Merchant Privacy Policy

Afterpay Merchant Privacy Policy

Effective Date: November 7, 2025

We appreciate that you trust us with your personal information. Here we provide an overview of what personal information we collect from you and why, how we handle it, and your rights and choices.

This Privacy Policy describes how Afterpay and affiliates (“Afterpay,” “we,” “us”, and "our") collect, use, disclose, transfer, store, retain or otherwise process your personal information ("your", “you”, and "Merchant") when you visit our website, apply for and use our Merchant product and related services, or otherwise interact and engage with us in relation to our Merchant products, features, and services, including as outlined in our Terms of Service ("agreement") (collectively, "Services"). The Afterpay entity you are interacting with will be based on your country of residence. A list of Afterpay entities can be found in 11. How to Contact Us below.

Partners, merchants, online market places, and suppliers that Afterpay interacts with are independent of Afterpay and responsible for their own privacy policies and practices. This includes, content on their websites or app, and products or services provided. Please refer to their Privacy Policy or reach out directly to these third parties for further information.

Our Privacy Policy explains:

1. Personal information we collect about you and why

2. When and with whom we share your personal information

3. How we secure your personal information

4. How we use cookies and similar technologies

5. How long we keep your personal information

6. Your rights and choices

7. Additional Data Protection Rights

8. International Data Transfers

9. Children's Personal Information

10. Changes to this privacy policy

11. How to contact us

1. PERSONAL INFORMATION WE COLLECT ABOUT YOU AND WHY

Personal information reasonably identifies you and is about you, directly or indirectly, as described in applicable privacy laws in places we operate in.

We collect and process personal information about you in three ways:

(i) when you provide it to us directly;

(ii) when we gather personal information while you are using any of our Services, including through cookies and similar technologies (see 4. How We Use Cookies and Similar Technologies below); and

(iii) when we collect personal information from other third party sources.

We explain in the table below what types of personal information we collect and process, and how and why we do so. We may collect or process personal information in other ways than as described below. We will let you know at that time, unless otherwise inappropriate or unlawful to do so.

If you fail or refuse to provide us with personal information we request from you directly, or we do not obtain your consent where we rely upon it, including to gather personal information while you are using our Services or from third party sources, we may not be able to proceed with entering into or fulfilling some of our Services. Consequently, we will not be able to provide or continue to provide those Services to you. This includes, without limitation, setting up your Afterpay account, or responding to a support request or complaint.

