Privacy Policy

PayTollo Privacy Policy



This Privacy Policy tells you:

  • Who we are
  • Why we gather information about our customers
  • What types of personal information do we gather
  • How we learn about you from third parties
  • How we use your personal information
  • How we use customer information and categories of third party persons or entities with whom we may share customer information
  • How we keep your personal information secure
  • What personal information do we retain and what is your right of erasure
  • What are your other rights with respect to your personal information
  • How you may review or request changes to your personal information
  • About the PayTollo Privacy Policy and how we will notify you of any material changes in our Privacy Policy

 

Who we are:

PayTollo, Inc. is a subsidiary of Sirius XM Radio Inc. PayTollo collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the laws of the United States and we are responsible as controller of that personal information for the purposes of those laws.

Why we gather information about our customers:

We need to know some personal information about you to facilitate enrollment processing and account maintenance, and to better serve you. We may also need information from you and others to help us verify your identity in order to prevent fraud and ensure security.

What types of personal information do we gather:

In the course of performing our services we collect the following personal information when you provide it to us: (1) User Account / Profile Information (i.e., First Name, Last Name, Email, Phone Number, and Facebook ID); (2) Vehicle Information (i.e., License Plate Number(s) and Vehicle Make, Model, and Color); (3) Vehicle Enrollment Period Information; (4) Payment Method Information; (4) Wallet Transaction Information; (5) Toll Transaction Information (i.e., Transaction Time, Toll Plaza Location, License Plate Number and Vehicle Class); and (6) GPS Data.

The provision of the above-described personal data is required from you to enable us to provide our services. When the provision of such data is optional, we will inform you at the point of information collection.

PayTollo utilizes a payment processor that tokenizes raw credit card numbers on the client side. PayTollo stores the token, along with card-types, bin, the last four digits, and the cardholder name. PayTollo does not store raw credit numbers on its platform.

How we learn about you from third parties:

What we know about you we obtain from you. But we may also have to find out more about you from other sources in order to make sure that what we know about you is correct and complete. Those sources may include the Department of Motor Vehicles for the state of your vehicle plate and public records. Some of our sources may give us reports, and they may disclose what they know about you to others.

How we use your personal information:

PayTollo collects and uses information to enable reliable and convenient toll payment services. We also use the information we collect:

  • for customer support;
  • for research and development; 
  • to provide promotions or contests; and in connection with legal proceedings.

 
PayTollo uses the information we collect for customer support to assist you when you contact our customer support services to investigate & address your concerns.

PayTollo may use the information we collect for research and development for testing, research, analysis and product development. This allows us to improve and enhance our services, and develop new features and products.
to provide promotions or contests.

PayTollo may share your personal information with third parties such as tolling agencies, only to the extent necessary to provide the services and features offered by the PayTollo app.

PayTollo does not sell or share your personal information to third parties for third party direct marketing purposes.

For each of these uses, we treat what we know about you confidentially. Our employees are required to take care in handling your information. They may get information about you only when there is good reason to do so. We take steps to make our computer databases secure and to safeguard the information we have about you.

How we use and disclose what we know about you and categories of third party persons or entities with whom we may share customer information:

We will only use your personal information and disclose it to others to the extent legally authorized. We may share your information to the extent legally authorized with third party entities such as law enforcement, government entities, and other toll operators as deemed necessary in order to:

  • Help us evaluate your request for a service
  • Help us process claims and other transactions
  • Confirm or correct what we know about you
  • Help us prevent fraud, money laundering, and other crimes by verifying what we know about you
  • Help us run our business
  • Process data for us
  • Perform research for us
  • Audit our business
  • Help us comply with the law

 
How we keep your personal information secure:

PayTollo has implemented appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

What personal information do we retain and what is your right of erasure:

PayTollo retains transaction data for up to seven years for reconciliation purposes, future due diligence and potential audits from our partner toll agencies.

For toll transaction records, this include license plates. For wallet transaction records, this includes credit card type and the last four digits of the credit card data.

All other account data is eligible for erasure upon user request.

