Information Security Policy and Privacy Principles


Blackstone’s Commitment to Client Information and Cardholder Data Security.

Our company is fully committed to ensuring the utmost security and proper handling of Confidential Client Information and Cardholder Data. All employees working in our company are required to read, agree, and adhere to the Information Security Policy and Privacy Principles created to secure our customers and merchant services relationships. 

We Are Committed to Protecting the Confidentiality of Consumer Information.

Blackstone’s policies limit access to personal user information collected for business-related matters to those employees of Blackstone Merchant Services, its affiliates, and subcontractors who need the information to fulfill their business responsibilities. All vendors and other outside contractors we engage are subject to our contractual requirements to ensure that sensitive personal information is safeguarded. Employees must adhere to the Information Security Policy and Privacy Principles.  Employees violating the Blackstone Information Security Policy and/or Privacy Principles are subject to disciplinary action, up to and including dismissal.


Blackstone’s Privacy Principles

As a Merchant Services Acquirer, Blackstone works behind the scenes on behalf of merchants, banks, and other card issuers to ensure the efficient, accurate, and secure handling of payment processing and billing. To provide these services, Blackstone may view, receive, maintain, and use financial and other sensitive personal information. We believe that information used responsibly benefits consumers and the economy. Blackstone supports the responsible information practices of its business clients by adhering to the following privacy principles:

WE COLLECT, MAINTAIN, AND DISCLOSE PERSONAL INFORMATION ONLY AS NECESSARY TO PERFORM SERVICES FOR OUR BUSINESS CLIENTS.

We manage personal consumer information only as necessary to conduct the services our clients have requested us to provide for them. At the direction of our clients, we may disclose personal information to third parties with whom our clients have a business relationship, such as credit bureaus, consultants, and other client vendors. We may also share personal information with our vendors, under obligations of confidentiality, and only to the extent necessary to support our services to our clients. With the permission of our clients, we may use aggregate data, not identifiable to any individual, to validate the accuracy and quality of fraud prevention and risk-control products used by our clients. We will also disclose consumer information in response to a lawful request issued by a court, government agency, or regulatory authority with the authority to make that request.   Once we have completed our service to our business clients, any document, email, or information containing Cardholder Data will be destroyed by Blackstone using cross-cut shredders.

WE ASSIST OUR BUSINESS CLIENTS IN INFORMING CONSUMERS ABOUT THE GENERAL USES OF THEIR INFORMATION.

We encourage our business clients to provide consumers with a timely and complete privacy notice. As a natural part of our processing business, we may assist our clients in the preparation and mailing of privacy notices and recording and tracking consumer privacy choices. If we are contacted directly by a consumer regarding information that we maintain, we endeavor to direct the consumer to the appropriate client, so that institution can assist the customer according to its own privacy policies.

WE PROTECT THE CONFIDENTIALITY AND SECURITY OF PERSONAL CONSUMER INFORMATION.

Within Blackstone, access to personal information is limited to those employees of Blackstone and its affiliates who need it to fulfill their business responsibilities. Employees must adhere to the Blackstone Privacy Principles. Violations of these Principles can result in disciplinary action, up to and including dismissal. We have obligations of strict confidentiality under our client contracts, and we handle information based on our clients' direction and in accordance with applicable laws. Vendors and other outside contractors we engage are subject to our contractual requirements to ensure sensitive personal information is safeguarded. We employ appropriate measures to protect consumer information against unauthorized access, disclosure, alteration, or destruction. These may include cross-cut shredding of any documents, physical access security, and other appropriate technologies. Blackstone continually reviews and enhances its security systems, as necessary.

WE HOLD OURSELVES ACCOUNTABLE TO OUR PRIVACY PRINCIPLES.

Blackstone is committed to meeting the highest standards for our privacy program. A senior Blackstone official serves as the company's privacy officer, with responsibility for administering the Blackstone privacy program, including implementation of these Privacy Principles. Blackstone uses information only in a manner consistent with these privacy principles. Protecting consumer privacy is a key part of our trusted relationship with our clients, as we assist businesses and consumers in conducting sensitive and wide-ranging financial activities.

MERCHANTS ARE RESPONSIBLE FOR THEIR OWN PCI ADHERENCE

Much like Blackstone must adhere to all PCI security policies and guidelines, our Merchants or Clients are responsible for doing the same. Merchants must utilize PCI Compliant point-of-sale equipment or software in their day-to-day processing.  Merchants are also responsible for being PCI Compliant with PCI DSS standards. Merchants may use Blackstone-provided vendors such as Clover Security or Security Metrics to take their online questionnaires and perform scans, as necessary.   If the merchant selects an alternative vendor, they must use a PCI Compliant vendor and submit proof of the vendor’s compliance to Blackstone.

OTHER DOCUMENTS

Terms and Conditions
Terms and Conditions
Terms and Conditions
Privacy Policy
Privacy Policy
Privacy Policy
Cookie Policy
Cookie Policy
Cookie Policy
Security Policy
Security Policy
Security Policy
Back To Top
Back To Top
Back To Top
Homepage
Homepage
Homepage
Logo
INDUSTRY
MERCHANT SOLUTIONS
PAYMENT
FOR DEVELOPERS
PREPAID SOLUTIONS
PREPAID TECHNOLOGY
RESOURCES
COMPANY
FOLLOW US

© Blackstone Merchant Services, Inc. — 2025 – 2026. All Rights Reserved.

Blackstone Merchant Services, Inc. is a registered ISO of Citizens Bank, N.A., Providence, RI. The Clover name and logo are owned by Clover Network, Inc., a wholly owned subsidiary of First Data Corporation, and are registered or used in the U.S. and many foreign countries. All other trademarks, service marks, and trade names referenced in this material are the property of their respective owners.

English
Logo
INDUSTRY
MERCHANT SOLUTIONS
PAYMENT
FOR DEVELOPERS
PREPAID SOLUTIONS
PREPAID TECHNOLOGY
RESOURCES
COMPANY
FOLLOW US

© Blackstone Merchant Services, Inc. — 2025 – 2026. All Rights Reserved.

Blackstone Merchant Services, Inc. is a registered ISO of Citizens Bank, N.A., Providence, RI. The Clover name and logo are owned by Clover Network, Inc., a wholly owned subsidiary of First Data Corporation, and are registered or used in the U.S. and many foreign countries. All other trademarks, service marks, and trade names referenced in this material are the property of their respective owners.

English
Logo
INDUSTRY
MERCHANT SOLUTIONS
PAYMENT
FOR DEVELOPERS
PREPAID SOLUTIONS
PREPAID TECHNOLOGY
RESOURCES
COMPANY
FOLLOW US

© Blackstone Merchant Services, Inc. — 2025 – 2026. All Rights Reserved.

Blackstone Merchant Services, Inc. is a registered ISO of Citizens Bank, N.A., Providence, RI. The Clover name and logo are owned by Clover Network, Inc., a wholly owned subsidiary of First Data Corporation, and are registered or used in the U.S. and many foreign countries. All other trademarks, service marks, and trade names referenced in this material are the property of their respective owners.

English