The Mazoola mobile application, web application, and services, including versions that have been branded for third parties, are collectively referred to as the “Mazoola App”. The Mazoola App is owned and operated by REGO Payment Solutions, Inc., dba Mazoola (collectively, “Mazoola”, “REGO”, “we,” “our”, or “us”). We provide technology platforms designed for the management of the under-18 age group in the global online market. Mazoola App is an online system, provided by REGO Payment Architectures, Inc., that enables parents to control and guide their children through their online transactions and allows children to make parent-authorized purchases through the Internet (the “Service”).
Kids Privacy Assured by PRIVO: COPPA Safe Harbor Certification
REGO Payment Architectures, Inc. is a member of PRIVO’s COPPA Safe Harbor and GDPRkids™ Privacy Assured. PRIVO is an independent, third-party organization committed to safeguarding children’s personal information collected online.
The Program certification applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO COPPA Certification Seal. The certification Seal posted on this page indicates REGO Payment Architectures, Inc. has established COPPA compliant privacy practices and has agreed to submit to PRIVO’s oversight and consumer dispute resolution process. If you have questions or concerns about our privacy practices, please contact us at (267) 465-7530 or [email protected] If you have further concerns after you have contacted us, you can contact PRIVO directly at [email protected]
The Program applies to the digital properties listed on the validation page that is viewable by clicking on the PRIVO GDPRkids™ Verified Shield. The PRIVO GDPRkids™ Privacy Assured Program supports child directed services known as Information Society Services under the General Data Protection Regulation (GDPR), to comply with the requirements of this legislation. It impacts any child directed service in an EU Member State and any service globally that collects and or processes the personal data of children and minors. There is no safe harbor for the GDPR to date, but to ensure this company’s services meet the program requirements, we conduct regular monitoring and consulting.
REGO Payment Architectures, Inc. will be awarded the GDPRkids™ Verified Shield before the Mazoola® app is available in the EU.
We are very concerned about the safety of children online. We comply with the Children’s Online Privacy Protection Act of 2000 (“COPPA”) to the extent it applies to us and to our App, and with GDPR as it relates to children. Only a parent, guardian, or authorized adult (“Parent”) may create a Mazoola® account for a child in our App. The Parent provides all information required to set up a parent profile and child profile(s), including the child’s Mazoola® User ID and Password. A child’s use of Mazoola® and participation and access to the App is currently not conditional upon his/her providing any Personal Information – they only need their Mazoola® User ID and Password. In any event, a child’s use of Mazoola® and participation and access to the App will not be conditional upon his/her providing any more Personal Information than is reasonably necessary for them to participate in an activity. Parents have a right to consent to our use of their child’s Personal Information without having to consent to the disclosure of that information to third parties, as we do not share your child’s Personal Information with any third party, other than service providers and agents necessary to provide the Service.
Mazoola® gathers two types of information through the App: “Personal Information” and “Non-Personal Information”. Personal Information is information collected online that can be used to identify, contact or locate an individual. Non-Personal Information is information that does not reveal an individual’s specific identity, such as aggregated information, demographic information, and IP addresses.
We collect the following Personal Information from Parents when they create a Mazoola® account in our App: Parent’s first and last name, street address, zip code, parent email address, telephone numbers, parent profile name, parent password, child nickname, child password, child gender, child date of birth, time zones, transaction thresholds, allowed merchants, websites and applications, and merchant credentials when the parent requests.
We sometimes collect debit or credit card information from a Parent, including card number, expiration date, billing address, and CVV number to use to load funds into the family Mazoola account. Alternately, we may collect bank account information, including account number and routing number, for this same purpose. For security reasons, we do not store your credit card information on our servers; we use a third-party hosting provider to store and transmit that information in accordance with PCI (Payment Card Industry) Data Security Standards.
We also gather purchasing and transaction information based on purchases made using the Mazoola® service for reporting to Parents, for use in resolving any disputes, and to satisfy obligations to the bank that issues the virtual card we use for the child’s account, as well as to the card network itself. This purchasing and transaction information may be compiled and analyzed on an individual or account basis for the purpose of providing enhanced services and features to the individual or account. Some of this data will be abstracted and/or anonymized in order to be used in an aggregated basis by us for any purpose. For instance, we might use such data to determine that the most common food purchase among 14-year-old boys is pizza. We never sell information that personally identifies a child to any party.
We collect the following information from children (a) when they use the Wishlist functionality on our App or a merchant’s site: the URL for the merchant site and the particular products, services, games, or other items they wish to purchase from the merchant using the Service, and (b) particular merchants they would like their Parents to authorize as approved merchants.
When you visit and interact with the App, Mazoola® and its third-party service providers may also collect other information (for example, a catalog of the screens you use). This information is generally collected through the App from server log files, environmental variables, and database entries.
