Privacy Policy

Privacy Policy

Last Updated: Dec. 13, 2023

CrossCheck, Inc. (“CrossCheck,” “we,” “our” or “us”) is committed to protecting its users’ privacy. This Privacy Policy is designed to inform users of https://www.cross-check.com. (“Website”) about how we collect, use, share, and protect information provided to or collected by CrossCheck through the Website as well as through other sources.  CrossCheck will take reasonable steps to protect user privacy consistent with this Privacy Policy and applicable laws. This Privacy Policy may be periodically updated from time to time and without notice. Changes are effective upon the posting of the revised Privacy Policy. User consent to the revised Privacy Policy is given upon use of our Website after posting.  Please also review our Terms of Use which govern the use of our Website.  By accessing our Website you agree to be bound by the Terms of Use and Privacy Policy.

Scope

Except as set forth in the Privacy Notice for California Residents below, this Privacy Policy applies to how CrossCheck gathers and uses information provided to or collected by CrossCheck through the Website and other sources. It does not apply to third-party websites which may be linked to our Website and collect personally identifiable information about a user’s online activities. Third-party websites may have their own privacy policies. If you click on a link and visit another website, please be sure to review their privacy policy. CrossCheck is not responsible for the privacy practices of other websites.

This Privacy Policy applies when you visit or use our Website, mobile applications, APIs or when we are providing relevant services to you and if you become an employee, contractor, agent, vendor or Service Provider.

Collection of Non-Public Personal Information

CrossCheck may collect the following types of non-public personal information:

  • Personal identifiers such as name, postal address, email address, SSN, driver’s license or state identification card, passport number; bank account, financial or personal history information, or other similar identifiers;
  • Information described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, and payment information;
  • Characteristics of protected classifications under California or federal law;
  • Commercial information;
  • Internet or other network activity, IP (Internet Protocol) addresses of computers used to visit this site preserved in the system, and other information such as email addresses, browser types, operating systems, and the URL addresses of sites clicked to and from this site.
  • Geolocation data;
  • Audio, electronic, and video information;
  • Professional or employment-related information;
  • Inferences drawn from other personal information.

Non-public personal information CrossCheck collects is obtained:

  • Directly from business customers, clients, merchants, and their agents, such as from information they provide to us in order for us to provide them with our services;
  • From consumers with whom we communicate;
  • From service providers and vendors, who provide goods or services;
  • Directly or indirectly through the Internet and our website, through consumer visits to such sites or submissions;
  • Advertising networks such as job search websites and social media websites;
  • From job applicants and employees.

How Non-Public Personal Information is Used or Shared

CrossCheck does not disclose any non-public personal information about users, except as may be authorized or required by law or in the following instances:

  • For business purposes in connection with activities regulated by the Fair Credit Reporting Act;
  • For regulatory compliance;
  • As a service provider to businesses and merchants in connection with payment or financial transactions, including in accordance with the written instructions of or a transaction initiated by a consumer;
  • To service providers, vendors and third parties for goods or services;
  • To comply with contractual or legal requirements under state and federal laws;
  • Federal, state and local regulators, courts, and other governmental agencies;
  • Professional and legal advisors;
  • Law enforcement and other governmental authorities as required.

For each website visitor who enters our site as a result of clicking on Google AdWords campaigns, we use unique tracking codes to determine the search phrase used. This information is tracked to help optimize our Google AdWords campaigns, and will not be sold to any third party.

 Our Commitment to Protecting the Confidentiality of Personal Information

CrossCheck limits access to non-public personal information to those employees who have a need to fulfill their business responsibilities. Those employees are required to adhere to the requirements imposed by law, by our Privacy Policy, and our Confidentiality Policy. The breach of these obligations can result in suspension, termination and criminal prosecution.

 Safeguarding Personal Information

CrossCheck maintains physical, electronic and procedural safeguards to ensure that non-public personal information is adequately guarded. Internal reviews are conducted with respect to the collection of and storage of data to ensure security.

Cookies

Cookies are sent to your personal computer when you access the Website that specifically identifies the particular browser being utilized, which are used by us for a variety of reasons, including but not limited to information tracking on how to improve the services being provided by us and tracking user tendencies.  If you do not want these cookies to be used in connection with your system, you may set your browser so that cookies are not accepted and you may also set your browser to notify you when your system has received a cookie, however, some features and services may not function properly if your cookies are disabled.

Do Not Track Disclosures

Web browsers allow users the choice on how personally identifiable information about an individual user’s online activities over time and across third-party websites or online services are collected. This Website may not respond to Do Not Track (DNT) privacy preferences set in user web browsers.

Complaints About Privacy

If you have any complaints about our privacy practices, please feel free to send the details of your complaint to privacy@cross-check.com. We take all complaints seriously and will respond shortly after receiving written notice of your complaint. We will let you know if we need any additional information from you.

Privacy Notice for California Residents and Notice at Collection

This Privacy Notice applies only to visitors, users, and others who reside in the State of California, and is provided pursuant to the California Consumer Privacy Act (CCPA).  This Privacy Notice supplements the Privacy Policy of CrossCheck.

This Notice at Collection informs consumers, at or before the time of collection of personal information, of the categories of personal information CrossCheck collects and the purposes for which the categories of personal information will be collected or used. CrossCheck does not sell or share personal information as those terms are defined by the CCPA.

Personal Information We Collect

CrossCheck has collected the following categories of personal information including sensitive personal information as those terms are defined in the CCPA, in the preceding twelve (12) months from consumers:

  • Personal identifiers of real name, postal address, email address, SSN, driver’s license or state identification card, passport number; bank account, financial or personal history information, or other similar identifiers;
  • Information described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, and payment information;
  • Characteristics of protected classifications under California or federal law;
  • Commercial information;
  • Internet or other network activity, IP (Internet Protocol) addresses of computers used to visit this site preserved in the system, and other information such as email addresses, browser types, operating systems, and the URL addresses of sites clicked to and from this site.
  • Geolocation data;
  • Audio, electronic, and video information;
  • Professional or employment-related information;
  • Inferences drawn from other personal information.

