Privacy Policy

Prime Merchant Group


Effective Date: October 6, 2025
Who we are: Prime Merchant Group, LLC (“PMG,” “we,” “us,” or “our”).
Contact: Sales@primemerchantgroup.com

Scope

This Policy explains how PMG collects, uses, shares, and protects information in connection with our websites, applications, and Payment Gateway Services powered by NMI (the “Services”). It does not cover third-party sites or services that link to or integrate with ours; those are governed by their own policies.

1) Information We Collect

We collect information (A) you provide directly; (B) created automatically when you use the Services; and (C) received from service providers (e.g., NMI as gateway provider), your Acquirer/processor, identity/KYC vendors, fraud-prevention tools, and public sources.

  • Identifiers & contact data: name, email, phone, company, role/title, address, merchant/account IDs.
  • Commercial/transaction data: order amounts, timestamps, card brand, tokenized card data (we do not store full PAN), approvals/declines, disputes/chargebacks.
  • Financial/KYC data (merchant onboarding): SSN/EIN/TIN where required by law/processor, beneficial owner information, bank details for billing/funding.
  • Internet/network activity: IP address, device/browser, logs, performance and diagnostic data.
  • Geolocation: coarse location derived from IP.
  • Cookie/pixel data: see our Cookie Policy.
  • Inferences: service usage patterns to improve security and performance.

2) How We Use Information

  • Provide, operate, and secure the Services; route authorizations and settlement via your Acquirer/processor.
  • Onboard merchants; conduct KYC/AML and sanctions screening as required by law and card-brand/processor rules.
  • Detect and prevent fraud; risk scoring; dispute and chargeback handling.
  • Billing and collections; account notifications and support.
  • Analytics to improve features and performance; optional marketing with your consent where required.
  • Comply with card-brand rules (Visa/Mastercard/AmEx/Discover), PCI DSS, and applicable laws.

3) How We Share Information

  • Service providers/Processors: NMI (gateway), your Acquirer/processor, hosting, analytics, customer support, communications, and security vendors—only as needed to provide the Services.
  • Fraud & identity partners: to verify identity, detect fraud, and prevent abuse.
  • Corporate transactions: if we sell/merge/transfer assets.
  • Legal/compliance: to comply with law, enforce terms, or protect rights/security.
  • Aggregated/Anonymized data: for analytics and product improvement.
         We do not sell personal information. If we use advertising cookies that qualify as “share” under state privacy laws, you may opt out via “Do Not Sell or Share My Personal Information” and the cookie banner.

4) Cookies & Similar Technologies

We use essential cookies (security, session), and—where required—analytics/advertising cookies with your consent. Manage preferences anytime via the cookie banner and your browser settings. See  /cookie policy   for details.

5) Data Retention

We retain information as long as necessary to provide the Services, meet legal/accounting and card-brand/processor obligations (often 5–7 years for financial records), resolve disputes, and enforce agreements.

6) Security

We and our providers employ administrative, technical, and physical safeguards appropriate to the risk. Card data is processed through a PCI DSS Level-1 certified gateway (NMI). Tokenization and hosted fields reduce merchant PCI scope but do not eliminate your obligations under PCI DSS.

7) Your Choices & Rights

  • Marketing: Opt out of non-essential emails using the unsubscribe link.
  • Cookies: Use the banner to accept/reject non-essential cookies or adjust preferences.
  • State privacy rights (e.g., CA/CO/CT/VA): Depending on your residency, you may request access, correction, deletion, portability, and to opt out of targeted advertising (“share”). Submit requests to sales@primemerchantgroup.com. We will verify and respond as required by law.
  • Nevada: Nevada residents may opt out of sale by emailing Sales@primemerchantgroup.com.

8) International Transfers (if applicable)

If information is transferred across borders, we use appropriate safeguards where required (e.g., Standard Contractual Clauses).

9) Children’s Privacy

Our Services are not directed to children under 13, and we do not knowingly collect their personal information.

10) Third-Party Links & Integrations

Our sites may link to third-party sites/services (e.g., integrations, plugins). Their privacy practices are governed by their own policies.

11) Changes to This Policy

We may update this Policy from time to time. We will post the new effective date at the top and, for material changes, provide additional notice as required.

12) Contact Us

Questions or privacy requests: Sales@primemerchantgroup.com