Last Revised May 7th, 2020
PRIVACY RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA)
CSID is a part of Experian. If you are a California consumer and would like to learn about Experian’s approach to privacy under the CCPA, please visit Experian’s California Privacy Rights Policy here.
CSID combines multiple layers of protection and goes beyond basic credit monitoring for 360 degrees of identity defense. We offer comprehensive protection that reviews your credit and non-credit identity records in order to protect your identity. Protecting our subscriber’s privacy is at the forefront of CSID.
If you are visiting our Site from a country in the European Union (EU), please also refer to the section relating to this below.
2. WHAT INFORMATION DO WE COLLECT AND WHY?
We may collect personal information from which you can be identified, such as your name, date of birth, postal and e-mail address, phone number, national identifier or social security number (as applicable) and credit card details.
We will use this data to access and monitor various data sets that you request us to monitor as part of your identity protection service and for the prevention and detection of fraud. When you close your account, we may continue to share information about you according to our legal and regulatory requirements.
We will use the information you provide us solely for the purpose of providing you with the products and services you have requested and for administering our relationship with you, internal business purposes, product or service development, product and service improvement, and/or statistical analysis.
In some instances, we may ask information from you about others (such as your child’s information). We will only use that information for the specific reason for which it was provided to us.
3. DO WE DISCLOSE OR SHARE YOUR INFORMATION?
In order for us to provide you with our identity protection service and for the prevention and detection of fraud, we will share your personal information with third parties who perform services on our behalf. Depending on the service you have requested, we may share your name, e-mail address, national identifier or social security number (as applicable), income, account balances, payment history and credit history with credit bureaus. We will also share your billing information with a credit card processing company in order to bill you for goods and services. These companies are authorized to use your personal information only as necessary to provide these services to us.
In certain situations, CSID may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
As may be required by law, we may also disclose your personal information, for example, to comply with a subpoena, or similar legal process, when we believe in good faith that the disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In addition, in the event of a merger, acquisition, or any form of sale of some or all of our assets to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information held by CSID will be among the assets transferred to the buyer.
4. IS YOUR INFORMATION SECURE?
We have appropriate physical, technical and organizational measures in place to protect your data when held by CSID that comply with relevant legal and best practice requirements. When you enter sensitive information (such as a credit card, social security number or login credentials) as part of the enrollment process, we encrypt the transmission of that information using secure socket layer technology (SSL).
When you submit information to CSID through the relevant portal or web site, you should be aware that your information is transmitted across the Internet and that no method of transmission over the Internet is 100% secure. Although we take reasonable security measures to protect your information when we receive it, you also need to ensure you take appropriate steps to protect your information.
5. INFORMATION RELATED TO DATA COLLECTED FOR OUR CLIENTS
In most cases, CSID resells its services through its third party commercial clients (“Clients”). Accordingly, CSID typically does not have a direct relationship with the individuals whose personal data it processes when CSID acts as a wholesaler of its services. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that resells our services, please contact the specific Client that you interact with directly. We may transfer your personal information to the applicable Client that resells our services and also to third parties who perform the services on our behalf or help us provide our services.
An individual who seeks access, or who seeks to correct, amend, or delete enrollment data should direct his or her query to CSID’s Client. If requested to edit enrollment data by our Client, we will respond within 30 days. In some cases, we will edit enrollment data on behalf of our Clients. When managing choice options on behalf of our Clients, we will also respond to any requests within 30 days. We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. CSID will retain this personal information for so long as necessary to comply with our legal and audit obligations, to resolve disputes and to enforce our agreements.
6. WILL WE SEND YOU OFFERS OF OTHER CSID PRODUCTS AND SERVICES?
Our range of identity protection products and services is constantly evolving to match the increasingly sophisticated market in which we operate. We will not send you details of other CSID products or services or those of any reputable third parties without your prior consent and you can change your mind at any time by contacting us. In the limited instances we send you promotional or other informational communications, you may opt-out of receiving them by following the instructions included in each communication, by e-mailing us at the e-mail address provided below or by contacting us through one of the methods listed below.
7. ARE YOU VISITING OUR WEB SITE FROM A COUNTRY IN THE EUROPEAN UNION (E.U.)?
CSID, based in the United States, maintains servers in both the United States and the European Union. If you are visiting our web site from outside the United States, your personal information, in some rare instances, may be transferred to, stored, and/or processed in the United States. If your personal information enters our servers in the United States, CSID will protect your data in accordance with the Privacy Shield Principles outlined below.
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “Privacy Shield Principles”) to enable U.S. companies, such as CSID, to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the E.U. to the United States.
CSID participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. CSID is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, please visit the U.S. Department of Commerce’s Privacy Shield List.
CSID is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. CSID complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, CSID is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, CSID may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Upon request, CSID will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. To request this information, please contact us at firstname.lastname@example.org.
You have the right to amend or update inaccurate or incomplete personal information or request that we no longer use it. You may access, correct, or request deletion of your personal information by logging in to your account, contacting us at email@example.com. We will respond to these requests within a reasonable timeframe.
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal and audit obligations, resolve disputes and enforce our agreements.
We may combine the information we have automatically collected from you with other information we collect about you. We do this to improve services we offer you, to improve, analytics, or website functionality, and to develop new products and services. The following are some examples of information we may collect:
•CSID Web site pages you view
•Emails that you open or forward
•Links you click on
•Forms you complete
In connection with the use of the Site, for example during the enrollment process or upon log into the website portal, information about your computer, such as the device ID and other accompanying technical attributes and characteristics, may be accessed, retained and used by us or our service provider solely to analyze trends, track users’ movements on the web site, and to gather demographic information about the user base as a whole. If you access the Site through a mobile device, we also may collect information about your device, such as the device ID or another identifier as permitted by the manufacturer.
We, and the third parties we engage to perform analytics services, use both session ID cookies and persistent cookies. Specifically, we use session-based cookies in order to store language and other country specific preferences such as support contact information. CSID may also utilize cookies in order to track internal metrics of site usage. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies also enable us to track and target the interests of our users to enhance the experience on our site. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the website.
As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.
Third parties with whom we partner to provide certain features on our website also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
9. LINKS TO OTHER WEB SITES
10. SOCIAL MEDIA WIDGETS
Attn: Compliance Department
1501 S. Mopac Expy. Suite 200
Austin, TX 78746