PRIVACY AND COOKIES POLICY
“Business Days” means any day other than a Saturday or Sunday or United States federal public holiday on which banks are physically open for the transaction of general banking business. Any other day is to be considered a calendar day.
“Working Hours” means 9:00 am to 5:00 pm Eastern (New York City) time on Business Days.
Online privacy is constantly evolving, and 1st Opus INC (“1stOpus", “1st Opus", “We”, “Our”, “Us”), a company that is organized in the United States of America, will take all commercially reasonable efforts to maintain up to date and effective online privacy standards and practices. We have linked every page of Our Website (the "Website") to this document for Your convenience. You may also access Our Privacy and Cookies Policy (the “Policy”) on Our smartphone APP, Our Website www.1stOpus.com and You may also contact 1stOpus at legal@1stOpus.com with any questions or concerns that You may have.
1st Opus is committed to respecting Your online privacy and recognizes Your need for appropriate protection and management of any personally identifiable information ("Private Information") that You share with Us. Private Information means any information that may be used to identify an individual, including, but not limited to; (1) a first and last name; (2) a home or other physical address; (3) an email address; (4) other contact information, whether at work or at home; (5) telephone numbers; (6) credit/debit card information; (7) bank account information; and (8) Website usernames and passwords. 1st Opus collects and uses Your Private Information only for Our business purposes which allows Us to provide an eWallet, a Prepaid Card, and transaction processing services to You to enable You to make purchases of goods and services at retail merchants (“Retailers”) and to transfer funds between authorized 1stOpus accounts.
If You choose to provide Us with Your Private Information through Our Website, by facsimile, mail, e-mail or any other viable method of transmission, We may transfer that Private Information within 1st Opus, to Our third-party service providers, to Retailers with whom You have made transactions, or for the purpose of assisting the Retailer in resolving disputes, and from Your country or jurisdiction to other countries or jurisdictions around the world if the need arises.
We strive to comply with all applicable privacy laws around the globe that are designed to protect Your privacy. Although legal requirements may vary from country to country, We will adhere to the principles set forth in this Policy even if, in connection with the above, We transfer Your Private Information from the United States to countries that may not require as stringent levels of protection for Your Private Information as are applied Us. In other words, Our goal is to provide protection for Your Private Information no matter where that Private Information is collected, transferred, used or retained.
1st Opus and its partners may also collect government-issued identification numbers and other proofs of identity and domicile ("ID Information") to comply with existing Know Your Customer government and regulatory regulations.
Some of the material in Our Policy relates to the General Data Protection Regulations (“GDPR”) in the European Union regarding the safety of, use of, security of, processing of, and other specific rights regarding Your Private Information. We will, wherever possible, adhere to the guidelines and regulations set out in the GDPR.
We comply with the Virginia Consumer Data Protection Act (Va. Code Ann. §§ 59.1-575 to 59.1-585) (“VCDPA”) which took effect and was enforceable from January 1, 2023.
We are in compliance with Colorado’s Senate bill 21-190 entitled the “Colorado Privacy Act” and “CPA” which becomes effective and enforceable on July 1, 2023.
We are in compliance with Connecticut’s Senate Bill 6: An Act Concerning Personal Data Privacy and Online Monitoring (also known as The Connecticut Data Privacy Act or “CTDPA”) which will go into effect and be enforceable on July 1, 2023.
We are in compliance with Utah’s S.B. 227 – Utah Consumer Privacy Act (“UCPA”) will go into effect and be enforceable on December 31, 2023.
The CCPA, the CPRA, the VCDPA, the CTDPA, the UCPA and the CPA are collectively referenced to in the remainder of Our Policy as the “State Privacy Requirements”.
Wherever applicable We have implemented the requirements of the most strict of the State Privacy Requirements.
Several states have identified a new category of Private Information entitled “Sensitive Private Information” which is a subcategory of Private Information and includes but is not limited to:
- Any data revealing racial or ethnic origins, religious beliefs, mental or physical health conditions or diagnoses, sexual activity or orientation, citizenship, or immigration status;
- Genetic or biometric data used to uniquely identify an individual;
- Personal data of a child under the age of 13; and
- Information that identifies an individual’s specific location with a defined degree of precision and accuracy (called “precise geolocation data”).
