Privacy Policy

Key Terms

The following key terms shall be used in this Privacy Policy:

  • Aggregated Data: Data that is consolidated and presented in a summarised manner, not by individual.
  • Anonymous Information: Information that has undergone anonymisation such that it can no longer be used to identify an individual and cannot be combined with other information to re-identify an individual.
  • Data Controller: The natural person or legal entity which, alone or jointly with others, determines the purpose for which data is used and the means of the processing of Personal Data.
  • De-identified Data: Data where certain identifiers are removed to prevent a person's identity from being directly connected with the information (such as masking certain personal identifiers).
  • Personal Data: Any information relating to or regarding an identified or identifiable natural person or information that can be used to identify you (or your household), either alone or in combination with other information available to us. This may include your name, shipping and billing address, email address, phone number, identification number (where applicable), date of birth (where applicable), time and location data, bank account information, transaction and payment records, delivery records and other information associated with your account.i
  • Special Categories of Data: Categories of Personal Data that require a heightened level of protection under data protection legislation in some jurisdictions because it reveals or concerns sensitive information, such as health matters, race, or ethnic origin.
  • Standard Contractual Clauses: Any set of contractual clauses, approved by the European Commission, for the transfer of personal data to processors established in a third country (outside of the EU/EEA) where that third country does not ensure an adequate level of protection.
  • Supervisory Authority: Supervisory Authority (or its equivalent under any data protection legislation) is the independent public authority with whom consumers may lodge a complaint.

Information We Collect

When you place an order from or otherwise use the Site, we collect the following types of information:


Information You Manually Provide

In the process of placing an order on the Site, you provide information required to complete your transaction, validate your identity, confirm compliance with regulations related to the purchase, and complete the transaction. This may include information such as address, credit card data, or stored wallet billing information. This information is provided to us under the conditions established in this Privacy Policy and the privacy policy of our Supplier. In addition to transactional information, you may provide additional information when seeking support for your purchase or other services from us, such as when you use customer service or download or register products. We may also collect information you provide to us if you enter a competition or promotion, or sign up to receive newsletters or related services. We may also collect information when you apply for a job or otherwise submit employment data to us.


Special Categories of Data

Generally, we do not collect or process Special Categories of Data. However, a situation could arise (such as for employment purposes) in which we may process such data. In this case, we will be sure to comply with applicable data protection legislation and apply the necessary legal basis for processing data (e.g. processing health data for an insurance contract). We shall use reasonable security practices and procedures to safeguard your Special Categories of Data.


Information from Your Browser or Device

We may also receive information from your web browser. This may include information that does not identify you personally (such as the date and time of your visit). The information we receive depends on the settings on your web browser. Unless prohibited by law, creating a user identity during a visit to the Site constitutes your consent for processing of your Personal Data, and we may link the information your browser provides to information that identifies you personally, as described below. Please consult your browser’s help function to find out how to change the settings. We may also collect limited Personal Data (email address) through web technologies in connection with your use of the Site, as described below.


Geolocation Information

When you use a smart phone, mobile device or computer to access the Site or use our mobile application, we may collect information about your physical location. We may combine this information with other location-based information (e.g., your IP address and billing/postal code), to provide you with other services on your mobile device. We only share your location information with third parties that help us provide you with services. You can opt out of sharing this information by changing the permissions in your mobile device.


Cookies and Other Similar Technologies

The information we collect using cookies and similar technologies is not typically personally identifiable, but we may link it to Personal Data that you provide. We use cookies and other similar technologies to collect information and support certain features of the Site. As the Internet evolves, we may use different types of technologies for this purpose. For example, we may use these technologies to collect information about how visitors use the Site (such as which pages they visit and the links they use). We analyse this information to better understand our visitors' interests and needs, and to improve the content and functionality of the Site. We may also use the information to support Site features to avoid asking you to re-enter information we already possess. We also use this information to personalise your experience when you use the Site and to improve marketing efforts, including through use of targeted advertising.

If you do not wish to receive cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your computer. Although you are not required to accept cookies, you may be unable to use all of the Site's functions if your browser rejects our cookies.

For more about our use of cookies and similar technologies, refer to our cookies statement.


