This just in from IBill - quite funny
 

IBill says

Dear iBill Client,

Visa regulations state that a web site operated by a Sponsored Merchant must contain a consumer data privacy policy. A link to your privacy policy must reside on any page of your web site where you collect consumer data. As a Sponsored Merchant, you may not collect consumer data, and your privacy policy can reflect that. If you don't have a policy, please visit the URL below for a sample that you can customize for your web site.

Sample Privacy Policy - http://www.ibill.com/sampleprivacypolicy.cfm

Please add this to your web site as soon as possible. Thank you.


So if this statement must go on any page where information is collected and we are not allowed to collect any information, what is the point of asking us to do it in the first place?

does this mean I cant have a join my mailing list?

Ask Ibill

The way they wrote it is ambiguous on this line: "As a Sponsored Merchant, you may not collect consumer data, and your privacy policy can reflect that." Unfortunately, "may not" can mean either "you are forbidden from collecting..." or it can mean "It may be the case that you don't collect..." I think you are giving it the former interpretation but they are intending the latter.

I assumed the former, myself, but I think you're right. I think they are saying "If you do not collect information, your policy can just say that." Althoug, that part about "As a sponsored merchant" makes it sound more like the former. Fucking IBill.

SpaceAce

These f##king idiots don't know what day it is.
None of the e-mail makes sense.
And the part about contacting your rep if you have questions is a joke. Sylvia Perez was the person we dealt with before we dropped IBILL and we waited months to get a reply. In fact or last e-mails and phone calls never got answered. Guess they are just too big to give good customer service ?

Epoch Rules!!!:winkwink:

This must be the weirdest email to date.

1. You need a privacy policy placed.
2. place it on a page where you collect consumer data
3. you may not collect consumer data

so when I don't collect data where the hell should I place the policy. Makes no sense whatsoever.

if thrid parties will startm with this bullshit people will just get their own merchant account and outsource the customer service to pros

And Visa/Mastercard trust these idiots to process CCs:1orglaugh

I would not trust them to run a hot dog stall. Let alone have eny involvement in the finances of my business.

it seems to place a link to the following will do it:

Our Commitment To Privacy
Your privacy is important to us. To better protect your privacy
we provide this notice explaining our online information practices
and the choices you can make about the way your information is
collected and used. To make this notice easy to find, we make it
available on our homepage and at every point where personally
identifiable information may be requested.

The Information We Collect: We do not collect any customer information.
Please see our payment processor's Privacy Policy concerning collected
information.



Basically this is such a bullshit. After reading yahoo's privacy policy and seeing that they included everything from cockies to ip's I have to assume that if you run a server you are collecting data already. Logs provide ip's and most every website checks the linking pattern etc. That means you basically need a lawyer to do this correctly. So this is only to comply with VISA because basically noone can controll what you save anyhow.