This Privacy Policy applies to all of the products, services and websites offered by Sionic Corporation (“Sionic,” “we”, or “us”) or its subsidiaries or affiliated entities such as mobile app distribution partners.

In this Privacy Policy we use the term “Personally Identifiable Information (“PII”)” to describe information that can be associated with an individual and can be used to identify that individual. We do not consider PII to include information that has been anonymized or aggregated so that it does not identify an individual. Sionic may share such anonymous or aggregated information with subsidiaries, affiliates and third parties in our sole discretion. You represent that if you give us PII on behalf of someone else, the person providing the PII to you gave you consent to provide their PII to Sionic.

If someone else gives us PII on your behalf, you represent that you gave that person consent to provide your PII to us.

If we use your PII in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.

The Company processes PII on our servers in the United States of America and in other countries. In some cases, we process PII outside your own country. In some cases such other countries may have less demanding data protection laws than the region in which you reside. Where this is the case, we will take appropriate measures to protect your PII in accordance with this Privacy Policy.

Merger, Financing or Sale: We may share or sell your PII in connection with a merger, financing, acquisition, dissolution transaction, bankruptcy or proceeding involving sale, transfer, divestiture of all or a portion of our business or assets. If another entity acquires our business or assets, that entity will have your PII collected by us and will assume the rights and obligations regarding your information as allowed by this privacy policy.

If you have any questions about this Privacy Policy or Sionic’s treatment of PII, please feel free to contact us through our website or write to us at:

Sionic Corporation c/o Customer Care 1230 Peachtree Street NE, Suite 3700 Atlanta, GA 30309 USA

DEFINITIONS

In this Privacy Policy, the following definitions apply:

“Account” means the Sionic account you create by registering your mobile device to use the Services, and includes accounts created (i) through the standalone Sionic ION Rewards app, (ii) through any separate Sionic Merchant app offering the Services, (iii) through any other application or modality through which you access the Mobile Rewards Marketplace, and (iv) through the creation and use of a ULink connected commerce profile.

“Feedback” means all feedback, suggestions, and ideas you provide to Sionic concerning improvements or enhancements to the Services. “Feedback” may also include your responses to surveys or reporting problems.

“Mobile Rewards Marketplace” means the mobile payment and rewards network developed and managed by Sionic, which includes the ION Rewards app and any other product or Service created, developed or facilitated by Sionic.

“Payment Account” means the payment type or account you load into your Account to pay for goods and services at participating Sionic Merchants.

“Personal Information” or “Personally Identifiable Information” (or “PII”) means information that can be associated with an individual and can be used to identify that individual, and may include Feedback, User Generated Data or any other PII necessary to participate in the Services.

“Rewards” are the Sionic rewards earned by you when you purchase goods or services from a Sionic Merchant.

“Services” means the off-line, online or mobile products or services offered by Sionic.

“Sionic Merchant” means a merchant that participates in Sionic’s Mobile Rewards Marketplace.

“Third-Party Provider” means a third-party service provider retained by Sionic whose products, services or support may be used to provide the Services, including Payment Account issuers.

“ULink Profile” means the email address, mobile number and Payment Account established by you for use in paying for goods and services at merchants participating in the ULink connected commerce network.

“User Generated Data” means any information generated by your use of the Services, including automatic reporting and other tools that give you the ability to create, post and distribute various forms of content for, and in connection with, the Services, including, but not limited to: payment transaction data; pictures; photographs; videos; and other information, including content generated by you. For pictures, photographs and videos, the User Generated Data includes only those pictures, photographs and videos that you take through the Services, and does not include those pictures, photographs and videos you take via the standard functions on your mobile device, or that you take through any other app not related to Sionic.

HOW WE COLLECT INFORMATION

We collect information from you regarding your use of the Services in the following ways: We will collect information from you, including PII, when you interact with the Services. For example, you provide information to Sionic when you:

Register for an Account, or update registration information or other of your Account information;
Add a Payment Account to your Sionic Account;
Initiate or complete a Payment Account transaction, a Rewards transaction or redeem an offer using the Services (including the location information of the physical point-of-sale terminal where such Payment Account transaction or Rewards transaction occurs for Sionic’s operational uses, such as transaction record information and fraud detection/prevention);
Receive advertising or offers or other marketing communications as part of the Services;
Interact with any advertising or offers in the Services;
Request a coupon or other offer;
Complete a survey related to the Services; or
Receive customer support.