Third Party Cookies and Other Similar Technologies

Web technologies may also be placed on the Site by third party providers. Also, we or third party providers may use web technologies on behalf of the Supplier whose branding appears on the Site or its service providers. This means our Supplier would be allowed to use the data collected. This information is used to enhance your experience with the Site, for marketing analysis, for targeted and display advertising, and for quality improvement. We may collect your IP address through web technologies.

We and our Suppliers may use third party service providers in connection with the Site, which may include but are not limited to: Alexa Metrics, Google Analytics, Omniture, and ClickTale. These and other service providers may collect information about your visits to websites, your interaction with websites, and the products and services offered by us or our Suppliers. Their collection and use of information are subject to their own privacy policies.

For more information regarding these third party services and how to opt out, please visit www.networkadvertising.org/consumer/opt_out.asp, www.aboutads.info/choices, or https://www.youronlinechoices.com/ (in the EU and UK).


Information from Third Parties

We may also receive certain information about you from third parties, such as through your use of a social network authentication to sign in to the Site, your use of an authenticated payment method, or through other online data sources, according to the rules of the use and processing of such information established by the respective source. If any Personal Data are freely available or accessible in the public domain, we will not have any obligations to you regarding the same.

In certain jurisdictions, the processing of your Personal Data is lawful only if it is permitted under data protection legislation. We apply several legal bases to ensure that our processing and use of your data is compliant with applicable laws and that we have a legal basis for processing activities as outlined below:

  • Performance of a Contract. By completing a transaction through this Site, you are entering into a contract for the sale of products or services, which is governed by our Terms of Sale. We must process your personal information to fulfil our obligations under that contract.
  • Consent. By using the Site or otherwise submitting your Personal Data to us, you consent to our collection, use and sharing of your information as described in this Privacy Policy. If you do not consent to this Privacy Policy, please do not use or submit your information through the Site.
  • Legitimate Interest.We may process Personal Data where processing is necessary for our (or a third party’s) legitimate interests, where those interests are not overridden by the interests or rights and freedoms of the data subject. We will process your data based on legitimate interest, for reasons such as fraud screening, payment optimisation, and compliance with any applicable regulatory scheme governing the transaction. We may process your Personal Data to market to and contact you or to start a conversation using data collected from public sources. We may also, in compliance with applicable law, process your data based on legitimate interest in the employment context.
  • Other Legal Basis.We may also process your data based on another legal basis such as in cases where processing is necessary to comply with legal obligations.

How We Use Your Information

When you visit the Site to complete a transaction, we will use your Personal Data in the following manner:


In Connection with Your Transaction

When you visit the Site to complete a transaction, we must process your data to complete the transaction and to comply with our transactional obligations, including processing necessary to:

  • ensure security and monitor and prevent fraud;
  • determine the country where you are located for trade compliance;
  • process your order and payment, verify your tax status, contest chargebacks, determine your eligibility for a line of credit, or send you transactional notifications;
  • provide you with a personalised shopping experience;
  • register your purchase with the manufacturer or service provider for warranty, technical support or similar purposes;
  • provide you with keys, access codes or other information necessary to access your purchased products and services;
  • provide notice of your purchase of a service right to the provider of that service;
  • where you have consented, establish an account for future purchases;
  • facilitate the renewal of subscriptions for subscription products or services; and
  • provide you with an effective experience and support. As allowable by law, this may include contacting you if you start a checkout process to follow-up on the incomplete session or to see if there was a problem with your use of the Site.

Marketing and Related Communications

When you provide Personal Data, we may offer you a choice as to whether you would like to receive further marketing and related communications from us or our Supplier. Where you have consented to receive them in accordance with applicable law, these communications could be in the form of direct mail, email or telephone and will contain information relating to our or our Supplier’s products and services. At any time, you may opt out of receiving these communications by emailing us at remove@digitalriver.com, or by following any unsubscribe instructions in email communications.

Except where otherwise required by law, if you give us consent to add your contact information to our Supplier's mailing list and later withdraw this permission, you must contact our Supplier (or follow the unsubscribe instructions in the emails from our Supplier) to have your name removed from our Supplier's mailing lists.