We will not collect additional categories of or use the personal information collected for materially different, unrelated, or incompatible purposes without providing you notice.

The categories of sources from which personal information is collected are:

  • Directly from Businesses, clients, merchants, and their agents, such as from information they provide to us in order for us to provide them with our services;
  • From consumers with whom we communicate;
  • From Service Providers, Contractors, Third Parties and vendors, who provide goods or services;
  • Directly or indirectly through the Internet and our website, through consumer visits to such sites or submissions;
  • Advertising networks such as job search websites and social media websites;
  • From job applicants and employees.

The business or commercial purposes for collecting personal information including sensitive personal information as those terms are defined in the CCPA, are:

  • For activities regulated by the Fair Credit Reporting Act;
  • For regulatory compliance;
  • Providing services to merchants in connection with payment or financial transactions, check approval, and for collections;
  • To comply with contractual or legal requirements under state and federal laws;
  • To ensure data integrity;
  • For employment purposes, such as in connection with job applicants and employees.

The categories of third parties to whom personal information may be disclosed are:

  • Businesses and merchants.
  • Service Providers, Contractors and vendors.
  • Federal, state and local regulators, courts, and other governmental agencies, as necessary.
  • Professional and legal advisors.

You have the right to request the specific pieces of personal information collected about you.

The categories of personal information including sensitive personal information as those terms are defined in the CCPA, are retained until the business purpose for which they have been collected is completed, or pursuant to contractual or business requirements, or as required pursuant to applicable laws.

Personal Information Disclosed for a Business Purpose

We do not sell or share personal information as those terms are defined under the CCPA.  We do not knowingly sell or share any personal information of anyone under age eighteen (18). 

In the preceding twelve (12) months, the categories of personal information that we disclosed for a business purpose are:

  • Personal identifiers of real name, postal address, email address, SSN, driver’s license or state identification card, passport number; bank account, financial or personal history information, or other similar identifiers;
  • Information described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, and payment information;
  • Characteristics of protected classifications under California or federal law;
  • Commercial information;
  • Geolocation data;
  • Professional or employment-related information;
  • Inferences drawn from other personal information.

CrossCheck does not disclose sensitive personal information for purposes other than as provided in this notice and as authorized pursuant to the CCPA.

Your Deletion Rights

You have the right to request that CrossCheck delete any of your personal information that we collected from you and retained, subject to certain exceptions.  Once we receive and confirm your verifiable consumer request, we will delete (and direct our Service Providers or Contractors to delete), your personal information from our records, unless an exception applies.  CrossCheck may deny your deletion request if retaining the information is necessary for us or a Service Provider or Contractor to:

  • Complete the transaction for which the personal information was collected, provide a good or service that you requested or authorized, take actions reasonably anticipated within the context of an ongoing business relationship with you, or otherwise perform a contract with you.
  • Help ensure security and integrity to the extent the use of personal information is reasonably necessary and proportionate for those purposes.
  • Debug to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act.
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us and compatible with the context in which the information was provided.
  • Comply with a legal obligation.
  • An exemption or exception to the requirement to delete personal information applies.

If we deny your request because all of the information collected or maintained about you has been pursuant to our role as a Service Provider or Contractor, we will provide you with the contact information of the Business on whose behalf we collect or maintain the information. 

Your Right to Correct

You have the right to request that CrossCheck correct inaccurate personal information it maintains about you. Once we receive and confirm your verifiable consumer request, we will use commercially reasonable efforts to correct (and direct our Service Providers or Contractors to correct), your personal information unless an exception applies. 

Your Access Rights

You have the right to request that CrossCheck disclose the following information to you about our collection of personal information in the preceding twelve (12) months:

  • The categories of personal information we collected.
  • The categories of sources from which personal information was collected.
  • Our business or commercial purpose for collecting personal information.
  • The categories of personal information that we disclosed for a business purpose.
  • The categories of third parties to whom personal information was disclosed for a business purpose.
  • The specific pieces of personal information we collected or disclosed about you.

Non-Discrimination
We will not discriminate against you because you exercised any of your CCPA rights, including by:

  • Denying you goods or services.
  • Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Providing you a different level or quality of goods or services.
  • Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  • Retaliating against you if you are an employee, applicant for employment, or independent contractor.

Exercising Correction, Access and Deletion Rights; Data Portability; Authorized Agents

To exercise your rights to correction, access, and deletion described above, or to make a data portability request, you may submit a verifiable consumer request to CrossCheck in the following ways:

Only you, or an authorized agent on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access twice within a 12-month period.  The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. 

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

Response Timing and Format

CrossCheck will respond to a verifiable consumer request within forty-five (45) days of receiving it.  If additional time is required, we will inform you of the reason and extension period (an additional 45 days), in writing.   Any disclosures we provide will cover just the twelve (12) month period preceding receipt of the verifiable request.  Our response will also explain the reasons we cannot comply with a request, if applicable. 

We will not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with the cost before completing your request.

Contact Information

If you have any questions about our Privacy Policy, our Privacy Notice for California Residents, the ways CrossCheck collects and uses your information as described, your choices and rights regarding such use, exercising your rights, or for consumers with a disability who would like to access this information in an alternate format, you may contact us by:

Phone: 1-800-843-0760
Email:  
privacy@cross-check.com
Mailing Address:

CrossCheck, Inc.
Attn: Privacy Inquiry Department
PO Box 6008
Petaluma, CA 94955-6008