In addition, Sionic may collect other information through the Services, such as:

If you opt-in to location-based services or location detection technology (including, but not limited to, iBeacons located at Sionic Merchant locations), we will collect geolocation information sent by your mobile device such as GPS signals sent by a mobile device and Bluetooth Low Energy transmissions. If, through your mobile device permissions, you permit the application to access location services, we may also collect the location of your device when the application is running in the foreground or background. (**Please note that failure to opt-in for location-based services using your mobile device or disabling location services in your mobile device settings may reduce or eliminate some of the Sionic features or other Services available to you.);
Device identifiers (such as unique device identifiers or device fingerprint);
Data analytics (such as analyzing anonymized and aggregated data generated by the Services);
Services analytics (such as diagnostics to improve the functionality of the Services); or
Point-of-sale terminal physical location for advertising and marketing Services that you opt-in to receive.

Sionic sometimes obtains PII from other sources, such as through mergers and acquisitions with other companies, as well as through commercial arrangements with Third-Party Providers, business partners, and other sources. Information Sionic receives from a third party is subject to your separate agreement with such third party, unless you enter into a separate agreement with Sionic or otherwise give Sionic your permission to use such information. Sionic may merge information we receive from third parties with information we have collected or will collect subject to such limitations.

Some elements of Sionic’s Services such as events, websites, ads and offers may be co-branded and offered in conjunction with a Sionic Merchant. For example, Sionic may provide the Services through a Sionic Merchant via the Sionic Merchant’s own branded app. If you provide information in these instances, both Sionic and the Sionic Merchant involved in the transaction may receive information from that transaction and may use the information according to each entity’s privacy policy and any other agreement each Sionic Merchant may separately have with you.

We offer some of our services on or through other web sites. PII that you provide to those sites may be sent to us in order to deliver the service. We process such information under this Privacy Policy. We may make available third-party applications, such as gadgets or extensions, through our Services. The information collected by us when you enable a third-party application is processed under this Privacy Policy. Information collected by the third-party application provider is governed by their privacy policies.

INFORMATION WE COLLECT

Information That Sionic Actively Collects From You

You must provide Sionic with the following information in order to use the Services if requested:

Your name, physical address, email address, and mobile device number;
Payment transaction data and details for payments made for goods and services at participating Sionic Merchants;
Payment Account data you choose to enter into your Account, as well as information needed to complete Payment Account transactions. Payment Account data may include your bank account information, credit or debit account or gift card or stored value account details, related security codes or other payment credentials;
Additional PII required for authentication of Payment Accounts you choose to enter into your Account, such as driver’s license number, Social Security number, date of birth, or answers to challenge and response questions used to authenticate your identity. **Please note driver’s license number, Social Security number, date of birth and challenge and response question information is only used for authentication by Sionic’s authentication Third-Party Provider or by a Payment Account issuer where you instruct Sionic to load your Payment Account with the Issuer into your Account. Such PII is not retained by Sionic, is not used for marketing purposes by Sionic or any of its Third-Party Providers, and is not shared with or disclosed to any other unaffiliated third parties;
Interest in and use of advertising, marketing and offers in conjunction with use of the Services;
Responses to survey questions regarding the Services (if you participate in surveys, Sionic will collect the information you provide to Sionic, which may include PII);
Your user preferences, product and Services interests, communication choices, and other user profile information, including Feedback and User Generated Data; and
Your protected health information, claims or other information used to measure your health or wellness if such information is included in your Payment Account transactions. **Please note that while direct protected health information is not normally required for a Payment Account transaction, some protected health information, such as the number of prescriptions you purchase each month, or the location of the pharmacy or store where you purchase prescriptions, may be included in information generated in conjunction with a Payment Account transaction.

General Information Automatically Collected by Sionic When You Use the Services

Sionic uses location detection technology to determine your approximate location, nearby Wi-Fi access points, cell towers and iBeacons. When you use the Services, Sionic automatically collects and stores certain information in activity logs such as details of how you used the Services.

Our Services include a unique application number that is not associated with your account or you. This number and information about your installation may be sent to us when you install or uninstall an app or when that app periodically contacts our servers (for example, to request automatic updates to the software). Sionic will automatically collect additional information about you, your use of your device, and the Services on your device such as:

Mobile device settings and operating information (such as system and version; screen resolution; services version (e.g. 1.0, 2.0, etc.); and device type, identifiers or capabilities);
System activity;
Hardware settings;
Total amount of time spent in the Services;
User creation time; or
Length of Services session.