Purpose of processing	Categories of personal information we collect and how	Why we collect and process personal information, and lawful bases where applicable
To reach out and understand whether you may be interested in applying to be a Merchant with us, including when you have completed our online business sign up and inquiry pages, or when we have received your personal information from other sources.	From you - Contact information, such as your name, address (and location), phone number, and email From other sources - Contact information, such as your name, address (and location), phone number, and email. We collect these from third parties (such as a Merchant who has referred you under our Merchant Referral Program), publicly available sources (eg. your website or Linkedin), and other third party sources	With your consent Our legitimate interests to promote our products and services, and yours, where otherwise permitted and consistent with applicable law, so that we can explore opportunities and benefits of the use of our Services
To create (and assess whether to create) an Afterpay account, including to carry out our identity and account verification process and to enable you to authenticate into your account once created.	From you - Contact information, such as your name, address (and location), phone number, and email Financial and business-related information, such as bank account details Identity information, such as your date of birth, driver’s license, passport, and other requested identification information documents From other sources - Confirmation of your identity through verification processes from identity verification and fraud prevention providers, and credit reference agencies, who may validate the information you provide us with other information from publicly or commercially available sources. Your personal information may also be screened against relevant sanctions watchlists. We may search online for any publicly available information about you, such as adverse media, through our onboarding process, and ongoing review of your suitability to provide our Services.	Legal obligation - to comply with applicable anti-money laundering and counter terrorism financing and sanctions laws To take steps to enter into and for the performance of our agreement with you For our legitimate interests to protect our business, and to confirm your identity, to detect, prevent and investigate suspected or actual money laundering, fraud, or other crimes or illegal activities
To provide our Afterpay account Services, including setting up your business’s Service account to interact with you and deliver our Services, such as sending you communications as necessary about our Services, invoices, and agreement updates	From you - Contact information, such as your name, address, phone number, and email. Communications between us	For the performance of our agreement with you
To send you direct marketing and other promotional communications, before or after you apply to become a Merchant, including to offer new partnerships and promotion opportunities. Where permitted, we may opt you in to marketing communications, but you can opt out at any time by clicking the unsubscribe link at the bottom of these messages. Refer also to 6. Your Rights and Choices below.	From you - Your contact details, such as your email address	With your consent, or for our legitimate interests to promote our products and services, where otherwise permitted and consistent with applicable law
To provide you support, including to resolve disputes, collect fees, and troubleshoot problems	From you - Identity verification information requested from you to discuss your account with you Information about the subject of your support request or complaint From other sources - Identity verification information requested from an agent you have authorized to discuss your account on your behalf Information relevant to the subject of the support request or complaint from merchants or other relevant sources	For the performance of our agreement with you For our legitimate interests, such as to investigate or respond to a support request or complaint
To detect, investigate and prevent suspected or actual fraud, money laundering, or other crimes or illegal activities on an ongoing basis , including credit card rules, and to protect Afterpay’s legal rights and claims	From your use of our Services - Information about your use of our Services From other sources - Information from third parties about you as consistent with applicable law, including from our affiliates	For our legitimate interests, in establishing any risks in providing services to you and to prevent, detect and prosecute fraud and other crimes
To learn more about your level of satisfaction, your expectations of us and our Partners, and how we can meet them, so that we can customise, measure, and improve our Services including its content, layout and operations. We may send you survey requests to do so. We may use this information to produce statistics and reports about our Services and operations. We will typically use this information to create aggregated or anonymised information and only use personal information where necessary.	From you - Feedback you provide us about our Services and interactions with us and our partners From your use of our Services - Information from you, your use of our Services, and other sources, as detailed in this section of our Privacy Policy.	Our legitimate interests to understand our Merchants so that we can provide a better experience for you and everyone, and to maintain and improve our Services
To make our app or site work as you’d expect it to, such as to prevent and respond to suspected or actual malicious software or activity, for secure identity verification and login, fraud prevention, and remembering your cookies choices. This includes personal information collected and processed by the use of cookies and similar technologies. Refer to 4. How We Use Cookies and Similar Technologies below	From your use of our Services - Technical information, such as date and time you visited a site or took an action, IP address, login details, your location, device or browser settings Cookies consent preference	To enter into and for the performance of our agreement with you Our legitimate interests, to provide a secure and functioning delivery of our Services
To provide by the use of cookies and similar technologies on our website and app better functionality, to assess our performance, for advertising by us and our digital partners, and to provide a personalized experience. Refer also to 4. How We Use Cookies and Similar Technologies below	From your use of our Services - Technical information, such as date and time you visited a site or took an action, IP address, contact details such as your email address, your geolocation, device or browser settings	With your consent or where otherwise consistent with applicable law
For other purposes you have specifically consented to	From you, from the use of our Services, or other sources. For instance, if we collect and process personal information categorized as “sensitive” or “special” under applicable laws, such as your health information, to deliver our Services, we will only collect this information where it is reasonably necessary and we have your consent, or where required by and consistent with applicable laws. Other information from you, from the use of our Services, or other sources as explained to you at the time we seek your consent.	With your consent
As required or permitted by applicable laws and regulations, including to satisfy our bookkeeping, taxation, auditing, and accounting requirements, and to carry out business, operational, and legal functions.	Unspecified information from you, from the use of our Services, or other sources.	As required or permitted by applicable laws and regulations

Purpose of processing

Categories of personal information we collect and how

Why we collect and process personal information, and lawful bases where applicable

To reach out and understand whether you may be interested in applying to be a Merchant with us, including when you have completed our online business sign up and inquiry pages, or when we have received your personal information from other sources.

