FlexPay Privacy Policy

TROY Privacy Policy

TROY Group, Inc. (TROY) and its subsidiaries respect your privacy and are committed to protecting it. TROY provides this Privacy Statement to inform you of our privacy policy and practices and of the choices you can make about the way your information is collected and used. We've structured our web sites so that, in general, you can visit TROY on the web without identifying yourself or revealing any personal information. To make this notice easy to find, we make it available on our homepage. This privacy statement applies to the TROY Group, Inc. www.troygroup.com-owned web site and domain.

Notice

TROY uses personal information to better understand your needs and interest and provide you with better service. Once you choose to provide us with personal information, you can be assured that it will only be used to support your customer relationship with TROY. We take seriously the trust you place in us. TROY will not sell, rent or lease your personally identifiable information to others.

This privacy statement covers personally identifiable information, anonymous data collection and aggregate reporting. Personally identifiable information is any information that is associated with your name or personal identity. Anonymous (non-personal) information is data about usage and service operation, reported in aggregate, which is not associated to a specific personal identity. Aggregate information is data collected and summarized for a broad category of customers or TROY services.

What we collect

On some TROY web sites, you can order products or services, make information requests, subscribe to marketing or support materials, or register yourself or your TROY products. The types of personal information you provide to us on these pages may include such as name, address, phone, email address, user IDs and passwords, billing information, transaction, credit card information and contact preferences.

To personalize our web sites, services or communications and improve our products and services, we may also ask you, among others, to provide us with information regarding your personal or professional interests, demographics, and experiences with our products or services. Providing this additional information is optional. We do not customize content in our website right now, however, the content in the online store is customized based on user levels of authentication. Anonymous (non-personal) data we collect may include the pages visited on troygroup.com, unique URLs visited within troygroup.com, browser type and IP address. Most anonymous data is collected via cookies, session variables or other analysis technologies. troygroup.com web pages use cookies, session variables, and other technologies for data analysis and personalization services.

TROY does not knowingly collect information from children under the age of 18 and TROY products and services do not target information to children under 18. TROY is committed to protecting the privacy needs of children and we encourage parents to take an active role in your child's online activities and interests.

If you apply for a job at TROY, you provide your email address, educational and employment background, and job interest data. You may choose to submit your name when registering or remain anonymous. TROY will not use personal data submitted as part of the job application process for any other purpose.

How we use it

TROY uses your information to help us understand your needs and interests and provide you with better services. Specifically, we use your information to help you complete a transaction or order, to communicate with you, to provide service and support, to update you on services and benefits, to personalize promotional offers and to personalize some troygroup.com web sites. Occasionally we may also use your information to contact you for market research regarding TROY products or services. We will give you the opportunity to opt-out of market research and customer surveys. Credit card information is used only for payment processing and fraud prevention, and is not used for other purposes. Data collected online may also be combined with information you provide through other sources such as product registration, call centers or public events such as trade shows or seminars.

Anonymous (non-personal) data is aggregated for reporting about troygroup.com web site usability, performance, and effectiveness. It is used to improve the customer experience, usability and site content.

Who we share it with

TROY will not sell, rent, or lease your personally identifiable information to others and will not share your personal information with a business partner or any unrelated third party company, except as explained in this privacy policy or unless you give your permission. Your permission will be requested when you submit your information. TROY shares customer information across TROY business entities within the usage limits described above in "How we use it".

TROY may send your personal information to third-party subcontractors and agents that work on our behalf to provide certain services. These third parties do not have the right to use your information beyond what is necessary to assist us. They are contractually obligated to maintain the confidentiality and security of your information and are restricted from using such information in any way not expressly authorized by TROY.

Credit card transactions are handled by the ecommerce package, credit processing, however, is handled by a third-party financial institution and their vendors, which receive the credit card number and other personal identifying information only to verify the credit card numbers and process transactions.

TROY may release information when we believe that such release is reasonably necessary to comply with law, enforce or apply the terms of any or our policies or user agreements, or to protect the rights, property, or safety of TROY, our users, or others.

State privacy rights and information for California residents

This section provides additional details about the personal information we collect and the rights available under applicable state privacy laws, including the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”). More details about the personal information we have collected over the last 12 months, including the categories of personal information and sensitive personal information we have collected, are shown in the tables below. Please note that while examples of each category are shown for reference, we do not necessarily collect data for each example listed. For more details on the personal information we collect, see “What we collect,” above.

