Privacy Policy
This Policy was last modified on 30 January 2011.
The Privacy Policy governs your FireFlash account and any information you provide on this site.
Overview
In order to operate and/or utilise the FireFlash services and to reduce the risk of fraud, FireFlash (South Africa) Ltd ("FireFlash" or "we") must ask you to provide us information about yourself and your credit or debit card and/or bank account. This Privacy Policy describes the information we collect and how we use that information. FireFlash takes the privacy of your personal information very seriously and will use your information only in accordance with the terms of this Privacy Policy. We will not sell or rent your personally identifiable information or a list of our customers to third parties. However, as described in more detail in Part C below, there are limited circumstances in which some of your information will be shared with third parties, under strict restrictions, so it is important for you to review this Privacy Policy. This Privacy Policy applies to all products and services that are hosted on the FireFlash website, whether the services are offered by FireFlash or by its subsidiaries. Your privacy is important to us. By accepting the Privacy Policy and User Agreement in registration, you expressly consent to our use and disclosure of your personal information in the manner described in this Privacy Policy. This Privacy Policy is incorporated into and subject to the terms of the FireFlash User Agreement. Please note that your personally identifiable information will be stored and processed on our parent company's (FireFlash Inc) computers in South Africa. The laws on holding personal data in South Africa may be less stringent than the UK laws but as we explain below, we will hold and transmit your personal information in a safe, confidential and secure environment. If you object to your personal information being transferred or used as described in this Privacy Policy, please do not register for the FireFlash service.Notification of Changes
This policy may be revised over time as new features are added to the FireFlash service or as we incorporate suggestions from our customers. If we are going to use or disclose your personally identifiable information in a manner materially different from that stated at the time we collected the information, you will have a choice as to whether or not we use or disclose your information in this new manner. Any material changes will be effective only after we provide you by email with at least 30 days' notice of the amended Privacy Policy (if you have closed your FireFlash account, you will not be contacted to notify you of the amended Policy and your personal information will not be used or disclosed in this new manner). We will post the amended Privacy Policy prominently on our Website so that you can always review what information we gather, how we might use that information, and whether we will disclose it to anyone. Please check the FireFlash website at http://www.fireflash.co.za/ at any time for the most current version of our Privacy Policy.
Some pages on the FireFlash website include links to third party websites. These sites are governed by their own privacy statements, and FireFlash is not responsible for their operations, including but not limited to their information practices. Users submitting information to or through these third party Websites should review the privacy statement of these sites before providing them with personally identifiable information. A Special Note About Children. Children are not eligible to use our service and we ask that minors (under the age of 18) do not submit any personal information to us or use the service. Information We Collect Required Information To open a FireFlash account, you must provide your name, address, phone number, and email address. In order to make payments through FireFlash, you must provide credit card, debit card or bank account information (account information is required as soon as your total payments sent reach £1,000.00 GBP). We also ask you to choose two different security questions to answer (such as your city of birth or your pet's name) This required information is necessary for us to process transactions, issue a new password if you forget or lose your password, protect you against credit card fraud and current account fraud, and to contact you should the need arise in administering your account. We will also require your national insurance number if you send or receive certain high-value transactions or high overall payment volumes through FireFlash. If you choose to register or apply for certain optional features or products offered through FireFlash websites (including, without limitation the FireFlash GE credit card), you will be required to provide additional information to establish that you qualify for such features or products. Transaction Information When you use FireFlash to send money to someone else or request money from someone else, we ask you to provide information related to each transaction, including the amount of the transaction, the type of transaction (purchase of goods, purchase of services, or simple money transfer ("quasi-cash")) and the e-mail address or phone number of the third party. We retain this information for each of your transactions through FireFlash. We also collect the Internet address (IP address) of the computer or device you use to access your FireFlash account, in order to help detect possible instances of unauthorized transactions. Information About You From Third Parties In order to protect all our customers against potential fraud, we verify with third parties the information you provide. In the course of such verification, we receive personally identifiable information about you from such services. In particular, if you register a credit card or debit card with FireFlash, we will use card authorisation and fraud screening services to verify