From you -

Contact information, such as your name, address (and location), phone number, and email

From other sources -

Contact information, such as your name, address (and location), phone number, and email. We collect these from third parties (such as a Merchant who has referred you under our Merchant Referral Program), publicly available sources (eg. your website or Linkedin), and other third party sources

With your consent

Our legitimate interests to promote our products and services, and yours, where otherwise permitted and consistent with applicable law, so that we can explore opportunities and benefits of the use of our Services

To create (and assess whether to create) an Afterpay account, including to carry out our identity and account verification process and to enable you to authenticate into your account once created.

From you -

Contact information, such as your name, address (and location), phone number, and email
Financial and business-related information, such as bank account details
Identity information, such as your date of birth, driver’s license, passport, and other requested identification information documents

From other sources -

Confirmation of your identity through verification processes from identity verification and fraud prevention providers, and credit reference agencies, who may validate the information you provide us with other information from publicly or commercially available sources. Your personal information may also be screened against relevant sanctions watchlists.
We may search online for any publicly available information about you, such as adverse media, through our onboarding process, and ongoing review of your suitability to provide our Services.

Legal obligation - to comply with applicable anti-money laundering and counter terrorism financing and sanctions laws
To take steps to enter into and for the performance of our agreement with you
For our legitimate interests to protect our business, and to confirm your identity, to detect, prevent and investigate suspected or actual money laundering, fraud, or other crimes or illegal activities

To provide our Afterpay account Services, including setting up your business’s Service account to interact with you and deliver our Services, such as sending you communications as necessary about our Services, invoices, and agreement updates

From you -

Contact information, such as your name, address, phone number, and email.
Communications between us

For the performance of our agreement with you

To send you direct marketing and other promotional communications, before or after you apply to become a Merchant, including to offer new partnerships and promotion opportunities.

Where permitted, we may opt you in to marketing communications, but you can opt out at any time by clicking the unsubscribe link at the bottom of these messages. Refer also to 6. Your Rights and Choices below.

From you -

Your contact details, such as your email address

With your consent, or for our legitimate interests to promote our products and services, where otherwise permitted and consistent with applicable law

To provide you support, including to resolve disputes, collect fees, and troubleshoot problems

From you -

Identity verification information requested from you to discuss your account with you
Information about the subject of your support request or complaint

From other sources -

Identity verification information requested from an agent you have authorized to discuss your account on your behalf
Information relevant to the subject of the support request or complaint from merchants or other relevant sources

For the performance of our agreement with you
For our legitimate interests, such as to investigate or respond to a support request or complaint

To detect, investigate and prevent suspected or actual fraud, money laundering, or other crimes or illegal activities on an ongoing basis , including credit card rules, and to protect Afterpay’s legal rights and claims

From your use of our Services -

Information about your use of our Services

From other sources -

Information from third parties about you as consistent with applicable law, including from our affiliates

For our legitimate interests, in establishing any risks in providing services to you and to prevent, detect and prosecute fraud and other crimes

To learn more about your level of satisfaction, your expectations of us and our Partners, and how we can meet them, so that we can customise, measure, and improve our Services including its content, layout and operations.

We may send you survey requests to do so.

We may use this information to produce statistics and reports about our Services and operations. We will typically use this information to create aggregated or anonymised information and only use personal information where necessary.

From you -

Feedback you provide us about our Services and interactions with us and our partners

From your use of our Services -

Information from you, your use of our Services, and other sources, as detailed in this section of our Privacy Policy.

Our legitimate interests to understand our Merchants so that we can provide a better experience for you and everyone, and to maintain and improve our Services

To make our app or site work as you’d expect it to, such as to prevent and respond to suspected or actual malicious software or activity, for secure identity verification and login, fraud prevention, and remembering your cookies choices.