Our Use of Anonymous Information

We may use a process called anonymisation to make data collected by us Anonymous Information. In this case, all personal data elements, such as name, street address, phone number, email address, and others will be anonymised in accordance with applicable law. We may use the Anonymous Information to:

  • perform fraud prevention activities, such as device fingerprinting;
  • personalise and support your use of the Site and/or the services of our Supplier;
  • improve the Site, the customer experience, our advertising systems, and our products and services;
  • identify transactions as originating through an affiliate marketing or referral program;
  • deliver targeted advertisements on the Site and other commerce solutions;
  • provide reporting to our current and prospective Suppliers and service providers; and
  • conduct other historical or statistical research and analysis.

We may also use De-identified Data for the same purposes as described in this section, as well as for related purposes, as allowed by applicable law.


Other Ways We Use Your Personal Data

We may also use your Personal Data:

  • to verify compliance with applicable laws;
  • to verify that data we have about you is accurate;
  • as identified in any supplemental privacy notice posted on the Site;
  • to contact you if you have requested communication from us; and
  • for human resources such as to collect your email address if you are applying for a position online.

Joint Use

Digital River may use and jointly share Personal Data with other Digital River entities listed here. The scope of the joint use is explained below.

  • Consumer data we collect while providing our global reseller services, such as name, shipping and billing address, email address, phone number, transaction and payment records, delivery records and other information associated with your consumer account;
  • Human Resource data, such as employee data or prospective employee data; and
  • Other data we collect when you visit the Site or otherwise utilise our services.

Digital River, Inc., Digital River GmbH, and/or Digital River Ireland Ltd. are responsible for managing Personal Data subject to the joint use.

How We Share Your Information

Digital River will never sell your Personal Data. However, we may share your Personal Data as explained in this section.

We will take reasonable steps to ensure any person or entity receiving Personal Data for the purposes described within this Privacy Policy is obligated to keep the Personal Data secure. If we collect or receive Special Categories of Data and it is necessary for us to transfer that Data to a third party, we will share the details of that entity with you where we are required to do so by applicable law. Our obligations will not apply to information shared with any government entity mandated under law to obtain such information or by an order under law for the time being in force.


External Processing

We utilise other companies, including our corporate affiliates, service providers, and other processors to provide certain services to us (or on our behalf), based on our instructions, and in compliance with appropriate confidentiality and security measures. These service providers provide services globally, including:

  • providing fraud monitoring or detection services;
  • hosting or maintaining the Site;
  • performing data integrity checks;
  • providing optimisation services;
  • processing credit card payments;
  • offering you a line of credit;
  • collecting payments;
  • fulfilling your order;
  • delivering advertisements on the Site and third party websites;
  • sending mail or email;
  • providing employment and human resources related services; and/or
  • providing customer service.

We will not share your Personal Data with our service providers unless it is required for the purposes of our legitimate interests or for fulfilling our obligations to you. These service providers may be contractually required to use any information we share with them only to provide services to us or on our behalf and to protect the confidentiality of your Personal Data. We may also allow these companies to use Anonymous Information for their business purposes. We will not share your Personal Data with our affiliates or unrelated third parties to use for their own marketing purposes without your consent.


With Our Suppliers

We will provide certain Personal Data, Anonymous Information or De-identified Data to our Suppliers to fulfil our obligations to you and to otherwise assist our use as described in the "How We Use Your Information" section, including:

  • for reporting purposes;
  • fulfilling your order;
  • to allow our Supplier or its service provider to register your purchase;
  • to enable your access to products or services provided by our Supplier or its suppliers;
  • to facilitate warranty, technical support, or after-sales service;
  • providing customer service;
  • to allow our Supplier or its service provider to provide services in connection with the Site (such as customer support or single sign-on functionality);
  • to allow our Supplier or its service provider to send communications if you have consented to receive them; or
  • for other similar purposes which are necessary for us to fulfil our obligations to you.

To Comply with Legal Requirements and Prevent Fraud and other Crime

As permitted by applicable law, we may disclose Personal Data about you when we believe disclosure is appropriate to:

  • comply with a legal requirement;
  • cooperate with law enforcement or other governmental investigations or report any activities that may be in violation of legal or regulatory requirements;
  • prevent or investigate a possible crime (such as fraud or identity theft) or breaches (also suspected breaches) of security or of this Privacy Policy;
  • protect the legal rights or safety of Digital River, our employees, Suppliers, third parties, the general public, or you.

