SuperiorPayments

Legal

Privacy Policy

How Superior Payments collects, uses, shares, and protects personal information.

Effective date: May 2, 2026

Last updated: May 2, 2026

Superior Payments ("Superior Payments," "we," "us," or "our") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information when you visit superiorpayments.com (the "Site"), use our merchant processing gateway, ISO services, merchant portal, and any related products or services we offer (collectively, the "Services").

By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

1. Who we are

Superior Payments is a merchant processing gateway and Independent Sales Organization (ISO). Our principal office is located at:

Superior Payments
1901 Ulmerton Rd Suite 625 PMB1046
Clearwater, FL 33762
United States

For privacy-related questions, contact us at privacy@superiorpayments.com.

2. Scope of this policy

This Privacy Policy applies to personal information we collect from website visitors, prospective merchants, active merchants, merchant employees, ISO partners, agents, vendors, and individuals who interact with our Services in any other capacity. It does not apply to third-party websites, services, or applications that are not operated by Superior Payments, even if they are linked to from our Site.

For active merchants, this policy is supplemented by the privacy and data-handling provisions of your Merchant Services Agreement and any related processing agreements.

3. Information we collect

3.1 Information you provide directly

We collect information you submit when you contact us, request a quote, apply for a merchant account, sign up for a partner or agent program, or otherwise interact with the Services. This may include:

  • Identity and contact data — name, email address, phone number, business address, job title, and similar identifiers.
  • Business and underwriting data — legal entity information, doing-business-as names, EIN, ownership and beneficial-owner details, processing history, MCC codes, processing volume, average transaction size, bank account and routing information, and supporting documents (e.g., business licenses, financial statements) requested for underwriting.
  • Account and login data — username, password, multi-factor authentication factors, and security questions for the merchant portal at portal.superiorpayments.com.
  • Communications — content of emails, calls, support tickets, chat messages, and other communications you send to us.

3.2 Information collected automatically

When you visit the Site or use the merchant portal, we automatically collect certain information, including:

  • Device and connection data — IP address, device identifiers, browser type and version, operating system, language, time zone, and referring URLs.
  • Usage data — pages viewed, links clicked, features used, search queries, session duration, and click paths.
  • Cookies and similar technologies — see Section 6 (Cookies and tracking technologies).
  • Security and fraud telemetry — login attempts, device fingerprinting, behavioral biometrics, and similar signals used to detect fraud and protect the Services.

3.3 Information from third parties

We may receive information about you from third parties, including:

  • Credit reporting agencies, identity verification providers, and fraud-prevention databases used during merchant underwriting and ongoing risk monitoring.
  • Card networks (Visa, Mastercard, American Express, Discover), acquirers, sponsor banks, and processors involved in clearing and settlement.
  • ISO partners, referral partners, and service providers that refer or onboard merchants to the Services.
  • Publicly available sources, including business registries, regulatory filings, and sanctions/watchlist databases.

3.4 Cardholder and transaction data

In the course of providing the Services, we process payment card information, transaction data, and related cardholder data on behalf of merchants. We treat this information as highly sensitive and handle it in accordance with the Payment Card Industry Data Security Standard (PCI DSS) and applicable card brand rules. Cardholder data is encrypted in transit and at rest, tokenized where possible, and access is restricted to authorized personnel and systems on a need-to-know basis.

For cardholder data we process on behalf of a merchant, the merchant is generally the data controller (or business) and Superior Payments acts as a service provider or data processor. Our use of cardholder data is governed by the merchant's instructions and our agreement with the merchant.

4. How we use information

We use personal information for the following purposes:

  • Providing the Services — onboarding merchants; authorizing, settling, and reconciling transactions; routing payments; processing chargebacks; managing reserves; providing merchant portal access; and supporting integrations.
  • Security and fraud prevention — authenticating users, preventing unauthorized access, detecting fraudulent transactions, scoring risk in real time using Superior AI, investigating suspected misuse, and protecting the integrity of the Services.
  • Compliance and legal obligations — meeting requirements under PCI DSS, anti-money-laundering (AML) regulations, sanctions screening, know-your-customer (KYC) rules, card brand operating regulations, tax laws, and other applicable laws and regulations.
  • Customer support — responding to inquiries, resolving issues, providing account assistance, and following up on requests.
  • Product improvement and analytics — understanding how the Services are used, debugging, troubleshooting, conducting research, and developing new features. Analytics may rely on aggregated or de-identified data.
  • Predictive cost optimization — Superior AI analyzes processing profiles to surface interchange and routing savings recommendations for merchants.
  • Marketing and communications — sending marketing emails, newsletters, and product updates (you can unsubscribe at any time), and tailoring content where permitted.
  • Business operations — accounting, auditing, reporting, corporate governance, vendor management, and similar internal purposes.
  • With your consent — for any other purpose disclosed at the time of collection.

5. How we share information

We share personal information in the following circumstances:

  • Card networks, acquirers, sponsor banks, and processors — to authorize, clear, and settle transactions, and to comply with card brand rules.
  • Service providers and subprocessors — vendors that help us deliver the Services (cloud hosting, identity verification, fraud-detection partners, analytics providers, customer support tools, communications providers). These vendors are contractually bound to use information only for authorized purposes and to protect it in line with this Privacy Policy and applicable law.
  • ISO partners and merchants — where you have a relationship through an ISO, agent, or partner, we may share relevant account, residual, and reporting information with that partner. Where you submit information to a merchant, we share relevant information with that merchant to operate the processing relationship.
  • Legal, regulatory, and safety purposes — in response to lawful requests by public authorities (including subpoenas, court orders, and regulatory examinations); to comply with applicable law; to enforce our agreements; to investigate fraud or wrongdoing; to protect the rights, property, or safety of Superior Payments, our customers, or others; and to comply with sanctions and AML obligations.
  • Corporate transactions — in connection with a merger, acquisition, financing, reorganization, sale of all or substantially all of our assets, bankruptcy, or similar corporate transaction. Information may be transferred to a successor entity, subject to this Privacy Policy or a substantially similar privacy policy.
  • With your consent — when you direct us to share information, or otherwise with your consent.