that your card information and address match the information that you supplied to FireFlash, and that the card has not been reported as lost or stolen. If you send or receive high overall payment volumes through FireFlash, in some circumstances we will conduct a background check on your business by obtaining information about you and your business from a credit bureau or a business information service such as Dun & Bradstreet. If you incur a debt to FireFlash, we will generally conduct a credit check on you by obtaining additional information about you from a credit bureau, to the extent permitted by law. FireFlash, at its sole discretion, also reserves the right periodically to retrieve and review a business and / or consumer credit report for any account, and reserves the right to close an account based on information obtained during this credit review process. Additional Verification 2.3 of 7 If we cannot verify the information that you provide, or if you request a withdrawal by cheque to an address other than your verified credit card billing address, we ask you to send us additional information by fax (such as your driving licence, credit card statement, and/or a recent utility bill or other information linking you to the applicable address), or to answer additional questions online to help verify your information. Website Traffic Information Because of the way that World Wide Web communication standards work, when you arrive at or leave the FireFlash website, we automatically receive the Web address of the site that you came from or are going to. We also collect information on which pages of our Website you visit while you are on the FireFlash site, the type of browser you use and the times you access our Website. We use this information only to try to understand our customers' preferences better and to manage the load on our servers, so as to improve our service and your experience with FireFlash. We do not track the Websites that you visit before or after you leave the FireFlash site. Our Use of "Cookies" "Cookies" are small files of data that reside on your computer and allow us to recognise you as a FireFlash customer if you return to the FireFlash site using the same computer and browser. We send a "session cookie" to your computer if and when you log in to your FireFlash account by entering your email address and password. These cookies allow us to recognise you if you visit multiple pages in our site during the same session, so that you don't need to re-enter your password multiple times. Once you log out or close your browser, these session cookies expire and no longer have any effect. We also use longer-lasting cookies to display your email address on our sign-in form, so that you don't have to retype the email address each time when you log in to your FireFlash account. In addition, we use cookies to process our referral programme, described in Section C below. Our cookie files are encoded so that your email address and other information can only be interpreted by FireFlash. We may, however, share cookie information regarding whether or not a certain user is already registered with FireFlash with certain merchants with whom we have an official co-marketing relationship. Customer Service Correspondence If you send us correspondence, including emails and faxes, we retain such information in the records of your account. We will also retain customer service correspondence and other correspondence from FireFlash to you. We retain these records in order to measure and improve our customer service, and to investigate potential fraud and violations of our User Agreement. We may, over time, delete these records if permitted by law. Questionnaires, Surveys and Profile Data From time to time, we offer optional questionnaires and surveys to our users for such purposes as collecting demographic information or assessing users' interests and needs. The use of the information collected will be explained in detail in the survey itself. If we collect personally identifiable information from our users in these questionnaires and surveys, the users will be given notice of how the information will be used prior to their participation in the survey or questionnaire. Non-member Recipients and Requests When a member either sends a payment to, or requests a payment from, an individual who is not a registered member of FireFlash, we will retain the information that the member submits to us, including, for example, the other party's email address and/or name, for the benefit of the member who is attempting to contact the non-member, so that the member can see a complete record of his or her transactions, including uncompleted transactions. Although this information is stored indefinitely, we will not market to the non-member in any way at any time. Additionally, these non-members have the same rights to access and correct information about themselves (assuming that their email addresses were correct enough to reach them) as anyone else who uses FireFlash.4 of 7
3. Our Use and Disclosure of Information
Internal Uses We collect, store and process your personal information on servers located in the United States and operated by our parent company, FireFlash Inc. We use the information we collect about you in order 1) to provide our services and process your transactions, 2) to provide customer service, 3) to determine your eligibility to receive offers for special features or products, such as the FireFlash GE credit card, and 4) to improve our products and services. At your option (as indicated in your FireFlash Profile settings), we use the information you provide to access specific third party services on your behalf and perform the actions that you request us to perform, such as invoicing winning bidders on behalf of auction sellers. We give access to individually identifiable information about our users only to those employees who require it to fulfil customer service requests.