In connection with a Sale, Merger or Related Event

If one of our corporate affiliates or a third party has acquired our business, specific assets or the business of one of our operating divisions (such as part of a sale, merger, reorganisation, or similar event), your Personal Data will become owned by that company, unless otherwise provided for by local legislation. In that event, the acquiring company's use of your Personal Data will be subject to the governing Privacy Policy, any applicable supplemental privacy notices, and the privacy preferences you have expressed to Digital River prior to merger.


Aggregated or De-Identified Data

We may use or share information that has been aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may use or share this information in several ways, including for fraud prevention services or for analytical purposes.

How We Protect Your Information

We will process your Personal Data on secure, cloud-based computer servers. Your commerce transaction will be optimally processed in or near the region from which you initiated your session. This means that the processing of your Personal Data will take place in either the United States and/or Ireland. A copy and/or back-up of your Personal Data may be stored and otherwise processed in our cloud service provider in Ireland in accordance with Digital River’s disaster recovery program.

No method of transmitting or storing data is completely secure, however, we take reasonable steps to provide a level of security appropriate to the sensitivity of the information we collect. We have implemented physical, technical, and administrative security practices and safeguards reasonably designed to protect your Personal Data from unauthorised access and disclosure. When we collect or transmit sensitive information such as a financial account number, we use industry standard methods to protect that information as required by applicable laws. Although we use reasonable measures to protect your information, we cannot guarantee the security of information provided over the Internet or stored in our databases. You are also responsible for taking reasonable steps to protect your information against unauthorised disclosure or misuse, for example, by protecting your password and signing off when you finish using a shared computer or mobile device. We leverage industry best practices to mitigate potential compromises. If the Personal Data under the custody of Digital River is (or is likely to be) divulged, damaged or lost, we will immediately take remedial measures, inform you, if impacted, in a timely manner and report to the competent government agencies as required by applicable laws.

Your Rights to Access and Control Your Personal Data

We respect your right to make choices about the ways we collect, use, and share your Personal Data.

  • Accessing Your Data. If you would like to review, correct, restrict the processing of, object to direct marketing, or request erasure of your Personal Data, please send us a request using the information in the "How to Contact Us" section of this Privacy Policy.
  • Editing and Deleting Data.if there is any error in the Personal Data that you have submitted to us or if you would like to request erasure or deletion of your Personal Data, please contact us using the information in the “How to Contact Us” section of this Privacy Policy and we will take appropriate measures.
  • Objecting to Data Use.You have the right to object to our processing of Personal Data for direct marketing purposes. We do not sell your Personal data, nor will we use it for Direct Marketing purposes without your consent.

If you contact us, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide enough information to verify your identity or to satisfy our legal and business requirements as noted in our data retention policy. When we delete your Personal Data or Special Categories of Data, it will be disposed of in a manner that prevents loss, theft, misuse, or unauthorised access in line with our data retention policy.

You have the right to report to your local Supervisory Authority if you believe your rights under data protection legislation have not been appropriately considered. However, before doing so, please contact us directly as we are committed to working with you to help resolve any concerns about your privacy.s

Data Retention Policy

Digital River may retain your Personal Data and transactional data for as long as you continue to use the Site, and thereafter as permitted or required by applicable law or to satisfy our business requirements.

Do Not Track Requests

If you opt out of having your information collected through cookies and other web technologies, your existing display advertising cookie(s) will be deleted and a new cookie will attempt to be placed to instruct service providers not to track your future activities when that cookie is detected (a "no-track" cookie). If your browsers are configured to reject cookies when you visit our opt-out page, a "no-track" cookie cannot be set on your computer. Also, if you subsequently erase "no-track" cookies, use a different computer or change web browsers, you will need to opt out again. We currently do not respond to browser "no-track" signals.

Children's Privacy Policy

Digital River’s services are not directed at nor targeted towards children. If you have not reached the age of majority or are not able to enter into legally binding agreements in your country, you may not use the Site unless necessary parental consent has been obtained. If you believe that we have received information from a person protected under child protection laws where necessary parental consent was not obtained, please notify us immediately, and we will take reasonable steps to securely remove such information.

Failure to Provide Personal Data Or grant Consent When Requested

Where we are required to collect Personal Data under law or in order to perform our contract with you and you fail to provide us with such data when requested, we may not be able to perform our contract with you. Consequently, we may not be able to provide you with the products and/or services you requested. For example, if you fail to provide your address information or if you fail to check the box agreeing to our Terms of Sale and Privacy Policy, we may not be able to complete your order.

