Privacy Policy

CSIdentity Corporation (“CSID,” “we,” “us” and “our”) and our wholly-owned subsidiary, IdentityTruth, Inc. respect individual privacy and values the confidence of our subscribers. This Privacy Policy sets out the privacy principles that we follow with respect to processing personal information in the course of providing our products and services. We will only collect, use and disclose personal information in a manner consistent with the laws of the countries in which we operate, for example, both relevant Federal and State laws in the U.S. By using the CSID website, you consent to the data practices described in this Privacy Policy.

In order to view our relationship with TRUSTe please visit the validation page visible by clicking on the TRUSTe seal. If you have questions or complaints regarding our Privacy Policy or practices, please contact us by any of the methods described below. If you are not satisfied with our response you can contact TRUSTe here. The TRUSTe certification covers only our collection, use and disclosure of information we collect through our website and our service. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged CSID.

1. INTRODUCTION

This Privacy Policy applies to all personal data provided to CSID from subscribers applying to use our services.

CSID combines multiple layers of protection and goes beyond basic credit monitoring for 360 degrees of identity defense. We offer comprehensive protection that reviews your credit and non-credit identity records in order to protect your identity. Protecting our subscriber’s privacy is at the forefront of CSID.

If you are visiting our site from a country in the European Union (EU) please also refer to the section relating to this below.

2. WHAT INFORMATION DO WE COLLECT AND WHY?

We may collect personal information from which you can be identified, such as your name, date of birth, postal and e-mail address, phone number, national identifier or social security number (as applicable) and credit card details.

We will use this data to access and monitor various data sets that you request us to monitor as part of your identity protection service and for the prevention and detection of fraud. When you close your account, we may continue to share information about you according to our legal and regulatory requirements.

We will use the information you provide us solely for the purpose of providing you with the products and services you have requested and for administering our relationship with you, internal business purposes, our product or service development and/or statistical analysis.

In some instances, we may ask information from you about others (such as your child’s information). We will only use that information for the specific reason for which it was provided to us.

3. DO WE DISCLOSE OR SHARE YOUR INFORMATION?

We will share your personal information with third parties only in the ways that are described in this Privacy Policy. We do not sell your personal information to, or share such personal information with, third parties for their promotional use or for marketing purposes.

In order for us to provide you with our identity protection service and for the prevention and detection of fraud, we will share your personal information with third parties who perform services on our behalf. Depending on the service you have requested, we may share your name, e-mail address, national identifier or social security number (as applicable), income, account balances, payment history and credit history with credit bureaus. We will also share your billing information with a credit card processing company in order to bill you for goods and services. These companies are authorized to use your personal information only as necessary to provide these services to us.

As may be required by law, we may also disclose your personal information, for example to comply with a subpoena, or similar legal process, when we believe in good faith that the disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

In addition, in the event of a merger, acquisition, or any form of sale of some or all of our assets to a third party, we may also disclose your personal information to the third parties concerned or their professional advisors. In the event of such a transaction, the personal information held by CSID will be among the assets transferred to the buyer.

4. IS YOUR INFORMATION SECURE?

We have appropriate physical, technical and organizational measures in place to protect your data when held by CSID that comply with relevant legal and best practice requirements. When you enter sensitive information (such as a credit card, social security number or login credentials) as part of the enrollment process, we encrypt the transmission of that information using secure socket layer technology (SSL).

When you submit information to CSID through our web site, you should be aware that your information is transmitted across the Internet and that no method of transmission over the Internet is 100% secure. Although we take reasonable security measures to protect your information when we receive it, you also need to ensure you take appropriate steps to protect your information.

We will obtain assurances from any agents we may use to help provide this service that they will safeguard personal information consistently with this Privacy Policy, which assurance will require the agent to provide the same level of protection as is required by the relevant Safe Harbor Principles and the EU Data Protection Directive.

5. INFORMATION RELATED TO DATA COLLECTED FOR OUR CLIENTS

In most cases, CSID resells its services through its commercial clients (“Clients”).Accordingly, CSID does not have a direct relationship with the individuals whose personal data it processes when CSID acts as a wholesaler of its services. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that resells our services, please contact the specific Client that you interact with directly. We may transfer your personal information to third parties who perform services on our behalf or help us provide our services.

An individual who seeks access, or who seeks to correct, amend, or delete enrollment data should direct his or her query to CSID’s Client (the data controller). If requested to edit enrollment data by our Client, we will respond within 30 days. In some cases, we will edit enrollment data on behalf of our Clients. When managing choice options on behalf of our Clients, we will also respond to any requests within 30 days. We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client. CSID will retain this personal information for so long as necessary to comply with our legal and audit obligations, to resolve disputes and to enforce our agreements.

6. WILL WE SEND YOU OFFERS OF OTHER CSID PRODUCTS AND SERVICES?

Our range of identity protection products and services is constantly evolving to match the increasingly sophisticated market in which we operate. We will not send you details of other CSID products or services or those of any reputable third parties without your prior consent and you can change your mind at any time by contacting us. If you no longer wish to receive our promotional communications, you may opt-out of receiving them by following the instructions included in each communication or by e-mailing us at the e-mail address provided below or by contacting us through one of the methods listed below.

7. ARE YOU VISITING OUR WEB SITE FROM A COUNTRY IN THE EUROPEAN UNION (E.U.)?

CSID, based in the United States, maintains servers in both the United States and the United Kingdom.If you are visiting our web site from outside the United States, your personal information, in some rare instances, may be transferred to, stored, and/or processed in the United States.If your personal information enters our servers in the United States, CSID will protect your data in accordance with the Safe Harbor Principles outlined below.

