Privacy Policy Home

Effective date: August 31, 2021

Bend Mailing Services, LLC, dba BMS Technologies (“us”, “we”, or “our”) operates the https://www.online-billpay.com/ website (the “Service”).

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

Definitions

Service

Service is the https://www.online-billpay.com/ website operated by Bend Mailing Services, LLC, dba BMS Technologies.

Personal Data

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data

Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies

Cookies are small pieces of data stored on your device (computer or mobile device).

Service Provider

A Client of BMS Technologies that requires us to accept and process personal data sent to us by the Service Provider or its Customers.

Customers

Individual users of https://www.online-billpay.com/, not employed by a Service Provider, who use the site to send payments to and monitor accounts affiliated with a Service Provider.

BMS Role in Data Protection

According to the European Union General Data Protection Regulation (GDPR), BMS Technologies occupies various roles depending on what information we receive and from whom. For https://www.online-billpay.com/, our role is as a Processor, except for the Customer registration process. We maintain the site on behalf of our client Service Providers, and process the information we receive from Service Providers and Customers according to the instructions from and on behalf of our clients. BMS Technologies is the Controller for all information collected during the Customer registration process.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you and our Clients.

Types of Data Collected

Personal Data

In order to use the site, Customers must register. In order to register, BMS Technologies collects certain personal data to set up the profile according to the instructions from our clients. This may include, but is not limited to:

  • The account number associated with the Service Provider
  • Unique identification number
  • First and last names
  • Billing address associated with the account number
  • Phone number
  • Username chosen by the Customer
  • Password chosen by the Customer
  • Email address

While using our Service, you have the option to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:

  • First name and last name
  • Email address
  • Phone number
  • Credit or debit card numbers
  • Bank routing and account numbers
  • Billing and service addresses
  • IP address
  • Browser type and version
  • Pages visited
  • Cookies and Usage Data

We may use your Personal Data to assist our client Service Providers with managing your account associated with their services.

Service Providers may send us your personal data through the Service, to allow us to process that data on their behalf.

Usage Data

We may also collect information how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings such as mobile device responsiveness.
  • Security Cookies. We use Security Cookies for security purposes.

Use of Data

BMS Technologies uses the collected data for various purposes:

  • To provide and maintain our Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide client support
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent, and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about unless you have opted not to receive such information
  • To fulfill our obligations to our client Service Providers

We will not provide your information to marketing list consolidators, or to any third party that is not directly involved with the above listed purposes or covered by this privacy policy.

California Residents

California resident privacy notice

This California Resident Privacy Notice is supplemental information to our Privacy Policy. It applies to individuals residing in California from whom we collect personal information as a business under California law.

Your California privacy right

If you are a California resident, you may exercise the following rights:

  • Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of personal information collected or disclosed by us; (2) purposes for which categories of personal information are collected; (3) categories of sources from which we collect personal information; (4) categories of third parties with whom we disclosed personal information; and (5) specific pieces of personal information we have collected about you.
  • Right to Delete. Subject to certain exceptions, you may submit a verifiable request that we delete personal information about you that we have collected from you.
  • Verification. Requests for access to or deletion of personal information are subject to our ability to reasonably verify your identity in light of the information requested and pursuant to relevant CCPA requirements, limitations, and regulations. To verify your access or deletion request, please provide us with your current name, email address, and phone number in your request and we will reach out to you to obtain additional information, if necessary.
  • Right to Equal Service and Price. You have the right not to receive discriminatory treatment for the exercise of your CCPA privacy rights, subject to certain limitations.
  • Right to Request. You may request information once per calendar year about our disclosures of certain categories of personal information to third parties for their direct marketing purposes. Such requests must be submitted to us through email provided below.

To submit requests to exercise your rights under the CCPA, please email postmaster@bendmailing.com.

How does our site handle Do Not Track signals?

