We at Cass Europe B.V. and Cass TEM UK Ltd. ("Cass" or "we/our/us") respect your privacy and are committed to safeguarding and protecting your privacy in connection with the recording, organization, structuring, storage, adaptation, alteration, retrieval, collection, consultation, use, disclosure, dissemination, restriction, erasure or destruction (“processing”) of your Personal Data. We may process your Personal Data for a variety of reasons and in a variety of ways.
This privacy statement (“Statement”) contains important information regarding our privacy practices and the choices we offer you with respect to your Personal Data. If you choose to provide us with your Personal Data, you are telling us that you have read, fully understand, and accept the privacy practices summarized in this Statement. We strongly encourage you to read this Statement in its entirety to understand our privacy practices before submitting any Personal Data to us.
If you have any questions about this Statement and/or the processing of your Personal Data, please do not hesitate to contact our EU or UK Privacy Managers at +31 76 5315 384 or +44 1256 679510 or our US Privacy Manager at privacy@cassinfo.com.
This Statement will inform you about:
Cass is operationalizing compliance changes in connection with the new EU General Data Protection Regulation (GDPR). The GDPR replaces the Data Protection Directive 95/46/EC, and similar domestic legislation in EU Member States with respect to most (but not all) areas of data privacy and protection. Significant changes include, but are not limited to:
• Increased fines (up to €20 million or 4% of global annual turnover);This Statement applies to our processing of the Personal Data of our business contacts, vendors, directors, agents, and customers (including their representatives and service providers), when the General Data Protection Regulation (EU 2016/679) applies to such Personal Data.
Personal Data is any information that relates to an identified or identifiable natural person and is sufficient to enable such person to be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, or an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. We act as a data processor for purposes of these processing activities. In this Statement, we use the word “you” to refer to anyone within the scope of this Statement.
We use Personal Data on a day-to-day basis to run our business, provide our services, enter into contracts, and to protect our interests. We collect Personal Data from you when you provide it to us, or when we collect it from you, for instance, in the course of your dealings with us, because you use certain services (such as our online reporting tools), or because your Personal Data is included in our customer"s invoices, documentation, files, or systems.
Depending on the processing activity, the Personal Data we process in relation to you may include, without limitation:
(i) First and last name;It is necessary to provide us with certain Personal Data in order for us to be able to provide you with our services, as applicable. In certain situations, if you do not provide us with your Personal Data, we may be unable to provide you with our services.
We may use various technologies to collect Personal Data about you when you visit and use our website, http://www.cassinfo.com (“Site”). These technologies may include:
• Cookies. Like many websites our Site may use “cookies.” A cookie is a small information file that some websites transfer to a user’s hard drive. We may use cookies to improve a user’s experience on our Site, for example, to personalize features of the Site for you, to analyze the traffic on the Site, to better understand visitor and customer usage of our Site, and to maintain and make improvements based on the information we collect. The use of cookies has become standard practice for websites, but whether you choose to accept or decline these cookies is entirely up to you. Most browsers are initially set up to accept cookies. You may set your browser to reject cookies and to let you know when a cookie is being placed on your computer. If you refuse cookies, you may not be able to use some of the functionality of our Site. Other third parties associated with the Site may also use cookies in connection with the services and websites to which the Site links. We do not control these third-party cookies.To find out more about how Cass uses cookies, please read our Cass Cookie Policy.
Access to Personal Data relating to you is limited. It is our policy that persons within the organization should only have access to Personal Data on a need-to-know basis.
Under certain circumstances, we may share your Personal Data with third parties:
We will only transfer your Personal Data to the above mentioned third parties for the purposes stated in this Statement, and only to the extent that is permitted under the applicable data protection law.
Third parties to whom we transfer your Personal Data are themselves responsible for compliance with applicable data protection law. We are neither responsible nor liable for the processing of your Personal Data where we do not determine the purposes and means of the processing of that Personal Data.
We take steps to protect your Personal Data no matter what country to which it is transferred. We have procedures and controls in place, as appropriate, to help ensure this is the case. That said, in connection with our business, and for administrative, management, and legal purposes, when processing Personal Data in line with this Statement, we may transfer your Personal Data outside the European Economic Area (“EEA”), including to the United States. If we transfer your Personal Data outside the EEA, such as to our parent, Cass Information Systems, Inc., in the United States, we do so in accordance with applicable data protection laws, including on the basis of an EU Commission adequacy decision, where the transfer takes place pursuant to recognized appropriate safeguards, and/or where a specific derogation is permissible.