In the course of providing our products and services to you, we may also collect certain categories of sensitive personal information. In the past 12 months we have collected the categories of sensitive personal information shown in the table below.

We may collect these categories of personal information and sensitive personal information from you directly, or from third parties who provide it to us on your or our behalf. We retain your personal information and sensitive personal information only for as long as necessary to fulfill the business purpose for which it was collected or for which you provided it.

We do not sell the personal information or sensitive personal information that we collect. Over the past 12 months we may have disclosed those categories of personal information to our service providers and/or trusted third parties for our business purposes. For more details on how and why we may share these categories of information, see “Who we share it with,” above.

Subject to certain limitations, the CCPA and other state privacy laws provide consumers a right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.

California consumers and residents of certain states may make a request pursuant to their rights by contacting us at info@troygroup.com or online at www.troygroup.com/contact. We will verify your request using the information associated with your account, including email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.

Right to Know. You have the right to know and see what data we collected about you over the past 12 months. This includes:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information.
• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
  • sales, identifying the personal information categories that each category of recipient purchased; and
  • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
• The specific pieces of personal information we collected about you (also called a data portability request).

Right to Delete. You have the right to request that we delete the personal information we have collected from you (and direct our service providers to do the same), subject to certain exceptions, including when such information is necessary to complete your transaction or to provide you the requested services. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with a legal obligation.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Once you have submitted a deletion request, and we have received verification from you that the request is authentic, you will be provided the opportunity to agree with what personal information will be deleted.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our Service Providers to take similar action.

Right to Correct Inaccurate Information. You have the right to correct any inaccurate personal information about you that we have in our possession (the “right to correct”). Once we receive your request and confirm your identity, we will disclose to you the specific pieces of personal information that we have collected about you. You will then have the opportunity to direct us to correct the pieces of information which you believe are inaccurate.

We may deny your request to correct if we believe the updated information is incorrect or is being used for any fraudulent or deceptive purpose.

Right to Restrict Sensitive Personal Information Processing. Under certain state privacy laws, you have the right to restrict our processing of your sensitive personal information (the “right to restrict”).

The Right to Opt Out of the Processing and Sale of Personal Information. You have the right to direct us to not process your personal information for targeted advertising and to not sell your personal information at any time (the "right to opt-out"). Once we receive your request, we will no longer use or process your personal information for the purpose of providing targeted advertising to you based on your activity and interests. We will also no longer sell (as that term is defined by relevant and applicable state law) your personal information to third parties for targeted advertising purposes.

Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to process your request to opt out from certain types of data processing, including data "sales" as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.

The Right to Opt Out of the Sharing of Personal Information for Cross-Contextual Behavioral Advertising. You have the right to opt out of the sharing of your personal information with third parties for cross-contextual behavioral advertising. Once we receive your request, we will no longer use or process your personal information for the purpose of advertising to you based on your individual activity.

The Right to Opt Out of Profiling. You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects to you. Once we receive your request, we will no longer use or process your personal information for making decisions that produce a legal or similarly significant effect on you.

Non-Discrimination. You have the right not to be discriminated against for exercising any of the rights listed above. Unless permitted by the CCPA or other applicable law, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

Exercising Your Privacy Rights. To request access to or deletion of your personal information, or to exercise any other data rights under applicable law, please contact us by emailing us at info@troygroup.com, by writing to us at TROY Group, Attn: Privacy Officer, 3 Bryan Drive, Wheeling, WV, 26003, by calling us at 304-232-0899, or by filling out our contact form on our website at www.troygroup.com/contact. Only you, or someone legally authorized to act on your behalf, may make a request to know or delete your personal information. You may also make a request to know or delete on behalf of your child. You may only submit a request to know twice within a 12-month period. Your request to know or delete must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, and
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. You do not need to create an account with us to submit a request to know or delete. We will only use personal information provided in the request to verify the requestor's identity or authority to make it.

Response Timing and Format. We aim to respond to a consumer request for access or deletion within ten (10) days of receiving requests for disclosure or deletion with information on how the request will be processed. If we need additional time the reasons for that will be stated to you within the ten days. Any substantive response to the request will be given within 45 days of receiving a verified request.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

You may appeal a decision concerning your privacy rights by contacting us at info@troygroup.com or writing to us at TROY Group, Attn: Privacy Officer, 3 Bryan Drive, Wheeling, WV, 26003.

