MoneyGram Privacy Notice for California Residents

This Privacy Notice for California Residents (“ Notice ”) supplements the information contained in MoneyGram’s Global Privacy Notice and applies to all visitors, users, and others who reside in the State of California (“ consumers ” or “ you ”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights of Act of 2020 (“CCPA”), and any terms used but not defined herein shall have the meaning ascribed to them in the CCPA.

The specific personal information that we collect, use, and disclose relating to a California resident covered by the CCPA will vary based on our relationship or interaction with that individual. This means that even though the CCPA generally applies to personal information that identifies, relates to, or could reasonably be linked with a particular California resident, it may not apply to certain personal information that is subject to certain sector-specific privacy laws. This means, for example, personal information that is subject to more restrictive privacy laws, such as the Gramm-Leach-Bliley Act (“GLBA”), or MoneyGram collects and uses as a provider of money transfer services and products that is subject to GLBA, will not be subject to CCPA. For more information about how we collect, disclose and secure information relating to these consumers, please refer to our US Privacy Statement.

In the past twelve ( 12 ) months, we have collected, and disclosed to third parties for our business purposes, the following categories of personal information relating to California residents covered by this Notice:

Identifiers: contact information such as your name, postal address, e-mail address, and telephone number; date of birth; social profile and network information; IP address; device identifiers; cookies; and beacons.

Directly from you

Indirectly from you when you visit our website, from mobile application activities, and social media platforms or network

Our affiliates, subsidiaries, vendors or other third-party sources

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Web traffic analysis
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and social media platforms or network

Protected classification under California or federal law, such as race, religion, and ethnicity.

We do not collect

N/A

N/A

Commercial information, such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Directly from you

Indirectly from you when you visit our website, from mobile application activities, and social media platforms or network

Our affiliates, subsidiaries, vendors or other third-party sources

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Web traffic analysis
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and social media platforms or network 

Biometric information: such as imagery of face or face recognition.

Directly from you when you consent

• Authentication
• Security related purposes
• Performing services to you

• Service providers
• Affiliated companies

Internet or other electronic network activity, such as device information; browser and operating system software; data and time of access of our website; browsing and search history; and the site from which you linked to our website.

Information automatically collected from our Website visitors

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Data Analytics
• Web Traffic Analysis
• Advertising
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Internet service providers
• Data analytics providers
• Advertising and social media platforms or network
• Operating systems and platforms

Geolocation data, such as device location or IP locations.

Your use of mobile applications

• Auditing
• Security related purposes
• Performing services to you
• Quality control
• Data Analytics
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and social media platforms or network

Audio, electronic, visual or similar information, such as customer service calls, security monitoring or information we collect for security purposes.

Individuals submitting information

Information we collect for security purposes

• Auditing
• Authentication
• Security related purposes
• Performing services to you
• Quality control
• Functionality related
• Safety

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Service providers

Professional or employment-related information, such as current or past job history or performance evaluations; educational information.

Information submitted by individuals

Information received from third parties in connection with employment or other applications

• Auditing
• Security related purposes
• Performing services to you
• Quality control

• Service providers
• Affiliated companies
• Government entities
• Law enforcement

Inferences drawn from personal information, such as preferences, characteristics, predispositions, behavior and attitudes.

Internal analytics

• Auditing
• Security related purposes
• Performing services to you
• Quality control
• Data analytics
• Advertising
• Functionality related

• Service providers
• Affiliated companies
• Government entities
• Law enforcement
• Advertising and social media platforms or network

Sensitive personal information (e.g., social security number).

Information submitted by you

• Transaction Processing
• Identity Verification/Screening

• Service providers
• Affiliated companies
• Government entities
• Law enforcement

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. For example, from forms you complete, customer support interactions, or other direct communications when you provide personal information to us, (e.g., when you complete online forms or register for our loyalty and reward programs).
• Indirectly from you. For example, through your activity on our website via cookies or other tracking technologies (as described in our Cookie Notice, or from your use of our mobile applications and services (some of which may be managed by third parties on our behalf).
• From third parties. For example:
  - Service providers and vendors;
  - Advertising partners and other third-party analytics providers;
  - Affiliates, subsidiaries, and joint marketing partners;
  - Public record sources (e.g., government records); 
  - Social media platforms or networks

We may use or disclose the personal information we collect for one or more of the following purposes:

• To fulfill or meet the reason you provided the information.
• To provide, support, personalize, and develop our website, products, and services.
• To create, maintain, customize, and secure your profile with us.
• To process your requests, transactions, and payments and prevent transactional fraud.  
• To provide you with support and to respond to your inquiries, including investigating and addressing your concerns, and monitoring and improving our responses.
• To personalize your website experience and deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our website, third-party sites, and via email or text message (with your consent, where required by law).
• To help verify or maintain the quality, safety, security, and integrity of our website, products and services, databases and other technology assets, and business as well as to improve, upgrade, or enhance same.
• To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activities, and prosecute those responsible for that activity.
• For testing, research, analysis, and product development, including to develop and improve our website, products, and services.
• To debug, to identify and repair errors that impair our systems and platforms.
• To comply with applicable laws and regulations and to respond to law enforcement requests, court orders, or other legal obligations.
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets.
• As otherwise described to you at the time of collection, or as permitted or required by the CCPA.