Furthermore, our parent company, Cass Information Systems Inc., and two affiliates, Cass Commercial Bank and Cass International, LLC are EU-US Privacy Shield certified and adhere to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability (“Privacy Shield Principles”).
If you would like to know more about how we protect your Personal Data when it is transferred outside the EEA, please contact our EU or UK Privacy Managers at +31 76 5315 384 or +44 1256 679510 or our US Privacy Manager at privacy@cassinfo.com.
Under applicable data protection law, we are allowed to process Personal Data only if we can rely on one or more of the legal grounds for processing. The legal grounds we are most likely to rely on for processing Personal Data in relation to you are:
Cass processes your Personal Data for certain purposes described below. As explained above, processing in this context might include transfers to third parties and/or transfers outside of the EEA. From time to time, we may publish specific notices setting out details regarding particular processes or programs being adopted by us.
Cass does not engage in decision-making based solely on automated processing.
Under applicable data protection law, you may have the following rights:
Please note that the above individual rights are not absolute, and we may be entitled to refuse requests where certain exceptions apply. If you have given your consent and you wish to withdraw it, please contact our EU or UK Privacy Managers at +31 76 5315 384 or +44 1256 679510 or our US Privacy Manager at privacy@cassinfo.com.
Please note that where our processing of your Personal Data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of those services. If you have any questions about your rights regarding your Personal Data, please simply write to us at the postal address provided in our Contact Information below or contact our EU or UK Privacy Managers at +31 76 5315 384 or +44 1256 679510 or our US Privacy Manager at privacy@cassinfo.com, where you may initiate a request to access, reject, correct, restrict, or erase your Personal Data, or where you may initiate a request for transfer of your Personal Data or initiate a request that we refrain from sending you marketing information.
Cass takes reasonable and appropriate physical, administrative, and technical measures to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the Personal Data.
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Statement. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (such as, if we are required to retain your information to comply with applicable tax/revenue laws, resolve disputes, and enforce our agreements).
Where we rely on legitimate interests as a reason for retaining your Personal Data, we have carefully considered whether or not those interests are overridden by your rights and freedoms and have concluded that they are not.
Please note that for corporate law and tax purposes, in the Netherlands, we are required to keep certain data, which might include Personal Data we hold about you (whether directly or indirectly), for a period of seven (7) years after the information has lost its relevance, and in the UK, we are required to keep certain data, which might include Personal Data we hold about you (whether directly or indirectly), for a period of six (6) years after the information has lost its relevance. In certain limited cases, local legal requirements in the Netherlands and UK may result in the preservation or retention of Personal Data for longer periods of time.
Cass reserves the right, at its sole discretion, to change, modify, add, remove, or otherwise revise portions of our policies and this Statement at any time, consistent with the requirements of applicable law. If we change the Statement in a material way, we will provide appropriate notice to you. The “Effective Date” at the top of this Statement reflects the date of the most recent revisions.
Cass is committed to resolving concerns about your privacy and our processing of your Personal Data. Individuals with inquiries or concerns regarding this Statement should first contact our EU or UK Privacy Managers at +31 76 5315 384 or +44 1256 679510 or our US Privacy Manager at privacy@cassinfo.com. In the event that resolution cannot be reached, individuals may also contact their local data protection authority (“DPA”), which may investigate your concern further.
If you have any questions or comments about this Statement and/or the processing of your Personal Data, please contact Cass at +31 76 5315 384 or +44 1256 679510 or at privacy@cassinfo.com. You may also write us at:
Cass Information Systems, Inc. complies with the EU-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Cass Information Systems, Inc. has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
The following Cass Information Systems, Inc. subsidiary participates in the EU-US Privacy Shield Framework and adheres to the Privacy Shield Principals:
Cass International, LLC
We collect personal and non-personal information via our various websites to provide you with additional content and reports on a continual basis or to provide you with a specific service through contractual agreements with your employer.
Cookies:When you use our site we may store cookies on your computer in order to facilitate and customize your use of our site. A cookie is a small data text file, which a website stores on your computer"s hard drive (if your Web browser permits) that can later be retrieved to identify you to us. Our cookies may store information about you, your computer, or your preferences so that you may more easily use our site. The cookies make the site run more smoothly and help us to maintain a more secure site. You have the choice to opt out of this functionality and are always free to decline our cookies if your browser permits, but our site may not work as effectively.