Should you request that your account be deactivated, please know that toll transaction data for up to 120 days after toll crossing may still be processed by us.

What are your other rights with respect to your personal information:

In addition to the right of erasure, you have a number of other important rights. In summary, those include your rights to:

Access to your personal information and to certain other supplementary information that this Privacy Policy is already designed to address;

Require us to correct any mistakes in your information which we hold;

Object at any time to processing of personal information concerning you for direct marketing;

Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;

Object in certain other situations to our continued processing of your personal information;

Otherwise restrict our processing of your personal information in certain circumstances.


If you would like to exercise any of those rights, please email us at support@paytollo.com identifying the right(s) that you wish to exercise and provide us with enough information to contact you, so that we may resolve the issue. 

How you may review, change, or request changes to your personal information:

You may review, change, or request changes to your personal information by accessing your PayTollo account information online or you may email support@paytollo.com.

About the PayTollo Privacy Policy and how we will notify you of any material changes in our Privacy Policy:

The PayTollo Privacy Policy may be accessed on any page of PayTollo.com website. We reserve the right to modify this Privacy Policy at any time. If we make material changes to this policy, we will notify our customers and users via email, mail or by means of a notice on our website. Please revisit this website for the most recent Privacy Policy. PayTollo’s Privacy Policy is separate from and independent of any other privacy policies of Sirius XM Radio businesses.

Last updated 4/23/2019

CCPA-Specific Privacy Notice

 

Last Updated: January 1, 2020

 

  1. Your rights under the California Consumer Privacy Act of 2018 (CCPA)

 

This page contains a description of your rights and specific disclosures required by CCPA. CCPA applies to California residents only.  For additional information regarding our privacy practices, see our Privacy Policy.

 

Right to Opt-Out

 

We may sell your personal information to third parties.  You have the right, at any time, to direct us not to sell your personal information.  To opt out, visit Do Not Sell My Info.  We will act upon opt-out requests within 15 days of receipt, and will notify you and/or your authorized agent when the request has been processed.

 

Right to Know

 

Right to Disclosure of Categories of Information:  You have the right to request that we provide the following disclosures covering the 12-month period preceding our receipt of your request.

 

      The categories of personal information we have collected about you.

      The categories of sources from which personal information is collected.

      Our business or commercial purposes for collecting or selling personal information.

      The categories of third parties with whom we share personal information.

      The categories of personal information we have sold and the categories of third parties to whom the personal information was sold.

      The categories of personal information we have disclosed for a business purpose.

 

Right to Access Specific Pieces of Information:  You also have the right to request access to the specific pieces of personal information we have collected about you in the preceding 12 months, which we will deliver to you electronically, in a portable format where feasible.

 

Right to Deletion

 

You have the right to request deletion of the personal information about you that we have collected from you.  Please note that we are unable to delete information needed to:

 

      Continue to service your account if you maintain an active account with us, provide goods or services you’ve requested, or complete a transaction;

      Detect, prevent or prosecute security incidents, fraud, or other misuse;

      Identify, repair, and debug errors that impair our products, services, systems, or other functionality;

      Comply with legal or reporting obligations, including to pursue or defend legal claims, exercise or enable others to exercise any rights provided by law, enforce or comply with contractual obligations, respond to valid requests for information, and comply with or enforce applicable laws and regulations;

      Enable other internal uses consistent with your expectations based on your relationship with us or the context in which you provided the information; or

      Exercise or enforce any other exceptions provided by CCPA.

 

Nondiscrimination

 

If you exercise any of your rights under CCPA, you have the additional right not to be discriminated against, including by our (a) denying you goods or services, (b) charging you different prices or rates, including through the use of discounts or imposing penalties, (c) providing you a different level or quality of goods or services, or (d) suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.  We may, however, offer you a different price, rate, level, or quality of goods or services if the differential treatment is reasonably related to value provided to us by your data.

 

  1. How to submit requests

 

Submitting Requests

 

Requests to opt-out of sale, know, or delete must each be submitted separately. You can submit up to two requests to know and up to two requests to delete within a 12-month period.  To submit a request, visit this page.

