Privacy Policy
How MangoErrands Global Payments collects, uses, protects, and shares personal information across our sites and services.
INTRODUCTION
At MangoErrands Global Payments ("MangoErrands," "we," "us," or "our"), trust is the foundation of our relationship with customers, vendors, and partners. We understand your desire for privacy, and we recognize that you trust us with your personal information. This Privacy Policy describes our privacy practices and principles in a format that is easy to navigate, read, and understand. We are dedicated to treating your personal information with care and respect.
1. ONLINE PRIVACY POLICY
MangoErrands Global Payments, a Delaware C-Corporation (dba MangoErrands Payments), has established this privacy policy ("Privacy Policy") to let you know:
The kinds of information we may gather on MangoErrands websites and any applications where this Privacy Policy is posted ("Site" or "Sites")
How and why we gather the information
What we use the information for
When we might disclose the information
Important Note: If you or the entity you are authorized to represent (collectively, "you" or "your") have previously entered into a services agreement with MangoErrands that governs the provision of transaction processing services ("Services Agreement"), the Services Agreement, not this Privacy Policy, governs each party's rights and obligations with respect to Cardholder Data, Transaction-related information (as those terms are defined in the Services Agreement) and other information gathered or submitted in connection with the transaction processing services provided under the Services Agreement. If the same information is both gathered by the Site and gathered or submitted in connection with the transaction processing services, the terms of the Services Agreement shall control.
By using the Site, you are accepting the practices described in this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use the Site.
We reserve the right to modify or amend the terms of our Privacy Policy from time to time. We will post any Privacy Policy changes on this page, and if the changes are material, we will provide a more prominent notice. Your continued use of the Sites following the posting of changes to these terms will mean you accept those changes. If we intend to apply the modifications or amendments retroactively or to personal information already in our possession, we will provide you with notice of the modifications or amendments and, if required by law (including GDPR, CPRA, and Jamaica DPA), obtain your consent.
2. WHAT INFORMATION ABOUT ME IS COLLECTED
The information we collect about you falls into general categories: information you provide to us, information that is automatically collected about you when you use one of our Sites, and information we gather from other third parties. This information may be Personal Information or Anonymous Information as described below.
Personal Information
Personal Information refers to information that identifies (whether directly or indirectly) a particular individual or business entity. Examples may include:
Your name
Postal address
Email address
Telephone number
Transaction records
IP address
Important: We do not collect or store full payment card details, bank account numbers, Social Security numbers, or tax identification numbers directly. All payment information is collected by our third-party payment processor, Stripe (see Section 7 below).
Sensitive Personal Information
Sensitive Personal Information (as defined by laws like CPRA and Jamaica DPA) includes information such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health data, or sexual orientation. We do not collect Sensitive Personal Information through our platform.
Anonymous Information
Anonymous Information means information that does not directly or indirectly identify, and cannot reasonably be used to identify, a particular individual or business. Examples may include:
Information about your internet browser
Device information (including unique device ID and non-precise geolocation)
Demographic data
Usage information and traffic data
3. HOW WE COLLECT INFORMATION
We collect information when you
Provide this information to us directly (e.g., when you request products, register, submit an application for services, or contact customer support)
Interact with our Sites through technology (e.g., cookies, Flash cookies, and Web beacons)
We receive information about you from other online and offline sources, such as public databases and other third parties
Online Tracking Technologies (Cookies)
We and our service providers use cookies, pixel tags, web beacons, and similar tracking technologies to collect information about your browsing activity on our Sites. These technologies help us:
Recognize your device and remember your preferences
Analyze site usage and improve functionality
Deliver personalized content and advertising (where permitted)
Maintain security and detect fraudulent activity
Types of Cookies Used
Essential Cookies: Required for the Site to function. Examples are session cookies and authentication cookies.
Analytics Cookies: To understand traffic and user behavior. Examples are Google Analytics.
Functional Cookies: To remember your preferences. Example is User preference cookies. Marketing Cookies: For targeted advertising. We do not currently use marketing cookies.
You can manage your cookie preferences through our cookie consent banner, your browser settings, or tools such as the Digital Advertising Alliance opt-out page (https://www.aboutads.info/choices/). Note that disabling certain cookies may affect Site functionality.
Our Sites do not respond to "Do Not Track" signals at this time. We are evaluating DNT compliance and will update this policy accordingly.
4. LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION
For users in jurisdictions with comprehensive data protection laws (such as the EEA, UK, Canada, or Jamaica), we process your Personal Information only when we have a legal basis to do so. The legal bases we rely on include:
Contractual Necessity: Processing necessary to perform our contract with you or to take steps at your request before entering into a contract
Legal Obligation: Processing necessary for compliance with a legal obligation to which we are subject
Legitimate Interests: Processing necessary for our legitimate business interests (e.g., fraud prevention, analytics)
Consent: Processing based on your explicit consent, which you may withdraw at any time
5. HOW WE USE YOUR INFORMATION
We use the information we collect to help us personalize and continually improve your experience on the Site.
Purpose of Use and Legal Basis
Evaluate your application for Services: Contractual Necessity
Support MangoErrands' legal compliance obligations: Legal Obligation
Provide you with access to the Sites and communicate with you about your account: Contractual Necessity
Optimize or improve our products, services, and operations: Legitimate Interests
Detect, investigate, and prevent activities that may violate our policies or be illegal (e.g., fraud prevention): Legal Obligation & Legitimate Interests
Send you newsletters, offers, and promotions for our services: Consent or Legitimate Interests (with opt-out)
Perform statistical, demographic, and marketing analyses: Legitimate Interests
6. AUTOMATED DECISION-MAKING AND PROFILING
We use automated decision-making for fraud detection and risk assessment. This involves analyzing transaction patterns, location data, and device information to identify potentially fraudulent activity.
How it works
Our system evaluates each transaction against risk parameters
If a transaction is flagged as potentially fraudulent, it may be declined
You have the opportunity to contact customer support for a manual review
Your Rights: You have the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects. To contest an automated decision or request human intervention, please contact us at legal@MangoErrands.com.
7. PAYMENT PROCESSING (STRIPE DISCLOSURE)
This section is critical to understanding your payment data.
All payments on the MangoErrands platform are processed by Stripe, our third-party payment processor. Stripe acts as the Merchant of Record.
What this means for you
When you make a payment, your payment details are collected directly by Stripe
We do not collect, store, or have access to your full payment card information
We do not collect bank account numbers, Social Security numbers, or tax identification numbers
Stripe's Role: Stripe is an independent Data Controller for certain aspects of the data they collect. For more information about Stripe's privacy practices, please review their privacy policy: https://stripe.com/privacy
8. WHO DO WE SHARE YOUR INFORMATION WITH
Except as disclosed in this Privacy Policy, we do not disclose Personal Information collected through the Site to any companies not part of MangoErrands or its parent, subsidiaries, or related entities.
Service Providers
We share Personal and Anonymous Information with third-party service providers (e.g., hosting, billing, fraud protection). These entities are restricted from using, selling, distributing, or altering this data in any way other than to provide the requested services. Our third-party service providers are bound by Data Processing Agreements that require them to process Personal Information only in accordance with our instructions and to implement appropriate security measures.
Business Partners
To the extent permitted under applicable laws, we may share your Personal Information with our affiliated banks or business partners to serve your processing needs.
Emergency Situations / Legal Compliance
We may disclose Personal Information if required by law or in the good-faith belief that such action is necessary to protect rights, property, or public safety.
International Transfers
The Site is operated from the United States. Your Personal Information is therefore collected and processed primarily in the United States, which may not offer the same level of data protection as your home jurisdiction.
For transfers of Personal Information from the EEA, UK, Jamaica, or other jurisdictions with adequacy or localization requirements, we implement appropriate safeguards, including:
Standard Contractual Clauses (SCCs) approved by the European Commission (or UK equivalent)
Transfer Impact Assessments (TIAs)
Encryption and access controls
Data Processing Agreements with all sub-processors
For more information about international data transfers and the safeguards we implement, please contact us at legal@MangoErrands.com.
By using our Site and Services, you acknowledge and consent to the transfer, storage, and processing of your information in the United States, subject to the safeguards described above.
9. DATA BREACH NOTIFICATION
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms:
We will notify the relevant supervisory authorities without undue delay (and, where feasible, within 72 hours)
Where the breach is likely to result in a high risk to you, we will also communicate the breach to you as soon as reasonably practicable
Our notification will include a description of the breach, likely consequences, and measures taken
We maintain a written Data Breach Response Plan that is reviewed and updated regularly.
10. DATA RETENTION PERIOD
We retain your Personal Information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law.