Registration: In order to service our customers, portions of our site may require you to submit information that is typically business related, but may be personal in certain circumstances. We will use the information you provide in the ways you’d reasonably expect – for example, providing additional content/information delivery, stipend payment, delivery of a contracted service, or a payment to a service provider. You have a right to access this data and correct or remove it. The specific registration site or additional communication information provided to you will supply directions on how to correct or remove your data at your request. In all cases you can always contact the Privacy Officer for assistance using the information below.
Cass Information Systems, Inc. does not sell, trade, share or rent your personal information to unaffiliated third parties. Affiliated third parties may receive your data in fulfillment of our service. We maintain specific contract agreements with these companies to ensure that they use the data only for intended purposes and protect the data as we would. If this practice were to change, we would specifically provide you with the opportunity to choose to “opt in” or “opt out” of the sharing of your data.
We may be required to release personal information to third parties in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-US Privacy Shield, Cass Information Systems, Inc. is potentially liable.
In compliance with the EU-US Privacy Shield Principles, Cass Information Systems, Inc. commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact Cass Information Systems, Inc. at:
Cass Information Systems, Inc.
Attn: Privacy Policy
12444 Powerscourt Drive, Suite 550
St. Louis, Missouri 63131
Cass Information Systems, Inc. is subject to the investigative and enforcement authority of the United States Federal Trade Commission (FTC).
Cass Information Systems, Inc. has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
If the complaint remains unresolved, the individual may invoke binding arbitration as outlined in the EU-US Privacy Shield Framework.
We at Cass Information Systems use cookies on our website, www.cassinfo.com (“Site”), to create the most effective Site possible for our users. Among other things, the cookies we use allow us to improve your experience when using our Site and to ensure the Site performs as you (and we) expect it to.
This Cookie Policy explains what cookies are, how we use them on the Site, and what benefits they bring.
On local websites which are linked from this Site, cookies may be used to allow you to log on to our portals, choose log-in preferences, and apply for services online. Please bear in mind that our affiliate companies may have their own privacy and cookie policies that will govern their use of cookies on their local websites and any information you submit on a local website. Please read carefully any local website and/or product terms and conditions before using the local website or product.
Can cookies pass on my personal information to others?
We will not share any personal information gathered through cookies on this Site with third parties.
We do use experience, insight, and marketing cookies on this Site to help provide a better user experience, and in doing so we do share certain limited information with our third party ‘analytics’ providers.
Do cookies compromise my security?
Many of the cookies used on our Site are used purely to provide important security features such as protecting your data and your accounts.
What are cookies?
Cookies are small text files that are sent to and stored on your computer, smartphone, or other device for accessing the internet, whenever you visit a website. Cookies are useful because they allow a website to recognize a user’s device.
Some of the functions that cookies perform can also be achieved using similar technologies. This policy refers to ‘cookies’ throughout, however the term includes these alternate similar mechanisms and technologies.
More information about cookies, including how to disable them, can be found on http://www.allaboutcookies.org/.
Types of Cookies
The length of time a cookie stays on your device depends on its type. We use two types of cookies on our Site:
Essential Cookies
These cookies are essential for the running of our Site. We would recommend this type of cookie is not disabled for the following reasons:
Experience, Insight, and Marketing Cookies
These cookies help us to make sure you have the best possible experience on our Site and help us to manage the online advertising messages you see from us:
How You Can Manage Your Cookies
The browsers of most computers, smartphones, and other web-enabled devices are typically set up to accept cookies. If you wish to amend your cookie preferences for this Site, any local sites, or any other websites, you can do this through your browser settings. Your browser’s ‘help’ function will tell you how to do this.
For browser-specific information on how you can manage the cookies that we use on our Site, please click on the relevant link below:
However, please remember that cookies are often used to enable and improve certain functions on our Site. If you choose to switch off or disable certain cookies, it is likely to affect how our Site works on your computer, smartphone, or device.
Can cookies allow others access to my computer’s hard drive?
The cookies we use cannot look into your computer, smartphone, or web-enabled device and obtain information about you or your family or read any material kept on your hard drive.
If I use a public computer, will someone be able to get my details from the cookies?
Our cookies cannot be used by anyone else who has access to the computer to find out anything about you, other than the fact that someone using the computer may have visited a certain website. The cookies from our Site do not compromise the security of our Site.
What cookies are used by this website application?
eup_acceptcookie - Track
cookie usage acceptance
aspnetcore.culture - Track
Culture language preference
casseup - Security token
ai_user,
ai_session - Track our
application performance
csrf - Protection against site attacks
gman - Protection against site attacks
cfduid - CDN delivery for speed and performance and does not contain user identitfication information
muxData - Allow user to resume when interrupted watching the website application help videos