- Social Security, driver’s license, state ID, or passport numbers;
- Financial account information;
- Precise geolocation;
- Racial or ethnic origin;
- Sex life or sexual orientation;
- Religious or philosophical beliefs;
- Union membership;
- Nonpublic communication;
- Genetic, biometric, and health data.
Within Our Policy, Sensitive Private Information is included collectively in the information for Private Information as is relevant. We will implement all relevant rules and regulations relating to Sensitive Private Information for Accounts of Customers in California and, where relevant, for any other Account no matter the domicile of the Account holder.
This Policy explains how 1stOpus treats Your Private Information.
1st Opus’s General Privacy Principles: 1st Opus is committed to safeguarding the privacy of Your Private Information:
- We will only collect and use Your Private Information where We have lawful grounds and legitimate business reasons to do so;
- We will be transparent in Our dealings with You and will tell You about how We collect and use Your Private Information;
- If We have collected Your Private Information for a particular purpose, We will not use it for any other purpose unless You have been informed and, when required by law, Your permission has been obtained;
- We will not ask for more Private Information than We need for the purposes for which We are collecting it;
- We will update Our records when You inform Us that Your details have changed;
- We will continue to review and assess the quality of Your Private Information;
- We will implement and adhere to information retention policies relating to Your Private Information and will ensure that Your Private Information is securely disposed of at the end of the appropriate retention period;
- We will observe the rights granted to You under applicable privacy and data protection laws and will ensure that We promptly and transparently deal with queries relating to privacy issues;
- We will delete Your Private Information when You request Us to do so, with the exception of when We are required by law to retain some or all of Your Private Information for certain periods of time;
- We will train Our staff on their privacy obligations;
- We will ensure We have appropriate physical and technological security measures to protect Your Private Information regardless of how it is processed or where it is stored;
- We will ensure that when We outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with Our privacy principles;
- We will ensure that suitable safeguards are in place before any of Your Private Information is transferred to any other entity or to any other countries.
- We will provide Account holders from California with a link on Our Website entitled “Limit the Use of My Sensitive Private Information” which will explain their modified and/or expanded rights;
- We have implemented cybersecurity safeguards;
- We have created and communicated to consumers a process by which consumers may submit a request regarding their Private Information and subsequently appeal any decision made by Us;
- We provide a clear and conspicuous notice informing consumers that they have the right to opt out of targeted advertising and sales of their personal data;
- We will establish a user-selected universal opt-out mechanism by July 1, 2024;
- We update Our contracts with third parties to ensure that these third parties comply with all relevant data privacy laws;
- We have established a procedure to determine when to conduct a data protection assessment.
To protect Your privacy, We have adopted the following core areas of focus:
- Access and Accuracy
You may access and browse certain parts of Our Website without disclosing any Private Information. However, if You sign up for an 1st Opus Account, We will require that You supply Us with some Private Information. You will be required to input: (1) Your full legal name; (2) the address where You currently reside which includes Your street address, apartment number if applicable, Your City, State and Zip Code; (3) Your telephone number; (4) Your date of birth, and (5) a color picture of a current government issued identity document, and other information at Our discretion.
If You attempt to purchase a product or service offered by a Retailer, We may request that You voluntarily supply Us or one of Our service providers with other Private Information, specifically Your method of payment details. We use a secure transmission method for all of Our transmissions. You will be required to allow Us to store Your payment mechanism information (for example, credit card number and expiration date) so that You are not required to reenter this information on a subsequent purchase transaction. If You opt not to allow Us to store this information You will be required to reenter Your payment details during each merchandise process.
We receive and store all information that You enter in Our Website unless You specifically opt-out of providing Us Your payment method details. In addition, We collect information about You during Your visit, such as Your IP Address, and We employ special purpose software in order to ascertain Your physical location when using Our Website. Also, We may collect nonpublic Private information about You from the following sources:
- Information We receive from You on applications or other forms; and
- Information about Your transactions with Our third party suppliers, Retailers, or others.
In the process of accepting You as a Customer, We and/or Our third party suppliers may collect information about You from sources such as social media and public records. You are required to provide US and Our third party suppliers with accurate and up-to-date information, and Your failure to accurately provide such information could result in the voiding of Your agreement with Us and the cancellation of Your Account.
