Effective Date: May 18, 2018
SAFETY IS AT THE HEART OF MASTERCARD’S STORY
Our goal is to constantly protect everyone connected to Mastercard. Our mission is clear. Every day, everywhere, we use our technology and expertise to make payments safe, simple and smart. Whether you are a consumer, merchant, issuer, business, or a public sector organization, you can have peace of mind knowing that your safety and security is our number one priority, and central to everything that we do.
Payment technologies have never been safer, but criminals have never been smarter and they are further enabled by the shift to digital payments, which is happening at an unprecedented rate. As technology evolves, Mastercard remains at the forefront of innovation and security to stay one step ahead of criminals and keep you safe. As more devices become commerce devices, our priority is to ensure their security by encouraging all innovators to build in safety and security from the start, so we can better address the challenge of potential risks.
MULTIPLE LAYERS OF TECHNOLOGY PROTECT EACH TRANSACTION
There is no silver bullet to fight fraud, so we use multiple layers of security to protect every transaction. Our technologies, processes and expertise enable us to prevent, detect and resolve threats while also enhancing the experience related to the payment device.
We have implemented and operate at four layers to protect the payments system:
WE PROCESS PERSONAL INFORMATION FOR FRAUD PREVENTION AND MONITORING
For many of our fraud and security activities, we act as a processor on behalf of and under the instructions of financial institutions and merchants. This Fraud and Security Notice applies for the processing activities for which Mastercard is a data controller.
Mastercard International Incorporated and its affiliates (collectively, “Mastercard”) processes various types of Personal Information, as a data controller, to protect you against fraud. If you are located in the EEA or Switzerland, Mastercard Europe SA is the entity responsible for the processing of your Personal Information. “Personal Information” means any information relating to an identified or identifiable individual. This may include:
We obtain the above categories of Personal Information from various sources: from financial institutions and merchants, directly from you, from third parties as detailed below or from your interaction with our digital assets.
HOW WE MAY USE YOUR PERSONAL INFORMATION
We may use your Personal Information to protect you against, monitor and prevent fraud, unauthorized transactions, claims and other liabilities, authenticate you and manage risk exposure and franchise quality with respect to the integrity and security of our payments networks. We also aggregate some of your Personal Information to create models to identify past and potential future fraud patterns and offer advanced fraud and security features to financial institutions, merchants, customers and partners. The use of these fraud models may lead your financial institution or merchant to make decisions as to whether or not to authorize a transaction, or not to grant you access to a product or service, to the extent such automated decision-making is permitted by law.
We may share your data with third parties including identity verification services, fraud data service providers, government entities, utilities, public records, credit bureaus, property files, telecommunications operators, watch lists, geovisualization service providers. We ensure that your Personal Information is only used for the above purposes subject to strict data protection and security obligations through our contracts with such third parties.
We will only process your Personal Information for the above purposes when we have a valid legal ground for the processing. If you are located in the EEA, such legal ground is provided by the legitimate interest that we, or a third party, have in using your Personal Information, including to prevent and protect against fraud, and secure our network and the payment transactions that we process. In addition, our fraud prevention, monitoring and authentication activities may be necessary to comply with legal obligations. We may also process your Personal Information as necessary to provide you with a requested product or service that protects against fraud. Where required under applicable law, we obtain your consent for processing your Personal Information, including for the collection of your Personal Information via the above automated means.
Where we act as a data processor on behalf of financial institutions and merchants, as the data controllers, the financial institutions and merchants are responsible for ensuring a valid legal ground for the data processing. Please refer to their respective privacy policy for more information regarding the processing of your Personal Information.
YOUR RIGHTS, HOW TO CONTACT US, AND ADDITIONAL INFORMATION ABOUT OUR PRACTICES
You have certain rights and choices regarding the Personal Information we maintain about you. This webpage details certain aspects of our Global Privacy Notice for more information about your rights, to contact us, or to learn more about how we share, transfer or protect your Personal Information, please read our Global Privacy Notice.
Some of the security and fraud prevention and monitoring solutions mentioned above may have their specific privacy notices. Please consult them for more information. For enquiries about your Mastercard card and your purchase, please contact your financial institution or merchant. More information about how to contact them can be found on their websites.
* Seulement en anglais.