 

Your request to delete your information will be a request from you to delete your account, since we retain such information only as is necessary to continue to service your account and deletion of information will render it impossible for us to provide services to you.  

 

Verification and Authorized Agents

 

For your protection, you must provide sufficient information to verify your identity in order for us to fulfill a request to access or delete personal information.

 

If you are submitting a request through an authorized agent, you must supply your agent with written permission to act on your behalf, and your agent must provide proof of such authorization before we will act upon the request.  If you are submitting a request to access or delete through an authorized agent, you must verify your identity directly with us through the process outlined above, unless your authorized agent is acting pursuant to a power of attorney under the California Probate Code.

 

  1. Collection and Sharing of Personal Information

 

Capitalized terms below will have the meanings set forth in our Privacy Policy and Terms of Use.  These disclosures cover the 12-month period preceding the date of this notice and reflect our current or anticipated practice unless otherwise noted.

 

Categories of Personal Information We Collect

 

We collect the following categories of personal information.  The information we collect is described further in Section 1 of our Privacy Policy, which you should review in addition to this list.

 

  1. Identifiers and contact information, including (1) User Account / Profile Information (i.e., First Name, Last Name, Email, Phone Number, and Facebook ID); (2) Vehicle Information (i.e., License Plate Number(s) and Vehicle Make, Model, and Color); (3) Vehicle Enrollment Period Information; (4) Payment Method Information; (4) Wallet Transaction Information; (5) Toll Transaction Information (i.e., Transaction Time, Toll Plaza Location, License Plate Number and Vehicle Class); and (6) GPS Data.PayTolloWe may also collect communications between you and us and any other information you provide to us.  We may collect the following additional information:

 

    1. Information we receive from third parties.  We may receive your personal and contact information, such as your name, address, VIN, telephone number and email address, from toll agencies or other third parties. 

 

    1. Vehicle and geolocation information collected automatically through the PayTollo app. 

 

    1. Usage and mobile device information collected through the Site.  We and third party service providers may collect certain types of usage information when you visit our Site, read our emails, or otherwise engage with us.  We use this information to enhance and personalize your user experience, to monitor and improve our websites, provide custom and personalized content, and for other internal purposes.  In some instances, we and third party service providers may combine this usage information with personal information.  We typically collect this information through a variety of tracking technologies, including cookies, web beacons, embedded scripts, location-identifying technologies, file information, and similar technology (collectively, “tracking technologies”).  We, and our third party service providers, use tracking technologies to automatically collect usage and mobile device information, such as:

 

§  Information about your mobile device and its software, such as your IP address, browser type, Internet service provider, mobile device type/model/manufacturer, operating system, date and time stamp, and a unique ID that allows us to uniquely identify your browser, mobile device, or your account (including, for example, a persistent device identifier or an Ad ID), and other such information.  We may also work with third parties to employ technologies, including the application of statistical modeling tools, which permit us to recognize and contact you across multiple devices.

§  Information about the way you access and use our Site, for example, the site from which you came and the site to which you are going when you leave our Site, the pages you visit, the links you click, whether you open emails or click the links contained in emails, whether you access the Site from multiple devices, and other actions you take on the Site.

§  Information about your location collected on the Site via cookies and other tracking technologies, including GPS coordinates (e.g., latitude and/or longitude) or similar information regarding the location of your mobile device, or we may be able to approximate or infer a mobile device’s location by analyzing other information, like an IP address.

    1. Analytics information.  We may collect analytics data or use third-party analytics tools such as Google Analytics to help us measure traffic and usage trends for the Site and to understand more about the demographics of our users.  You can learn more about Google’s practices at http://www.google.com/policies/privacy/partners and view its currently available opt-out options at https://tools.google.com/dlpage/gaoptout.

 

e.     Other.  Except as stated above, we do not collect postal addresses or telephone numbers in the regular course of business, but we may collect this information if you’ve provided it to us in postal mail or email correspondence, to assist in resolving a customer support request, or in connection with a special offer or event.

