Updated September 20, 2022
Your privacy is important to us. This Online Privacy Policy explains how we collect, share, use, and protect information when you visit or use this online service and any other online services offered by Astro Financial, Inc. ("Astro") that link to or reference this policy (collectively, our “online services”). This policy covers Astro’s online services, including the Astro website, Astro mobile, and Astro-branded social media sites or pages, as well as any interactions you may have while viewing content provided through one of Astro’s digital advertising campaigns.
As you review this Online Privacy Policy, here are a few general principles to keep in mind:
For the purpose of this Privacy Policy, unless otherwise specified, "Personal Information" means any information relating to an identified or identifiable individual. We may obtain different types of Personal Information relating to you in the situations described below.
We currently use Fidel and the Payment Card Networks (Visa, Mastercard, and AMEX) to monitor card transactions for your participation in the Astro program. Your agreement to the various Astro Terms of Use (Terms) authorizes Fidel and the Payment Card Networks to monitor the transactions made with your registered eligible payment cards via the Astro Platform. The data collected from Fidel includes your registered card identifier, merchant, transaction date/time and amount.
Notwithstanding anything to the contrary in the Terms or Privacy Policy, Company and its Third Party Service Providers (Fidel) will use transaction information solely as follows:
In addition, for certain products and services, your financial institutions, the merchants where you make a transaction, or other partners may provide us with more information about you, or we may collect it directly from you to provide you with those products and services on their behalf, support their business or perform processing activities on their behalf.
In the above situations, we act on behalf of and under the instructions of financial institutions, merchants and other partners which act as data controllers. Unless otherwise authorized by law, we will process your Personal Information to process payment transactions or for the purposes agreed between Astro and the financial institutions, merchants and other partners. Please refer to their respective privacy policies for more information regarding the processing of your Personal Information.
By registering a payment card in connection with transaction monitoring, you authorize Astro to share your payment card information with Visa, Mastercard, and AMEX (Payment Networks) so it knows you enrolled. You authorize Mastercard, Visa, and AMEX to monitor transactions on your registered card(s) to identify qualifying purchases in order to determine whether you have qualified for or earned an offer linked to your payment card, and for Visa, Mastercard, and AMEX (Payment Networks) to share such transaction details with Astro and participating merchants to enable your card-linked offer(s) and provide offers that may be of interest to you. You may opt-out of transaction monitoring on the payment card(s) you have registered by navigating to your settings menu to remove your linked card(s).
You acknowledge that Visa, Mastercard, and AMEX may be unable to monitor every transaction made with your enrolled Visa, Mastercard, and AMEX including PIN-based purchases on debit cards, purchases you initiate through identification technology that substitutes for a PIN, or transactions that are not processed or submitted through the Visa U.S.A. or MasterCard, AMEX payment systems, and that these transactions are not eligible. You may opt-out of this monitoring at any time by selecting ‘Account’ from the home screen of your Astro and deleting your registered card(s). If you register a debit card, your transaction must be processed as a ‘credit’ (i.e., signature) transaction to make sure the transaction can be monitored. Do not use a Personal Identification Number (PIN) when paying for your purchases with your enrolled card if you want the transaction to be available for view or action on the Astro App.
Not all Visa, MasterCard, and American Express cards are eligible for registration - including PIN based purchases on debit cards. Visa, MasterCard, and American Express Corporate cards, Visa, MasterCard, and American Express Purchasing cards, non-reloadable prepaid cards, government-administered prepaid cards (including EBT cards), healthcare (including Health Savings Account (HSA) or Flexible Spending Account (FSA) or insurance prepaid cards, Visa Buxx, and Visa-, MasterCard-, and American Express-branded cards whose transactions are not processed through the Visa payment system, MasterCard payment system, and/or American Express payment system are not eligible to participate.