Data Controller

All Personal Data collected by visiting the Site is controlled by Digital River, Inc., 10380 Bren Road West, Minnetonka, Minnesota 55343, USA. However, where, another Digital River entity is the global reseller service provider, as identified during the transaction, that entity is the Data Controller for any Personal Data provided or collected during the transaction:

  • Digital River Australia Pty Ltd.
    Richard Clayton, 8 Denison Street
    South Hobart, Tasmania, AU 7004 Australia
  • Digital River Do Brasil Importação e Comércio de Produtos de Informática Ltda
    Av. Roque Petroni Jr, 1089 - conj. 905 - sala 1
    Sao Paulo-SP Brazil
    CEP: 04707-900
  • Digital River GmbH
    Scheidtweiler Strasse 4
    Cologne, DE 50933 Germany
  • Digital River Hong Kong
    Unit 908-915, Level 9, Core F, Room 25, Cyberport 3
    100 Cyberport Road, HK Hong Kong
  • Digital River India Private Ltd.
    1302, Tower-3, Indiabulls Finance Centre Senapati Bapat Marg, Elphinstone Road
    Mumbai Maharashtra 400013 India
  • Digital River Ireland Ltd.
    3rd Floor Kilmore House
    Park Lane
    Spencer Dock
    Dublin 1
    Ireland D01 XN99
  • Digital River Japan K.K.
    Tokyo Club Building 11F 3-2-6 Kasumigaseki Chiyoda-ku
    Tokyo 100-0013 Japan
  • Digital River Korea, Limited
    4 Floor 92, Hangang daero Yongsan-gu
    (Hangang ro 2 ga, LS Yongsan Tower), Seoul, Republic of Korea
  • Digital River Mexico, S. de R.L. de C.V.
    Avenida Presidente Masaryk 111, Piso 1 Polanco V Seccion, Miguel Hidalgo
    Ciudad de Mexico Mexico
  • Digital River Singapore Pte. Ltd.
    35th Floor UOB Plaza 1
    80 Raffles Place
    Singapore, SG 048624
  • Digital River Trading (Shanghai) Co., Ltd. AKA China
    Suite 1710 Building A, No. 331, North Caoxi Road
    Xuhui District Shanghai 200030 China
  • Digital River UK Ltd
    13th floor
    One Angel Court
    London
    EC2R 7HJ
    United Kingdom
  • DR APAC, LLC., Taiwan Branch
    23F, 105, Sec.2 Tun Hwa S. Rd.
    Taipei 106 Taiwan, Province Of China
  • DR globalTech, Inc.
    10380 Bren Road West
    Minnetonka, MN 55343
  • DigRiv North America, Inc.
    10380 Bren Road West
    Minnetonka, MN 55343
  • DigRiv Brasil Ltda
    Av. Roque Petroni Jr, 1089 - conj. 905 - sala 3
    Sao Paulo-SP Brazil
    CEP: 04707-900
  • DigRiv Ireland, Ltd
    3rd Floor, Kilmore House, Park Lane, Spencer Dock
    Dublin 1, Ireland
  • DigRiv UK Ltd
    13th floor
    One Angel Court
    London
    EC2R 7HJ
    United Kingdom

Automated Processing

In limited situations, we may use your Personal Data to help us make automated decisions to further improve our business. For example, where you have (if applicable) given consent in the context of marketing, we could use data to segment and target users with personalised messages, or we may use a job title to determine the user’s persona and alter the content accordingly. We may also use that users' geographic location and company data. In some circumstances, for account-based marketing, this could include "likes" that we find in the public domain.

We rely on automated processing in our fraud monitoring tools to help us reduce the amount of manual review necessary to review orders for fraud. We could also rely on automated processing in the context of employment and to ensure our employees are adhering to our internal security policies. You have the right to avoid any decisions based on automated data processing where they can be characterised as profiling. However, we will not be able to process your transaction without using our fraud monitoring tools.