We will not use the personal information we collect for materially different, unrelated, or incompatible purposes without providing you with prior notice.

MoneyGram uses Sensitive Personal Information solely for purposes permitted under CCPA, including:

• performing services reasonably expected by consumers;
• ensuring security and integrity;
• complying with legal and regulatory obligations (e.g., AML, sanctions screening);
• preventing fraud and illegal activity.

In the prior 12 months, we may have shared your personal information to the following categories of third parties for our legitimate business purposes:

• Our affiliates and subsidiaries;
• Service providers and/or vendors;
• Our agents and business partners;
• Governmental entities such as law enforcement agencies;
• Advertising and social media platforms or networks;
• Internet service providers; and
• Data analytics providers.

When we disclose personal information for a business purpose, we enter into a contract with the recipient that describes the purpose and requires the recipient to maintain the confidentiality of the information and not use it for any purpose except for performing the contract.

In the preceding twelve (12) months, we have not sold personal information, including the personal information of minors under the age of sixteen (16).

MoneyGram may share certain personal information with advertising and analytics partners for purposes of cross-context behavioral advertising. Consumers have the right to opt out of the sharing of personal information through our cookie preference center or by submitting a request as described below in ‘How to Exercise Your Rights’.

The CCPA provides consumers who are California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

(1) Right to Access to Specific Information and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, to the extent allowed by law, we will disclose to you:

• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting your personal information.
• The categories of third parties with whom we share your personal information.
• The specific pieces of personal information we collected about you.

(2) Right to Deletion Request

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For example, we will not honor your request where we need the personal information to comply with a legal obligation; there are internal and lawful uses of that information that are compatible with the context in which you provided it; the disclosure of personal information would adversely affect the rights and freedoms of another consumer; or where the personal information that we maintain about you is not subject to the CCPA’s access or deletion rights.

(3) Right to Correction of Inaccurate Personal Information

You have the right to request that we correct inaccurate personal information that we retain from you.

(4) Opt-out of the Sale or Sharing of the Personal Information for Purposes

You have the right to opt out of the sale of your personal information to third parties. You will also have the right to opt out of the sharing of your personal information to prevent the targeting of ads across different businesses, websites, apps, or services.

(5) Limitation on the Use and Disclosure of Sensitive Personal Information Rights

You have the right to request the limiting of your Sensitive Personal Information. 

In addition, you have the right to be free from discrimination by a business for exercising your CCPA privacy rights, including the right as an employee, applicant, or independent contractor.

If you are a California resident, you may exercise your rights to access, data portability, correction, or deletion of the personal information we collect about you by submitting a consumer request to us by either:

• Submitting a request via web form; or
• Calling us at 1-800-MONEYGRAM (or 1-800-926-9400).

Only you, or someone legally authorized to act on your behalf, may make a consumer request related to your personal information.

Your request to know, correct, or delete must:

• Provide sufficient information that allows us to reasonably verify your identity or the authority of your authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We may not comply with your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you or if your request is duplicative, unduly burdensome, or exceeds the statutory limit regarding requests within a 12-month period.

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If additional time is required (up to an additional 45 days), we will notify you in writing and explain the reason for the extension.

Any disclosures we provide will generally cover the twelve (12)-month period preceding the receipt of the verifiable consumer request's receipt, unless you request a longer period and it is permitted by law. Our response will also include an explanation of the reasons we are unable to comply with your request, if applicable.

We reserve the right to amend this Notice at our discretion at any time. When we make changes to this Notice, we will update the effective date and post the updated Notice on our Website. Your continued use of our Website following any changes constitutes your acceptance of those changes.

We will not discriminate against you for exercising any of your rights under CCPA. Unless permitted by the CCPA, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

If you have any questions or comments about this Notice, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under CCPA, you may contact us at:

Phone : 1-800-MONEYGRAM (or 1-800-926-9400).

Website : www.moneygram.com and click on the “ Contact Us ” link.

Email : privacyprogramoffice@moneygram.com .

Postal Address :

MoneyGram Payment Systems, Inc.

Attn: Privacy Office

2828 N. Harwood Street 15th Floor

Dallas, TX 75201 U.S.A