MoneyGram Privacy Notice for California Residents

This Privacy Notice for California Residents (“ Notice ”) supplements the information contained in MoneyGram’s Global Privacy Notice and applies to all visitors, users, and others who reside in the State of California (“ consumers ” or “ you ”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“ CCPA ”) and any terms used but not defined herein shall have the meaning ascribed to them in the CCPA.

The specific personal information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. This means that even though the CCPA generally applies to personal information that identifies, relates to, or could reasonably be linked with a particular California resident, it may not apply to certain personal information that is subject to certain sector-specific privacy laws. This means, for example, personal information that is subject to more restrictive privacy laws, such as the Gramm-Leach-Bliley Act (“ GLBA ”), or MoneyGram collects and uses as a provider of money transfer services and products that is subject to GLBA, will not be subject to CCPA. For more information about how we collect, disclose and secure information relating to these consumers, please refer to our US Privacy Statement .

In the past twelve ( 12 ) months, we have collected, and disclosed to third parties for our business purposes, the following categories of personal information relating to California residents covered by this Notice:

Identifiers: contact information such as your name, postal address, e-mail address, and telephone number; date of birth; social profile and network information; IP address; device identifiers; cookies; and beacons.

Directly from you

Indirectly from you when you visit our website, from Mobile App activities, and Social Media Networks

Our affiliates, subsidiaries, vendors or other third-party sources

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Web traffic analysis
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and Social Networks

Protected classification under California or federal law, such as race, religion, and ethnicity.

We do not collect

N/A

N/A

Commercial information, such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Directly from you

Indirectly from you when you visit our website, from Mobile App activities, and Social Media Networks

Our affiliates, subsidiaries, vendors or other third-party sources

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Web traffic analysis
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and Social Networks

Biometric information: such as imagery of face or face recognition.

Directly from you when you consent

• Authentication
• Security related purposes
• Performing services to you

• Service providers
• Affiliated companies

Internet or other electronic network activity, such as device information; browser and operating system software; data and time of access of our website; browsing and search history; and the site from which you linked to our website.

Information automatically collected from our Website visitors

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data Analytics
• Web Traffic Analysis
• Advertising
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Internet service providers
• Data analytics providers
• Advertising and Social Networks
• Operating systems and platforms

Geolocation data, such as device location or IP locations.

Your use of Mobile Applications

• Auditing
• Security related purposes
• Performing services to you
• Quality control
• Data Analytics
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and Social Networks

Audio, electronic, visual or similar information, such as customer service calls, security monitoring or information we collect for security purposes.

Individuals submitting information

Information we collect for security purposes

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Service providers

Professional or employment-related information, such as current or past job history or performance evaluations; educational information.

Information submitted by individuals

Information received from third parties in connection with employment or other applications

• Auditing
• Security related purposes
• Performing services to you
• Quality control

• Service providers
• Affiliated companies
• Government entities
• Law enforcement

Inferences drawn from personal information, such as preferences, characteristics, predispositions, behavior and attitudes.

Internal analytics

• Auditing
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and Social Networks

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you . For example, from forms you complete, through customer support interactions when you provide the information to us, when you complete online forms or register for our loyalty and reward programs.
• Indirectly from you . For example, when you visit our Website through cookies or similar technologies described in our Cookie Notice , or your device through your use of Mobile Applications (some of which may be managed by third parties on behalf of us).
• Other source of categories : For example, service providers, vendors, advertising partners and other third parties; public record sources (federal, state or local government sources); information from our affiliates and subsidiaries; and Social Media Networks.

• We may use or disclose the personal information we collect for one or more of the following purposes:
• To fulfill or meet the reason you provided the information.
• To provide, support, personalize, and develop our Website, products, and services.
• To create, maintain, customize, and secure your profile with us.
• To process your requests, transactions, and payments and prevent transactional fraud. To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
• To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
• To help verify or maintain the quality, safety, security, and integrity of our Website, products and services, databases and other technology assets, and business as well as to improve, upgrade, or enhance same.
• To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activities, and prosecute those responsible for that activity.
• For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
• To debug, to identify and repair errors that impair our systems and platforms.
• To comply with laws and regulations and respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets.
• As described to you when collecting your personal information or as otherwise set forth in the CCPA.
• We will not use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you notice.

In the prior 12 months, we may have shared your personal information to the following categories of third parties for our legitimate business purposes:

• Our affiliates and subsidiaries;
• Service providers and/or vendors;
• Our agents and business partners;
• Governmental entities such as law enforcement agencies;
• Advertising and Social Networks;
• Internet service providers; and
• Data analytics providers.

When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except for performing the contract.

In the preceding 12 months, we have not sold personal information subject to CCPA, including personal information of minors under the age of sixteen (16). While we do share some data with trusted “service providers” to improve and market our services and to operate our website, we do not allow third parties to use the personal information we share with them for their own purposes.

The CCPA provides consumers who are California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

    (1) Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, to the extent allowed by law, we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting your personal information.
• The categories of third parties with whom we share your personal information.
• The specific pieces of personal information we collected about you.

(2) Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For example, we will not honor your request where we need the personal information to comply with a legal obligation; there are internal and lawful uses of that information that are compatible with the context in which you provided it; the disclosure of personal information would adversely affect the rights and freedoms of another consumer; or where the personal information that we maintain about you is not subject to the CCPA’s access or deletion rights.

If you are a California resident, to exercise the access, data portability, and deletion rights described above, you may submit a verifiable consumer request to us by either:

• Calling us at 1-800-MONEYGRAM (or 1-800-926-9400);
• Emailing us at privacyprogramoffice@moneygram.com ; or
• Visiting www.moneygram.com and click on the “ Contact Us ” link.

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

Your request to know or delete must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

We endeavor to respond to a verifiable consumer request within forty-five ( 45 ) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We reserve the right to amend this Notice at our discretion at any time. When we make changes to this Notice, we will post the updated Notice on our Website and update the Notice's effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes .  

We will not discriminate against you for exercising any of your rights under CCPA. Unless permitted by the CCPA, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

If you have any questions or comments about this Notice, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under CCPA, you may contact us at:

Phone : 1-800-MONEYGRAM (or 1-800-926-9400).

Website : www.moneygram.com and click on the “ Contact Us ” link.

Email : privacyprogramoffice@moneygram.com .

Postal Address :

MoneyGram Payment Systems, Inc.

Attn: Chief Privacy Officer

2828 N. Harwood Street 15th Floor

Dallas, TX 75201 U.S.A