Privacy Policy

Last updated 12/31/19

Introduction

CrossCheck, Inc. (“CrossCheck,” “we,” “our” or “us”) is committed to protecting its users’ privacy. This Privacy Policy is designed to inform users of www.cross-check.com (“Website”) about how we collect, use, share, and protect information provided to or collected by CrossCheck through the Website regardless of how users access or use the Website (e.g., via personal computers, mobile devices, or otherwise). CrossCheck will take reasonable steps to protect user privacy consistent with this Privacy Policy and applicable laws. This Privacy Policy may be periodically updated from time to time and without notice. Changes are effective upon the posting of the revised Privacy Policy. User consent to the revised Privacy Policy is given upon use of our Website after posting. Any previously collected personal information will not be used in a manner materially different than indicated at the time it was collected without first obtaining the user’s consent. Please also review our Terms of Use which govern the use of our Website.

***By accessing our Website you agree to be bound by the Terms of Use and Privacy Policy***

Scope

Except as set forth in the Privacy Notice for California Residents (below, and accessed here https://www.cross-check.com/california-privacy-notice), this Privacy Policy applies to how CrossCheck gathers and uses information provided to or collected by CrossCheck through the Website. It does not apply to third-party websites which may be linked to our Website and collect personally identifiable information about a user’s online activities. Third-party websites may have their own privacy policies. If you click on a link and visit another website, please be sure to review their privacy policy. CrossCheck is not responsible for the privacy practices of other websites.

Collection of Non-Public Personal Information

CrossCheck may collect the following types of non-public personal information:

  • Identifying information such as name, address, telephone number, driver’s license number and/or other identification numbers.
  • Consumer report information, including payment history, and other account information.
  • Financial background information relating to the ownership and location of assets, employment history and status, as well as other information relating to financial status.
  • Certain information we receive and store, for example, when you access the website, when you supply information such as your address or phone number, or when you submit information through the feedback portals. You can choose not to provide personal information, however CrossCheck may not be able to provide certain services under those circumstances.
  • Cookies sent to your personal computer when you access the Website that specifically identifies the particular browser being utilized. Cookies are used by CrossCheck for a variety of reasons, including but not limited to information tracking on how to improve the services being provided by CrossCheck and tracking user tendencies. If you do not want these cookies to be used in connection with your system, you may set your browser so that cookies are not accepted and you may also set your browser to notify you when your system has received a cookie. However, some CrossCheck features and services may not function properly if your cookies are disabled.
  • IP addresses of computers used to visit this site preserved in the system. In addition, other information such as email addresses, browser types, operating systems, and the URL addresses of sites clicked to and from this site are automatically collected as well.

The non-public personal information CrossCheck collects is obtained from the following sources:

  • Information received on applications and other forms;
  • Information submitted through the Website and feedback portals;
  • Information about transactions with CrossCheck or third parties;
  • Information received from a consumer reporting agency; and
  • Information obtained from public records.

Disclosure of Non-Public Personal Information

CrossCheck does not disclose any non-public personal information about users, except as may be authorized or required by law or in the following instances:

  • In response to the order of a court having jurisdiction to issue such an order or a subpoena;
  • In accordance with the written instruction of the user;
  • In connection with a transaction initiated by the user;
  • To a business with whom CrossCheck has a trusted relationship for the purpose of processing information on behalf of CrossCheck or an affiliate of CrossCheck, or in furtherance of a transaction initiated by the user, or to third parties that provide collection-related services;
  • As permitted or required by law;
  • To its subsidiaries, agents, and affiliates.

For each website visitor who enters our site as a result of clicking on Google AdWords campaigns, we use unique tracking codes to determine the search phrase used. This information is tracked to help optimize our Google AdWords campaigns, and will not be sold to any third party.

Our Commitment to Protecting the Confidentiality of Personal Information

CrossCheck limits access to non-public personal information to those employees who have a need to fulfill their business responsibilities. Those employees are required to adhere to the requirements imposed by law and to the CrossCheck Privacy Policy, as well as being obligated to adhere to the provisions of the CrossCheck Confidentiality Policy. The breach of these obligations can result in suspension, termination and criminal prosecution.

Safeguarding Personal Information

CrossCheck maintains physical, electronic and procedural safeguards to ensure that non-public personal information is adequately guarded. Internal reviews are conducted with respect to the collection of and storage of data to ensure security.

While CrossCheck incorporates the above safeguards to help protect and secure personal information, we cannot guarantee that data transmitted online, wirelessly or by other electronic means is 100% secure.  Any use of our Website and the information provided to us is at the user’s own risk.

Do Not Track Disclosures

Web browsers allow users the choice on how personally identifiable information about an individual user’s online activities over time and across third-party websites or online services are collected. This Website may not respond to Do Not Track (DNT) privacy preferences set in user web browsers.

Contact Information

If you have questions or comments about our privacy and terms of use policies, please visit the Contact Us page.

Privacy Notice for California Residents

This Privacy Notice applies only to consumers who reside in the State of California, and is provided pursuant to the California Consumer Privacy Act (CCPA).  This Privacy Notice supplements CrossCheck, Inc.’s Privacy Policy, which may be accessed at https://www.cross-check.com/privacy-policy.

Personal Information We Collect, Use and Disclose

CrossCheck, Inc. collects personal information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.   

The following categories of personal information have been collected in the past twelve (12) months from consumers:

Category of Personal Information

Categories of Sources of Personal Information

Business Purpose for Personal Information

Categories of Third Parties to Whom Personal Information is Disclosed

Identifiers such as name, address,  email address, SSN, driver’s license number, or other similar identifiers.

