Privacy Policy

Effective June 12, 2026 | Download PDF

This Privacy Policy describes how Gravity Payments, Inc. (“Gravity Payments”, “we”, “our”, or “us”) collects, uses, shares, and protects personal information.

For questions about our privacy practices, please contact us at:

Gravity Payments
110 N 27th Street
Boise, ID 83702
[email protected]

If you are a resident of California, please review the additional notice that applies to you.

1. OUR SERVICES AND SCOPE OF PRIVACY POLICY

This Privacy Policy applies when you communicate with us, visit our website, or otherwise engage with us as a representative of current or potential business customer (the “Services”).

Gravity Payments acts as a service provider to businesses for credit card processing and other related services. In providing these services, businesses may share information about their end customers with us. In this situation, we process end customer information according to their instructions and for the purposes they specify. That means this Privacy Policy does not apply to any personal information we receive from a business about their end customers. If you have questions about how your information is handled by a business that uses our services, we encourage you to contact that business directly and review its privacy policy.

Please note that this Privacy Policy does not apply to non-Gravity Payments websites or services that state that they are offered under a different privacy policy. Please review the privacy policies on those websites and applications directly to understand their privacy practices.

2. INFORMATION WE COLLECT

Depending on the nature of your interaction with Gravity Payments, we may collect personal information as follows:

• Directly from you, when you provide information to us or interact with our Services:
  • Account information, including your email address, selected password, and communications preferences when you create a Gravity Payments account.
  • Contact information, such as your name, email address, telephone number. We record telephone conversations with our customer service team for record-keeping, training, and quality assurance purposes.
  • Identity information, such as date of birth and government ID, to verify identity and complete Know Your Customer (KYC) checks to establish your business account.
  • Transaction information, including payment information and transaction history if you engage in a transaction through the Services.
  • Any additional information you choose to provide, including questions, suggestions, and feedback.
• Automatically from you, device information and online user activity when you visit our online Services, as described in the next section.
• From third parties:
  • Information about the marketing and advertisements you have seen or clicked on, from online advertising companies.
  • Information to verify your identity from identify verification vendors to support identity verification and prevent fraud.

Please note some of this information may be collected by external parties on our behalf.

3. COOKIES AND INFORMATION COLLECTED BY AUTOMATED MEANS

Certain information is automatically collected from you when you interact with our online Services. This information includes:

• Usage details about your interaction with our online Services, such as the date, time, and length of visits, specific pages or content accessed during the visits, search terms, frequency of the visits, and referring website address.
• Device information about the device you use to access our online Services, such as IP address, device type, unique device identifier, operating system, browser type, and mobile network information.
• Location information, where you choose to provide our online Services with access to information about your device’s location.

Much of this information is collected through cookies and other tracking technologies, which may be operated by our partners who assist us in providing the online Services, understanding usage of the online Services, serving ads, and security and fraud prevention.

See PRIVACY CHOICES for more information on managing your cookies preferences.

4. HOW WE USE INFORMATION

We use the personal information we collect from you to:

• Provide our Services; open and administer business accounts; verify your identity; and support our relationships with our business customers;
• Respond to your inquiries and requests; communicate with you regarding your account and our Services; provide troubleshooting and technical support; and deliver important notices and updates.
• Manage, maintain, and operate the Services; diagnose and resolve technical issues; monitor Services performance and security; and analyze how you and others access and use the Services.
• Design and administer marketing and promotional campaigns; evaluate the effectiveness of these campaigns; administer promotions or other special offers.
• Send you marketing communications, including information about products, services, promotions, and other offerings that may be relevant to your interests.
• Improve and enhance the Services; grow and develop our business; better understand our customer base and their needs; administer surveys and market research; and develop new products and services.
• Comply with applicable legal obligations; assert legal rights or defend against legal claims or other demands; respond to subpoenas, court orders, or other legal process; protect the rights, privacy, safety, or property of Gravity Payments, you, or others; and detect, investigate, and prevent activities that may violate our policies or be fraudulent, harmful, or illegal.
• Perform business administration, risk management, auditing, recordkeeping, and operational activities.

We may use and share information in an aggregated or de-identified manner data at our discretion, including for research, analysis, modeling, marketing, and improvement of our Services.

