Privacy Policy

1. Introduction

This Privacy Policy describes how Nationwide Merchant Solutions(“NMS,” “we,” “our,” or “us”) collects, uses, shares, and protects personal information in connection with our website (www.nationwidemerchantsolutions.com) and the payment-processing and merchant services we provide to businesses across the United States.

NMS is a registered Independent Sales Organization sponsored by Elavon, Wells Fargo, US Bancorp, and Citizens Bank, N.A., Providence, RI. Nationwide Merchant Solutions is a registered Independent Sales Organization of Citizens Bank, N.A., Providence, RI. As a registered ISO, we are subject to the privacy and data-security obligations of our sponsor banks and the card networks (Visa, Mastercard, Discover, and American Express).

By using our website or services, you agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the website and contact us with any questions before submitting a form or otherwise providing personal information.

2. Information We Collect

Information you provide directly

When you submit one of our online forms or otherwise communicate with us, you may provide information such as:

• Get Started form: name, business name, business phone number, email address, whether the business is currently operating, whether you are currently accepting payments, industry, estimated processing volume, and any notes you provide.
• Contact Us form: name, company name, email address, phone number, estimated processing volume, and the contents of your message.
• Partners form: name, phone number, email address, current involvement in merchant services, business access, and a brief background description.
• Phone, email, and text correspondence: records of communications you initiate with our team and the information you share during those communications.
• Underwriting application data (where applicable): business legal name, EIN, ownership information, bank account verification, recent processing statements, and any documents required to open a merchant account. This information is shared with our sponsor banks and underwriting partners as described in Section 4.

Information collected automatically

When you visit our website, we and our analytics providers may automatically collect:

• IP address and approximate location
• Browser type, device type, operating system, and screen size
• Pages viewed, time on page, referring URL, and exit pages
• Event data such as form starts, form submissions, and click-throughs
• Cookies and similar technologies, including those used by Google Tag Manager, Google Analytics 4, and Google Ads conversion tracking

Information we do not collect on this website

Our public website does not collect payment card numbers, cardholder data, or transaction information. Cardholder data is handled exclusively through the secure processing environments of our sponsor banks and certified payment gateways and is never stored on our marketing website.

3. How We Use Information

We use the information we collect to:

• Respond to inquiries, schedule consultations, and provide quotes for payment processing and merchant services
• Process applications for merchant accounts, including underwriting, verification, and risk assessment in partnership with our sponsor banks
• Provide ongoing customer service and account support
• Send transactional communications (e.g., confirmation emails, application updates) and, where you have not opted out, occasional marketing communications about our services
• Measure website performance, conversion rates, and the effectiveness of our marketing campaigns
• Detect and prevent fraud, abuse, security incidents, and violations of applicable law or our terms
• Comply with legal, regulatory, card-network, and sponsor-bank obligations

4. How We Share Information

We share personal information only as needed to operate our business and provide merchant services, and only with parties subject to appropriate confidentiality and data-protection obligations.

Service providers

• Resend— transactional and notification email delivery
• Supabase— encrypted database storage of form submissions and lead records
• Google— website analytics (Google Tag Manager and Google Analytics 4), advertising performance (Google Ads), and conversion measurement. We use Google's Enhanced Conversions for Leads feature, which shares one-way hashed (SHA-256) email, phone, and name data so that Google can attribute conversions to advertising campaigns. We do not share raw (un-hashed) personal information with Google for advertising purposes.
• Vercel— website hosting infrastructure

Sponsor banks

When you apply for a merchant account or use our processing services, we share application and account information with one or more of our sponsor banks for underwriting, account opening, settlement, and ongoing account management:

• Elavon
• Wells Fargo
• US Bancorp
• Citizens Bank, N.A., Providence, RI

Card networks and payment partners

Visa, Mastercard, Discover, and American Express may receive transaction and merchant information under their network rules. Payment gateways and point-of-sale partners (such as Clover, First Data, and other certified providers) may receive information necessary to provide processing services to your business.

Legal, regulatory, and compliance disclosures

We may disclose information when we believe in good faith that disclosure is required to comply with applicable law, court orders, subpoenas, regulatory requests, or card-network rules; to enforce our agreements; to protect the rights, property, or safety of NMS, our customers, or others; or in connection with a corporate transaction such as a merger, acquisition, financing, or sale of assets.

We do not sell your personal information

NMS does not sell personal information, and we do not share personal information with third parties for their own independent marketing purposes.

5. Data Security

We use commercially reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. These include:

• HTTPS/TLS encryption for all website traffic and form submissions
• Encrypted-at-rest storage of form data with our service providers
• SHA-256 hashing of personal identifiers shared with Google for conversion measurement
• Rate limiting, IP-based abuse controls, honeypot fields, and timing checks on all public forms to prevent automated abuse
• Access controls limiting employee and contractor access to personal information on a need-to-know basis
• PCI DSS compliance through our sponsor banks and certified payment partners for any cardholder-data environments

No security program can guarantee absolute protection. If you believe your interactions with us are no longer secure, please contact us immediately using the information in Section 11.

6. Data Retention

We retain personal information only for as long as needed to fulfill the purposes described in this Privacy Policy and to satisfy our legal, regulatory, tax, accounting, and reporting obligations. Specifically:

• Lead and inquiry records: retained for as long as you remain a prospective customer plus a reasonable follow-up window
• Customer and merchant-account records: retained for the duration of the relationship and for the period required by sponsor-bank, card-network, and financial-recordkeeping obligations (typically a minimum of seven years after account closure)
• Website analytics data: retained according to the default settings of our analytics providers (Google Analytics 4 currently retains event-level data for fourteen months)

When retention is no longer required, we either delete the information or anonymize it so it can no longer be associated with you.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to operate the site, measure its performance, and support our marketing efforts. The main categories are:

• Strictly necessary cookies— required for the site to function (e.g., session and security cookies)
• Analytics cookies— set by Google Tag Manager and Google Analytics 4 to help us understand how visitors use the site
• Advertising cookies— set by Google Ads conversion tracking to attribute form submissions to advertising campaigns

You can control cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be alerted when cookies are being set. You can opt out of Google's use of cookies for ads personalization by visiting Google Ads Settings and opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

8. Your Privacy Rights

Depending on where you live, you may have certain rights regarding personal information that NMS holds about you. These rights vary by jurisdiction, but generally include:

• Right to know what personal information we collect, use, and share
• Right to access a copy of the personal information we hold about you
• Right to correct inaccurate personal information
• Right to delete personal information, subject to legal, regulatory, and sponsor-bank retention obligations
• Right to opt out of the sale or sharing of personal information for cross-context behavioral advertising (NMS does not sell or share personal information in this manner)
• Right to non-discrimination— we will not deny services or charge you a different price for exercising any of these rights

To exercise any of these rights, please contact us using the information in Section 11. We will verify your identity before processing requests and respond within the timeframes required by applicable law.

9. Children's Privacy

Our website and services are intended for business owners and operators, not children. We do not knowingly collect personal information from individuals under the age of thirteen. If you believe a child has provided personal information to us, please contact us and we will take appropriate steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, technology, legal requirements, or sponsor-bank obligations. When we make changes, we will update the “Last updated” date at the top of this page. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions about this Privacy Policy, would like to exercise a privacy right, or wish to report a concern, please contact us:

• Nationwide Merchant Solutions
• 195 Main St, New Milford, NJ 07646
• Phone: (855) 244-7966
• Email: info@nationwidemerchantsolutions.com