Merchants, service providers, third parties, subsidiaries, and consumers; job applicants and employees.   

Providing services to merchants in connection with financial transactions, check approval, and collections; for employment purposes; for regulatory compliance or legal requirements under state and federal laws.        

Service providers, third parties, and subsidiaries; federal and state regulators and other governmental authorities as required; professional and legal advisors.

Categories of Personal Information  described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, payment information.

Merchants, service providers, third parties, subsidiaries, and consumers; job applicants and employees.     

Providing services to merchants in connection with financial transactions, check approval, and collections; for employment purposes; for regulatory compliance or legal requirements under state and federal laws.              

Service providers, third parties, and subsidiaries; federal and state regulators and other governmental authorities as required; professional and legal advisers.

Characteristics of protected classifications under California or federal law.

Merchants, service providers, third parties, subsidiaries, and consumers; job applicants and employees.    

For business purposes in limited circumstances.  Some information may be collected incidentally in connection with other non-protected classification information, or in the context of employment; other information may be collected for regulatory compliance or legal requirements under state and federal laws.         

Service providers, third parties, and subsidiaries; federal and state regulators and other governmental authorities as required; professional and legal advisors.

Commercial information.

Merchants, service providers, third parties, subsidiaries, and consumers.

Providing services to merchants in connection with payment or financial transactions, collections; for records of merchant transactions.

Service providers, third parties and subsidiaries; professional and legal advisors.

Internet or other network activity information including but not limited to browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.

Merchants, consumers, job applicants, through a computer, browser, and website.

Providing services to merchants in  connection with a merchant transaction, or communication with consumers through a website, or for job applicants; to provide and improve services being provided, to ensure data integrity; for marketing purposes to commercial customers.

Service providers, third parties; professional and legal advisors.

Audio, electronic, visual, or similar sensory data.

Merchants, service providers, third parties, consumers, job applicants, employees, through on site visits or messages.

Providing services in connection with financial transactions, check approval, and collections; in the limited context of security. 

Service providers, third parties, law enforcement.

Professional or employment-related information.

Advertising networks such as job search websites and social media websites; merchants, service providers, subsidiaries, third parties, consumers,  job applicants and employees.  

For employment purposes; for collection purposes.                

Service providers, third parties, and subsidiaries; federal and state regulators and other governmental authorities as required; professional and legal advisors.

Inferences drawn from other personal information.

Merchants, service providers, third parties, subsidiaries, and consumers; job applicants and employees.    

For activities regulated by the Fair Credit Reporting Act.                   

Service providers, third parties, and subsidiaries; federal and state regulators and other governmental authorities as required; professional and legal advisors.


CrossCheck will not collect additional categories of or use the personal information collected for materially different, unrelated, or incompatible purposes without providing you notice.

Your Right to Request Access

You have the right to request that CrossCheck disclose certain information to you about the collection and use of your personal information over the past twelve (12) months.  You have the right to request any or all of the following:

  • The categories of personal information collected about you.
  • The categories of sources from which the personal information is collected.
  • The business or commercial purpose for collecting or selling the personal information.
  • The categories of third parties with whom CrossCheck shares personal information for a business purpose.
  • The specific pieces of personal information collected about you.

To exercise these rights under the CCPA and submit a verifiable request, please see the section titled Exercising Access, Data Portability, and Deletion Rights.

Disclosure or Sale of Personal Information for a Business Purpose

CrossCheck does not and will not sell your personal information, other than for an activity subject to regulation under the Fair Credit Reporting Act, which is exempt under the CCPA.  CrossCheck does not and will not sell any personal information of minors. 

In the past twelve (12) months, CrossCheck has disclosed the categories of personal information summarized in the chart above.  CrossCheck requires that all personal information it discloses to a recipient be maintained in a confidential manner and used only for the business purpose of performing the contract for which it was provided. 

Your Deletion Request Rights

You have the right to request that CrossCheck delete any of your personal information that we collected from you and retained, subject to certain exceptions.  Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete), your personal information from our records, unless an exception applies.  CrossCheck may deny your deletion request if retaining the information is necessary for us or a service provider to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested or authorized, take actions reasonably anticipated within the context of an ongoing business relationship with you, or otherwise perform a contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act.
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Otherwise use the personal information internally in a lawful manner compatible with the context in which you provided it.

To exercise these rights under the CCPA and submit a verifiable request, please see the Section titled Exercising Access, Data Portability, and Deletion Rights.

Exercising Access, Data Portability, and Deletion Rights

To exercise your rights to access, data portability, and deletion described above, you may submit a verifiable consumer request to CrossCheck in the following ways:


Only you, or a person authorized to act on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access twice within a 12-month period.  The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. 

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

CrossCheck will respond to a verifiable consumer request within forty-five (45) days of receiving it.  If additional time is required, we will inform you of the reason and extension period (an additional 45 days), in writing.  If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will cover just the twelve (12) month period preceding receipt of the verifiable request.  Our response will also explain the reasons we cannot comply with a request, if applicable.  For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We will not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with the cost before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Contact Information

If you have any questions or comments about this notice, the ways CrossCheck collects and uses your information described in this California Privacy Notice, your choices and rights regarding such use, exercising your rights, or would like to access this information in an alternate format, you may contact us at:

Phone: 1-800-843-0760
Website: https://www.cross-check.com/
Email:  privacy@cross-check.com
Mailing Address:

CrossCheck, Inc.
Attn: Privacy Inquiry Department
PO Box 6008
Petaluma, CA 94955-6008