We support Do Not Track (DNT) settings that are enabled from you browser and to browse our site anonymously. We will not plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Legal Basis for Processing Personal Data under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), BMS Technologies’ legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

BMS Technologies may process your Personal Data because:

  • We need to perform the services requested by our client Service Providers
  • You have given us permission to do so
  • The processing is in our legitimate interests and it’s not overridden by your rights
  • To comply with the law

Retention of Data

BMS Technologies will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, and to fulfill our obligations to our clients. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We do not store any sensitive payment information such as credit card or bank account numbers.

BMS Technologies will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Transfer of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

BMS Technologies will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and relevant regulatory standards, and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure of Data

Disclosure for Law Enforcement

Under certain circumstances, BMS Technologies may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

BMS Technologies may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of BMS Technologies
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means, and relevant regulatory standards, to protect your Personal Data, we cannot guarantee its absolute security.

Your Data Protection Rights under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. BMS Technologies aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us. Please note that we may ask you to verify your identity before responding to such requests. In our role as a data Processor, we may ask you to contact the data Controller. In most cases, this will be our client Service Providers. We may not be able to alter data processing without written instructions from our clients.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where BMS Technologies relied on your consent to process your personal information.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Third Parties

We may employ third party companies and individuals to facilitate our Service (“Third Party” or “Third Parties”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used, and to meet our obligations to our clients.

These third parties have access to your Personal Data only to perform these tasks on behalf of our client Service Providers and are obligated not to disclose or use it for any other purpose.

Mailgun: stores information about emails sent on behalf of BMS Technologies and our client Service Providers. This information can include, but is not limited to:

  • Email address to which the communication was addressed
  • Time the email was sent
  • Whether or not the email was received
  • The subject line of the email
  • The names, sizes, and file types of any email attachments
  • Complaint list details - Emails addresses to be excluded for complaints such as invalid address, or recipient marked the communication as spam
  • List of recipients who have unsubscribed from our communications

Microsoft Azure: https://www.online-billpay.com/ allows Customers and Service Providers to recall statement billing history. The PDF statements are stored using Microsoft Azure. Azure also stores logs for all traffic that goes through the site’s firewall, including IP addresses and browser information. Finally, Azure is used to store error logs, which may include Customer names, account numbers associated with the Service Provider, and the page in which the error occurred.

Payments

One function of https://www.online-billpay.com/ is to allow you to send payments to our client Service Providers. In that case, we work with third-party services for payment processing (e.g. payment processors). The payment processor with access to your personal data will depend on which payment processor has a contract with the Service Provider.

The payment processors we work with are:

  • TSYS and Check Commerce
  • Omega Processing
  • Basys
  • Cardknox and Fidelity Payments
  • Authorize.net
  • Other processors as requested by our clients.

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Email Policy

We have created this email privacy policy to demonstrate our firm's commitment to your privacy and the protection of your information.

How will we use your email address?

The email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions.

How do we protect your privacy?

We implement a variety of security measures to protect against the loss, misuse and alteration of data used by and/or stored in our system.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer your email information to outside parties. This does not include service providers with whom you are registered or trusted third parties who assist us in: operating our website, conducting our business, or servicing you; so as long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

Encrypted Data

All data transferred is encrypted and secure.

Confidentiality

Your information is confidential, stored safely, and never solicited.

Standards

Online-Billpay.com follows the security standards set by the PCI Security Standards Council.

Awareness

We are always up to date with the newest security standards and protection software.

Security Information

What information do we collect?

We collect information from you when you register on our site.

When registering on our site, as appropriate, you may be asked to enter your name, e-mail address, mailing address or phone number.

What do we use your information for?

Any of the information we collect from you may be used in one of the following ways:

To process transactions:

Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company, except the service providers with whom you are registered, for any reason whatsoever, without your consent, other than for the express purpose of providing the requested services.

To send periodic emails:

The email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into a payment gateway providers’ database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.

After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

Do we use cookies?

Yes, cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to understand and save your preferences for future visits.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include service providers with whom you are registered or trusted third parties who assist us in: operating our website, conducting our business, or servicing you; so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

Are there any third party links or site redirects?

Yes, we may include links or references to third party pages on our website. Additionally during the payment process you might be redirected to a payment gateway provider's site. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us: