Memcyco is now available on aws marketplace Сheck it out Memcyco is now available on aws marketplace Сheck it out 

endorses Memcyco in latest Fintech Spotlight Report

Click here
Memcyco main logo
Main Menu
Book a Demo

Solutions

Resources

Partners

Company

Privacy Policy

Privacy Policy

Memcyco Inc., a Delaware corporation, including its wholly-owned subsidiaries (collectively, “Memcyco”) is committed to protecting your privacy. This privacy policy describes how Memcyco collects and uses the personal information collected when visit our website at www.memcyco.com (the “Website”) and the software-as-a-service (SAAS) applications and related services which are hosted and operated by Memcyco and provided to its customers. It also describes the choices available to you regarding our use of your personal information and how you can exercise your privacy rights regarding this information.

Personal Information Collection, Use, and Sharing

When you register with the Website or use the services made available to the public on the Website, personal information is needed such as your name, company name, and email address. Memcyco uses and shares personal information for purposes such as processing and fulfilling your request, billing, service improvement, research, marketing, communicating with you and other general purposes. Regarding use of Memcyco SAAS solutions purchased by our customers, see the section below entitled Data Collected Through Memcyco Purchased Solutions.

Memcyco will not sell, rent, exchange, or share personal information with any third parties without permission or except as described in this privacy policy. Memcyco will share personal information with government authorities and others in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety, online identity or digital assets of any person, violations of Memcyco’s terms of service, or as otherwise required by law. If Memcyco is involved in a merger, acquisition, or sale of all or substantially all of its assets, you will be notified via email and/or a prominent notice on our Website of any such change in ownership. Any change in or uses of your personal information, as well as any choices you may have regarding your personal information will be described in an updated version our privacy policy.

Memcyco may also anonymize and aggregate data collected and use and disclose it for general purposes.

Data Security

The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and when we store and process it in our data centers. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security and do not take responsibility for any third-party actions when we have endeavored to follow generally accepted standards. In addition, we do not take responsibility for your systems, the Internet itself or any third-party networks or services used to transmit data which are outside the firewall of the data center we use to process and store your personal data. If you have any questions about the security on our Website or our services, please contact us.

Email Marketing Choices

You may choose to stop receiving our marketing emails by following the unsubscribe instructions included in these emails or you can contact us. If you purchase a service, you can still opt out of marketing related emails, however you cannot opt out of service-related announcements.

If your personal information changes, you may correct, update, amend, delete/remove or deactivate it by contacting us by email or postal mail at the contact information listed below. We will respond to your request within 30 days. Note that different rules apply to personal information processed or stored in our purchased solutions. (See section below entitled Data Collected Through Memcyco Purchased Solutions).

Your Choices under the Data Privacy Framework (DPF)

Under the DPF Principles, you have the right to choose (opt out) of:
(a) our disclosure of your personal information to a third party (other than agents processing on our behalf), and
(b) our use of your personal information for a purpose materially different from the purpose(s) for which it was originally collected or subsequently authorized by you.

Our current practice: We do not disclose personal information to third parties for their own purposes, and we do not use personal information for materially different purposes without obtaining appropriate consent. If these practices change, we will provide you with clear opt-out (or, for sensitive data, opt-in) choice before such use or disclosure occurs. To exercise your choices, contact privacy@memcyco.com or use any platform-specific controls described in this Privacy Statement (for example, marketing email opt-outs). For personal information we process on behalf of a customer, please submit your request to that customer (the controller), and we will support them in honoring your choice.

Data Storage

We will retain your personal information for as long as your account is active or as needed to provide you with services and for archival and marketing purposes. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Note that different rules apply to personal information stored in our purchased solutions. (See section below entitled Data Collected Through Memcyco Purchased Solutions).

Cookies and Similar Technologies

Memcyco uses a technology called “cookies” and technologies similar to cookies to store session information and other information to provide services and to gauge interest and usage of the services that we offer and provide. The use of cookies and technologies similar to cookies by our partners and affiliates and customers is not covered by our privacy policy. 

Cookies 

A cookie is a small amount of data, which often includes an anonymous unique identifier, which is sent to your browser from a website’s computers and stored on your computer’s hard drive. We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. We use session cookies to track your Login status. This cookie is only ever transmitted over HTTPS. A persistent cookie remains on your hard drive for an extended period of time. We use persistent cookies to determine from where you were referred to our site, as well as the last user ID that you used to login to our site. Memcyco may set and access Memcyco cookies on your computer. Cookies are required to use certain services provided on the Website. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our Website, but your ability to use some areas of our site will be limited.

Technologies Similar to Cookies

By “technologies similar to cookies” we mean any type of data storage and recovery mechanism used on a user’s device for purposes of obtaining information and/or providing services. The most common ones include:

  • Browser local storage. Certain websites use local storage called “sessionStorage” and “localStorage”, as well as the indexed database from the Internet browser to store information.
  • Local storage of browser plug-ins, namely Flash local storage (“Flash Local Shared Objects”) or Silverlight local storage (“Isolated Objects”).
  • Web beacons, a tracking technique, which consists of inserting into a website (or an e-mail) an image hosted on an Internet server, in a way that when a browser or an e-mail application connects to the server to download and view the image, this connection is registered. This allows us to know when a user viewed a web page or the e-mail. Sometimes this image is very small or transparent, preventing the user from being aware of its existence.
  • “Fingerprinting”, a technique which combines information obtained from the user’s browser and navigation equipment to set a user, browser and the device(s) used apart in their subsequent visits to a website or different websites. 

Log Files

As is true of most websites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, device characteristics and clickstream data.

We use this information to provide services, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. We also gather, parse, and retain data related to the provision of our Website and related services for internal and service-related purposes.

We do link such automatically collected data to personally identifiable information  to provide services to our customers, to better gauge our customers’ needs and to provide specific information to best serve them.

Third Party Advertising

We may partner with a third-party ad network to manage our advertising on other sites. Our ad network partner would use cookies and web beacons to collect non-personally identifiable information about your activities on this and other websites to provide you targeted advertising based upon your interests. If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by contacting us. We may use Google AdSense to publish ads on this site. When you view or click on an ad, a cookie will be set to help better provide advertisements that may be of interest to you on this and other websites. You may opt-out of the use of this cookie by visiting Google’s Advertising and Privacy page: www.google.com/privacy_ads.html.

Blogs and Community Forums

Our website may offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact us.

Social Media Features

Our website may include social media features, such as the Facebook ‘Like’ button, and widgets, such as the ‘Share This’ button or interactive mini programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.

Other Websites

Our Website includes links to other websites whose privacy practices may differ from those of Memcyco. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

Updates to the Privacy Policy

Memcyco may update this Privacy Policy and we may notify registered users of significant changes in the way we treat any personal information by sending a notice to the primary email address specified in your Memcyco account or by placing a notice on our Website or within our solutions. However, we nevertheless reserve the right to amend our privacy practices and policy from time to time without prior notice. We encourage you to periodically review this page for the latest information on our privacy practices.

Data Collected Through Memcyco Purchased Solutions

Memcyco is in the business of providing SAAS solutions and associated services. In connection with providing such offerings to its customers, Memcyco collects information (including personal information) under the direction of its customers about people who access our customers’ websites and mobile applications (“Customer Data”). Memcyco has no direct relationship with the individuals whose personal data it processes and stores for Memcyco customers, and Memcyco will process, store and retain Customer Data as per our agreement with our applicable customer (including transferring the Customer Data to the applicable customer). Therefore, if you are a user of one of our customer’s websites or mobile applications and would no longer like to be involved with one of our customers that use our solutions or otherwise have issues related to your data that is included in Customer Data (such as to correct, amend, or delete such data), please contact the customer that you interact with directly. For the purposes of GDPR and other global privacy laws, Memcyco acts as a processor/instruction taker which accesses and processes Customer Data on behalf of its customers, which are the controllers/owners of such data.

Memcyco provides its customers with software-as-service (SAAS) products that track security related user activities on the customer’s website and/or mobile application, detects whether new or anomalous devices access the customer’s website and/or mobile application using the access credentials of a website or mobile application user, provides associated alerts and enables the customer website to show a watermark with a unique code for each user who visits that website so that user can be assured that he or she is viewing the authentic website (and not a counterfeit website). 

The following data is gathered, stored and processed by Memcyco using cookies, technologies similar to cookies and device fingerprinting, and for the purpose of delivering the functionality of its SAAS product:

  1. The user ID that the user enters to log-in to the customer website.
  2. An automatically assigned device ID.
  3. Information which further identifies the browser and device that is being used to access the customer website and/or mobile application (e.g., IP address, hardware characteristics, operating system, browser type). 
  4. The location range indicated by the IP address of the device that is being used to access the customer website and/or mobile application.
  5. The time when such device is being used to access the customer website/mobile application.

Memcyco may share such information with the applicable Memcyco customer and government authorities in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety, online identity or digital assets of any person, violations of Memcyco’s or its customer’s terms of service, or as otherwise required by law. Memcyco may also anonymize such data to process, use and disclose it for general purposes.

Service Providers and Sub-Processors

Memcyco may transfer personal information to companies that help us provide our services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our customers.

Disclosure to Third Parties


We do not disclose personal information to third parties for their own purposes (for example, we do not sell or share personal information for independent marketing or profiling). We engage a small number of service providers acting as our agents who process personal information only on our behalf and under our instructions, solely to help us provide, secure, and maintain our services.

Identity and purpose of our service provider(s): Our SAAS products are hosted on third party data-center facilities and cloud infrastructure that we configure and control for our SaaS environment.  We currently use Amazon Web Services (AWS) to provide such hosting services. Such third-party hosting service providers are not provided with end-user login credentials (such as username/password) for the personal information processed in that environment and is contractually prohibited from using any personal information for purposes other than providing the hosting services to Memcyco.

We remain liable under the DPF Accountability for Onward Transfer Principle for any processing of personal information by our service providers that is inconsistent with the DPF Principles. We may also disclose personal information as required by law (e.g., to comply with valid legal process) or in connection with corporate transactions, as already described in this Privacy Statement. 

Data Retention

Memcyco will retain personal information from our Website and that we process on behalf of our customers for as long as needed to provide services to our customers and to carry out the permitted uses under this Privacy Policy. Memcyco will also retain and use this personal information as necessary to comply with our legal and contractual obligations, resolve disputes, and enforce our agreements.

Children’s Privacy

Memcyco’s Website does not knowingly collect, maintain, or use personal information from children under 13 years of age except as necessary to operate our SAAS products, and no part of our Website is directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at Privacy@Memcyco.com. We will take steps to delete it if we learn we have collected it.

Locations where personal information is processed and international transfers

Your personal data may be stored and processed in the United States, the European Union, Canada, Israel, and in any other country where Memcyco or its affiliates, subsidiaries, or third-party service providers maintain facilities or personnel. When you provide personal data to Memcyco, we may process and transfer your data within such countries and around the world in connection with providing services to our customers and their users. We follow applicable data protection laws when transferring personal data.

Memcyco may transfer, store, or process your personal data in a country outside your jurisdiction, including ones that are not subject to an adequacy decision by the European Commission. However, we have taken appropriate safeguards to require that your personal data will remain protected in accordance with this Privacy Statement. 

To the extent permitted by law, by choosing to visit our Website or otherwise providing information to us, you are agreeing to the processing and transfer of your personal information in accordance with this Privacy Policy.

Memcyco Inc. (the US parent company of the Memcyco organization) complies with the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, and the Swiss-US Data Privacy Framework as set forth by the US Department of Commerce, and where appropriate – primarily relies on such certification for accepting transfers of data from the EEA, UK and Switzerland to the US (as applicable).

We have certified to the U.S. Department of Commerce that Memcyco Inc., adheres to the EU-US Data Privacy Framework Principles (EU-US DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-US DPF, and from the UK (and Gibraltar) in reliance on the UK Extension to the EU-US DPF. We furthermore certify that Memcyco Inc. adheres to the Swiss-US Data Privacy Framework Principles (Swiss-US DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-US DPF. We will remain liable for onward transfers of your personal data to third parties (including our Service Providers) in accordance with applicable data transfer mechanisms. If there is any conflict between the terms in this privacy policy and the EU-US DPF and/or the Swiss-US DPF Principles, such Principles shall govern with respect to personal data transferred under the DPF. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

For data transfers from the EEA, the UK and Switzerland to countries which are not considered to be offering an adequate level of data protection and are not covered by the EU-US Data Privacy Framework (EU-US DPF), the UK Extension to the EU-US DPF, or the Swiss-US Data Privacy Framework, we and the relevant customers have entered into Standard Contractual Clauses as approved by the European Commission, the UK Information Commissioner’s Office (ICO), and the Swiss FDPIC, as applicable. 

Please note that where Memcyco Inc. processes personal data on behalf of a customer, such personal data (included in their Customer Data) may only be processed in accordance with, and in the locations as agreed in the commercial agreements and the data processing addendum with such customer.

Complaints about transfers of data from the EU, UK or Switzerland to the US & dispute resolutionIn compliance with the DPF Principles, we commit to resolve complaints about our collection or use of your personal data. EEA, UK and Swiss individuals with inquiries or complaints regarding our DPF compliance should submit enquiries to privacy@Memcyco.com.

Memcyco Inc. has made a commitment to direct unresolved complaints regarding the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) and to the rights of EU and UK individuals and Swiss individuals to the international division of the American Arbitration Association (“ICDR/AAA”) DPF IRM Service, a dispute resolution provider based in the United States.

If you do not receive a prompt acknowledgment of your complaint from us, or if we have not adequately addressed your concerns, you may submit a complaint for dispute resolution to  the American Arbitration Association ICDR/AAA DPF IRM Service website at https://go.adr.org/dpf_irm.html. You also have the right to invoke binding arbitration through the ICDR/AAA. The arbitration services offered by ICDR/AAA DPF IRM are provided to you without any charge.  

Memcyco Inc. is also subject to the investigatory and enforcement powers of the Federal Trade Commission. 

Binding Arbitration Under Annex I

In certain circumstances, and after you have exhausted other available DPF dispute-resolution mechanisms, you may invoke binding arbitration as described in Annex I of the DPF Principles. Memcyco is obligated to arbitrate claims and to follow the terms set forth in Annex I of the DPF Principles, provided that you deliver notice to Memcyco and follow the procedures and conditions described in Annex I. Information about invoking binding arbitration and our independent recourse mechanism is available through the ICDR/AAA DPF IRM Service referenced above. 

 

Exercising your rights relating to your personal information

To exercise your rights with regard to personal information collected and stored by Memcyco in connection with your use of the services made available to the public by Memcyco on the Website, Memcyco is the “controller” with regard to the processing of your personal information and you should contact us directly in connection with the exercise of your rights under applicable privacy laws. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you to honor your request. Occasionally it may take us longer than a month, considering the complexity and number of requests we receive.

To exercise your rights regarding personal information collected and stored by Memcyco in connection with the use of Memcyco SAAS solutions purchased by one of our customers, please inquire with the applicable customer directly. Since Memcyco serves as a “processor” and such customer is the “controller,” Memcyco may only make changes to a customer’s data upon instruction from that customer unless otherwise required by applicable law. If you make your request directly to us, please provide to us the name of the Memcyco customer who is the controller for your personal data, and we will refer your request to that customer.

Right of Access for DPF-Covered Data


If we hold personal data about you that was transferred to or from the United States in reliance on the EU-US DPF, the UK Extension to the EU-US DPF, or the Swiss-US DPF, you have the right to request access to that data and to correct, amend, or delete it where it is inaccurate or processed in violation of the DPF Principles. To make a request, contact us at privacy@memcyco.com. We will respond within the timeframes required by the DPF (generally 45 days). Where we process personal information on behalf of a customer (as a processor), please direct your request to that customer (the controller); if you contact us directly, we will promptly refer your request to the applicable customer. This supplements, and should be read together with, the rights and instructions already provided in this Privacy Statement. 

Description of your rights relating to your personal information

You have certain rights relating to your personal information under the local data protection laws that apply to you. Depending on the applicable laws and, in particular, if you are located in the European Economic Area, California or Nevada or otherwise covered under the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act of 2018 (CCPA) or the Nevada Security and Privacy of Personal Information statute these rights may include the following, to the extent mandated by, and subject to the requirements and limitations of, those laws: 

  • To access your personal information held by us (right to access).
  • To rectify inaccurate personal information and, considering the purpose of processing the personal information, ensure it is complete (right to rectification).
  • To erase/delete your personal information, to the extent permitted by applicable data protection laws (right to erasure; right to be forgotten).
  • To restrict our processing of your personal information, to the extent permitted by law (right to restriction of processing).
  • To transfer your personal information to another controller, to the extent possible (right to data portability).
  • To object to any processing of your personal information carried out based on legitimate interests (right to object). Where we process your personal information for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection.
  • To the extent we base the collection, processing and sharing of your personal information on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.
  • Receive a copy of your personal data in an electronic and machine-readable format
  • Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects or otherwise significantly affects you (“Automated Decision-Making”). Memcyco does not perform Automated Decision-Making as part of the processing activities covered by this Privacy Statement.
  • Receive the categories of sources from whom we collected your personal data.
  • Opt out of marketing communications at any time by clicking on the “Unsubscribe” or “opt out” link in marketing emails we send you or by contacting us
  • Complain to a regulator or data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority.

Memcyco will not discriminate against you for exercising your rights.

If your personal data has been submitted to us by or on behalf of a Memcyco customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly.

If you are a resident of California, under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our Websites. Please note that your request does not ensure complete or comprehensive removal of the content or information, because, for example, some of your content may have been reposted by another visitor to our Websites.

Legal basis for processing personal information

Our legal grounds for collecting and using your personal information as described in this Privacy Statement fall into the following four categories.

Consent: In some cases, we ask you for your consent to process your personal information, such as when we need your consent for marketing purposes. You can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. If you would like to withdraw your consent, you can do so by emailing privacy@memcyco.com.

Legitimate Interest: We process certain data for the legitimate interests of Memcyco, our affiliates, our partners, or our customers. These legitimate interests include, for example, providing cybersecurity and fraud prevention services to our customers, contacting you to provide support or sending you marketing information (subject to applicable law); detecting, preventing, and investigating illegal activities and potential security issues; and maintaining and improving the Website and mobile applications. We will rely on our legitimate interests for processing personal information only after balancing our interests and rights against the impact of the processing on individuals.

Performance of a Contract: Sometimes we process personal information to perform our obligations under an agreement with you or your employer or prospective employer.

Other Legal Bases: In some cases, we may have a legal obligation to process your personal information, such as in response to a court or regulator order. We also may need to process your personal information to protect vital interests, or to exercise, establish, or defend legal claims.

Contact Us

For questions related to this Privacy Policy, contact Privacy@memcyco.com or at:

Memcyco Inc.
C/O: Security Department

224 W 35th St., Ste 500

New York, NY 10001

Effective date: November 2025

This website uses cookies to ensure you get the best experience on our site. By continuing, you agree to our privacy policy.

Allow all