Astro may provide you directly with products and services such as marketing programs, rewards programs, prepaid services, location alert programs, and biometric authentication tools. To benefit from one or more of these products and services, you can submit information to us directly via various means including: (i) on our websites and digital assets, (ii) in response to marketing or other communications, (iii) by signing up for an Astro product or service, or (iv) through your participation in an offer, program or promotion. We may also obtain Personal Information about you through your use of our products or services, from companies that use or facilitate our products or services, from publicly available sources, or from third party partners. Your Personal Information may also be passed on to us by your financial institution, merchant or other business partners.
Below is an overview of the types of Personal Information we may collect in relation to programs we offer directly to you. Each program differs, so where applicable, please refer to the relevant program-specific privacy notice for more information on the use of your Personal Information for that specific program.
In addition, we may collect or use Personal Information for fraud prevention and monitoring, risk management, dispute resolution and other related purposes. Such information may include identifiers, commercial information, and Internet or other electronic network activity information, such as the personal account number, merchant’s name and location, date and total amount of the transactions, IP address, fraud score, location data, merchant details, items purchased and information about the dispute.
We, our service providers and partners may collect certain information about you via automated means such as Internet or other electronic network activity information, cookies, and web beacons when you interact with our ads, mobile apps, or visit our websites, pages or other digital assets. The information we collect in this manner may include: IP address, browser type, operating system, mobile device identifier, geographical area, referring URLs and information on actions taken or interaction with our digital assets. A "cookie" is a text file placed on a computer’s hard drive by a web server. A "web beacon," also known as an Internet tag, pixel tag or clear GIF, is a technology that helps us identify when content has been accessed or visited. For more information about cookies and how we use them, see our Cookie Notice.
We use this information to improve our online products and services by assessing how many users access or use our online products and services, which content, products and features of our online products and services most interest our visitors, what types of offers our customers like to see and how our online products and services perform from a technical point of view. For instance, we may use third-party web analytics services on our websites and mobile apps, such as those of Google Analytics or Amplitude. The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyze how visitors use our websites and apps.
We, our service providers and partners may also collect information about you in connection with our marketing activities, including offers, sweepstakes, contests and promotions. The information collected for these purposes may include identifiers and your contact information (e.g., name, postal address, email address, phone number), electronic identification data (e.g., username, password, security questions, IP address), and data collected in the context of online marketing programs, including commercial information, Internet or other electronic network activity information, geolocation data, and inferences drawn from Personal Information (e.g., personal characteristics, life habits, consumption habits, interests, location data, and voice and image recordings).
We, our service providers and partners may also collect information about you to provide you with content and advertising tailored to your individual interests based on inferences drawn from Personal Information. The information collected for these purposes may include Internet or other electronic network activity information, such as details about things like the particular pages or ads you view on our websites and apps and the actions you take on our websites and apps.
We, our service providers and partners may collect certain information about you via automated means such as, social media tools, widgets or plug-ins to connect you to your social media accounts. These features may allow you to sign in through your social media account, share a link or post directly to your social media account. When you visit a website that contains such tools or plugins, the social media or other service provider may learn of your visit. However, your interactions with these tools are governed by the privacy policies of the corresponding social media platforms. As we do not control these third-parties’ data handling practices, we recommend that you review their privacy policies, terms of use, and license agreements (if any). For further details, please consult “Features and Links to Other Websites” section of this Privacy Policy.
In addition, some of our online products and services include advanced fraud prevention technology using behavioral-based data or biometric information, such as keystroke timing, device accelerometer, scroll position and mouse-location.
Where required under applicable law, we obtain your consent prior to using the above automated means, and prior to sending you marketing communications, tailored content and advertising.
Please see the “Your Rights and Choices” section of this Privacy Policy to learn about your choices.
Because there is not yet a consensus on how companies should respond to web browser-based do-not-track (“DNT”) mechanisms, Astro does not respond to web browser-based DNT signals at this time. To learn more about browser tracking signals and DNT, visit http://www.allaboutdnt.com.
