American Express and Knot Team Up to Simplify Adding Card-on-File Payment Information
Last updatedOctober 8, 2024

End User Privacy Policy

Contact Us

This End User Privacy Policy (the “Privacy Policy”) applies to MyCard, Inc. (DBA “Knot,” “we”, “us” or “our”). Knot allows you to update and connect your online accounts (collectively “accounts”). This Privacy Policy applies to personal information we collect from you and from third parties, both online and offline, for certain Knot products subject to our Knot End User Terms & Conditions.

Knot also works as a service provider to various financial institutions (“Knot Clients”) to provide them with products and services in connection with your Knot Client account. For these products and services, your agreement with the Knot Client governs the product and service and any personal information we collect from you is subject to the Knot Client privacy policy. For more details on what products are subject to our Knot End User Terms & Conditions, please see that agreement. 

This End User Privacy Policy explains what Personal Data we collect, how we use and share that data, and your choices concerning our use of your data when you use our website or use our products and services. This Policy applies to the use of www.knotapi.com (the “Site”), our Knot interface embedded into third-party websites and mobile applications (the “Embedded App”), or when you otherwise interact with us (collectively, the “Services”). By interacting with us, or otherwise providing us with personal information, you agree to the terms and conditions of this Privacy Policy and any updates we make. Our End User Terms and Conditions (“T&C”) take precedence over any provision conflicting with this End User Privacy Policy.

Changes to the End User Privacy Policy

The Services and our business may change from time to time as we update our business practices. As a result, we may change this End User Privacy Policy at any time. By continuing to use our Services or providing us with Personal Data after we have posted an updated End User Privacy Policy, or notified you by other means if applicable, you consent to the revised End User Privacy Policy and practices described in it.

How and Why We Collect Personal Data About You

Personal Data

We collect Personal Data about you to help you use our services. When we say, “Personal Data,” we mean information that specifically identifies you.

Examples of Personal Data include:

  • Name
  • Address
  • Telephone Number
  • Email Address
  • Payment Methods

Children

The Services are not directed to children who are under the age of 13. Knot does not knowingly collect Personal Data from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to Knot through the Services please contact us at privacy@knotapi.com and we will endeavor to delete such information.

Personal Data You Provide to Us Directly

When you choose to use Knot to connect to an online account provided by a third party (a “Merchant”), we may collect your Merchant account access control information to that online account. 

Personal Data You Provide to Us Indirectly

When you visit, use, and interact with the Services, we may receive certain information about your visit, use, or interactions. For example, we may monitor the types of online accounts and software applications you connect through the Services, the number of users that visit the Services, peak hours of visits, which page(s) are visited, the domains our visitors originate from, and which browsers our users use to access the Services, broad geographical information, and navigation patterns.

We use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) on our public website. Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Site. Cookies are designed to transfer a small amount of data to your browser by servers within a domain; that data is only read by designated servers within that domain. It functions as your computer’s identification card and enables Google to help us improve your experience using the Services. For more information on how we and Google use this data, go to https://www.google.com/policies/privacy/partners/.We also use cookies in our Embedded App to help facilitate your interactions. 

At this time, we do not respond to “Do Not Track” signals or similar mechanisms.

Personal Data We Collect From Third Parties

When you access Knot’s services through a Knot Client, the Knot Client provides Knot with your Personal Data sufficient to permit Knot to provide you with the requested Services. This data may include your name, address, and phone number. Knot uses this data solely to provide services to you as a service provider to the Knot Client, and this Personal Data is governed by the Knot Client’s privacy policy and not this End User Privacy Policy. 

In addition, when you use the Embedded App to connect your Merchant accounts, you authorize us to and we collect Personal Data called “Merchant Account Data” from the Merchant providing you with that online account. The Merchant Account Data that we receive varies, but may include the following types of Personal Data:

  • Account information, including service or business name, account name, account type, account ownership, and account number.
  • Saved payment methods including the last 4 digits and expiration date of saved credit and debit cards.
  • Personal information including but not limited to email addresses, phone numbers, and mailing addresses.
  • Activity or items linked to your account based on your usage or engagement, 
  • The Merchant Account Data we collect from your other accounts includes information from all your accounts that are connected to the online account credentials that you provide to us.

Use of Your Personal Data

How We Use Your Personal Data

We may use Personal Data for the following purposes:

  • To provide you with the information or Services you request;
  • To inform you about other information or Services that we think will be of interest to you;
  • To improve our Services and create new products and Services;
  • To prevent fraud, criminal use, mischief, and other misuses of our platform;
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

We may also use your Personal Data to create aggregate data. Aggregate data are records which have been stripped of information potentially identifying customers, landing pages or end-users, and which have been manipulated or combined to provide generalized, anonymous information. Your identity and personal information will be kept anonymous in aggregated data. Aggregate data is used to help us understand consumer trends, needs, interests, and preferences so we can improve our products and services.

