We are pleased that you are visiting our websites at www.spendruby.com and thank you for your interest in Ruby Card, Inc. ("Ruby", "Ruby Card", "Ruby Account","we" or "us"). In the following, we inform you about the handling of your personal information when using our service.
During the mere informational use of our website, i.e., if you do not register or otherwise transmit information to us, we only collect information that your browser transmits to our server (so-called "server log files"). The information is not passed on or used in any other way. However, we reserve the right to check the server log files retrospectively should indications point to illegal use.
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process certain user information such as browser and location information and IP address values to an individual extent. Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. For more information on cookies, please refer to our Cookie Policy.
When contacting us, personal information is collected. Which information is collected in the case of a contact form can be seen from the respective contact form. This information is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. Your information will be deleted after final processing of your request, if it can be inferred from the circumstances that the matter concerned has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.
Ruby Account Data
To use certain features (like applying for Ruby Card), you need to create a user account. When you create or update your account, we collect and store the data you provide, like your email address, password, phone number, and name, and assign you a unique identifying number ("Account Data"). Account Data consists of Personal and Financial Data as described below. Account Data does not include Minor’s Data, as explained below.
After signing up for a Ruby Account or deletion of your customer account, your information will be retained in accordance with tax and commercial law retention periods and deleted after the expiration of these periods unless you have expressly consented to further use of your information or a legally permitted further use of information was reserved by our side, about which we inform you accordingly below.
In order to establish or implement the contractual relationship with our customers, it is necessary to process the personal data provided to us. The data provided by you may include first name, last name, email address, address, identification documents, proof of residence, and other related documents.
We also process customer data for risk evaluation, anti-money laundering and risk management, and Know Your Customer ("KYC") purposes. This processing is carried out on the legal basis of our legitimate interest and our legal obligations and serves our interest in further developing our services, carrying out our services lawfully, and informing you specifically about our services. Further data processing may take place if you have consented or if this serves the fulfillment of a legal obligation such as adherence to anti-money laundering obligations.
Personal Data
Personal Data is information that can be used to identify you specifically, including your name, email address, telephone number, and date of birth or demographic information like your hometown. You consent to give us this information by providing it to us voluntarily on our website. Your decision to disclose this data is entirely voluntary. You are under no obligation to provide this information, but your refusal may prevent you from accessing certain benefits from our website.
Financial Data
Financial data is related to your payment methods, such as credit card or bank transer details. We collect financial data to allow you to purchase or exchange services from our website. We store limited financial data. Most financial data is transferred to our payment processor, Stripe, and you should review these processors' Privacy Policies to determine how they use, disclose, and protect your financial data.
Stripe Privacy Policy can be found here https://stripe.com/gb/privacy
Minors' Data
We do not knowingly collect data from or market to children under 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the website. If we learn that personal information from users less than 18 years of age has been collected, we will take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us.
Direct marketing
The legal basis for the processing of your personal information in the context of direct marketing measures is either your consent or our legitimate interest in marketing and promoting our courses and services. The purpose of processing your personal information in the context of direct marketing measures is to send information, offers and, if applicable, to promote sales.
Commercial and business services
We process information of our contractual and business partners, e.g., customers and interested parties in the context of contractual and comparable legal relationships as well as related measures and in the context of communication with contractual partners (or pre-contractual), e.g., to answer inquiries.
We process this information to fulfill our contractual obligations, to secure our rights and for the purposes of the administrative tasks associated with this information as well as for business organization. We only disclose the information of the contractual partners to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfillment of legal obligations or with the consent of the contractual partners (e.g., to participating telecommunications, transport, and other auxiliary services as well as subcontractors, banks, tax and legal advisers, payment service providers or tax authorities).
Unless otherwise specified, the purposes of processing this information are: Contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing. Additionally, the legal bases for processing this information are: Contractual performance and pre-contractual inquiries, legal obligation, and our legitimate interests.
Administration, financial accounting, office organization, contact management
We process information in the context of administrative tasks as well as organization of our operations, financial accounting and compliance with legal obligations, such as archiving. In this regard, we process the same information that we process in the course of providing our contractual services. The deletion of information with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.
In this context, we disclose or transfer information to the tax authorities, consultants, such as tax advisors or auditors, as well as other fee offices and payment service providers.
Furthermore, based on our business interests, we store information on suppliers, event organizers and other business partners, e.g., for the purpose of contacting them at a later date. This information, most of which is company-related, is generally stored permanently.
Information processing for the purpose of fraud prevention and optimization of our payment processes
Where applicable, we provide our service providers with further information, which they use together with the information necessary for the processing of the payment as our processors for the purpose of fraud prevention and optimization of our payment processes (e.g., invoicing, processing of contested payments, accounting support). This serves to protect our legitimate interests in our protection against fraud or in efficient payment management.
Ruby is committed to keeping your personal information secure. We implement appropriate measures and take steps to protect personal information against loss and theft as well as unauthorized access, disclosure, copying, use, and modification using security safeguards, including physical, administrative, organizational and technological measures, appropriate for the sensitivity of your personal information.
We comply with industry standards that require safeguards for handling and securing customer information. These include using secure networks, encryption or other protection of cardholder information, physical and technical access controls, monitoring and testing of security systems, and implementation of the information security policies. Ruby Associates who have access to your personal information are made aware of the importance of keeping it confidential. When disposed of, the information is securely shredded, destroyed, erased, or otherwise made unreadable.