We do not sell personal information for monetary consideration. Some sharing of personal information for cross-context behavioral advertising may be considered a "sale" or "sharing" under certain US state privacy laws — see Section 9 (Your privacy rights and choices) for how to opt out.

6. Cookies and tracking technologies

We and our service providers use cookies, pixels, web beacons, local storage, and similar technologies to operate and secure the Services, remember your preferences, measure usage, and support marketing. Cookies fall into the following categories:

  • Strictly necessary — required for the Services to function (e.g., authentication, load balancing, security).
  • Performance and analytics — help us understand how the Site and Services are used.
  • Functional — remember settings and preferences.
  • Marketing and advertising — used to deliver relevant communications and measure campaign effectiveness.

You can control cookies through your browser settings. Disabling certain cookies may affect Site functionality. Where required by law, we present cookie consent or preference controls.

7. Data retention

We retain personal information for as long as necessary to provide the Services, comply with legal and regulatory obligations (including AML, tax, recordkeeping, card brand, and audit requirements), resolve disputes, and enforce our agreements. Retention periods vary depending on the type of information and the purpose for which it was collected. When information is no longer required, we delete, anonymize, or archive it in accordance with our retention schedule and applicable law.

8. Data security

We maintain administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, loss, and destruction. These safeguards include encryption in transit and at rest, tokenization of cardholder data, multi-factor authentication for privileged access, role-based access controls, network segmentation, continuous monitoring, vulnerability management, incident response procedures, and personnel security training.

Superior Payments maintains PCI DSS Level 1 certification and SOC 2 Type II reporting. Despite our safeguards, no system is completely secure. If we become aware of a security incident affecting your personal information, we will notify you and applicable regulators where required by law.

9. Your privacy rights and choices

Depending on where you live, you may have certain rights with respect to your personal information.

9.1 General rights

  • Access — request a copy of personal information we hold about you.
  • Correction — request correction of inaccurate or incomplete information.
  • Deletion — request deletion of personal information, subject to legal exceptions (e.g., AML, audit, fraud-prevention, and tax obligations may require us to retain certain records).
  • Portability — receive certain information in a portable, machine-readable format.
  • Objection / restriction — object to or restrict certain processing.
  • Withdraw consent — where processing is based on consent, you can withdraw at any time.
  • Marketing opt-out — unsubscribe from marketing emails using the link in the email or by contacting us.

9.2 California residents (CCPA / CPRA)

California residents have the right to know what personal information we collect, use, disclose, and (if applicable) sell or share; the right to delete; the right to correct; the right to opt out of sale or sharing of personal information; the right to limit the use of sensitive personal information; and the right to non-discrimination for exercising these rights. We do not sell personal information for monetary consideration. To exercise these rights, contact privacy@superiorpayments.com. Authorized agents may submit requests on your behalf with appropriate proof of authorization.

9.3 Other US state privacy laws

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive consumer privacy laws may have similar rights, including the rights of access, correction, deletion, portability, and the right to opt out of targeted advertising, sale of personal data, and certain profiling activities. To exercise these rights, contact privacy@superiorpayments.com.

9.4 EEA, UK, and Swiss residents (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation, the UK GDPR, and equivalent Swiss law, including the rights of access, rectification, erasure, restriction of processing, data portability, objection, and to lodge a complaint with a supervisory authority. The legal bases on which we rely include your consent, the necessity to perform a contract with you, compliance with legal obligations, and our legitimate interests (such as fraud prevention, security, and improving the Services).

9.5 Verifying and responding to requests

We will verify your identity before fulfilling a privacy rights request, typically by matching information you provide against information we already hold. We will respond within the time period required by applicable law. Some requests may be declined, in whole or in part, where permitted (for example, where retention is required for compliance, fraud prevention, or the establishment or defense of legal claims).

10. International data transfers

Superior Payments is headquartered in the United States and may transfer, process, and store personal information in the United States and other countries where we or our service providers operate. These countries may have data protection laws different from those of your country. Where required by applicable law, we implement appropriate safeguards for cross-border transfers, including Standard Contractual Clauses or other approved transfer mechanisms.

11. Children's privacy

The Services are not directed to children under 16, and we do not knowingly collect personal information from children under 16. If you believe a child has provided personal information to us, contact privacy@superiorpayments.com and we will take appropriate action.

12. Third-party links and integrations

The Services may contain links to third-party websites, applications, or integrations. This Privacy Policy does not apply to those third parties. We encourage you to read the privacy policies of any third party before providing them with personal information.

13. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will revise the "Effective date" above and provide notice as required by law (for example, by posting on the Site or contacting you directly). Your continued use of the Services after changes take effect constitutes acceptance of the revised Privacy Policy.

14. Contact us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, contact us at:

Superior Payments
Attn: Privacy
1901 Ulmerton Rd Suite 625 PMB1046
Clearwater, FL 33762
Email: privacy@superiorpayments.com
Phone: 727-263-1891