Priceless Global Privacy Notice

Effective Date: September 30, 2023


Mastercard International Inc., Mastercard Europe SA and their affiliates and other entities within the Mastercard Group of companies (collectively, “Mastercard”, “we”, “us”, or “our”) respect your privacy.


This Global priceless™ Privacy Notice (“Privacy Notice”) applies to our processing of Personal Information in the context of priceless™ solutions for which we act as a data controller (“priceless™ Services”). Our priceless™ Services give eligible cardholders the opportunity to access experiences, enter prize draws and take advantage of other promotional offers and relevant content (collectively “Offers”). They include our B2C priceless™ website ( and our B2B priceless™ solutions. 


Please note that when we process Personal Information on behalf of and under the instructions of our business customers in the context of some of our B2B priceless™ solutions, we act as a data processor and the processing of your Personal Information in these contexts is not governed by this Privacy Notice. Similarly, when a merchant processes your Personal Information to provide you with a specific Offer, they are the data controllers for their processing of your Personal Information. Please refer to their respective privacy policies for more information regarding the processing of your Personal Information in these contexts.


This Privacy Notice describes the types of Personal Information we process in in the context of the Priceless Services, the purposes for which we collect that Personal Information, the other parties with whom we may share it, including merchants that provide Offers, and the measures we take to protect the security of the Personal Information. It also tells you about your rights and choices with respect to your Personal Information, and how you can reach us to update your contact information or answer questions you may have about our privacy practices.


Children and minors (under the age of 16) are not eligible to use the priceless™ Services. For more information about Mastercard’s privacy practices in other contexts, please visit Mastercard’s Global Privacy Notice at or other applicable privacy notices. 


Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. If you are a resident in the European Economic Area, Switzerland, the United Kingdom, Turkey or Israel, this Privacy Notice is provided to you by Mastercard Europe SA, which acts as the data controller for the processing of your Personal Information in the context of the controller services. If you reside in the United States, “Section 11. U.S. Privacy Addendum” supplements the information contained in this Privacy Notice for certain states as indicated in that Section.

“Personal Information” means any information relating to an identified or identifiable individual. We may collect the following categories of Personal Information:

  • Information provided by you, such as registration information, contact details, payment information (your credit or debit card number), and any other content or information you provide in connection with the priceless™ Services.
  • Information provided by third parties. For example, another priceless™ Services user may provide us with the contact information of a gift recipient.
  • Information we obtain from your use of the priceless™ Services, such as information collected via cookies and other similar technologies.

We May Use Your Personal Information to:

  • Develop, host, improve, and maintain the priceless™ Services.
  • Determine your eligibility to register with the priceless™ Services. 
  • Create and manage your priceless™ account.
  • Communicate with you in connection with the priceless™ Services.
  • Protect against fraud and ensure safety and security.
  • Send you marketing communications.
  • Provide you with personalized services, content, and recommendations.
  • Process and fulfil purchases made in the context of the priceless™ Services. 
  • Operate, evaluate and improve our business, including data anonymization and data aggregation to prepare business insights and analytics. 
  • Serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or required by law.
  • Enforce our Terms of Use and comply with our legal obligations.

Where required under applicable law, we will only use your Personal Information with your consent; as necessary to provide you with products and services; to comply with a legal obligation; or when there is a legitimate and overriding interest that necessitates the use.

We may share your Personal Information with:

  • Mastercard’s headquarters in the U.S., our affiliates and other entities within Mastercard’s group of companies.
  • Financial institutions and other entities that issue payment cards or merchants to process payment transactions and perform other activities that you request.
  • Service providers acting on our behalf.
  • Other participants in the payment ecosystem, including financial institutions, and merchants. 
  • Third parties whose features you use in connection with our products and services or with your consent.
  • Third parties for fraud monitoring and prevention purposes, or other purposes required by law. 
  • As required under applicable law or legal process, or to respond to requests from law enforcement or government agencies. 
  • Other entities as required under applicable law or in the event of a sale or transfer of our business or assets.

Depending on your country, you may have certain rights regarding the Personal Information we maintain about you and choices about what Personal Information we collect from you, how we use it, and how we communicate with you. You can choose:

  • Not to provide Personal Information to Mastercard by refraining from conducting payment transactions or from submitting Personal Information directly to us. 
  • To opt out of some collection or uses of your Personal Information, including the use of cookies and similar technologies, the use of your Personal Information for marketing purposes, and the anonymization of your Personal Information for data analyses.
  • Access your Personal Information, rectify it, restrict or object to its processing, or request its deletion or anonymization.
  • Receive the Personal Information you provided to us to transmit it to another company. 
  • Withdraw any consent provided. 
  • Where applicable, lodge a complaint with your supervisory authority.

You can exercise your rights on Mastercard’s “My Data Center” portal. You may also submit a request as described in the “How to Contact Us” section below.

Mastercard is a global business. We may transfer your Personal Information to the United States and other countries which may not have the same data protection laws as the country in which you initially provided the information, but we will protect your Personal Information in accordance with this Privacy Notice, or as otherwise disclosed to you.


If you are located in the EEA, we will process your Personal Information in accordance with our Binding Corporate Rules and other data transfer mechanisms.

The security of your Personal Information is important to Mastercard. We are committed to protecting the information we collect. We maintain reasonable administrative, technical and physical safeguards designed to protect the Personal Information you provide or we collect against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. 

Our websites may provide links to other websites for your convenience and information. Our website may also contain certain features for which we partner with other entities. These entities may learn of your visit regardless of whether you use these features. These websites and features, which may include social networking sites and geo-location tools, operate independently from Mastercard, and are clearly identified as such. To the extent any linked websites or features you visit or use are not owned or controlled by Mastercard, we suggest that you review the privacy practices of the websites.

The Priceless Services are not directed to or intended for children under the age of 16. However, Mastercard may process Personal Information about children below 16 years of age with the parent or guardian’s  consent or based on another legal basis in accordance with applicable law. If you learn that Mastercard is processing children’s Personal Information in violation of this Privacy Notice, then you may alert us at

This Privacy Notice may be updated periodically to reflect changes in our Personal Information practices. We will post a prominent notice on relevant websites to notify you of any significant or material changes to our Privacy Notice prior to them being effective and indicate at the top of the Privacy Notice when it was most recently updated. If we update our Privacy Notice, in certain circumstances, we may seek your consent.

If you have any questions, comments or complaints about this Privacy Notice and our privacy practices, please e-mail us at If you are located in the EEA or Switzerland, Mastercard Europe SA is the data controller and you may submit your request to exercise your rights to your Personal Information on Mastercard’s “My Data” portal.

If you reside in the United States, this U.S. Privacy Addendum supplements the information above for certain states, as indicated in this Section 11. Please expand this section to learn more about: 
-    Categories of Personal Information that we Collect and Disclose 
-    Sources of Collection of Personal Information 
-    Use of your Personal Information 
-    Disclosure of your Personal Information to Third Parties 
-    Retention
-    Your Privacy Rights

There is an issue with your connection. Please try again

Thank you