Please be aware that no security measures can guarantee complete security. You should also take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your login credentials private.
Your personal data will only be passed on if there is a legal obligation to do so or to service providers and partner companies that have been carefully selected in advance and are contractually obliged to comply with the requirements of data protection law.
a) Disclosure within affiliated companies
We pass on your personal data for the conclusion and processing of contracts for offers on our website to affiliated companies. This is particularly necessary so that you can use all our offers. If you contact a store or our customer hotline with questions, complaints or returns as well as other complaints, they will also receive access to your order data in order to be able to process your request.
b) Disclosure to service providers
For the operation and optimization of our services and for the processing of contracts, various service companies work for us, e.g., for central IT services or the hosting of our website, for the payment and delivery of products or for the dispatch of newsletters, to whom we pass on the data required for the fulfillment of the task (e.g., name, address).
Some of these companies act for us by way of commissioned processing and may therefore use the data provided exclusively in accordance with our instructions. In this case, we are legally responsible for appropriate data protection precautions at the companies we commission. We therefore agree on specific data security measures with these companies and monitor them regularly.
In contrast to order processing, in the following cases we transmit data to third parties for their own use in order to process the contract. In the case of payment for goods to the payment service provider specified when the order was placed.
We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You only provide this information directly to our payment service provider. The transmission of your personal information during an order transaction is encrypted using industry standard Secure Socket Layer ("SSL") technology, (SSL encryption version 3). Any credit card information you provide will not be stored by us but will be encrypted and collected directly.
c) Disclosure to other third parties
We will disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obliged to do so, e.g., due to official or court orders, or if we are entitled to do so, e.g., because this is necessary for the prosecution of criminal offenses or for the exercise and enforcement of our rights and claims.
Ruby has taken a variety of security measures to adequately protect personal information to an appropriate extent. All information held by Ruby is protected by physical, technical, and procedural measures that limit access to the information to specifically authorized persons in accordance with this Policy Statement.
The Ruby website is behind a software firewall to prevent access from other networks connected to the Internet. In addition, only employees who need to perform a specific job function are granted access to personally identifiable information. These employees are trained in security and privacy practices and treat your information confidentially.
You have the ability to exercise the following rights:
You have the right to withdraw your consent at any time by emailing support@spendruby.com, subject to legal and contractual restrictions. Note that your withdrawal of such consent may limit your ability to obtain certain products and services.
You have the right to request access to and obtain a copy of any of your personal information that we may hold, to request correction of any inaccurate information relating to you and to request the deactivation or deletion of your accounts under certain circumstances. You may submit these requests by emailing support@spendruby.com.
You have the right to submit a complaint with the appropriate governing body in the jurisdiction of your residence if you consider that Ruby's management of your personal information infringes applicable laws (although we ask you to try to resolve any complaint with us first).
You have the right to opt out of the processing of your personal data for the purposes of targeted advertising, the sale of personal data, or profiling in furtherance of solely automated decisions that produce legal or similarly significant effects.
You have the right to obtain your data in a portable and readily usable format that allows you to easily transmit this data.
You have the right to know what personal information Ruby has collected, used, or shared, and why Ruby collected, used, or shared that information.
You will not be denied services, charged a different price, or receive a different level of service as a result of exercising your CCPA rights.
If you have a question about our personal information practices, please contact us at support@spendruby.com.
If you make a request, we will confirm that we have received your request and let you know if we need anything else from you. We typically fulfill your request within two (2) to three (3) weeks unless the request is particularly complex, or we receive multiple requests from you. In these cases, we may extend the time period, but we will always let you know.
For your protection, we only fulfill requests for the personal information associated with the email address and/or account number that you identify in your request, and we may need to take other steps to verify your identity before taking any action. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.
Currently, various browsers — such as Internet Explorer, Firefox, and Safari — offer a "do not track" or "DNT" option that relies on a technology known as a DNT header, which sends a signal to Web sites visited by the user about the user's browser DNT preference setting. At this time, Ruby has not enabled DNT functionality on its websites, in part because industry groups have adopted no common industry standard for DNT, technology companies, or regulators, including no consistent standard of interpreting user intent. The company takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
The CAN-SPAM Act is a regulation that sets the guidelines for commercial email, establishes requirements for commercial announcements, provides recipients the right to have certain emails not delivered to them, and spells out hard fines for violations.
We collect your email to be able to send information, react to questions, and/or other demands or questions
To maintain compliance with CANSPAM, we agree to:
Not use untrue or misleading subject matter or email addresses.
Identify the concept as an advertisement in some realistic way.
Include the physical address of our site headquarters or business
Screen third-party email marketing services for conformity, if one can be used.
Honor opt-out/unsubscribe demands quickly.
Allow users to unsubscribe utilizing the link at the bottom of every email.
If anytime you want to unsubscribe from receiving future emails, you can email us by using the contact form at our website spendruby.com, and we will immediately remove you from all marketing and non-service related communication.
We kindly ask you to regularly inform yourself about the content of our Privacy Policy. We will amend the Privacy Policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.
If you have any questions or concerns about a possible disclosure, breach, or misuse of your personal information, or any other questions or comments, you can contact us at:
Email: support@spendruby.com
Phone number: 1-201-252-7705
Midland States Bank's Privacy Policy at: https://bit.ly/3VBz0Km
Privacy Notice at: https://bit.ly/45kCxzO