Privacy Policy

Last Updated: June 23, 2020

CrossCheck, Inc. (“CrossCheck,” “we,” “our” or “us”) is committed to protecting its users’ privacy. This Privacy Policy is designed to inform users of www.cross-check.com (“Website”) about how we collect, use, share, and protect information provided to or collected by CrossCheck through the Website, as well as through other sources.  CrossCheck will take reasonable steps to protect user privacy consistent with this Privacy Policy and applicable laws. This Privacy Policy may be periodically updated from time to time and without notice. Changes are effective upon the posting of the revised Privacy Policy. User consent to the revised Privacy Policy is given upon use of our Website after posting.  Please also review our Terms of Use which govern the use of our Website.  By accessing our Website you agree to be bound by the Terms of Use and Privacy Policy.

Scope

Except as set forth in the Privacy Notice for California Residents below, this Privacy Policy applies to how CrossCheck gathers and uses information provided to or collected by CrossCheck through the Website and other sources. It does not apply to third-party websites which may be linked to our Website and collect personally identifiable information about a user’s online activities. Third-party websites may have their own privacy policies. If you click on a link and visit another website, please be sure to review their privacy policy. CrossCheck is not responsible for the privacy practices of other websites.

Collection of Non-Public Personal Information

CrossCheck may collect the following types of non-public personal information:

  • Personal identifiers such as name, address, email address, SSN, state issued identification numbers, bank account information, financial or personal history information, or other similar identifiers;
  • Information described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, and payment information;
  • Characteristics of protected classifications under California or federal law;
  • Geolocation data, which we obtain from process servers;
  • Audio, electronic, and video recordings;
  • Professional or employment-related information;
  • Educational information; and
  • Internet or other network activity, IP (Internet Protocol) addresses of computers used to visit this site preserved in the system, and other information such as email addresses, browser types, operating systems, and the URL addresses of sites clicked to and from this site.

Non-public personal information CrossCheck collects is obtained:

  • Directly from business clients, merchants, and their agents, such as from information they provide to us in order for us to provide them with our services;
  • From consumers with whom we communicate;
  • From service providers and vendors, who provide goods or services;
  • Directly or indirectly through the Internet and our website, through consumer visits to such sites or submissions;
  • Advertising networks such as job search websites and social media websites;
  • From job applicants and employees.

How Non-Public Personal Information is Used or Shared

CrossCheck does not disclose any non-public personal information about users, except as may be authorized or required by law or in the following instances:

  • For business purposes in connection with activities regulated by the Fair Credit Reporting Act.
  • For regulatory compliance.
  • As a service provider to businesses and merchants in connection with payment or financial transactions, including in accordance with the written instructions of or a transaction initiated by a consumer.
  • To service providers, vendors and third parties for goods or services.
  • To comply with contractual or legal requirements under state and federal laws.
  • Federal, state and local regulators, courts, and other governmental agencies.
  • Professional and legal advisors.
  • Law enforcement and other governmental authorities as required.

For each website visitor who enters our site as a result of clicking on Google AdWords campaigns, we use unique tracking codes to determine the search phrase used. This information is tracked to help optimize our Google AdWords campaigns, and will not be sold to any third party.

Our Commitment to Protecting the Confidentiality of Personal Information

CrossCheck limits access to non-public personal information to those employees who have a need to fulfill their business responsibilities. Those employees are required to adhere to the requirements imposed by law, by our Privacy Policy, and our Confidentiality Policy. The breach of these obligations can result in suspension, termination and criminal prosecution.

Safeguarding Personal Information

CrossCheck maintains physical, electronic and procedural safeguards to ensure that non-public personal information is adequately guarded. Internal reviews are conducted with respect to the collection of and storage of data to ensure security.

Cookies

Cookies are sent to your personal computer when you access the Website that specifically identifies the particular browser being utilized, which are used by us for a variety of reasons, including but not limited to information tracking on how to improve the services being provided by us and tracking user tendencies.  If you do not want these cookies to be used in connection with your system, you may set your browser so that cookies are not accepted and you may also set your browser to notify you when your system has received a cookie, however, some features and services may not function properly if your cookies are disabled.

Do Not Track Disclosures

Web browsers allow users the choice on how personally identifiable information about an individual user’s online activities over time and across third-party websites or online services are collected. This Website may not respond to Do Not Track (DNT) privacy preferences set in user web browsers.

Privacy Notice for California Residents

This Privacy Notice applies only to visitors, users, and others who reside in the State of California, and is provided pursuant to the California Consumer Privacy Act (CCPA).  This Privacy Notice supplements the Privacy Policy of CrossCheck, Inc.