Data Type and Retention Period
Transaction records are retained a minimum of seven (7) years (for AML and financial reporting compliance)
Marketing and preference data are retained for two (2) years after your last interaction, unless you request earlier deletion
Account data is retained until account closure, plus statutory retention periods
Cookies and analytics are retained up to two (2) years
11. YOUR GLOBAL PRIVACY RIGHTS
Depending on your location, you may have the following rights (subject to legal limitations):
Right to Know/Access: You may request access to the Personal Information we hold about you
Right to Rectification: You may request correction of inaccurate or incomplete data
Right to Deletion/Erasure: You may request deletion of your data in certain circumstances
Right to Object/Opt-Out: You may object to processing based on legitimate interests or direct marketing
Right to Restriction: You may request restriction of processing in certain circumstances
Right to Data Portability: You may request a copy of your data in a structured, machine-readable format
Right Not to be Subject to Automated Decision-Making: You may contest automated decisions
How to Exercise Your Rights
To exercise your data protection rights, please submit a written request to:
Email: legal@MangoErrands.com
We will respond within one (1) month of receipt. If your request is complex, we may extend this period by a further two (2) months, and we will notify you of the extension within the initial one-month period.
12. CHILDREN'S PRIVACY
Our Site and Services are not directed to children under the age of 16 (or such lower age as may apply in your jurisdiction, but not below 13).
We do not knowingly collect personal information from children under 16
If you believe we have collected information about your child, please contact us immediately and we will delete it
In the United States, we comply with COPPA (Children's Online Privacy Protection Act)
13. CALIFORNIA PRIVACY RIGHTS ACT (CPRA) NOTICE
Categories of Personal Information Collected
Under the California Privacy Rights Act (CPRA), we collect the following categories:
Identifiers: Name, email address, phone number, IP address
Commercial Information: Transaction records
Financial Information: We do not collect financial information directly (Stripe collects payment data)
Internet Activity: Browsing history, cookie data
Geolocation Data: Non-precise location (e.g., city-level from IP address)
Sensitive Personal Information: We do not collect sensitive Personal Information
Sharing and Selling
We do not sell your personal information for monetary consideration
We do not share your personal information for cross-context behavioral advertising
We do not use sensitive personal information for purposes other than those permitted by law
Your California Rights
You have the right to
Request access to your personal information (twice per 12-month period, free)
Request deletion of your personal information
Request correction of inaccurate information
Opt out of any sale or sharing of personal information (not applicable)
Limit use of sensitive personal information (not applicable)
How to Exercise Your California Rights
Contact us at legal@MangoErrands.com. We respond within 45 days of receipt of a verifiable request.
14. COMPLIANCE WITH THE JAMAICA DATA PROTECTION ACT (DPA) 2020
We process personal data in accordance with the eight data protection standards under the Jamaica Data Protection Act, 2020:
The Standard and How We Comply
Fairness and Lawfulness: We process data only on valid legal bases
Purpose Limitation: We collect data only for specified, explicit purposes
Data Minimization: We collect only what is necessary
Accuracy: We maintain procedures to keep data accurate
Storage Limitation: We retain data only as long as necessary
Security: We implement appropriate technical and organizational measures
Rights of Data Subjects: We facilitate exercise of rights as described in Section 11
Accountability: We maintain records of processing activities
Right to Complain to the Office of the Information Commissioner (Jamaica)
If you are located in Jamaica and believe we have not handled your Personal Data in accordance with the Jamaica Data Protection Act, 2020, you have the right to lodge a complaint with the:
Office of the Information Commissioner
6th Floor, PanJam Building
60 Knutsford Boulevard
Kingston 5
Jamaica
Website: oic.gov.jm
15. DATA PROTECTION OFFICER (DPO) CONTACT
We have designated a Data Protection point person responsible for overseeing our privacy compliance.
Data Protection Contact
Email: legal@MangoErrands.com
Mail: MangoErrands Global Payments
Attn: Data Protection / Compliance
135-12 245th St
Rosedale, NY 11422
United States
16. CONTACT US
Data Controller
MangoErrands Global Payments (dba MangoErrands Payments)
A Delaware C-Corporation
Attn: Compliance / Privacy Officer
135-12 245th St
Rosedale, NY 11422
United States
Email: legal@MangoErrands.com
Regional Representatives
Jamaica Representative (for Jamaican Data Subjects)
MangoErrands Global Payments
c/o 18 Cheltenham Drive
Kingston 10
Jamaica
Email: legal@MangoErrands.com
EU/UK Representative
MangoErrands EU Compliance Rep
c/o Legal Department
Email: legal@MangoErrands.com
17. CHANGES TO THIS PRIVACY POLICY
We reserve the right to update this Privacy Policy from time to time. If we make material changes:
We will post the updated policy on this page
We will provide a more prominent notice (e.g., email notification or website banner)
If required by law, we will obtain your consent
We encourage you to review this Privacy Policy periodically for any changes.