We may collect Personal Information from individuals working for one of our business partners (including financial institutions, merchants, customers, suppliers, vendors and other partners), including identifiers, name, job title, department and name of organization, business email and postal addresses, business telephone number, queries, answers to security questions, security passwords and other credentials. We may use this information to provide products and services directly to financial institutions, corporate clients, merchants, customers and partners, to manage our business relationships and financial reporting, for franchise development and integrity, to protect us from financial crime, to improve our service, for marketing and to comply with applicable law, as well as for accounting, auditing and billing purposes.
In addition to the Personal Information described above, we may collect certain information about your use of our online services. For example, we may capture the IP address of the device you use to connect to the online service, the type of operating system and browser you use, and information about the site you came from, the parts of our online service you access, and the site you visit next. We or our third-party partners may also use cookies, web beacons or other technologies to collect and store other information about your visit to, or use of, our online services. In addition, we may later associate the usage and other information we collect online with personal information about you.
For your convenience, Astro offers you the ability to access some of our products and services through mobile applications and mobile-optimized websites ("Astro Mobile"). When you interact with us through Astro Mobile, we may collect information such as unique device identifiers for your mobile device, your screen resolution and other device settings, information about your location, and analytical information about how you use your mobile device. We may ask your permission before collecting certain information (such as precise geo-location information) through Astro Mobile.
We may also collect information about you from additional online and offline sources including from co-branded partner sites or commercially available third-party sources, such as credit reporting agencies. We may combine this information with the personal and other information we have collected about you under this Privacy Policy.
We may use Personal Information we obtain about you for the purposes set out below. Depending on the country in which you are located, we will only process your Personal Information, when we have a legal basis for the processing as identified in the table below. However, please note that even though the chart below does not list consent as a legal basis for each processing activity, in some countries consent is the only legal basis for the processing of Personal Information, and in those countries we rely on consent for all processing activities.
In most cases, we process your payment transactions as a processor on behalf of your financial institutions, merchants and other partners which act as data controllers. When we act as a processor, controllers are responsible for ensuring a legal basis for the processing of your Personal Information. Please refer to their respective privacy policies for more information regarding the processing of your Personal Information in these contexts.
In some limited cases (e.g., chargebacks), we may process your payment transactions as a controller, provided that:
When we process Personal Information for fraud and cyber threat prevention, we may act as a controller or as a processor. When we act as a controller, we rely on one of the following legal grounds:
Where required under applicable law, we have carried out balancing tests for the data processing based on our or a third party’s legitimate interests to ensure that such legitimate interest is not overridden by your interests, fundamental rights or freedoms. For more information on our balancing tests, you may contact us as described in the "How to Contact Us" section below.
We will not subject you to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you, unless you explicitly consented to the processing where required under applicable law, the processing is necessary for entering into, or performance of a contract between you and Astro, or when we are legally required to use your Personal Information in this way, for example to prevent fraud.
If you provide us with any information or material relating to another individual, you must make sure that the sharing with us and our further use as described to you from time to time is in line with applicable laws, so for example you should duly inform that individual about the processing of her/his Personal Information and obtain her/his consent, as may be necessary under applicable laws.
We do not disclose Personal Information we collect about you, except as described in this Privacy Policy, as disclosed to you at the time of data collection or as described in any program specific privacy notice. We do not sell Personal Information we collect about you, as defined by the California Consumer Privacy Act.
We may also share your Personal Information:
Astro may be used to obtain “Bank Services” as described in the Astro Terms and Conditions. The collection, use, and disclosure of your personal information related to Bank Services is governed by the Bank’s privacy policy available at getevolved.com/privacy-policy/, as modified or supplemented from time to time. By accessing Bank Services through us, you agree that we may share your information with the Bank and the Bank may share your information with us. This includes your personal identification information, account balances, transaction data, and other information needed to provide Bank Services. To the extent we are permitted to use that information in connection with “Non-Bank Services” as described in the Astro Terms and Conditions, we will do so in accordance with Astro Privacy Policy. In all other instances, the Bank’s privacy policy shall control over Astro Privacy Policy, but only with respect to information collected, obtained, or created in connection with the Bank Services.