Disclosure to Other FireFlash Customers
If you are a registered FireFlash user, your name, e-mail address, phone number (if applicable) date of sign-up, and whether you have verified control of a bank account are displayed to other FireFlash customers whom you have paid or who are attempting to pay you through FireFlash. If you are a Business account holder, we will also display to other FireFlash customers the Web site address (URL) and customer service contact information that you provide us. However, your credit card number, bank account and other financial information will NEVER be revealed to anyone whom you have paid or who has paid you through FireFlash, except with your express permission or if we are required to do so pursuant to a subpoena or other legal process. If you are buying goods or services and paying through FireFlash, the seller of the goods or services may request that you provide a mailing address that FireFlash has confirmed as matching the billing address in the credit card system. You do not have to provide this information. If you do not provide the information, however, the seller may choose not to accept your FireFlash payment and not to complete the transaction. We work with third party merchants to enable them to accept FireFlash payments from you. Merchants who offer this service will share personally identifiable information you provide to them with FireFlash to validate the status of your ability to pay with FireFlash or the existence of your account. You permit FireFlash to return verification results of the validity of the personally identifiable information passed to FireFlash. FireFlash does not store the personally identifiable information provided by these merchants to validate the existence of your account. FireFlash will also disclose to other FireFlash customers the number of payments you have received from Verified FireFlash customers (as defined in the User Agreement on the FireFlash website), or other aggregate measures that provide an indication of your reputation with other FireFlash customers.
Disclosure to Third Parties Other Than FireFlash Customers
FireFlash will not sell or rent any of your personally identifiable information to third parties. FireFlash will not share any of your personally identifiable information with third parties except in the limited circumstances described below, or with your express permission (and to other FireFlash customers as described above). These third parties are limited by law or by contract from using the information for secondary purposes beyond the purposes for which the information is shared. We share information with companies that help us process the transactions you request and protect our customers' transactions from fraud, such as sharing your credit card number with a service that screens for lost and stolen card numbers. See "Information About You From Third Parties" in Section B above. Additionally, if you create a negative balance and owe us money, we may share information with processing companies including collection agencies. 1. We disclose the information we collect, as described in Section B above, to 2. 3.5 of 7 companies that perform marketing services on our behalf, to other financial institutions with which we have joint marketing agreements, or to other third parties such as credit reference agencies, for example in order to determine whether you are pre-approved for the products that FireFlash is jointly marketing with the third party (such as the FireFlash GE credit card issued by GE). These companies are subject to confidentiality agreements with us and other legal restrictions that prohibit using the information except to market the specified FireFlash-related products or services, unless you have affirmatively agreed or given your prior permission for other uses. We disclose information that we in good faith believe is appropriate to cooperate in investigations of fraud or other illegal activity, or to conduct investigations of violations of our User Agreement. Specifically, this means that if we conduct a fraud investigation and conclude that one side has engaged in deceptive practices, we can give that person or entity's contact information (but not bank account or credit card information) to victims who request it. 3. We disclose information in response to requirements of civil or criminal legal process. 4. When a user signs up for a co-branded version of FireFlash through links on our co-branded partner's website, FireFlash will share with the co-branded partner that user's name, email address and physical address in order to provide enhanced integration between FireFlash's services and the services of our co-branded partner. If a user does not want his or her information shared with FireFlash's co-branded partner, he or she should not use this aspect of the site. 5. We disclose information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you). 6. We share aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in Manchester. However, this aggregated information is not tied to personal information. 7. As with any other business, it is possible that FireFlash in the future could merge with or be acquired by another company. If such an acquisition occurs, the successor company would have access to the information maintained by FireFlash, including customer account information, but would continue to be bound by this Privacy Policy unless and until it is amended as described in Section A above. 8. We share your information with our parent, subsidiaries and joint ventures to help coordinate the services we provide to you, enforce our terms and conditions, and promote trust and safety. 9.