Your Access Rights

You have the right to request that CrossCheck disclose the following information to you about our collection of  personal information over the past 12 months:

  • The categories of personal information we collected.
  • The categories of sources from which personal information was collected.
  • Our business or commercial purpose for collecting personal information.
  • The categories of personal information that we disclosed for a business purpose.
  • The categories of third parties to whom personal information was disclosed for a business purpose.
  • The specific pieces of personal information we collected or disclosed.

Personal Information We Collect

CrossCheck has collected the following categories of personal information in the past twelve (12) months from consumers:

  • Personal identifiers such as name, address, email address, SSN, state issued identification numbers, bank account information, financial or personal history information, or other similar identifiers;
  • Information described in California Customer Records Act, such as name, signature, address, telephone number, education, employment, employment history, and payment information;
  • Characteristics of protected classifications under California or federal law;
  • Geolocation data, which we obtain from process servers;
  • Internet or other network activity, such as if a consumer visits our Website;
  • Audio, electronic, and video recordings;
  • Professional or employment-related information; and
  • Educational information.

We will not collect additional categories of or use the personal information collected for materially different, unrelated, or incompatible purposes without providing you notice.

The categories of sources from which personal information is collected are:

  • Directly from Businesses, clients, merchants, and their agents, such as from information they provide to us in order for us to provide them with our services;
  • From consumers with whom we communicate;
  • From Service Providers and vendors, who provide goods or services;
  • Directly or indirectly through the Internet and our website, through consumer visits to such sites or submissions;
  • Advertising networks such as job search websites and social media websites;
  • From job applicants and employees.

The business or commercial purposes for collecting personal information are:

  • For activities regulated by the Fair Credit Reporting Act.
  • For regulatory compliance.
  • Providing services to merchants in connection with payment or financial transactions, check approval, and for collections.
  • To comply with contractual or legal requirements under state and federal laws.
  • To ensure data integrity.
  • For employment purposes, such as in connection with job applicants and employees.

Disclosure of Personal Information for a Business Purpose

CrossCheck does not and will not sell your personal information.  CrossCheck does not and will not sell any personal information of minors. 

Personal information may be disclosed or used for a business purpose for an activity subject to regulation under the Fair Credit Reporting Act, which is exempt under the CCPA.  We also engage certain parties to perform functions and provide services to us for a business purpose.  We may share your personal information with these parties, but only to the extent necessary to perform these functions or provide such services.  CrossCheck requires that all personal information it discloses to a recipient be maintained in a secure and confidential manner. 

The categories of personal information that we disclosed for a business purpose in the preceding twelve (12) months are:

  • Personal identifiers as described in this Notice;
  • Information described in California Customer Records Act;
  • Characteristics of protected classifications under California or federal law;
  • Geolocation data;
  • Professional or employment-related information; and
  • Educational information.

The categories of third parties to whom the personal information identified may be disclosed to are:

  • Businesses and merchants.
  • Service Providers and vendors.
  • Federal, state and local regulators, courts, and other governmental agencies, as necessary.
  • Professional and legal advisors.

Your Deletion Request Rights

You have the right to request that CrossCheck delete any of your personal information that we collected from you and retained, subject to certain exceptions.  Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete), your personal information from our records, unless an exception applies.  CrossCheck may deny your deletion request if retaining the information is necessary for us or a service provider to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested or authorized, take actions reasonably anticipated within the context of an ongoing business relationship with you, or otherwise perform a contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act.
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Otherwise use the personal information internally in a lawful manner compatible with the context in which you provided it.
  • Is exempt from or falls under an exception to the requirement to delete.

If we deny your request because all of the information collected or maintained about you has been pursuant to our role as a Service Provider, we will provide you with the contact information of the business on whose behalf we collect or maintain the information. 

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.  Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Access and Deletion Rights

To exercise your rights to access, data portability, and deletion described above, you may submit a verifiable consumer request to CrossCheck in the following ways:

Only you, or an authorized agent on your behalf, may make a verifiable consumer request related to your personal information.  You may also make a verifiable consumer request on behalf of your minor child.  You may only make a verifiable consumer request for access twice within a 12-month period.  The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. 

We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format

CrossCheck will respond to a verifiable consumer request within forty-five (45) days of receiving it.  If additional time is required, we will inform you of the reason and extension period (an additional 45 days), in writing.   Any disclosures we provide will cover just the twelve (12) month period preceding receipt of the verifiable request.  Our response will also explain the reasons we cannot comply with a request, if applicable.  For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We will not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with the cost before completing your request.

Contact Information

If you have any questions about our Privacy Policy, our Privacy Notice for California Residents, the ways CrossCheck collects and uses your information as described, your choices and rights regarding such use, exercising your rights, or for consumers with a disability who would like to access this information in an alternate format, you may contact us by:

Phone: 1-800-843-0760
Email:  privacy@cross-check.com
Mailing Address:

CrossCheck, Inc.
Attn: Privacy Inquiry Department
PO Box 6008
Petaluma, CA 94955-6008