You have certain rights regarding the Personal Information we maintain about you and certain choices about what Personal Information we collect from you, how we use it, and how we communicate with you.
If you are located in California, we will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights, except where the different price or level of quality of good or service is reasonably related to the value of the data that we receive from you. In some instances, we may not be able to provide you with the good or service that you request if you choose to exercise certain rights.
You can choose:
Note that this list may not be exhaustive, which means that you may have additional rights in accordance with your local laws. In addition, the above rights may be limited in some circumstances by local law requirements.
To update your preferences, ask us to remove your information from our mailing lists or submit a request to exercise your rights under applicable law, contact us as specified in the "How To Contact Us" section below.
If we fall short of your expectations in processing your Personal Information or you wish to make a complaint about our privacy practices, please tell us because it gives us an opportunity to fix the problem. To assist us in responding to your request, please give full details of the issue. We attempt to review and respond to all complaints within a reasonable time and as required under applicable law.
The security of your Personal Information is important to Astro. We are committed to protecting the information we collect. We maintain reasonable administrative, technical and physical safeguards designed to protect the Personal Information you provide or we collect against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We use SSL/TLS encryption on our website and the Astro Mobile App from which we transfer certain Personal Information.
We also take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
Our websites may provide links to other websites for your convenience and information. Our website may also contain certain features for which we partner with other entities. These entities may learn of your visit regardless of whether you use these features. These websites and features, which may include social networking and geo-location tools, operate independently from Astro, and are clearly identified as such. To the extent any linked websites or features you visit or use are not owned or controlled by Astro, we suggest that you review the privacy practices of the websites.
Astro may offer you the possibility to share, link to, or mention things on social media about Astro’s products and services. When you visit a website with a social media button, your browser establishes a direct connection to that social media provider, and data concerning your visit, including IP address, is transferred to the social media provider. If you have an account with the social media provider, the provider may link your visit to your account, even if you are not logged into this account.
You may also choose to use certain features on our websites that can be accessed through, or for which we partner with, other entities that are not otherwise affiliated with Astro. These features, including geo-location tools, are operated by third parties and are clearly identified as such. Social media providers such as Facebook and Twitter, and these other third parties, are independent from Astro and do not necessarily share the same policy as Astro regarding the protection of privacy. Please review their privacy notices if you decide to use their services and consult your social media account settings if you want to deactivate certain features.
Astro products and services are not directed to, or intended for, children under the age of 13. However, Astro may collect Personal Information about children below the age of 13 years of age from the parent or guardian directly, and with that person’s explicit consent. If you learn that a child has provided us with Personal Information in violation of this Privacy Policy, then you may alert us at privacy@astrobanking.com.
This Privacy Policy may be updated periodically to reflect changes in our Personal Information practices. We will post a prominent notice on relevant websites to notify you of any significant or material changes to our Privacy Policy prior to them being effective and indicate at the top of the Notice when it was most recently updated. If we update our Privacy Policy, in certain circumstances, we may seek your consent.
If you have any questions, comments or complaints about this Privacy Policy and our privacy practices, or would like to update your privacy preferences, please email us at: privacy@astrobanking.com or write to us at:
Astro Financial, Inc. – Privacy Office
4136 Del Rey Avenue, Suite 612
Marina del Rey, California 90292
If you are located in California, to exercise your rights under the CCPA, you may email us at: privacy@astrobanking.com.
For inquiries about card purchases, you should contact your financial institution or merchant. More information about how to contact them can be found on their respective websites.
© 2022 Astro Financial, Inc. All Rights Reserved.