create, maintain, customize, and secure your account with us;
    3. To process your requests, purchases, transactions, and payments and prevent transactional fraud;
    4. To provide you with support and to respond to your inquiries, including to investigate and address your
      concerns and monitor and improve our responses;
    5. To help maintain the safety, security, and integrity of our Website, products and services, databases
      and other technology assets, and business;
    6. To respond to law enforcement requests and as required by applicable law, court order, or governmental
      regulations; and
    7. As described to you when collecting your personal information or as otherwise set forth in the CCPA.

We will not collect additional categories of personal information or use the personal information we collected for
materially different, unrelated, or incompatible purposes without providing you notice.

We do not sell your personal information to third parties. We do share personal information with our third-party
service providers and vendors in order to provide you the Service.

Your Rights and Choices

This section describes your CCPA rights and explains how to exercise those rights.

You have the right to request that we disclose certain information to you about our collection and use of your
personal information over the past twelve (12) months. Once we receive and verify your request, we will disclose to
you:

  1. The categories of personal information we collected about you;
  2. The categories of sources for the personal information we collected about you;
  3. Our business or commercial purpose for collecting or selling that personal information;
  4. The categories of third parties with whom we share that personal information;
  5. The specific pieces of personal information we collected about you (also called a data portability request);
  6. If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    1. sales, identifying the personal information categories that each category of recipient purchased; and
    2. disclosures for a business purpose, identifying the personal information categories that each category
      of recipient obtained.

You have the right to request that we delete any of your personal information that we collected from you and
retained, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our
service providers to delete) your personal information from our records, unless an exception applies.

We may deny your disclosure and/or deletion request if retaining the information is necessary for us or our service
providers to:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you
    requested, take actions reasonably anticipated within the context of our ongoing business relationship with you,
    or otherwise perform our contract with you;
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute
    those responsible for such activities;
  3. Debug products to identify and repair errors that impair existing intended functionality;
  4. Exercise free speech, ensure the right of another California Data Subject to exercise their free speech rights,
    or exercise another right provided for by law;
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that
    adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render
    impossible or seriously impair the research's achievement, if you previously provided informed consent;
  7. Enable solely internal uses that are reasonably aligned with California Data Subject expectations based on your
    relationship with us;
  8. Comply with a legal obligation, such as other privacy or data protection statutes and regulations that place
    restrictions on our ability to disclose information including, but not limited to, the Gramm–Leach–Bliley Act,
    PCI Data Security Standards, and state privacy acts; and
  9. Make other internal and lawful uses of that information that are compatible with the context in which you
    provided it.

To exercise the access, data portability, and deletion rights described above, please submit a verifiable California
Data Subject request to us by sending us an email at [email protected] or calling us at 866-701-4700.

Only you or a person registered with the California Secretary of State, that you authorize to act on your behalf, may
make a verifiable California Data Subject request related to your personal information. You may also make a
verifiable California Data Subject request on behalf of your minor child.

You may only make a verifiable California Data Subject request for access or data portability twice within a twelve
(12) month period. The verifiable California Data Subject request must:

  1. Provide sufficient information that allows us to reasonably verify you are the person about whom we collected
    personal information or an authorized representative; and
  2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or
authority to make the request and confirm the personal information relates to you. Making a verifiable California
Data Subject request does not require you to create an account with us. We will only use personal information
provided in a verifiable California Data Subject request to verify the requestor's identity or authority to make
the request.

We aspire to respond to a verifiable California Data Subject request within forty-five (45) days of receipt of the
request. If we require more time (up to ninety (90) days) we will inform you of the reason(s) why an extension is
needed and how long we anticipate the period to be. Any disclosure we provide will only cover the twelve (12) month
period preceding receipt of your request. If applicable, the response may provide the reasons why we cannot comply
with your request. For data portability requests, we will select a format to provide your personal information that
is readily useable and should allow you to transmit the information from one entity to another entity without
hindrance.

We do not charge a fee to process or respond to your verifiable California Data Subject request unless it is
excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you
why we made that decision and provide you with a cost estimate before completing your request. We reserve the right
to refuse to respond to verifiable California Data Subject requests that are excessive, repetitive, or manifestly
unfounded.

Right of Non-Discrimination.

We will not discriminate against you for exercising any of your CCPA rights. We will not take any of the following actions against you in response to an
exercise of your rights:

  1. Deny you goods or services.
  2. Charge you different prices or rates for goods or services, including through granting discounts or other
    benefits, or imposing penalties.
  3. Provide you with a different level or quality of goods or services.

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods
or services.

11. DO WE MAKE UPDATES TO THIS POLICY?

In Short: Yes, we will update this policy as necessary to stay compliant with relevant laws.

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised”
date and the updated version will be effective as soon as it is accessible. If we make material changes to this
privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you
a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting
your information.

12. HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may email us at [email protected] or by post to:
Gravity Payments, Inc.
110 N 27th Street
Boise, ID 83702
United States

HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the laws of some countries, you may have the right to request access to the personal information we collect
from you, change that information, or delete it in some circumstances. To request to review, update, or delete your
personal information, please submit a request form by clicking here. We will respond to your request within 30 days.

 

Developer Privacy Policies and Terms of Service

EIServer Privacy Policy
EIServer Clover App Terms of Service
eMergePay Privacy Policy
eMergePay Clover App Terms of Service