We will require You to provide required Private Information through Our Website or on Our APP. Only in situations where You cannot scan and upload this Private Information online to Us, will We request or accept Private Information by any other methods such as E-Mail, physical mail or via facsimile message. Private Information collected via facsimile, mail, or e-mail will be scanned and stored in Our computerized databases, and any paper copies will be shredded unless We are required by law to keep paper copies.
Current government regulations require Us to collect valid government-issued identification document / numbers ("ID Numbers") such as passport numbers, driver’s license numbers and/or other government issued forms of identification of its Account holders as a preventative measure against identity theft, money laundering, terrorist financing, and the use of Our products and services for illegal purposes. WE WILL NEVER ASK YOU FOR YOUR ID NUMBER OVER INSTANT MESSENGER OR E-MAIL. You may be prompted to enter Your ID Number after You log into Your 1stOpus Account, or upon sign-up for a new 1stOpus account.
1st Opus and its partners are the sole owner of the information collected through Our Website, Our smartphone APP, or any other means. We will not sell, share, or rent this information to third parties, except as set forth in this Policy. We will release data when required by law, to enforce Our agreement(s) with You, or to enforce the contract rights of Our Retailers or third party suppliers.
1st Opus will not share Your ID Number or government-issued identity document with anyone, other than a government institution or authority when required by law, through subpoena by a court of competent jurisdiction, or other regulation, including banking regulations.
We ensure that Your Private Information will not be disclosed to anyone other than a government institution or authority when required by law or other regulation, except We may disclose Your Private Information to the following parties (“Third Parties”):
- Our affiliated bank and payment system processors as required to process transactions on Your payment method with Our Retailers;
- Retailers affiliated with Us from which You are purchasing goods and services using Our services.
In addition, We may disclose Your user name, name, address, phone number, and E-Mail address to non-financial companies, such as companies that perform marketing services on Our behalf ("Nonaffiliated Third Parties") to provide You information, special offers, and promotions. You may opt-out from these disclosures at any time by following the procedures detailed in the Access, Verification, Timing and Costs, Opt-Out Procedures section of this Policy.
Choice to provide Private Information
You may choose whether or not to provide Your Private Information to Us. If You choose not to provide the Private Information We request, You can still visit portions of Our Website, but You may be unable to access certain options, offers, and services that involve Our interaction with You. If You chose to have a relationship with Us, You will be required to provide certain Private Information in connection with such relationship in order to maintain that relationship.
In those situations where governmental regulations require You to provide ID Information, if You choose not to provide this ID Information, You will cannot be provided an account. If You are a current 1st Opus account holder, and We request Your ID Information upon login, if You choose not to provide the requested ID Information within the time allocated, We will terminate Your 1st Opus Account and You will not be able to use Your Account.
Use of Your Information:
If You prefer that We not disclose non-public Private Information about You to Nonaffiliated Third Parties, You may opt out of those disclosures; that is, You may direct Us not to make those disclosures (other than disclosures permitted or required by law). If You wish to opt out of disclosures to Nonaffiliated Third Parties, You may opt-out by contacting Us by following the procedures detailed in the Access, Verification, Timing and Costs, Opt-Out Procedures section of this Policy.
1stOpus has implemented best-practices security policies, rules and technical measures to protect the Private Information that We have under Our control from unauthorized access; improper use or disclosure; unauthorized modification; unlawful destruction or accidental loss. Secure Socket Layer (SSL) software is used when receiving and transmitting electronic payments. The sensitive information that You provide is encrypted.
Access to Your Private Information is highly restricted. Our facilities are only accessible through a process of security clearance. All employees and data processors, who have access to and are associated with the processing of Private Information are obliged to respect the confidentiality of Our customers' Private Information and Your Private Information and ID Information is restricted to those employees who have a need to know Your Private Information. We conduct background and credit checks on all of Our employees prior to employment. We employ a User ID, password scheme and a random Token process in order to limit and achieve access to Our computer networks by Our employees and Third Parties.