Information That Is Unique Information Generated By Your Use Of The Services

Sionic also collects certain types of unique information generated by your use of the Services such as:

Application identifiers;
Session ID and User ID in connection with use of your Account;
Information, including usage information, such as frequency of use or average number of minutes for use, generated through use of your Account;
Date and time;
Location of purchases to complete a Payment Account transaction;
Internet Protocol (IP) address;
Other transaction data such as amount of purchase, store name or register number;
For certain location-based advertising and marketing Services, your location to provide location-based marketing, advertising or other Services (for example, such information will be used to “recognize” you within a store or specific geographic location to serve up relevant ads and offers, or in conjunction with a Sionic Merchant’s customer appreciation activities);
If you opt-in for other location-based services, location information necessary to provide such Services (for example, store locators and directions);
If you opt-in for Services involving advertising or offers, transaction data for marketing purposes that is used to generate relevant advertising and offers, which may be used in conjunction with such advertising or offers; or

HOW WE USE INFORMATION WE COLLECT

We use information we collect to: conduct business and improve the effectiveness of our Services; develop new products and Services; provide information and support for the Services; conduct research and analysis, including focus groups and surveys; better understand your needs and interests; personalize communications and advertising/offers; promote a quality experience for users of Services; and to perform other business activities related to the Services as needed or as otherwise described in this Policy.

When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our Services. When you send and receive SMS messages to or from one of our Services that provides SMS functionality, we may collect and maintain information associated with those messages, such as the phone number, the wireless carrier associated with the phone number, the content of the message, and the date and time of the transaction. We may use your email address to communicate with you about our services.

We will use your information to:

Create and maintain your Account(s);
Communicate, interact and build the Sionic relationship with you;
Gather transaction statistics relating to your use of the Services in order to collect information to measure, analyze and improve the Services;
Manage dispute resolution and perform customer service activities;
Customize the content, products, and features (including marketing offers that you opt-in to receive) that are offered to you in the Services;
Process, fulfill, and follow up on transactions and requests for products, services, support, and information via the Services;
Engage in market research and analysis;
Comply with legal requirements;
Enforce our agreements; and
Deter, detect, and prevent fraud and other prohibited or illegal activities.

HOW WE SHARE AND DISCLOSE INFORMATION

Sionic may share or disclose your information as follows:

To Sionic Merchants based on your purchase of goods and services from that Sionic Merchant;
To Third-Party Providers involved in providing the Services;
To Third-Party Providers using your information on Sionic’s behalf in connection with opening an Account;
To Third-Party Providers using your information on Sionic’s behalf in connection with loading a Payment Account into your Account;
To Third-Party Providers using your information on Sionic’s behalf in connection with a potential or actual Payment Account transaction;
To Third-Party Providers using your information to evaluate and enhance the performance of the Services, including, but not limited to, Third-Party Providers providing analytics services based on anonymous or aggregated PII;
Based on Sionic’s sole discretion that such disclosure is necessary to protect the rights or safety of any person or entity; or
Based on our sole discretion that disclosure is necessary to detect or respond to instances of potential or actual fraud or other illegal activities, to respond to a law enforcement agency’s request for information or cooperation in an investigation, or to respond to judicial process or other valid government investigation or process.

COOKIES AND “DO NOT TRACK”

Sionic App

Sionic does not track your activities on other mobile apps. However, in the event the Sionic Services are embedded in or otherwise accessed through a Sionic Merchant’s mobile app or other third-party mobile app, your Sionic Services activities will be tracked by Sionic. Sionic does not allow Third-Party Providers or other third parties that we have agreements with to track your activities across different mobile apps when you use your Account. Sionic may share information with software companies that power your mobile device, app stores and companies that provide common tools and information for apps about consumers.

Sionic Website

When you use the Sionic website, we will place a “cookie” on your web browser. A cookie is a very small text file that is sent to a customer's browser from a web server and stored on the customer's computer hard drive. It assigns the computer a unique identifier. The cookie stores information on your hard drive so we can communicate with you more efficiently, respond to you based on prior sessions at which you provided information about you or your preferences to us and understand what you prefer to view on our website. We do not use cookies to store passwords or Payment Account information. Cookies do not tell us your individual identity unless you have chosen to provide it to us.