This includes personal information collected and processed by the use of cookies and similar technologies. Refer to 4. How We Use Cookies and Similar Technologies below

From your use of our Services -

Technical information, such as date and time you visited a site or took an action, IP address, login details, your location, device or browser settings
Cookies consent preference

To enter into and for the performance of our agreement with you
Our legitimate interests, to provide a secure and functioning delivery of our Services

To provide by the use of cookies and similar technologies on our website and app better functionality, to assess our performance, for advertising by us and our digital partners, and to provide a personalized experience. Refer also to 4. How We Use Cookies and Similar Technologies below

From your use of our Services -

Technical information, such as date and time you visited a site or took an action, IP address, contact details such as your email address, your geolocation, device or browser settings

With your consent or where otherwise consistent with applicable law

For other purposes you have specifically consented to

From you, from the use of our Services, or other sources. For instance, if we collect and process personal information categorized as “sensitive” or “special” under applicable laws, such as your health information, to deliver our Services, we will only collect this information where it is reasonably necessary and we have your consent, or where required by and consistent with applicable laws.

Other information from you, from the use of our Services, or other sources as explained to you at the time we seek your consent.

With your consent

As required or permitted by applicable laws and regulations, including to satisfy our bookkeeping, taxation, auditing, and accounting requirements, and to carry out business, operational, and legal functions.

Unspecified information from you, from the use of our Services, or other sources.

As required or permitted by applicable laws and regulations

2. WHEN AND WITH WHOM WE SHARE YOUR PERSONAL INFORMATION

We may share personal information described in 1. Personal information we collect and why section with the following categories of service providers and other third parties.

Categories of third parties	When and why we may share your personal information
Affiliates within our group of companies Such as, Cash App, Square, or other wholly-owned subsidiaries of Block Inc.	We may share your personal information for the following purposes for our legitimate interests or as otherwise required or consistent with applicable law. To provide (or assess to provide), maintain or improve our Services To understand how you engage with our Services to help make them better for you and for everyone To help us manage our relationship with you across our group of companies and for customer support issues and to enforce our agreement with you, including in cases of debt recovery; For us and our affiliates to prevent, detect, and prosecute money laundering, fraud and other crimes or illegal activities For marketing purposes where legally permitted As instructed by you and choices available to you As required or permitted with applicable law
Service Providers and sub-contractors	We share your personal information, including with the following Service Providers based on our legitimate interests to provide, maintain and improve our Services. Technology and IT infrastructure providers to store information and to provide software or programs that help us provide our Services Marketing or event providers that help us run our advertising campaigns, contests, special offers, or other events or activities Identity verification and fraud prevention providers and credit reference agencies to help us confirm your identity and prevent fraud, to assist us in meeting our obligations under anti-money laundering / counter terrorism financing and sanctions laws, and other compliance requirements. These companies process your personal information in accordance with their own privacy policies Financial partners, like financial institutions, payment networks, payment card associations, and credit bureaus that help us provide our joint Services; Outbound phone and text messaging services. Our Service Provider may need to access and intercept messages between us and your from time to time or disclose your personal information to a government body or telecommunications network provider to comply with applicable telecommunications laws, or a court or tribunal order Customer service agencies, to support manage our relationship with you Analytics providers, to understand how you engage with our Services to help make them better for you and for everyone. For example, we partner with third-party analytics providers, like Google, to help us understand how you use our services so that we can improve our customer experience
Your customers	We share your personal information with customers that you engage and transact with using our Services for the following purposes to fulfill our agreement with you To assist you to manage an order, including dealing with any refunds, disputes, or claims, or in regards to an inquiry or complaint made by a customer
Online trackers	We may share your personal information for the following purposes with your consent, for our legitimate interests, or as otherwise consistent with applicable law Consistent with applicable law and choices that may be available to you, we share your personal information with advertising partners for “interest-based advertising” or “targeted advertising” campaigns, and with partners that help analyze our site and track metrics on our behalf or in connection with our Services. Refer to 4. How We Use Cookies and Similar Technologies for more information
Companies that we plan to merge with or be acquired by or who may invest in us	We share your personal information for the following purposes for our legitimate interests. For business transfers and corporate changes to enable the assessment or completion of the relevant merger, restructuring, financing, acquisition, divestiture, dissolution or other corporate change. If we do or try to do a corporate merger, consolidation, or restructuring (including during due diligence and negotiation of these); the sale of substantially all of our stock and/or assets; the financing, acquisition, divestiture, or dissolution of all or a portion of our business; or other corporate change To ensure that we or our business remains commercially viable To a subsequent owner, co-owner, or operator of one or more of the Services to enable them to continue to run the Services after the change of owner or operator
Law enforcement agencies, government agencies, officials, or other authorities or third parties pursuant to a subpoena, court order, or other legal process, requirement, or legitimate interest	We share personal information for the following purposes for our legitimate interests, to protect our business and enforce our agreement with you, or where required or authorized by law. To detect, investigate and prevent suspected or actual fraud, money laundering, or other crimes or illegal activities, including credit card rules To comply with any applicable law, regulation, legal process or governmental request (e.g., from creditors, tax authorities, law enforcement agencies, in response to a garnishment, levy, or lien notice, etc.) To establish, exercise or defend our legal rights, including to enforce our agreement with you To protect ours or our customers' rights or property, including from harm, fraud, or potentially prohibited or illegal activities, and for the security or integrity of our Services
With your consent	Other third parties with your consent or direction to do so, such as to provide (or assess to provide) our Services
Other third parties where required by law, or our legitimate interests as permitted by law	To comply with any applicable law, regulation, legal process or governmental request (e.g., from creditors, tax authorities, law enforcement agencies, in response to a garnishment, levy, or lien notice, etc.) Other purposes as permitted by applicable laws

