I would says it's almost definitely written to be confusing. See their privacy FAQ also:
> Does Mastercard share transaction data?
> We do not share transaction data without consent or as otherwise legally permitted such as in the context of fraud prevention.
That's a yes or no question. Instead of answering it with a resounding YES they instead reply with some waffle about "legally permitted context".
They also miss out that they sell services that access that data. So an external party might not be able to see it directly but they can pay Mastercard to do the same customer monitoring for them.
> Does Mastercard share transaction data?
> We do not share transaction data without consent or as otherwise legally permitted such as in the context of fraud prevention.
That's a yes or no question. Instead of answering it with a resounding YES they instead reply with some waffle about "legally permitted context".
They also miss out that they sell services that access that data. So an external party might not be able to see it directly but they can pay Mastercard to do the same customer monitoring for them.