The Company is and has been in compliance with all applicable portions of the Payment Card Industry Data Security Standard (“PCI-DSS”) in all material respects, as it has been amended from time-to-time. With respect to payment card transactions or information processed in any way (including any processing, storing or communication of transaction data or Cardholder Data (as such term is defined in the PCI-DSS)), by Us, We are in material compliance with the PCI-DSS applicable to service providers and with the requirements related to PCI-DSS in each Agreement pursuant to which We provide services of any kind. Each of Our products or services that is:
- intended to be used to process financial or payment card transactions (including any processing, storing or communication of transaction data or Cardholder Data (as such term is defined in the PCI-DSS)); and
- provided by the Company to any person or business, is in compliance with the PCI-DSS.
4. Accuracy and Access
The Private Information, that You provide Us must be accurate and current. Our goal is to provide You a means of access should You need to update or correct Your Private Information. If for any reason those means are unavailable or inaccessible, You may send updates and corrections about Your Private Information to legal@1stOpus.com or by facsimile, by governmental or private express mail, and all reasonable efforts will be made to incorporate the changes in Your Private Information as soon as practicable.
Access, Verification, Timing and Costs, Opt-Out Procedures
How to Submit a Request Regarding Your Private Information. To submit an access or deletion request, please email legal@1stOpus.com. To submit a “Shine the Light” request, email Us at legal@1stOpus.com. If You designate an authorized agent to make an access or deletion request on Your behalf using one of the channels described above, We will require You to provide the authorized agent written permission to do so and to verify Your own identity directly with Us (as described below). For questions or concerns about Our privacy policies and practices, please contact Us as described in the ‘How to Contact Us’ section of Our Policy.
Verifying Requests. To help protect Your privacy and maintain security, We will take steps to verify Your identity before granting You access to Your personal information or complying with Your request. We will require You to provide any of the following information: Your name, date of birth, the last four digits of Your Social Security number, the email and physical addresses associated with Your 1stOpus Account, one or more recent transactions, and the last four digits of one or more 1st Opus-branded cards associated with Your Account. If You have never had an account with Us and You request access to or deletion of Your personal information, there is no reasonable method by which We can verify Your identity to the level of certainty required by the relevant regulations. The reason for this is that 1stOpus does not maintain information about non-accountholders in a way that is linked to named actual persons (and historically has not linked IP addresses, device identifiers or other information collected by automated means to named actual persons). In addition, if You ask Us to provide You with specific pieces of personal information, We may require You to sign a declaration under penalty of perjury that You are the consumer whose personal information is the subject of the request.
Timing and Costs. Within five (5) business days of Our receipt of Your request, You shall be provided a copy of the Private Information and/or ID Information that is kept about You. If You agree to receive this information in electronic format, You will not be charged. However, if You require that the information is sent to You in paper format, You will be charged a $25 processing fee to complete the request. Except for when required by relevant law regarding Your Private Information, 1stOpus reserves the right to refuse any request for information, and We will communicate the reason for Our decision to You. Opt-Out Procedures. If You desire to opt out of or modify any uses of Your Personal information contact Us via Email at legal@1stOpus.com and explain, in detail, Your request.
IV. YOUR RIGHTS
You have the right to:
- Access Your Private information. You have the right to obtain from Us confirmation as to whether or not Your Private data is being obtained, stored, processed and retained, and, where that is the case, access to the Private data.
- Correct and/or complete Your Private information. You have the right to correct any of Your Private information that You believe to be inaccurate. This includes the right to have incomplete Private information completed.
- Opt Out. You have the right if you live in certain states to completely opt out not only of the sale of Your Personal Information but also of the collection and use of Your Personal Information. Be advised that if you completely opt out of Our being able to collect and use Your Personal Information, You may not be able to utilize some of our services.
- Require Us to restrict how We use Your information. You have the right to restrict the processing or use of Your Private information where one of the following applies. You believe that:
- Obtain copies of Your Private information that We have. You can ask Us for a copy of Your Private information and We will provide that information in machine readable form. See the above section 4 – Access regarding any costs associated with this request.
- Right to delete some of Your Private information. You can ask Us to erase or delete all or some of Your Private information where one of the following applies. Some of Your Private information may not be able to be deleted for Us to comply with relevant law and processing regulations.