Our Contacts with FireFlash Customers
We communicate with users on a regular basis via email to provide requested services, and we also communicate by phone to resolve customer complaints or investigate suspicious transactions. We use your email address to confirm your opening of a FireFlash account, to send you notice of payments that you send or receive through FireFlash (including referral payments described below), to send information about important changes to our products and services, and to send notices and other disclosures required by law. Generally, users cannot opt out of these communications, but they will be primarily informational in nature rather than promotional. We also use your email address to send you other types of communications that you can control, including the FireFlash Periodical newsletter, auction tips, customer surveys and notice of special third-party promotions. You can choose whether to receive some, all or none of these communications when you complete the registration process, or at any time thereafter, by logging in to your account on the FireFlash website and changing your preferences in the Profile page of the My Account tab. You can also change your choices at any time through the same procedure. In connection with independent audits of our financial statements and operations, the auditors may seek to contact a sample of our customers to confirm that our records are accurate. However, these auditors cannot use personally identifiable information for any secondary purposes.
Internet Address Information
We use IP addresses, browser types and access times to analyse trends, administer the site, improve site performance and gather broad demographic information for aggregate use.
Your Use of Information and Our Services
In order to facilitate the transactions between FireFlash members, our service allows you limited access other users' contact or delivery information. As a seller you may have access to the User ID, email address and other contact or delivery information of the purchaser, and as a purchaser you may have access to the User ID, email address and other contact information of the seller. By entering into our User Agreement, you agree that, with respect to other users' personally identifiable information that you obtain through the site or through a FireFlash-related communication or FireFlash-facilitated transaction, you will only use this information for: (a) FireFlash-related communications that are not unsolicited commercial messages, (b) using services offered through FireFlash (e.g. insurance, delivery and fraud complaints), and (c) any other purpose that such user expressly agrees to after adequate disclosure of the purpose(s). In all cases, you must provide users with the opportunity to remove themselves from your database and review any information you have collected about them. In addition, under no circumstances, except as defined in this Section, can you disclose personally identifiable information about another FireFlash user to any third party without our consent and the consent of such other user after adequate disclosure. Note that law enforcement personnel and other rights holders are given different rights with respect to information they access. FireFlash does not tolerate spam. Therefore, without limiting the foregoing, you may not add a FireFlash user to your mail list (email or physical mail) without their express consent after adequate disclosure, even if said user has previously made a purchase from you. We strictly enforce our Anti-Spam Policy! To report FireFlash-related spam to FireFlash, please contact us.
4. Information Security
FireFlash is committed to handling your customer information with high standards of information security. Your credit card and bank account information are stored only in encrypted form on computers that are not connected to the Internet. We restrict access to your personally identifiable information to employees who need to know that information in order to provide products or services to you. We maintain physical, electronic and procedural safeguards that comply with regulations to guard 4.7 of 7 8/14/2006 2:59 PM your non public personal information. We test our security systems regularly and also contract with outside companies to audit our security systems and processes. For more information on FireFlash's security practices, please visit the FireFlash Security Centre. The security of your FireFlash account also relies on your protection of your FireFlash password. You may not share your FireFlash password with anyone. FireFlash representatives will never ask you for your password, so any email or other communication requesting your password should be treated as unauthorised and suspicious. If you do share your FireFlash password with a third party for any reason, including because the third party has promised to provide you additional services such as account aggregation, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account at www.fireflash.co.za/ and changing your Profile settings, and also contact us right away as described in Section 6 below.
5. Accessing and Changing Your Information
You can review the personal information you provided us and make any desired changes to such information, or to the settings for your FireFlash account, at any time by logging in to your account on the FireFlash website and changing your preferences in the Profile page of the "My Account" tab. You can also close your account through the FireFlash website. If you close your FireFlash account, we will mark your account in our database as "Closed," but will keep your account information in our database. This is necessary in order to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account. However, if you close your account, your personally identifiable information will not be used by us for any further purposes, nor sold or shared with third parties, except as necessary to prevent fraud and assist law enforcement, or as required by law.
6. Accountability
Our privacy office is responsible for ensuring that our day-to-day procedures comply with this Privacy Policy. If you have any questions about this privacy statement, FireFlash's information practices, or your dealings with FireFlash, you can contact us using the contact form.
About SSL Certificates