Our primary purpose for collecting information is to provide the Service. We use Personal Information in the following ways:
We reserve the right to share such Non-Personal Information, which does not personally identify you, with Affiliated Entities and other third parties, for any purpose. Any such information is first completely abstracted and/or anonymized in such a fashion that no one—including Mazoola—can associate it back to you or your child.
The chart below summarizes the Third-Party Service Providers used by the App, and the data made available to them:
THIRD-PARTY SERVICE PROVIDER
|Microsoft Azure||Cloud infrastructure including storage||Data is stored encrypted. Microsoft staff are not able to access it. Includes IP Address|
|Armor||Security-as-a-Service||Security staff may encounter PI when investigating a breach|
|Synapse||Card management services|
|Evolve Bank||Issuing bank|
|Cognito||Identity verification (regulatory requirement of banks)||N/A|
|Lightstream||Azure managed services||Data is stored encrypted. Lightstream staff are not able to access it. Includes IP Address|
The security of your Personal Information is important to us. We follow generally accepted industry standards to protect the information you submit to us. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. Once we receive your information, we use HTTPS encryption to transmit sensitive information such as credit card numbers and user ID and passwords. All Personal Information you provide for the Mazoola Service is stored on secure third party infrastructure in accordance with their security procedures and the Payment Card Industry Data Security Standard. User ID and password are used so that only the Parent can access and view the Personal Information and certain other Mazoola account information and a child’s User ID and password are needed to make a transaction using the Mazoola Service. We recommend that you do not divulge and you inform your children that they not divulge Mazoola user IDs and passwords to anyone. Ultimately, you are responsible for maintaining the secrecy of your Mazoola User IDs and passwords and Mazoola shall not be responsible or liable in any way for damages or losses resulting from a Parent or child divulging or not protecting their user IDs and/or passwords.
If Parents would like to review, correct, update or delete Personal Information or Non-Personal Information that was previously provided by Parents to us through the App, they may do so by logging into their Mazoola® account and correcting, updating or deleting such information in the Parent profile or child profile(s). Please note that if required information (marked with an asterisk) is deleted, the Mazoola Service will not function and can no longer be used. If a Parent deletes all information from the Parent profile their Mazoola account will be closed and all information except transaction information will be removed from our system. Parents may also elect to delete an entire child profile, in which event such child may no longer use the Mazoola Service. If a Parent is unable to correct, update or delete their information as described above or wishes to refuse further contact with their child by the App, they should contact Mazoola at [email protected] with their specific request. Please note that we may need to retain certain transaction information for record keeping and reporting purposes, and there may also be residual information that will remain within our databases and other records, which will not be removed. We are not responsible for removing information from the databases of third parties with whom we have already shared information. We will retain your information for as long as your Mazoola Account is active or as needed to provide you services.
If you wish to cancel your Mazoola Account or request that we no longer use your Personal Information to provide you Services, Parents should log into their Parent profile in their Mazoola Account and select the “delete” button, and if your attempt to close your account online is unsuccessful, you should contact us at [email protected] We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. If you no longer wish to receive electronic newsletters and/or promotional emails that we may send to you, you may opt-out of receiving them by following the opt-out instructions included in each newsletter or email, or logging into your Parent profile and updating the communication settings. If your attempts to opt-out by these methods are unsuccessful, you should email us at [email protected] with your request.
The App is controlled and operated by Mazoola® from the United States, and is not intended to subject Mazoola or any Affiliated Entity to the laws or jurisdiction of any state, country or territory other than that of the United States. Mazoola does not represent or warrant that the App or any part thereof, is appropriate or available for use in any particular jurisdiction. Those who choose to access the App do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. We may limit the App’s availability, in whole or in part, to any person, geographic area or jurisdiction we choose, at any time and in our sole discretion.
Mazoola complies with the rights given to EU Citizens under the General Data Protection Regulation (GDPR). These rights are as follows:
For more information on how to action these rights please contact us at: [email protected]
If you are an EU citizen and would like to make a complaint about the way we process your personal data, you can contact the relevant Data Protection Authority (DPA). Please contact us using the details below to find out more.
If you have any questions regarding this Policy, our information practices, or accessibility, please contact us by e-mail at [email protected], write us at the address below or call 1-844-210-4789. Please note that e-mail communications will not necessarily be secure; accordingly, you should not include credit card information or other sensitive information in your e-mail correspondence with us.
REGO Payment Architectures, Inc. 325 Sentry Parkway Suite 200 Blue Bell, Pennsylvania 19422
Attention: Customer Service
© Copyright 2022 REGO Payment Architectures, Inc. All rights reserved.®