Online and off-line privacy is constantly evolving and Epoch plans to take all reasonable efforts to maintain up to date and effective privacy standards and practices. You may also contact us at [email protected] with any questions or concerns that you may have.
Epoch is committed to respecting your privacy and recognizes the need for appropriate protection and management of any personally identifiable information ("Personal Information") you share with us. In order to provide payment processing, billing, customer service and fraud detection services (collectively "Services"), Epoch collects and uses your Personal Information.
If you choose to provide us with your Personal Information through our website ("Website") and/or through documents provided during your initial account setup and at any point thereafter, we may transfer your Personal Information within Epoch (its parent company and/or any subsidiaries) or to third parties, across borders, and from your country or jurisdiction to other countries or jurisdictions around the world as set forth in this Privacy Policy.
Epoch strives to comply with all applicable laws around the globe that are designed to protect your privacy. Although legal requirements may vary from country to country, Epoch intends to adhere to the principles set forth in this Privacy Policy even if, in connection with the above, we transfer your Personal Information from your country to other countries. In other words, our goal is to provide protection for your Personal Information no matter where that Personal Information is collected, transferred, or retained.
To protect your privacy, we have adopted and comply with the following principles:
Epoch complies with the EU-US DPF, the UK Extension to EU-US DPF and the Swiss-US DPF as set forth by the U.S. Department of Commerce. Epoch has certified to the U.S. Department of Commerce that it adheres to the EU-US DPF Principles with the respect to the processing of personal data received from the European Union in reliance on the EU-US DPF and from the United Kingdom in reliance on the UK Extension to the EU-US DPF. Epoch has certified to the U.S. Department of Commerce that it adheres to the Swiss-US DPF Principles with the respect to the processing of personal data from Switzerland in reliance on the Swiss-US DPF. If there is any conflict between the terms in this privacy policy and the EU-US DPF Principles and/or the Swiss-US DPF Principles, the Principles shall govern. To learn more about the DPF Program program and to view our certification, please visit U.S. Department of Commerce's DPF Program website.
*Not applicable to Epoch's European subsidiary
You may access and browse our Website without disclosing any Personal Information. However, if you attempt to retain Epoch's Services for your websites and/or to purchase a product or service online, Epoch may request that you voluntarily supply it with Personal Information. Personal Information we collect and how we use it is as follows:
Epoch is the sole owner of the information collected. We will not sell your Personal Information to any third parties. If in the future, we anticipate selling your Personal Information to any third party, we will provide you with opt-out rights and will not discriminate against you for exercising such rights. We will not use any of your Personal Information to send you any promotional materials or advertisements. If you are a merchant or an affiliate of an Epoch merchant, you may from time to time receive from us important updates about our Services. If you are an affiliate of an Epoch merchant, you may also receive from us important updates about services of the Epoch merchant(s) for which you are an affiliate. If you are a customer, you may receive from us order/cancellation e-mail confirmations that are automatically generated whenever an order/cancellation is placed through us and that confirm your purchase or cancellation with important details about your purchase or cancellation, including but not limited to, product purchased/cancelled, order/cancellation date, username/password and our customer service details that may be used for any inquiries about the purchase/cancellation.
We ensure that your Personal Information will not be disclosed to anyone other than:
Our legal basis for collecting and using the Personal Information described above will depend on
the
personal information concerned and the specific context in which we collect it. However, we will
normally
collect Personal Information from you only where:
You may choose whether or not to provide Personal Information to us. If you choose not to provide the Personal Information we request, you can still visit most of our Website, but you will be unable to purchase a product or service online, setup an account with us and/or use our Services for your websites. If you choose to have a relationship with us, such as a contractual or other business relationship, you will be required to provide Personal Information in connection with such relationship.
When we share Personal Information with a third party we will ensure that our agreement with the third party provides that such Personal Information may only be processed for limited and specified purposes consistent with the consent you provided and that the third party will provide the same level of protection as the DPF Program Principles and will notify us if it determines that it can no longer meet this obligation. In cases of onward transfer to third parties of data of EU, UK or Swiss individuals received pursuant to the EU-US DPF Program, UK Extension to EU-US DPF Program or Swiss-US DPF Program respectively, we are potentially liable.
We have implemented security policies, rules and technical measures to protect the Personal Information that we have under our control from unauthorized access, improper use or disclosure, unauthorized modification, unlawful destruction or accidental loss. Epoch utilizes HTTP Secure (HTTPS) and/or Transport Layer Security (TLS) when receiving and transmitting information electronically.