Privacy Policy for European Residents

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, any transfer of your Personal Data outside of that area is protected under Standard Contractual Clauses, or other appropriate data protection safeguards. Your Personal Data may be transferred to Digital River, Inc.'s cloud-based servers in the United States and the processing of your Personal Data in the United States. Your Personal Data may also be transmitted by us to other Digital River entities for the purposes set out in this Privacy Policy, for company administration purposes, and to other third party data processors. For details of the transmission of your Personal Data to other Digital River entities, please see the "Joint Use" section of this policy.


Exercising Your Legal Rights

If you wish to exercise you rights under the data protection legislation, please refer to the section entitled “Your Rights to Access and Control Your Persona Data” to find out how to exercise your rights.

If you need further assistance regarding your rights, please contact our Data Protection Officer, John Murray, Chief Administrative Officer at Digital River, Phone Number: 1 (952) 253-1234, Email: privacy@digitalriver.com.

You have the right to report to your local Supervisory Authority if you believe your rights under data protection legislation have not been appropriately considered. However, before doing so, please contact us directly as we are committed to working with you to help resolve any concerns about your privacy.

Privacy Policy for Californian Residents


Your Rights

In addition to the above, California residents have the right to make the following requests with respect to their personal information under the California Consumer Privacy Act (“CCPA”):

  • Data Access and Portability. You have the right to request that we disclose certain information to you about the personal information we have collected, used, disclosed, or sold about you in the previous 12 months.
  • Deletion. You can request that we delete the personal information we have collected from you to the extent required under the CCPA.
  • Disclosure. You have the right to request that we disclose certain information about our collection and use of your Personal Information over the last twelve (12) months, including:
    • the categories of personal information we collected about you,
    • the categories of sources for the personal information we collected about you,
    • our business or commercial purpose for collecting such personal information,
    • the categories of third parties with whom we share such personal information,
    • the specific pieces of personal information we collected about you (also called a data portability request).
    • where there has been disclosure for a business purpose, identifying the personal information categories that each category of recipient obtained.

To exercise any of your rights under the CCPA, please send us a request using the information in the “Your Rights to Access and Control Your Persona Data” section of this Privacy Policy or by calling (866) 585-3251. We may ask you for additional information to verify your identity and reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or satisfy our legal and business requirements. We will respond to the email we have on file within forty-five days of your verifiable request.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that your request warrants a fee, we will explain to you the grounds for that decision and provide you with an estimate of the cost before we complete your request.


Our Use and sharing of your Personal Information

As discussed in more detail above, Digital River may disclose your personal information to a third party for business purposes. However, Digital River will not sell your personal information as that term is defined by the CCPA. When we disclose personal information for business purposes, we enter a contract that requires the recipient to both keep that personal information confidential and not use it for any purpose except in performance of our contractual commitments.

In the preceding 12 months, Digital River has collected or disclosed the following categories of information. Digital River has not, and does not currently, sell personal information:

Category We Collect We Disclose We Sell
Identifiers Yes Yes No
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Yes No No
Protected classification characteristics under California or federal law Yes No No
Internet or other similar network activity Yes Yes No
Geolocation data Yes Yes No
Professional or employment-related information Yes Yes No

California's "Shine the Light" Law

California's "Shine the Light" law (Civil Code Section §1798.83) permits users of the Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@digitalriver.com.

Privacy Policy for Brazilian Residents


Your Rights

If you are located in Brazil, Article 18 of the Brazilian General Data Protection Law (“LGPD”) provides you with certain rights with respect to your Personal Data. You have the right to obtain the following information from the Data Controller:

  • confirmation of the existence of processing;
  • access to the data;
  • correction of incomplete, inaccurate, or outdated data;
  • anonymisation, blocking, or elimination of unnecessary or excessive data or of data processed in noncompliance with the provisions of the LGPD;
  • portability of the data to other service providers or suppliers of products, at your express request, according to the LGPD, and subject to the protection of business and industrial secrets in the process;
  • deletion of Personal Data processed with your consent, except in the situations set forth in Article 16 of the LGPD;
  • information on the public and private entities with which we have shared data;
  • information on the possibility of withholding consent and on the consequences of such denial;
  • revocation of the consent, pursuant to the provisions of paragraph 5 of Article 8 of the LGPD; and

You also have the right to review decisions that are based on automated processing of personal data where the decision is made exclusively by automated means and affects your interests. In processing your transaction, Digital River does not make decisions using exclusively automated means where the decision would also negatively affect your interests.