How We Share Your Personal Data

We do not sell your Personal Data, including Merchant Account Data, in any circumstances. In certain circumstances we may share your Personal Data, including Merchant Account Data, with third parties without further notice to you, unless required by the law, with the categories of third parties set forth below:

  • Third parties acting on our behalf: To assist us in meeting our operational needs and to perform certain services and functions, we may share Personal Data with vendors and service providers, including providers of hosting services and web analytics services.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (a “Transaction”), your Personal Data and other information may be shared in the diligence process with other parties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets.
  • Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Services, or the public, or (v) protect against legal liability.
  • With your consent: In certain circumstances, including to facilitate certain optional features of Knot’s products and services, we may ask you to consent to share your Personal Data with third parties.

Security

Knot takes seriously the privacy and security of your Personal Data. We maintain administrative, technical and physical safeguards designed to protect your information’s confidentiality, integrity and availability. 

We implement commercially reasonable measures to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully secure or error-free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Services or e-mail. Please keep this in mind when disclosing any Personal Data to Knot via the Internet.

Updating Your Information

Please contact Knot at privacy@knotapi.com if you need to change or update your Personal Data.

Federal Privacy Notice

FACTS WHAT DOES MYCARD INC. DO WITH YOUR PERSONAL INFORMATION?
Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.
What? The types of personal information we collect and share depend on the product or service you have with us. This information can include

  • Social Security number and account transactions
  • Account balances and transaction history
  • Purchase history and payment history

When you are no longer our customer, we continue to share your information as described in this notice.
How? All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons MyCard Inc. chooses to share; and whether you can limit this sharing.
Reasons we can share your personal information Does MyCard Inc. share? Can you limit this sharing?
For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus Yes No
For our marketing purposes—to offer our products and services to you No We don’t share
For joint marketing with other financial companies No We don’t share
For our affiliates’ everyday business purposes –information about your transactions and experiences No We don’t share
For our affiliates’ everyday business purposes –information about your creditworthiness No We don’t share
For nonaffiliates to market to you No We don’t share
Questions? Email us at privacy@knotapi.com
Who We Are
Who is providing this notice? MyCard Inc.
What we do
How does MyCard Inc. protect my personal information? To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings.
How does MyCard Inc. collect my personal information? We collect your personal information, for example, when you

  • Pay your bills or use your credit or debit card
  • Open an account or provide account information
  • Give us your contact information

We also collect your personal information from other companies.
Why can’t I limit all sharing? Federal law gives you the right to limit only

  • Sharing for affiliates’ everyday business purposes— information about your creditworthiness
  • Affiliates from using your information to market to you
  • Sharing for nonaffiliates to market to you

State laws and individual companies may give you additional rights to limit sharing. See below for more information on your rights under state law.
Definitions
Affiliates Companies related by common ownership or control. They can be financial and non-financial companies.

  • MyCard Inc. has no affiliates.
Nonaffiliates Companies not related by common ownership or control. They can be financial and non-financial companies.

  • MyCard Inc. does not share with nonaffiliates so they can market to you.
Joint Marketing A formal agreement between nonaffiliated financial companies that together market financial products or services to you.

  • MyCard Inc. doesn’t jointly market. 

Generally, the CCPA gives California residents, upon a verifiable consumer request, the right to request the following:

The right to know the categories and specific pieces of personal information we collect, use and disclose about you, the categories of sources from which we collected your personal information, our purposes for collecting your personal information, the categories of your personal information that we have disclosed for a business purpose, and the categories of third parties with which we have shared personal information. Knot has not collected, used, or disclosed any personal information subject to the CCPA in the prior 12 months.

The right to request a list of what personal information (if any) we disclosed to third parties for their own direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Knot has not disclosed to third parties any personal information subject to the CCPA in the prior 12 months. 

The right to request that we delete the personal information we have collected from you or maintain about you, subject to certain legal exceptions, for example, when the personal information is necessary to complete a transaction for which we collected it or to comply with a legal obligation. As Knot does not maintain any personal information subject to the CCPA, it does not have any such information that can be deleted.

The right to request that we correct inaccurate personal information that we collected from you and retained. As Knot does not maintain any personal information subject to the CCPA, it does not have any such information that can be corrected.

The right to opt out of our sale(s) or sharing of your personal information. Knot does not sell or share for third-party marketing any personal information, whether or not subject to the CCPA.

The right to limit the use or disclosure of their sensitive personal information to just actions necessary to perform specific purposes under California law. Knot has not collected, used, or disclosed any sensitive personal information subject to the CCPA in the prior 12 months.

The right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA.

Although we do not collect any personal information subject to CCPA, if you contact us to exercise any rights under California law, we will attempt to verify your identity and assist you to the best of our abilities.

Contact Us

If you have any questions about our Privacy Policy or information practices, please feel free to contact us at our designated request address: privacy@knotapi.com.