3. HOW WE SECURE YOUR PERSONAL INFORMATION

We take appropriate measures, including administrative, technical, and physical safeguards, to protect your personal information from loss, theft, and misuse, and unauthorized access, disclosure, alteration, and destruction. The internet is not a 100% secure environment, so we cannot guarantee absolute security of the transmission or storage of your information. We are an ISO 27001 compliant company, and require our third parties to meet appropriate privacy and security standards when handling data on our behalf. Your personal information will be accessible by our employees, contractors and service providers who require access for the purposes described in this Privacy Policy.

For more information about our security practices, please visit https://www.afterpay.com/en-US/security or refer to 10. How to Contact Us below.

4. HOW WE USE COOKIES AND SIMILAR TECHNOLOGIES

When you visit or interact with our Services, or open emails we send you, we and our third party partners may obtain certain information about you through the use of cookies, web server logs, pixels, web beacons, and other automated technologies (collectively, “cookies”).

We and our partners may use cookies to collect information about you, such as your device information, internet activity information, and inferences, from your use of our Services (see 1. Personal Information we collect about you and why for more information). We may use the following types of cookies on the Services:

Strictly Necessary Cookies: Strictly necessary cookies are cookies that are necessary to enable core services like secure login, cookie preferences, identity management, and fraud prevention. These cookies are always active and cannot be turned off or opted out of. For example, without these cookies, you would not be able to stay logged in while navigating between pages on the website.

Functionality Cookies: These cookies enable us to remember you when you return to our Services, preferences you may have indicated and information you have provided to us to give you a customized experience.

Performance and Analytical Cookies: We and our third party partners may use these cookies to analyze the usage of our Services; to assess their performance; to understand users’ interactions with them; to conduct testing of different service designs; and to recognize and count the number of unique users of the Services. This helps us to improve our Services and to plan our Service capacities.

Retargeting or Advertising Cookies: We and our third party partners may use cookies to collect information about your online activity on the Services and across other sites and services, such as your browsing and purchasing activity and your activity on mobile sites and applications, to show you relevant ads on third-party sites and analyze your online activity. Advertising based on your activity across other sites and services is called “targeted advertising” or “interest-based advertising.” We may be able to associate the information we collect through cookies with other information we collect about you, such as from third parties. If you reject these cookies, you may still receive ads, but they will be less personalized.

We set some of these automated technologies ourselves, but others are set by our third party partners. For example, we may use other companies’ web analytics and advertising services, which use automated technologies to help us evaluate how you and others use our websites and to help us serve you more relevant advertising. We may disclose your information to these third parties and other service providers who use the information to help us figure out how you and others use our online services.