Exercising Your Rights

If wish to exercise you rights under the LGPD, please refer to the section entitled “Your Rights to Access and Control Your Persona Data” to find out how to exercise your rights.

If you need further assistance regarding your rights, please contact our Data Protection Officer, John Murray, Chief Administrative Officer at Digital River, Phone Number: 1 (952) 253-1234, Email: privacy@digitalriver.com.

You have the right to report to your local Supervisory Authority if you believe your rights under data protection legislation have not been appropriately considered. However, before doing so, please contact us directly as we are committed to working with you to help resolve any concerns about your privacy.

Privacy Policy for South Korean Residents

By finalising a sale on the Site, you are consenting to Digital River’s processing of your personal information as described in this Privacy Policy. In processing your personal information, it may be necessary for us to transfer your personal information or entrust processing to the following parties:


Third Party Provision of Personal Information

Digital River, Inc. and Digital River Ireland Ltd

  • Type of Information: Email address, name, IP address, address, phone number, account information
  • Purpose: Transaction processing and execution, product registration, account opening, customer support, general product and service marketing, and other related purposes
  • Retention Period: As long as you continue to use the Site, and thereafter as permitted or required by applicable law or to satisfy Digital River’s business requirements

The Supplier Whose Name and/or Logo Appears on this Site

  • Type of Information: Transaction information, such as email address, name, IP address, address, phone number
  • Purpose: Transaction reporting and fulfilment, product registration, warranty and technical support, account opening
  • Retention Period: As detailed in Supplier’s privacy policy

You are entitled to withhold your consent to the sharing of data with the above entities by refraining from checking the appropriate boxes during the checkout process. In that event, we will not be able to complete your transaction and will not be able to provide you with products or services.


Entrustment of Handling of Personal Information

In processing your transaction or order, Digital River currently entrusts processing activities to third parties as follows:

NHN Korea Cyber Payment Co., Ltd

  • Type of Information: Billing information such as email address, name, IP address, address, phone number, account information
  • Purpose: Transaction payment processing
  • Retention Period: 7 Years

Adyen

  • Type of Information: Billing information, such as email address, name, IP address, address, phone number, account information
  • Purpose: Transaction payment processing
  • Retention Period: 7 years

Cybage Software Pvt Ltd.

  • Type of Information: Email address, name, IP address, address, phone number, account information
  • Purpose: System development and maintenance
  • Retention Period: As long as you continue to use the Site, and thereafter as permitted or required by applicable law or to satisfy Digital River’s business requirements

Sutherland Global Services, Inc.

  • Type of Information: Email address, name, IP address, address, phone number, account information
  • Purpose: Customer service support
  • Retention Period: As long as you continue to use the Site, and thereafter as permitted or required by applicable law or to satisfy Digital River’s business requirements

Notice to Japanese Residents

As required under the Japanese data protection law, we have appointed a grievance officer/data protection officer. Digital River Japan K.K.'s Data Protection Officer is: John Murray, Company Representative at Digital River Japan K.K., Phone Number: 03-6770-2741, Email: privacy@digitalriver.com.

Changes to This Privacy Policy

We keep this Privacy Policy under review and will post any updates to the Site. Our changes will become effective immediately upon posting. We may also supplement or amend this Privacy Policy by placing other privacy notices on the Site. Such privacy notices will explain how we handle information specific to where the privacy notice appears and should be read together with this Privacy Policy.

A link to our previous privacy policy is included here.

Grievance Officer/Data Protection Officer

As required under certain data protection laws, we have appointed a grievance officer/data protection officer. Digital River’s grievance officer/data protection officer is: John Murray, Chief Administrative Officer at Digital River, Phone Number: 1 (952) 253-1234, Email: privacy@digitalriver.com. If you are located in Germany, we will direct you to our external Data Protection Officer.

How to Contact Us

If you have a question about this Privacy Policy or requests related to your Personal Data pursuant to applicable laws, wherever you are in the world, please email us at privacy@digitalriver.com and we will route your question appropriately. If you prefer to contact us by regular mail, please refer to the contact information included in the "With Teams Around the World" section of our corporate website.

    i The definition of “Personal Data” is intended to encompass “Personal Information” as defined by the California Consumer Privacy act and should be interpreted as such.