Choice

You can subscribe to receive some product- and service-specific information and TROY-wide marketing communications. TROY-wide communications may include new product information, special offers or possibly an invitation to participate in market research.

Links provided on troygroup.com to third party web sites are provided as a convenience and TROY does not control those sites or their privacy practices, which may differ from ours. TROY does not endorse or make any representations about them. We encourage you to review the privacy policy of any company before submitting your personal information. The personal data you choose to give to unrelated third parties is covered by their privacy policies, not the TROY Privacy Policy. Some third-party companies may choose to share their personal data with TROY; that sharing is governed by that third-party company's privacy policy.

Onward Transfer

Personal data given to TROY may be transferred across state and country borders for the purposes of data consolidation, storage and simplified customer information management. The practices which govern this data movement are described in our commitments in the Choice and Security sections of this privacy statement.

Access & Accuracy (End-user access to Online Store)

We will provide you with access to view and change your information, including making every effort to provide you with online access. To protect your privacy and security, we will also take reasonable steps to verify your identity, such as a password and user ID, before granting access to your data. Certain areas of TROY's web sites may limit access to specific individuals through the use of passwords and other personal identifiers.

The most effective way to view your online account information and change your personal information is to return to the web page where you originally submitted your data and follow the instructions on that web page or send us a message as described in "Contacting us" below. Data access is also available upon request.

Security

TROY is committed to ensuring the security of your information. To prevent unauthorized access or disclosure, maintain data accuracy and ensure the appropriate use of the information, TROY has in place appropriate physical, technological and managerial procedures to safeguard the information we collect.

We use Secure Sockets Layer (SSL) encryption when collecting or transferring sensitive data such as credit card information. We use this SSL technology to prevent such information from being intercepted and read as it is transmitted over the Internet. The encrypted data goes to a secure site where your information is stored on restricted-assess computers located at restricted-access sites. Credit card numbers are only used for processing payment and are not used for other purposes. Our efforts to protect credit card fraud help protect your financial data security.

Oversight/Enforcement

How TROY uses cookies, session variables, and other analysis technologies on troygroup.com and in third party ads.

TROY uses session variables (or session cookies). A session variable is created when you surf our site, make purchases, request information, personalization, or register yourself or for certain services. Accepting the cookies used on our site does not give us access to your personally identifiable information, but we may use the cookies to identify your computer. The aggregate information collected permits us to analyze traffic patterns at our site. This can enable us over time to provide a better experience on our site by improving content or personalization and making it easier to use.

Most browsers automatically accept cookies, but you can usually refuse cookies or selectively accept certain cookies by adjusting the preferences in your browser. If you turn off cookies, there may some features of our site that will not be available to you and some web pages may not display properly. You can find information on popular browsers and how to adjust your cookie preferences at the following web sites:

Microsoft Internet Explorer: http://www.microsoft.com/info/cookies.htm
Google Chrome: https://support.google.com/chrome/answer/95647?hl=en

troygroup.com does not post third-party ads on our web site. TROY may use third-party media companies to place ads for TROY products or services other companies' web sites. If you view a web page where TROY ads appear, the online media company may place a cookie or web beacon on the user's computer. This allows the online media company to recognize the computer when it is used to return to that site or measure advertising response. This data is anonymous and is not linked to personal data on the user's computer or any TROY databases. Some TROY newsletters delivered on TROY's behalf by online media companies use the same technologies. In both cases, this data is also used by the online media company to measure advertising and content interest and relevance. TROY does not have access to the data collected by the online media company. To prevent online media companies from placing cookies on your computer, you will need to visit each media company's web site and use their cookie removal (opt-out) process.

TROY uses the YouTube API service for inserting videos onto our website. You can find more information by visiting the YouTube Terms of Service page and also on the Google Privacy Policy.

Changes to Privacy Policy

TROY reserves the right to modify or amend this policy at any time by posting the revised privacy policy on our site. The changes will only affect the information we collect after the effective date of the change to our privacy policy unless we clearly express otherwise.

Contacting us

We value your comments and opinions. If you have comments or questions about our privacy policy, please send your request by e-mail.

QuickBooks

QuickBooks is a registered trademark and service mark of Intuit Inc., displayed under license.