You can manage your cookie preferences for our website by clicking “Your Privacy Choices” link in the footer of our website. You can also opt-out of targeted advertising by clicking “Your Privacy Choices” link and toggling off “Retargeting or Advertising” cookies.

Your browser or device may also offer settings to control cookies. Selecting “Limit Ad Tracking” (for iOS devices), or “Opt out of Interest-Based Ads” (for Android devices), will allow you to limit our use of information collected from or about your mobile device (such as precise location data) for the purposes of serving interest-based advertising to you. You may also opt-out of receiving ads from us or our partners by using our partners’ settings or by heading to Your Ad Choices for more information. As a heads up, blocking or opting-out of some types of cookies may impact your experience and the Services we are able to offer.

Certain web browsers allow you to instruct your browser to respond to Do Not Track ("DNT") signals to websites you visit, informing those sites that you do not want your online activities to be tracked. At this time, our websites are not designed to respond to DNT signals or similar mechanisms from browsers.

5. HOW LONG WE KEEP YOUR PERSONAL INFORMATION

The retention periods for personal information we collect and process about you are determined on a case-by-case basis that depends on the following factors below.

● The nature of the personal information, and why it is collected and processed, as described in this Privacy Policy. This includes to provide our Services, to comply with legal obligations, to enforce and prevent violations of our agreement with you, and to protect us against fraudulent activity.

● To manage and enforce our agreement with you. Your use of our Services is subject to the agreement between us. So if, for example, you close your Afterpay account, we retain personal information about you for a period of time so as to collect any debt or fees owed, resolve disputes, troubleshoot problems, assist with any investigations or complaints, and to prevent fraud or risk.

● To establish, exercise, or defend our legal claims or rights. For example, we preserve your personal information related to a legal claim or complaint, such as where we are subject to a regulatory investigation, or we need to defend ourselves in legal proceedings involving your personal information, or respond to a government authority or body in relation to a legal or regulatory complaint made by you or someone else.

● As required or otherwise permitted by applicable law. For example, retention periods may be imposed under law or regulation for a prescribed period of time. For instance, to protect our or other’s legitimate interests, such as to prevent fraud.

6. YOUR RIGHTS AND CHOICES

As described below, you can see or change personal information you gave us, ask us to close your account, control your device location tracking settings, or tell us to stop direct marketing to you at any time. Head to our Help Centre at any time by clicking "Help" on our website or app for detailed instructions. We also respect other privacy rights and choices you make consistent with applicable law. These rights and choices available to you are based on your country of residence and which Afterpay entity you are dealing with, and are subject to limitations as required or permitted by applicable law.

We may ask you to verify your identity in accordance with our standard procedures, including any authorized agent who would like to act on your behalf, or clarify your request, before taking further action on your privacy right or choice request. We endeavor to respond and address all privacy rights and choices requests within the applicable statutory time frame. We will let you know if we need more time, and why. We may not always be able to fulfill your request if we have a legitimate basis to refuse it. We will tell you why. For example, we will not fulfill your request if you seek to delete your personal data in a way that would mean we are not able to comply with our obligations under law.

How to Exercise Your Rights

You may submit an access, deletion, or correction request here or by emailing [email protected]. Please also see 10. How To Contact Us below. To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or complying with your request. You may also designate an authorized agent to make a request on your behalf as permitted under law, though before we process that request, we will require that you provide the authorized agent written permission to do so and verify your identity directly with us.

To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.