Your browser may be set to allow you to be notified when a cookie is to be placed on your browser, decline the cookie or delete cookies that have been placed on your browser. For general information regarding opt-out, you can visit the Networking Advertising Initiative (NAI) at http://www.networkadvertising.org/. You can also find specific information regarding opting out of interest-based advertising that uses web browser and cookie information at this specific NAI webpage: http://www.networkadvertising.org/choices/. You may also check your web browser’s instructions. Some functions of our website may not work or may work slowly if a cookie is refused.

We do not respond to web browser “do not track” signals at this time. We await the result of work by the policy community and industry to determine when such a response is appropriate and what form it should take. We do allow you to exercise choice regarding the collection of information by third parties about your online activities over time and across third-party websites or online services for online interest-based advertising purposes by going to http://www.networkadvertising.org/choices/ or http://www.aboutads.info/choices/.

YOUR RIGHTS TO OPT-OUT AND EFFECT ON THE SERVICES

There are certain elements of PII that you must provide Sionic in order to use the basic Payment Account transaction functionality Services and Rewards Services. If you are not provided with an opt-out choice for the particular use of PII, then we have determined that such PII must be provided by all Sionic users for that particular transaction functionality Services or Rewards Services to function. If you are provided with a choice to opt-out of collection of certain PII, we have determined that such PII is not necessary to provide the basic transaction functionality Services or Rewards Services, but may be necessary to provide certain additional Sionic Services. For example, if you opt-out of receiving relevant advertising and offers, you will still be able to conduct Payment Account transactions, but you will not receive any advertising or marketing offers or coupons from Sionic Merchants. We have also determined that a Sionic user may opt-out of the collection of some PII, and the result will be that while a particular Service or feature may be utilized, it will not be utilized in an optimal manner. For example, if you opt-in to receive relevant advertising and offers, but you opt-out of sharing your mobile device location information, you may receive advertising and offers based upon your interests and prior purchases, but you will not receive advertising and offers based upon your current location or proximity to a particular Sionic Merchant.

OTHER SITES

This Privacy Policy applies to our services only. We do not exercise control over the sites that include our applications, products or services, or links from within our Services. These other sites may place their own cookies or other files on your computer, collect data or solicit PII from you.

INFORMATION SECURITY

We have put in place appropriate administrative, technical and physical safeguards to (i) protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data, and (ii) maintain data security and correctly use the information we collect. Unfortunately, no system can be 100% secure. Although we do our best to protect your PII, we cannot guarantee the security of your personal information. Any transmission of PII is at your own risk. We are not responsible for circumvention of any privacy settings or security measures on our website or through our applications.

ACCESSING AND UPDATING PERSONAL INFORMATION

When you use one or more of our services, we make good faith efforts to provide you with access to your PII and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup drives), or for which access is not otherwise required. Before we provide access to any data, including PII, or make any changes to it we will ask you to verify your identity or provide other details before we are able to provide you with any information, correct any inaccuracies, or delete any information. We may keep a copy of information for our records. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. Your right to review, update, correct, and delete your PII may be limited, subject to the law of your jurisdiction of residence: (i) if your requests are abusive or unreasonably excessive, (ii) where the rights or safety of another person or persons would be encroached upon, or (iii) if the information or material you request relates to existing or anticipated legal proceedings between you and us, or providing access to you would prejudice negotiations between us or an investigation of possible unlawful activity. Your right to review, update, correct and delete your information is also subject to our records retention policies and applicable law, including any statutory retention requirements.

YOUR RIGHTS AS A CALIFORNIA RESIDENT

California law permits residents of California to request certain details about how their information is shared with third parties for direct marketing purposes. We do not share your personally identifiable data with third parties outside of the Mobile Rewards Marketplace for the third parties’ direct marketing purposes unless you provide us with consent to do so.

CHILDREN UNDER THE AGE OF 13

Use of our Services is only available to individuals who are of legal age to contract in their applicable state of residence, which is generally 18 years of age or older, but can vary depending on your state of residence. Our services are not intended for or directed to children under 13 years of age, and we do not knowingly collect PII from children under 13. If our policy changes, we will obtain consent from a parent or guardian before knowingly collecting data from anyone under the age of 13. If we learn we have collected or received PII from a child under 13 without verification of parental or legal guardian consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at the contact information provided above.

CHANGES TO THIS PRIVACY POLICY

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review. The date of the most current revisions will be reflected by the “Last updated” notice below. YOUR CONTINUED USE OF THE SITES OR SERVICES CONSTITUTES YOUR AGREEMENT TO THIS PRIVACY POLICY.