Privacy Policy

Effective date: October 5th, 2023

At Payitoff, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.

Remember that your use of Payitoff's Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.

What This Privacy Policy Covers

Overview:

You, as consumers, trust Instrumental Labs, Inc., dba Payitoff, Inc. (“Payitoff”, “we”, “us”, and “our”), with some of your most important personal and financial information, and we’re working hard to earn and keep your trust. A big part of that is maintaining your privacy. We believe you deserve transparency, education, choice, protection, and simplicity. Our goal is to help you take action to protect your privacy.

Scope:

This Privacy Policy ("Policy", "Privacy Policy", and "Privacy Notice") describes our policies, practices, and procedures regarding the use, sharing, storage, and protection of Personal Data (as defined below) we collect from users of our website, located at https://payitoff.io (the “Site"), services, software, content, and all other products and services (the foregoing, collectively, the “Services”) owned, controlled, or offered, directly or indirectly, by us. By accessing or using our Services in any manner, you agree to be bound by Payitoff's website's Terms of Use (the “Terms”). This Privacy Notice is incorporated into the Terms by this reference.

 

This Privacy Notice applies to Personal Data we have about you that identifies, relates to, describes, can be associated with, or could reasonably identify you as an individual. It includes data like your name, address, or email address, as well as less obvious data like demographic data, your IP address, and location data (where you are located). This Privacy Notice also applies to sensitive Personal Data, a category of Personal Data that includes things like your social security number and account log-in credentials. This Privacy Notice applies to all Personal Data we collect and use when you access or use our Services, or communicate or interact with us in any way, including mail, email, phone, chat, or social media.

 

This Privacy Notice does not apply to data that is not personal, like anonymous, de-identified, or aggregated data, even if it comes from Personal Data. This Privacy Notice does not cover people working with Payitoff in a business context, such as vendors or Payitoff for business customers.

Types of Data We Collect

We collect information, including Personal Data, to provide better our Services to our users.

“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, e-mail address, or financial account number, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.  “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. 

We collect personal data about you in three primary ways:

  • Information You Provide to Us, like when you create an account with  Payitoff.

  • Automatically  from your use of our products and services, like data associated with using our Services.

  • From other sources, like information from financial institutions, data providers, marketing partners, credit agencies, and more.

Information You Provide to Us

You may provide information directly to us:

  • When you create an account or access and use our Services.

  • When you voluntarily provide information in free-form text boxes through the Services.

  • When you send us an email or otherwise contact us.

This information can include:

  • Contact and account information, like your name, usernames, passwords, address, telephone number, and email address.

  • Authentication and security information, like your government identification, Social Security number, security codes, and signature.

  • Demographic information, like your age, gender, veteran status, and date of birth.

  • Payment information, like your credit card, debit card, and bank account number.

  • Preference information, including preferences related to marketing, advertising, communications, and participation in  Payitoff  programs.

  • Sensitive Personal Data.

  • Other information you choose to provide, like when you contact us.

‍Personal Data We Collect Automatically

  • Information Collected by Our Servers.  To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.

  • Log Files.  As is true of most websites, we gather certain information automatically and store it in log files.  This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data.  We use this information to analyze trends, administer the Site, track users’ movements around the Site, gather demographic information about our user base as a whole, and better tailor our Services to our users’ needs.  For example, some of the information may be collected so that when you visit the Site or the Services again, it will recognize you and the information could then be used to serve advertisements and other information appropriate to your interests.  Except as noted in this Privacy Policy, we do not link this automatically-collected data to Personal Data.

  • Cookies.  Like many online services, we use cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website.  We may use both “session Cookies” (which expire once you close your web browser) and “persistent Cookies” (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs.

  • Web Beacons. Parts of our Services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

  • Clickstream Data. Clickstream data is information collected by our computers when you request web pages from the Site. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Site, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Site.

  • Google Analytics.  We use Google Analytics to help analyze how users use the Site.  Google Analytics uses Cookies to collect information such as how often users visit the Site, what pages they visit, and what other sites they used prior to coming to the Site. We use the information we get from Google Analytics only to improve our Site and Services. Google Analytics collects only the IP address assigned to you on the date you visit the Site, rather than your name or other personally identifying information.  We do not combine the information generated through the use of Google Analytics with your Personal Data. Although Google Analytics plants a persistent Cookie on your web browser to identify you as a unique user the next time you visit the Site, the Cookie cannot be used by anyone but Google.  Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can learn more about how Google uses data collected via Google Analytics by visiting this website.