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the “Safe Harbor Principles”) to enable U.S. companies, such as CSID, to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the E.U. to the United States.

CSID complies with the U.S.–E.U. Safe Harbor framework and the U.S.–Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. CSID has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, please visit http://www.export.gov/safeharbor/ and to view CSID’s certification, please visit https://safeharbor.export.gov/companyinfo.aspx?id=28491.

CSID’s privacy principles outlined below are based on the Safe Harbor Principles.Rest assured that your personal information experiences the same level of data protection that you enjoy in the E.U.

NOTICE, CHOICE AND DATA INTEGRITY – relevance, retention and accuracy

1. At the time we collect your personal data we will state clearly the purposes for which your data will be required and any third parties to whom it may be disclosed.If we ever decide to send you communications regarding products and services that you do not currently receive, we will only send you such information after acquiring your consent.

2. We will use the information you supply us solely for the purposes of providing you with the services you have requested and for administering our relationship with you, internal business purposes and statistical analysis.

3. We will take reasonable steps to ensure that all personal information is relevant to its intended use; accurate; complete; and current.

4. We will use your personal information for your identity protection services.Specifically, we monitor your submitted data and provide you with notifications of potential compromised data.When you deactivate your account, we may continue to share information about you according to our legal and regulatory requirements.

5. We will keep your personal information only as long as needed for the purposes for which we collected it, or as necessary to comply with our compliance requirements, legal obligations, resolve disputes, and enforce our agreements.

ACCESS AND CORRECTION

1.If your personal information changes, you may correct, update, or amend it by making the change on your subscriber profile page.

2.If you no longer desire to use our services, you may deactivate your account by contacting us through your designated Member Services representative.

3.You may request a copy of the information we hold about you so you can correct or amend information that may be inaccurate or incomplete by writing to your designated Member Services representative. In addition, we will ask you to provide sufficient evidence of your identity for your own protection so we can ensure that information is being released to the correct person. We will respond to your request within 30 days.

4.To request the deletion of your information, please contact us through one of the methods listed below. In some cases, our business requirements and legal obligations may prevent us from being able to delete your information.

DATA SHARING AND INTERNATIONAL TRANSFERS

1. Except as described in this Privacy Policy, we will not share your personal information with third parties without your consent.

2. If we transfer your personal information to another country, we will take appropriate measures to protect your privacy and the personal information we transfer.

ENFORCEMENT

We will verify adherence to this Privacy Policy via in-house and third party compliance audits administered by TRUSTe. In addition, if necessary, we will cooperate with an independent third party as a means of providing you with a mechanism by which any complaints and disputes can be investigated and satisfactorily remedied.

8. DO WE USE COOKIES?

We, and the third parties we engage to perform analytics services, automatically collect certain general information when you access our web site, via Cookies, Log Files, Web Beacons, Flash LSOs and other tracking technologies (the “Tracking Technologies”). We and the third parties we engage use these Tracking Technologies to administer and improve our web site and the content on it, including to track user movements around the web site, to gather usage information and statistics about how our web site is used, to permit users to log in or enroll in our services, to store user preferences, and to customize content.We do not use cookies for marketing or advertising purposes.

We may combine the information we have automatically collected from you with other information we collect about you. We do this to improve services we offer you, to improve, analytics, or web site functionality, and to develop new products and services. The following are some examples of information we may collect:

• CSID Web site pages you view
• Emails that you open or forward
• Links you click on
• Forms you complete

In connection with the web site, for example during the enrollment process or upon log into the web site portal, information about your computer, such as the device ID and other accompanying technical attributes and characteristics, may be accessed, retained and used by us or our service provider solely to analyze trends, track users’ movements on the web site, and to gather demographic information about the user base as a whole. If you access our web site through a mobile device, we also may collect information about your device, such as the device ID or another identifier as permitted by the manufacturer.

CSID and our clients have access to reports produced by these service providers that contain anonymized trends and statistics about website usage on CSID’s proprietary platforms. However, neither CSID nor any other third parties are able to tie any of the anonymized analytics data to your personal information. At no time will this information be provided or sold to any third party affiliates for advertising or marketing purposes. The use of cookies by our partners and the third parties we engage to perform analytics services is not covered by our Privacy Policy.

We, and the third parties we engage to perform analytics services, use both session ID cookies and persistent cookies. Specifically, we use session-based cookies in order to store language and other country specific preferences such as support contact information. CSID may also utilize cookies in order to track internal metrics of site usage. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies also enable us to track and target the interests of our users to enhance the experience on our site. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, this may prevent you from taking full advantage of the web site.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.

Third parties with whom we partner to provide certain features on our website also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.

9. LINKS TO OTHER WEB SITES

Our web site may contain links to other web sites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other web site. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites and such sites are not governed by this Privacy Policy. You should exercise caution and look at the privacy statement applicable to the web site in question.

10. SOCIAL MEDIA WIDGETS

Our Web site: www.csid.com includes Social Media Features, such as the Facebook and Twitter buttons or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

11. AMENDMENTS

We may update this Privacy Policy to reflect changes to our information practices. If we make any material changes we will update you by means of a notice on this Site prior to the changes taking effect. We encourage you to periodically review this page for the latest information on our privacy practices and this Privacy Policy.

12. CONTACT

If you have questions, comments, and/or complaints regarding CSID’s Privacy Policy or how we collect, transmit, and process data please contact us by:

PHONE

855.890.CSID (2743)

E-MAIL

privacy@csid.com

MAIL

Effective Date: October 5, 2015