5. HOW WE SHARE INFORMATION

We may share the information we collect in the following instances:

• With service providers that we believe need the information to perform a technology, business, or other professional function for us such as IT services, accounting, auditing, and tax services, and other professional services.
• If you submit a testimonial or feedback and consent to its publication, we may share your name and the content of your testimonial on our website, where it may be viewed by others.
• With analytics partners that help us measure and analyze how you use the online Services so we can measure and improve the performance of the online Services.
• With advertising partners who assist us in serving advertising to others who may be interested in the Services. These third parties may use tracking technologies to collect or receive information from the online Services and elsewhere on the internet and use that information to provide measurement services and target ads. These advertising partners may allow other companies to access information about you so that they may market other products you may be interested in.
• With social media platforms, information about you and your interaction with us. If you interact with social media objects on our online Services, both the platform and your connections on the platform may be able to view that activity. To control this sharing of information, please review the privacy policy of the relevant social media platform.
• With entities in our corporate family, for purposes consistent with this Privacy Policy, to carry out our business activities, and to the extent permitted by law.
• When a corporate event occurs, we reserve the right to transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this Privacy Policy.
• For legal purposes; where necessary to comply with the law; in response to court orders, law enforcement or legal process, including for national security purposes; to establish, protect, or exercise our legal rights; as required to enforce our terms of use or other contracts; to defend against legal claims or demands; or to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person.

6. PRIVACY CHOICES

This section describes the choices you have regarding the collection, use, and sharing of your personal information:

• Access and update account information: If you have a Gravity Payments account, you can review and update certain account information, such as your contact information, by logging in.
• Opt out of cookies: You have options to limit how cookies and other tracking technologies collect information about your online activity:
  • To manage your cookie preferences, please click the Cookie Settings link in the footer to set your preferences. Generally, you can modify your browser setting to disable or reject cookies across the internet; but if you do so, some features of our online Services may not function properly or be available. Please note that you will need to set preferences on each web browser and device you use to visit our online Services.
  • Because definitions and rules for “Do Not Track” have not yet been established, including whether such signals must be user-enabled, we do not respond to “Do Not Track” signals. If your browser offers you the ability to use Global Privacy Control (GPC) to communicate your privacy preferences to us, we honor such signals
  • You may be able to prevent third parties from using your information for interest-based advertisements across the internet by visiting the NAI or the Digital Advertising Alliance. Please note this does not opt you out of being served ads, nor will it prevent the receipt of interest-based advertising from other companies that do not participate in these programs.
  • You may also opt out of third-party cookies we use by visiting their opt out pages. These are examples of our cookie providers, but the list is not exhaustive. In addition, we are not responsible for the effectiveness of any of these opt-out mechanisms:
    • We use Google Ads to customize our advertising and to serve you ads based on your browsing behavior. You can learn more about Google Ads here and opt out of personalized advertising through Google’s Ad Settings.
    • We use Google Analytics to collect usage details. You can learn more about privacy and Google Analytics here, and opt out of collection of your data by using the Google Analytics Opt-out Browser Add-on.
    • We use Meta Pixel to customize our advertising and to serve you ads based on your browsing behavior. You can learn more about Meta Pixel here. You can opt-out of personalized advertising through Meta’s Ad Settings.
• Opt out of email marketing: If you no longer wish to receive marketing emails from us, you can click the unsubscribe link at the bottom of our marketing emails. Please note that you may continue to receive transactional messages from us, including messages about your account.

7. HOW WE PROTECT INFORMATION

We use a combination of physical, technical, and administrative safeguards to protect the information we collect through the Services. While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.

8. UPDATES TO THIS PRIVACY POLICY

We may make changes to this Privacy Policy from time to time. The date at the top of this Privacy Policy indicates when this Privacy Policy was last revised. If we make material changes to this Privacy Policy, we will notify you as necessary through written, electronic, or other means.

9. ADDITIONAL NOTICE FOR CALIFORNIA RESIDENTS

As a California resident, you have the right to receive certain disclosures regarding our collection, use, and disclosure of your personal information, as well as certain rights to your personal information. California residents will not receive discriminatory treatment for exercising these privacy rights.

Collection, Use, and Retention

The following chart describes our practices about the collection, use, and retention of your information if you are a California consumer. The categories we use to describe the information are those listed in California law. Some of the categories include very different types of information within the same category and certain personal information may fall into multiple categories. How we use and how long we keep the information within each category will vary, and not all types of information within the same category will be used for all the purposes listed.