- Right to Access Information About Automatic Decision Making. You now have the right to access information about how companies use automated decision-making technology. You have the right to opt-out of any automated decision-making processes.
- Right to Data Portability. You now have the right to request that We transfer Your Private personal to another entity, to the extent it is technically feasible.
- Right to lodge a complaint. You have a right to lodge a complaint with the supervisory authority of the state in which You reside.
- Right of non-discrimination. You have the right of non-discrimination by Us for exercising Your Privacy information management rights.
V. THIRD PARTIES
Occasionally, We receive information from Third Parties to compare to Your Private Information that You have provided to Us for fraud prevention purposes.
1stOpus, in compliance with the US federal law, the Children’s Online Privacy Protection Act (“COPPA”), does not request, or knowingly collect Private Information from children under the age of thirteen (13) years of age. We take specific steps to protect the privacy of children by making reasonable efforts to ensure that a child's parent or legal guardian has authorized the collection and/or distribution to Third Parties of a child's Private Information. Additionally, to ensure that children's privacy is respected on Our Website, We require age verification on every inquiry. Furthermore, We do not give children the ability to post messages or otherwise distribute information about themselves on Our Website.
VII. POLICY CHANGES
1stOpus will make all commercially reasonable efforts to maintain up-to-date and effective privacy standards and policies. Whenever We makes changes to these standards or this Policy We will post a notice of this change at www.1stOpus.com. For the time You have an account with Us, You are agreeing to this Policy and changes that may be made to this Policy.
VIII. EFFECTIVE DATES
This Policy is effective immediately. Policy changes are effective as soon as they are posted on Our Website unless a specific effective date is provided.
1stOpus is committed to the privacy of all customers' Private Information and are actively supporting current industry initiatives to preserve individual privacy rights on the Internet. Protecting Your privacy online is an evolving area, and Our Website is constantly evolving to meet these demands.
If You have any comments or questions regarding this Policy, please contact legal@1stOpus.com. While We cannot guarantee privacy perfection, We will address any issue to the best of Our abilities as soon as possible.
“Cookie” means a small piece of text data stored on the storage drive of a visitor to a Website, containing information about the visitor that can only be read by the server that placed the information onto the visitor's storage drive. We employ Cookie technology.
Most browsers are initially set up to accept Cookies. You can set Your browser to block Cookies entirely, delete Cookies when You leave the Website, notify You when You receive a Cookie giving You the chance to decide whether or not to accept it, or limit the subsequent retrieval of Cookies by the Website. In addition, there are number of privacy-enhancing tools and software that You may purchase that will enable You to identify and block Cookies on a selective basis. Please note that for some Websites that require an authorization, Cookies are not optional. Users choosing not to accept Cookies will probably not be able to access those Websites where Cookies are not optional.
Cookies can be "Persistent", "Session" or “Essential” Cookies.
Persistent Cookies, also called a Permanent Cookie, or a Stored Cookie, is a Cookie that is stored on Your hard drive until it expires (persistent cookies are set with expiration dates, but that date may be far in the future) or until You delete the Cookie.
Session Cookies are also called a Transient Cookie, and is a Cookie that is erased when You close Your Web browser. A Session Cookie is stored in temporary memory and is not retained after Your browser is closed. Session Cookies do not collect information from Your computer.
Essential Cookies are Persistent or Session Cookies that We may use to authenticate You and prevent fraudulent use of Your account.
When You use and access the Service, We may place a number of Cookies in Your Web browser.
We use both Session and Persistent Cookies on the service and We use different types of Cookies to run the service:
IX.2 Third Party Cookies
In addition to Our own Cookies, We may also use various third-party’ Cookies to report usage statistics of the Service, deliver advertisements on and through the service, and so on.
IX.3 What are Your choices regarding Cookies
Please note, however, that if You delete Cookies or refuse to accept them, You might not be able to use all of the features We offer. You may not be able to store Your preferences, and some of Our Webpages might not display properly.
IX.4 Where can You find more information about Cookies?
You can learn more about Cookies from the following thirdparty Websites:
- All About Cookies: http://www.allaboutCookies.org/
- Network Advertising Initiative: http://www.networkadvertising.org/
XI. How to Contact 1stOpus
You can contact Us by the following methods:
Email – legal@1stOpus.com