  1. Payment information, if you purchase a product or service directly from PayTollo.  If you pay with a credit card, this includes the first and last four digits of your payment card, card expiration date, billing zip code, and a secure payment token associated with your payment card, which is used for renewal billing.  If you pay with PayPal, we receive identifiers associated with your billing agreement and transactions, as well as a secure payment token that enables us to bill you through PayPal.

 

Business or Commercial Purposes for Collection, Use, and Sharing of Personal Information

 

PayTollo collects, uses, and shares personal information for the following business and commercial purposes:

 

  1. Auditing, including counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, performing advertising frequency capping, tracking advertising conversion events, and auditing compliance with laws and other standards.
  2. Security, including detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, prosecuting those responsible for that activity, conducting risk management, and to otherwise protect the safety and security of PayTollo users or members of the public.
  3. Debugging to identify, prevent, and repair errors that impair or may impair the PayTollo app.
  4. Performing services including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of a business or service provider. PayTollo collects, uses, and shares personal information for a number of purposes related to performing or obtaining services on PayTollo’s behalf, including:
    1. To facilitate the creation of and secure your account on the PayTollo app.
    2. To provide all aspects and features of the PayTollo app, as described in our Privacy Policy.
    3. To customize and personalize the content, including advertising, we deliver to you both on the PayTollo app and on other services offered by third parties.
    4. To fulfill your requests for certain products and services, such as distributing electronic newsletters and enabling you to participate in and renew paid services, surveys, and public forums.
    5. To send you information that you requested or agreed to receive.
    6. To alert you to the latest developments and features on our Service and to notify you of administrative information, such as security or support and maintenance advisories.
    7. To invite you to participate in events or special promotions related to products we think you may like or in which you may be interested.
    8. To provide advertisements and related content.
    1. To customize and personalize the advertising we deliver to you both on the Service and on other services offered by our publishing partners.
  1. Undertaking internal research for technological development and demonstration.
  2. Improving and maintaining quality of service, including undertaking activities to verify or maintain the quality or safety of the PayTollo app, improving the PayTollo app, upgrading our infrastructure, enhancing the user experience, and developing new products and services.
  3. Commercial purposes, such as marketing and promoting the use of and subscriptions to the PayTollo app.
  4. Legal purposes, such as protecting or defending the legal rights or property of PayTollo, or the legal rights of third parties, employees, agents, and contractors (including enforcement of our agreements), and complying with the law, legal process, or legal and government requests.

 

Categories of Sources of Personal Information

 

We collect the personal information listed above from the following categories of sources. Additional information about these categories is provided in our Privacy Policy.

 

  1. PayTollo users, as disclosed in Section 1 of our Privacy Policy.
  2. Service providers that provide or make available advertising, features and functionality, and content on or through the PayTollo app.
  3. Governmental or quasi-governmental agencies or organizations that provide or make available, to the public, census and demographic data.
  4. Related Companies, including our parent corporation, Sirius XM Radio Inc. ("Sirius XM"), and its subsidiaries.

 

Categories of Third Parties With Whom We Share Personal Information

 

  1. PayTollo users and other individuals with whom you may share personal information using the PayTollo app.
  2. Service providers that provide specialized services, or provide or make available features, functionality, and content on or through the PayTollo app, such as those listed below.
    1. Payment processors
    2. Customer verification providers
    3. Privacy, security and fraud detection providers
    4. Platform technology providers
    5. Manufacturers and distributors
    6. Marketing providers and bulk email processors who send out emails on our behalf
  3. Advertising entities such as advertisers and advertising agencies that serve advertisements and/or marketing offers to their customers on the PayTollo app.
  4. Governmental or quasi-governmental agencies or organizations that make valid legal requests for information or to whom PayTollo shares information to protect or defend the legal rights or property of PayTollo, or the legal rights of third parties, employees, agents, and contractors (including enforcement of our agreements).
  5. Related Companies, including our parent corporation Sirius XM and its subsidiaries, or any successors in interest in the event of a corporate reorganization, merger, or sale of all or substantially all of our assets.
  6. Litigants or other parties to legal proceedings that make valid legal requests for information or to whom PayTollo shares information to protect or defend the legal rights or property of PayTollo, or the legal rights of third parties, employees, agents, and contractors (including enforcement of our agreements).
  7. Other authorized third parties, if you have given permission for us to share data about you with them. For example, if you participate as a panelist in a survey with an analytics company, you may, as part of your agreement with that company, have authorized that company to receive data from us about you.