We protect Personal Information by maintaining physical, electronic and procedural safeguards in compliance with applicable US federal and state regulations. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Information only for those employees who require it to fulfill their job responsibilities.
Finally, your Personal Information is disposed by shredding paper records and by the use of the shred tool that ensures that any and all electronically stored files are permanently removed from hard disks and any other electronic media which are then also physically destroyed before being disposed.
We will take reasonable steps to ensure that all Personal Information that we collect is accurate, complete, current and reliable for its intended use and purpose which may include those that reasonably serve payment processing, customer relations, compliance and legal considerations, auditing, security and fraud prevention, preserving or defending our legal rights or other reasonable uses in this context. You may send updates and corrections about your Personal Information to [email protected] and we will make reasonable efforts to incorporate the changes in your Personal Information that we hold as soon as practicable. We will retain your Personal Information only for as long as it is necessary for purposes as identified above.
You may inquire about your Personal Information being held by Epoch by sending an email to [email protected] or by calling us at 1-800-893-8871/310-664-5810. Upon meeting certain security measures, Epoch shall provide you with a copy of the Personal Information that it keeps about you. Prior to completing your request, Epoch may require that you provide us with certain items as a proof of your identity. Epoch reserves the right to refuse a request where the burden or expense of providing access would be disproportionate to the risks to your privacy or where the rights of persons other than You would be violated.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Epoch commits to resolve DPF Principles-related complaints about our collection and use of your personal information. Epoch uses the self-assessment method of verification of compliance and is subject to the enforcement authority of the US Federal Trade Commission.
EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Epoch at: Epoch, Attn: Chief Privacy Officer, Summit Building, 3415 North Pines Way, Suite 206, Wyoming 83014, USA.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Epoch commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
If you do not receive a timely acknowledgment of your complaint regarding our compliance with the EU-US DPF Program Principles, UK Extension to the EU-US DPF Program Principles or Swiss-US DPF Program Principles from JAMS or if your complaint is not satisfactorily addressed through JAMS, EU and UK individuals may complain to the US Department of Commerce through the EU Data Protection Authority in the country in which you reside while Swiss individuals may complain to the US Department of Commerce through the Swiss Federal Data Protection and Information Commissioner in Switzerland.
If you do not receive a timely acknowledgment of your complaint regarding our compliance with the EU-US DPF Program, the UK Extension of the EU-US DPF Program Principles or Swiss-US DPF Program Principles from the US Department of Commerce or if your complaint is not satisfactorily addressed through the US Department of Commerce, EU and UK individuals may invoke binding arbitration with the DPF Panel to determine whether we have violated our obligations under the EU-US DPF Program Principles and the UK Extension to the EU-US DPF Program Principles. Swiss individuals may be able to invoke binding arbitration in the future with the Swiss Federal Data Protection and Information Commissioner in Switzerland.
You have the following data protection rights:
Epoch uses 'cookie' technologies on some portions of Epoch's Website. You are always free to decline our cookies if your browser permits it, although in that case you may not be able to use certain features on our Website. Epoch does not collect any personally identifiable information about your online activities over time and across third-party websites or online services.
Some of our third party service providers may use cookies to collect personally identifiable information about your online activities over time and across third-party websites. Please visit webcookies.info and each third party service providers' privacy policy for more information.
We have no access to information collected by third parties' cookies and third parties have no access to information collected by ours.
Any websites displayed to you by our Website as Internet search results or linked to Internet search results pages provided to you by our Website have been developed by third parties over which Epoch exercises no control. Such websites may send their own cookies to end users, collect data, or solicit personal information from you. Epoch is not responsible for the privacy practices or the content of such websites, including such websites' use of any information collected when you are directed to or click through to such websites. Even though such information might not identify you personally, we strongly encourage you to become familiar with the privacy practices of those websites.
We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements). When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
Epoch does not request, or knowingly collect Personal Information from children under the age of 13. Epoch does not give children the ability to post messages or otherwise distribute information about themselves through our Website or through any other means.
We may update or amend this Privacy Policy from time to time, to comply with law or to meet our changing business or legal requirements. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. Any updates or amendments will be posted on our Website. By continuing to access our Website, your access and use will be subject to these updates and amendments.
This page was last updated on 2024-04-03. We may change this policy from time to time, so please check periodically.