‍Personal Data We Collect From Other Sources

We may collect personal data about you from other sources.

  • We may collect information (such as credit scores, bank account information, and account balances) from financial institutions and credit reporting agencies, and in those instances, we’ll disclose the nature of our collection and obtain your consent when required. 

  • We may collect information from public records. 

  • We may use third parties, including  analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.

  • We may use vendors to obtain information to generate leads and create user profiles. If you sign into the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us.

  • We may obtain personal data from our Business Partners, or from student loan servicers and government agencies.  Such information may include personal information and student loan information which you authorize us to import or receive from third parties. 

  • We may use the services of our Business Partners to collect additional Personal Data, or supplement and/or enrich Personal Data you have previously provided to us.

How We Use Your Data

We use your Personal Data for a lot of reasons, such as:

  • To create, manage, and administer accounts, and to complete transactions, payments, billing, and requests related to our Services and third-party products and services;

  • To provide, develop, customize, and personalize products and services, respond to your inquiries, conduct surveys, and perform our contractual obligations;

  • To authorize access to our Site and Services;

  • To conduct research and create reports from analysis of usage patterns and trends and to deidentify or aggregate Personal Data to create business and market analysis and reports;

  • To detect and help protect against security incidents and illegal, fraudulent, or unauthorized activities;

  • To investigate suspicious traffic, cybersecurity threats or vulnerabilities, complaints, and claims;

  • To authenticate your credentials for account access and information and provide other security protections;

  • To process of payments, including fraud detection and prevention, optimizing valid transactions, communications regarding such payments, and related technical and customer service;

  • To protect you and others from fraudulent, malicious, deceptive, abusive, or unlawful activities;

  • To debug and repair errors and help maintain and improve the quality and safety of our Services;

  • To verify the identity of our users in order to comply with fraud monitoring, prevention and detection obligations, laws associated with the identification and reporting of illegal and illicit activity, such as AML (Anti-Money Laundering) and KYC (Know-Your-Customer) obligations, and financial reporting obligations. For example, we may be required to record and verify a user’s identity for the purpose of compliance with legislation intended to prevent money laundering and financial crimes. These obligations are imposed on us by the operation of law, industry standards, and by our financial partners, and may require us to report our compliance to third parties, and to submit to third party verification audits;

  • To cooperate with law enforcement and protect the rights, interests, safety, or property of Payitoff and others;

  • To comply with, defend, pursue, and enforce applicable legal and regulatory obligations and respond to governmental requests; and

  • To enforce our policies, terms and conditions, or other agreements.

When We Disclose Your Data

We may disclose your Personal Data with others as follows:

With your consent or at your direction

We may disclose your Personal Data to third parties with your consent, which we may get in writing, online, electronically, or orally. We may also share your Personal Data with third parties when you tell us to or when you use our Services to interact with third parties, whose separate privacy notices apply to the information that we share.

To our service providers
We use service providers who may need access to your Personal Data to do work for us. They’re contractually required to treat your Personal Data as private and confidential and to use it only to provide the services we requested. Examples of the service providers we use include print, mail, or email vendors, web hosting vendors, cloud service providers, financial institutions, data aggregators, and payment facilitators.

To other third parties
We disclose Personal Data to third parties for uses described in this Privacy Notice or for purposes you have requested. For example, we may share Personal Data with credit bureaus and similarly regulated entities, banks, and payment processors to help us provide you with the Services you have requested. If you interact with third parties, like content providers who operate video channels or apps through our Services, we may facilitate the transfer of your Personal Data for those services. These third parties have their own privacy notices that apply to their use of the information we share.

For identity verification and fraud prevention services
To help protect our customers and others from fraudulent use of our Services, we share Personal Data (like name, address, or account status) or risk scores derived from such data with entities such as banks or with entities that provide fraud prevention services to Payitoff.

In a business transfer or transaction
We may disclose or transfer Personal Data about you as part of a corporate business transaction, like a merger or acquisition, divestiture, sale of company assets, or in the event of insolvency, bankruptcy, or receivership. In these cases, Personal Data could be transferred to third parties as a business asset.