 

Table 1: Collection and Sharing of PI

 

For each category of personal information (PI) we collect, this table lists the categories of sources from which that information is collected, the business or commercial purposes for which we collect and use the information, and the categories of third parties with whom we share the information.

 

Category of PI

Sources of PI

Business Purposes

Third Parties

Identifiers and Contact Information

PayTollo users; service providers; advertising entities; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo marketing; and service providers; advertising entities; related companies; litigants or other parties to legal proceedings; other authorized third parties

Payment information

PayTollo users; service providers; related companies

Auditing; security; performing services; improving and maintaining quality of service; legal purposes

Service providers; related companies; other authorized third parties

Non-inferred characteristics

PayTollo users; service providers; advertising entities; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities;; related companies; litigants or other parties to legal proceedings; other authorized third parties

Commercial information

PayTollo users; service providers; advertising entities; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

Sales team and field support team; service providers; advertising entities; related companies; litigants or other parties to legal proceedings; other authorized third parties

Internet or other activity information

PayTollo users; service providers; advertising entities; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; related companies; litigants or other parties to legal proceedings; other authorized third parties

Geolocation data

PayTollo users

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; legal purposes

PayTollo users, service providers; governmental or quasi-governmental agencies or organizations; related companies; litigants and other parties to legal proceedings; other authorized third parties

Inferences

PayTollo users; service providers; advertising entities; other users; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

Service providers; advertising entities; related companies; other authorized third parties

Other personal information

PayTollo users; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; related companies

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; related companies; litigants or other parties to legal proceedings; other authorized third parties

 

  1. Disclosure and Sale of Personal Information

 

Table 2: Disclosure of Personal Information

 

PayTollo has disclosed personal information to third parties for a business or commercial purpose in the preceding 12 months, as those terms are defined in CCPA.

 

For each category of personal information (PI) we collect, this table lists the categories of third parties to whom we disclose PI and the business or commercial purposes for doing so.

 

Category of PI

Business Purposes

Third Parties

Identifiers and Contact Information

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; applications, or services; related companies; litigants or other parties to legal proceedings; other authorized third parties

Payment information

Auditing; security; performing services; improving and maintaining quality of service; legal purposes

Service providers; related companies; other authorized third parties

Non-inferred characteristics

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; applications, or services; related companies; litigants or other parties to legal proceedings; other authorized third parties

Commercial information

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

Service providers; advertising entities; related companies; litigants or other parties to legal proceedings; other authorized third parties

Internet or other activity information

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; third-party social media websites, applications, or services; related companies; litigants or other parties to legal proceedings; other authorized third parties

Geolocation data

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; legal purposes

Service providers; governmental or quasi-governmental agencies or organizations; related companies; litigants and other parties to legal proceedings; other authorized third parties

Inferences

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

Service providers; advertising entities; marketing companies and data providers; related companies; other authorized third parties

Other personal information

Auditing; security; debugging; short-term, transient use; performing services; undertaking internal research; improving and maintaining quality of service; commercial purposes; legal purposes

PayTollo users and other individuals; service providers; advertising entities; governmental or quasi-governmental agencies or organizations; related companies; litigants or other parties to legal proceedings; other authorized third parties

 

 

Table 3: Sale of Personal Information

 

PayTollo has not sold personal information to any third party for a business or commercial purpose in the preceding 12 months, as those terms are defined in CCPA.

 

 

* * *

 

If you have any questions about any of the information on this page, contact us at Support@PayTollo.com.