Blackhawk U.S. Online and Mobile Privacy Practices

Last updated January 2015

1. Introduction and Scope of Practices.
   In these Online and Mobile Privacy Practices (“Practices”), “Blackhawk” (or “we,” “us,” or “our”) means any United States subsidiary of Blackhawk Network Holdings, Inc., including, but not limited to Blackhawk Network, Inc., Blackhawk Network California, Inc., and Cardpool, Inc.  These Practices apply to your interactions with Blackhawk at any online or mobile site or application that we own and control (“Site”), unless different practices are posted at a particular site or are made available to you and by their terms supplant these Practices.Other privacy policies may also apply in addition to these Practices.  For example, the Blackhawk U.S. Consumer Privacy Notice applies to all United States customers and consumers.  For United States account holders and visitors to this Site, we will use and share any information that we collect from or about you in accordance with the Blackhawk U.S. Consumer Privacy Notice. These Practices explain how Sites may collect, use, and share information from or about you.  They also explain certain data use functionalities of our online advertisements (such as banner ads) on third‑party sites.  Please note that when we have another type of presence on a site owned by a third party (such as a page or handle on a social media site), that third party’s privacy policies and terms of use, not ours, will govern unless specifically stated otherwise.By using this Site, you agree to these Practices.
2. Types of Information We Collect
   Personally Identifiable Information (“PII”). PII means personally identifiable information, including name, address, telephone, fax or mobile numbers, account numbers, Social Security or other identifying numbers, and the like.
   Other Information (“OI”).  OI in any information other than PII that does not reveal your identity or does not directly relate to an individual, such as browser information, information collected through cookies, pixel tags, or other technologies, demographic information, de‑identified data, and aggregated data.
3. How We Collect Personally Identifiable Information Online.  We collect PII online when you provide it to us.  This can occur when you fill out applications, create accounts, send in forms, take surveys, or fill in various online fields on our Sites.Third parties do not collect PII about you or your activities from your use of our Sites.
4. How We Use Personally Identifiable Information We Collect Online
   We may use PII we collect online for any lawful purpose, including:

• for risk control, for fraud detection and prevention, to comply with laws and regulations, and to comply with other legal process and law enforcement requirements.
• for business purposes, including data analysis, audits, developing and improving products and services, enhancing the Site, identifying usage trends and determining the effectiveness of promotional campaigns;
• through our social media pages and interactions with you to assist in verifying your identity and account status.  We may combine this information with information we already have;
• to allow you to use various Site features. Please note that some features require that you provide PII in order to use them (e.g., many of the features at www.paypower.com) whereas other tools do not (e.g., the features in the GoWallet application). You may request that certain information that you enter into our Sites be stored for future access and use. You have the option not to save the information;
• to send you marketing communications that we believe may be of interest to you;
• to personalize your experience on the Site by presenting content, ads or offers tailored to you;
• to respond to your inquiries and fulfill your requests;
• to send you important information regarding the Site, changes to terms, conditions, and policies and/or other administrative information;
• to verify your identity and/or location in order to allow access to your accounts, conduct online transactions and to maintain measures aimed at preventing fraud and protecting the security of your account and your PII;

5. How We Share Personally Identifiable Information We Collect Online
   Please see the Consumer Privacy Notice for information on how we may share PII.
6. How We Collect Other Information Online
   We and certain third‑party service providers with whom we have agreements may collect OI in a variety of ways, including:

• Through your browser: Certain information is collected by most browsers, such as your IP address, device type, screen resolution, operating system version, and internet browser type and version.
• Via Cookies: Cookies are pieces of information stored directly on your device.  Cookies allow us to collect information such as browser type, time spent on the Site, pages visited, language preferences, and your relationship with us.  Cookies we use do not contain or capture PII.
  • We use so‑called “session cookies” to allow us to remember any items or data selection you make from page to page on our Sites.  Session cookies are temporary and are erased when you close your browser.
  • We use so‑called “persistent cookies” to remember details you have requested we store (for example, if you want us to remember your Username on one of our Sites).  Persistent cookies remain on your device until you erase them or they expire.
  • You can refuse to accept cookies.  Most devices and browsers offer their own privacy settings for cookies.  You will need to manage your cookie settings for each device and browser you use.  However, if you elect not to accept cookies, your use of the features on our Sites may be limited or impaired, and you may not be able to access certain features of our Sites at all.
• Via pixel tags, web beacons, clear GIFs or other technologies (“Tags”):  We may use Tags in connection with some Site pages, downloadable mobile applications and HTML‑formatted e‑mail messages.  We may also permit our third‑party service providers to use Tags. to measure the effectiveness of our communications, the success of our marketing campaigns, compile statistics about usage and response rates, and to assist us in resolving questions regarding use of our Site.  Tags we or other third‑party service providers use do not contain or capture PII.

7. How We Use Other Information We Collect Online.
   We may use OI we collect online for a variety of purposes, including:

• to facilitate navigation on a Site, display information more effectively, personalize/customize your experience while visiting a Site, and to recognize your device to allow your use of our online products and services.
• to make sure Sites function properly, improve the design and functionality of our Sites, understand how consumers use our Sites, and monitor responses to our advertisements and content.
• measure the effectiveness of our communications and marketing campaigns and compile statistics about usage and response rates.
• assist us in resolving questions from consumers.
• for security purposes.

8. How We Share Other Information We Collect Online
   We may share OI with third‑party service providers with whom we work.  As discussed in paragraph 6 above, we also may authorize third‑party service providers to collect OI (not Personally Identifiable Information) about your use of our Sites.
9. “Do Not Track” Preferences
   Many browsers provide you an option to request that a web application disable either its tracking and/or cross‑site user tracking of an individual user.  We do not track your online activities across different Sites, and we only track your activity within a Site to the extent you log into your account.  Our third‑party service providers do not obtain PII from your use of our Sites.Therefore, our practices remain the same whether or not you enable the “Do Not Track” feature.
10. Protecting Children’s Privacy Online
    Our Sites are not directed to individuals under the age of thirteen (13), and we request that such individuals do not provide PII through our Sites.  We do not knowingly collect information from children under 13 without parental consent.
11. Updates to these Practices
    These U.S. Online and Mobile Privacy Practices are subject to change.  Please review them from time to time.  If we make changes to these Practices, we will revise the “Last Updated” date at the top of the Practices.  Any changes to these Practices will become effective when we post the revised Practices on our Sites.  Your use of a Site following these changes means that you accept the revised Practices.