For legal process and protection
We may disclose Personal Data to third parties, including government authorities, for legal processes or protection of life and safety where we believe that access, use, preservation, or disclosure of the information is reasonably necessary, including:

  • To comply with laws, regulations, legal process or to respond to lawful requests

  • To enforce or apply agreements, or initiate, render, bill, and collect for products and services (including disclosure to collection agencies to obtain payment)

  • To protect the rights, interests, property, or safety of Payitoff, our customers, and others

  • In connection with claims, disputes, or litigation

  • To protect you or others from fraudulent, abusive, or unlawful use of these services, and other fraudulent activity

Notice to California Residents - Your California Privacy Policy

 (AS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83) A CALIFORNIA RESIDENT WHO HAS PROVIDED PERSONAL DATA TO A BUSINESS WITH WHOM HE/SHE HAS ESTABLISHED A BUSINESS RELATIONSHIP FOR PERSONAL, FAMILY, OR HOUSEHOLD PURPOSES (A “CALIFORNIA CUSTOMER”) MAY REQUEST INFORMATION ABOUT WHETHER THE BUSINESS HAS DISCLOSED PERSONAL INFORMATION TO ANY THIRD PARTIES FOR THE THIRD PARTIES’ DIRECT MARKETING PURPOSES.  IN GENERAL, IF THE BUSINESS HAS MADE SUCH A DISCLOSURE OF PERSONAL DATA, UPON RECEIPT OF A REQUEST BY A CALIFORNIA CUSTOMER, THE BUSINESS IS REQUIRED TO PROVIDE A LIST OF ALL THIRD PARTIES TO WHOM PERSONAL DATA WAS DISCLOSED IN THE PRECEDING CALENDAR YEAR, AS WELL AS A LIST OF THE CATEGORIES OF PERSONAL DATA THAT WERE DISCLOSED.  CALIFORNIA CUSTOMERS MAY REQUEST FURTHER INFORMATION ABOUT OUR COMPLIANCE WITH THIS LAW BY E-MAILING SUPPORT@PAYITOFF.IO.  PLEASE NOTE THAT WE ARE REQUIRED TO RESPOND TO ONE REQUEST PER CALIFORNIA CUSTOMER EACH YEAR AND WE ARE NOT REQUIRED TO RESPOND TO REQUESTS MADE BY MEANS OTHER THAN THROUGH THIS E-MAIL ADDRESS.

User Consent

By submitting Personal Data through our Site or Services, you agree to the terms of this Privacy Policy and you expressly consent to the collection, use and disclosure of your Personal Data in accordance with this Privacy Policy. This consent is effective until you revoke it. You can revoke this consent at any time by emailing us at support@payitoff.com with “Privacy” in the subject line.

Privacy and Children’s Use

This Website is not for use by any individuals under the age of 18.  We do not intentionally gather Personal Data from visitors who are under the age of 18.  If a minor under the age of 18 submits Personal Data to us, we will attempt to delete the information as soon as possible.  If you believe that we might have any Personal Data from a child under 18, please contact us at support@payitoff.io.

How We Protect Your Data

Payitoff is committed to protecting the security of your Personal Data.  We use administrative, technical, contractual, and physical safeguards designed to protect your Personal Data. For example, when you contact us by phone, we have procedures in place to verify that you have the authority to access your information, make changes to your account, or adjust your business relationship with Payitoff.

We can’t guarantee our safeguards will prevent every unauthorized attempt to access, use, or disclose Personal Data. Be sure to use a strong password to access your information and not one you use for other services. You should also use multi-factor authentication where possible. 

No transmission over the Internet, or electronic storage, is 100% secure, however. Therefore, while we use reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security.

Browser or Platform Controls

Cookie Choices

Most web browsers can be set to detect or reject Cookies. Each browser is different, so check the “Help” menu of your browser settings to learn how to change your Cookie preferences. If you reject Cookies, some things on our Site may not work properly.

Do Not Track

Do Not Track signals are a web browser setting or mechanism used to indicate that you do not want your online activity tracked. Because there is no universal standard of how to apply that setting, we currently do not honor them. 

Data Retention

We retain your Personal Data for business or tax needs, or other legal reasons. Under applicable law, we may be required to retain your Personal Data for certain statutory periods of time. We will use commercially reasonable efforts to delete your Personal Data upon the expiry of such statutory time periods.

Changes to This Privacy Policy

We keep this Privacy Notice up to date. When we make changes, we’ll let you know by updating this notice and include the date of update at the top of this page. If you continue interacting with us in a business context or continue to use our Services after we notify you, we’ll take that to mean you’re fine with the changes for any new data we collect. Those changes will not apply to previously collected Personal Data unless we get consent from impacted individuals. Continued use of our Site or Services following notice of such changes shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.

Contact Information

If you have any questions or comments about this Privacy Notice, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law.

You may contact us via email at support@payitoff.io or via US Postal Mail at Instrumental Labs, Inc., 27 E 28th St, New York City, NY 10016-7810