Rights that may be available to you, based on the jurisdiction in which you reside and subject to exceptions under applicable law

Right to	Description
Access	You may have the right to request a copy of your personal information held by us. • The categories and specific pieces of personal information we have collected about you; • The categories of sources from which we collected the personal information; • The business or commercial purpose for which we collected the personal information; • The categories of third parties with whom we shared the personal information; and • The categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.
Correction	You may have the right to ask us to correct your personal information held by us, including where you believe it is not accurate, complete, up to date, or relevant.
Deletion	You may have the right to ask us to delete your personal information we have collected (subject to exceptions under applicable laws). Please note that you may no longer be able to use our Services if you delete your personal information.
Non-Discrimination	You may have the right to not be discriminated against if you exercise these privacy rights. We will not discriminate against you, deny, charge different prices for, or provide a different quality of goods or services if you choose to exercise these rights.
Opt-Out Rights (including to opt out of targeted advertising)	Although we do not sell your personal information for money, we do share your personal information for purposes of targeted advertising (also known as “cross-context behavioral advertising”). If we share your personal information to third parties for such purposes, we will provide you the right to opt out of such sharing (subject to exceptions the law provides). If you are a visitor to our website, you can exercise your right to opt-out by clicking “Your Privacy Choices” link in the footer of any page on our website and toggling off “Retargeting or Advertising” cookies. Depending on the jurisdiction in which you live, we also support the Global Privacy Control (“GPC”), which is a browser-based opt-out preference signal that enables you to communicate your privacy preferences to the websites you visit. For more information about the GPC, please visit their website here. Although some of the information we collect and process about you may be considered sensitive personal information, we only process such information for purposes authorized by law, such as to provide services you request from us or to verify your information.

Exceptions to These Rights

Certain laws provide for certain exceptions to the rights described above. We reserve the right to avail ourselves of these exceptions where applicable. For example, under some U.S. state privacy laws, these rights do not apply to personal information collected, processed, shared, or disclosed subject to the Gramm-Leach-Bliley Act.

7. ADDITIONAL DATA PROTECTION RIGHTS

If you live in California, California law also gives you the right to ask if we share your personal information to third parties for their direct marketing purposes (we do not disclose your personal information for unaffiliated third parties’ direct marketing purposes).

8. INTERNATIONAL DATA TRANSFERS

Personal information we collect and handle about you may be transferred to or stored in a jurisdiction outside your country of residence and where the Afterpay entity you are dealing with operates. We may do so, for example without limitation, when sharing personal information with our affiliates and service providers to help us provide (or assess to provide) our Services or other third parties that we partner with. Your personal information may be transferred to or stored in Australia, New Zealand, the United States, Canada, United Kingdom, the European Union, China, and Singapore. We may transfer your personal information to other countries, but we will always take steps to ensure your personal information is afforded equivalent levels of protection and rights as are required under your country of residence and where the Afterpay entity you are dealing with operates. For more information please reach out using the details in 10. How to Contact Us below.

We take steps to ensure your personal information is afforded equivalent levels of protection and rights as are required under your country of residence and where the Afterpay entity you are dealing with operates.

For further information about our policies and practices with respect to international data transfers, please refer to 10. How To Contact Us below.

9. CHILDREN'S PERSONAL INFORMATION

Our Services are not directed at children under the age of 18. If we learn that any personal information we collect has been provided by a child under the age of 18, we will promptly close the relevant account and delete that personal information consistent with applicable law.

10. CHANGES TO THIS PRIVACY POLICY

We reserve the right to change this Privacy Policy from time to time, as may be required. We will provide you with reasonable prior notice of any material changes in how we use your personal information, including by email if you have provided one. If you disagree with these changes, you may cancel your Afterpay account at any time. Any amendments will be published by posting a revised version of the Privacy Policy and updating the “Effective Date” and "Posted Date" above. The revised version will be effective on the “Effective Date” listed.

11. HOW TO CONTACT US

If you have any questions or concerns regarding this Privacy Policy, or would like to exercise your rights and choices, you can get in touch with us by contacting your country specific Afterpay entity below. If you are dissatisfied with our response, you have a right to make a complaint to your local privacy authority, with a link to their contact page below.

Country	Contact Details
United States	Submit a request here [email protected] 1955 Broadway, Suite 600, Oakland, California, United States of America 94612

Country

Contact Details

United States

Submit a request here

[email protected]

1955 Broadway, Suite 600, Oakland, California, United States of America 94612