Category	Required Information
Personal identifiers	Examples of what we collect: Name, email address, physical address, unique identifiers (such as those assigned in cookies). Sources: Directly from you; from third parties. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention Considerations: Information is maintained throughout our relationship with you in order to provide the Services. When we no longer provide Services to you, we may still need this information for a period of time for business and legal requirements.
Personal information categories listed in the California Customer Records statute	Examples of what we collect: Telephone number, date of birth. Sources: Directly from you; from third parties. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention Considerations: Information is maintained throughout our relationship with you in order to provide the Services. When we no longer provide Services to you, we may still need this information for a period of time for business and legal requirements.
Internet or other similar network activity	Examples of what we collect: Device ID, browsing history, search history, IP address, interaction with a website. Sources: Automatically from you; third parties. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention Considerations: Internet or other similar network activity is typically deleted at regular intervals when the information is no longer necessary for the purpose for which it was collected.
Geolocation data	Examples of what we collect: Coarse information (e.g. IP address). Sources: Automatically from you; from third parties. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention considerations: Geolocation data is deleted at regular intervals when the information is no longer necessary for the purposes for which it is collected.
Commercial information	Examples of what we collect: Billing records, purchase information and history. Sources: Directly from you; third parties Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention considerations: The law requires us to maintain purchase and payment records for a period of time, which varies by state.
Professional or employment-related information	Examples of what we collect: Employer name, job title, business contact information. Sources: Directly from you. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention considerations: Information is maintained throughout the life of our relationship with you in order to provide the Services.
Audio, electronic, visual, or similar information	Examples of what we collect: Video from CCTV. Sources: Directly from you; automatically when you interact with us. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention considerations: The information is deleted at regular intervals when the information is no longer needed for the purpose for which it is collected.
Sensitive information	Examples of what we collect: Password or credentials allowing access to an account, Social Security number. Sources: Directly from you. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention Considerations: Certain information is maintained throughout our relationship with you in order to provide the Services. When we no longer provide Services to you, we may still need this information for a period of time for business and legal requirements.
Inferences	Examples of what we collect: Interests, preferences, consuming tendencies. Sources: Created about you based on information you provide; third parties. Purpose of collection and use: All purposes listed in HOW WE USE YOUR INFORMATION. Retention considerations: Information is maintained throughout the life of our relationship with you in order to provide the Services.

California law also requires us to provide information regarding the criteria we use to determine the length of time for which we retain personal information. We utilize the following criteria to determine the length of time for which we retain personal information:

• The business purposes for which the information is used, and the length of time for which the information is required to achieve those purposes.
• Whether we are required to retain the information type in order to comply with legal obligations or contractual commitments, to defend against potential legal claims, or as otherwise necessary to investigate theft or other activities potentially in violation of our policies and procedures applicable to you or against the law, to ensure a secure online environment, or to protect health and safety.
• The privacy impact of ongoing retention on you.
• The manner in which information is maintained and flows through our systems, and how best to manage the lifecycle of information in light of the volume and complexity of the systems in our infrastructure.

Individual pieces of personal information may exist in different systems that are used for different business or legal purposes. A different maximum retention period may apply to each use case of the information. Certain individual pieces of information may also be stored in combination with other individual pieces of information, and the maximum retention period may be determined by the purpose for which that information set is used.

Sale, Sharing, and Other Disclosure of Personal Information and Right to Opt-Out

Any category of information listed in the chart above may be disclosed for a business purpose to service providers and contractors, which are companies or individuals that we engage to conduct activities on our behalf.

California law also requires us to provide you with information regarding the parties to whom we sell (disclosing personal information for monetary or other benefit) or share (disclosing personal information for purposes of cross-context behavioral advertising) your information. We use cookies and other tracking technologies to improve our online Services, optimize and analyze your experience, and serve ads relevant to your interests. Some of these uses may be considered a “sale” or “sharing” of your personal information. Below are the types of information we sell or share via cookies:

• Identifiers to analytics and advertising partners
• Internet or other similar network activity to analytics and advertising partners

To opt out, please click the Cookie Settings link in the footer and set your preferences. Gravity Payments does not have actual knowledge that it sells or shares the personal information of consumers under 16 years of age.

We may disclose your information in other ways that are not considered a sales under the law. Please see HOW WE SHARE INFORMATION for more information.

Additional Rights

Residents of California also have the right to access, correct, and delete certain personal information we collect about them. You or your authorized agent may submit a request to exercise your rights by calling 866-701-4700 or emailing [email protected].

For your security and to ensure unauthorized third parties do not access your personal information, we will require you to verify your identity before we can act on your request. We do this by asking you to provide personal identifiers we can match against information we may have collected from you previously and confirm your request using the email account stated in the request.

While you also have the right to limit use of your sensitive personal information, we only process your sensitive personal information for purposes allowed by law and therefore do not offer an option to limit further processing.