Privacy Policy

Kredifi Privacy Policy

Effective Date: October 1, 2019

This Privacy Policy (“Policy”) describes how Kredifi, Inc. (“Kredifi” or “we” or “our”) collect, use, and share personal information when users access or use the Kredifi website located at https://www.kredifi.com and Kredifi’s products and services (the “Services”). This Policy does not address the privacy practices of any third parties that we do not own or control.

Please read this Policy and the Terms of Service carefully. By choosing to use our Services, you acknowledge and agree that your personal information may be used pursuant to this Policy. If you do not feel comfortable with any part of this Policy, you must not use or access our Services.

We may modify this Policy at any time, without prior notice, and changes may apply to any personal information we already hold about you, as well as any new personal information collected after the Policy is modified. If we make changes, we will notify you by revising the date at the top of this Policy. We will provide you with advanced notice if we make any material changes to how we collect, use or disclose your personal information or that impact your rights under this Policy. If you continue to access or use our Services after receiving the notice of changes, you acknowledge your acceptance of the updated Policy.

In addition, we may provide you with real time disclosures or additional information about the data personal information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your personal information.

1. Information We Collect

Through our Services, we collect personal information, which is information that, alone or in combination with other information, may be used to identify you. Below, we describe the personal information we may collect about you:

a) Information You Provide To Us

We may collect information that users provide to us through the Services. For example, we may collect your name, email address, phone number, or other contact information when you contact us for a demo, access certain content, submit questions or comments, or request additional information about Kredifi or our Services.

b) Customer Information

Customers are users who access or use our Services to screen or obtain information about individuals such as employees, applicants, or others (see section on Applicants below), we may collect the following information:

Account information, such as name, email address, and password;
Contact information, such as address and phone number;
Employer identification number, corporate and license information, and other business information; and
Payment information, such as credit card or bank account information and billing address.

c) Applicant Information

Applicants are users who will be subjects of screening or background checks, whether at their own request or at the request of a third party (such as an employer or landlord). With respect to applicants, we may collect the following information:

Account information, such as name, email address, and password;
Contact information, such as address and phone number;
Identity verification information, such as Social Security Number, driver’s license number, and date of birth;
Additional information submitted to confirm identity or provide background, such as a photograph, or official documents; and
Educational information, employment information, or other character or background information.

d) Cookie and Usage Information

When you visit or use the Services, we automatically gather certain usage information, which may be gathered using cookies or similar tracking technologies. This usage information may include: IP address, device ID, device type, operating system or version, browser type, and referring and existing pages. For more information, please refer to our “Cookies” section below.

2. Why We Collect Personal Information

We use personal information for the following purposes:

To provide our Services, such as conducting screening or background checks;
To send you service-related communications (i.e., communications related to your use of the Services, your account, or changes in our policies);
To send you marketing communications (i.e., communications about offers and Services that may interest you);
To provide customer support and respond to your inquiries;
To promote our Services, i.e., through advertising;
To conduct research and development to improve our Services;
For internal record-keeping and legal and regulatory compliance purposes;
To ensure the security of our Services, including addressing fraud or safety concerns and investigating or mitigating fraud or wrongdoing; or
To protect you, us and other users.

3. Information We Share

We may share your personal information in the following situations:

a) Affiliates

We may share information with other companies in our corporate structure (“Affiliates”) for use as described in this Policy.

b) Customers

We provide the requested screening and background check information to the customers who requested the information. For example, if an employer lawfully requests a Social Security Number (“SSN”) validation, then we will provide the requested report pertaining to the employee to the employer. We may also share communication related to the requested information or report, such as notice of a dispute or adverse action.

c) Furnishers and Researchers

We may provide personal information of the applicant to entities that research and furnish data contained in screening and background check reports, such as SSN validation, criminal record searches, education and/or employment verification.

d) Data & Service Providers

We may provide access to your information to select third parties who perform services on our behalf. These third parties provide a variety of services for us, including without limitation: fulfillment, data analysis and storage, identity verification, fraud prevention and mitigation, accounting, auditing, and legal services.

e) Business Transfer

In the event of a merger, reorganization, consolidation, restructuring, bankruptcy, sale of substantially all interests or assets, or other similar transaction, we may transfer your personal information to the subsequent owner or operator of the Services.

f) Legal Requirements

We will use and disclose information where we, in good faith, believe that the law or legal process (such as a court order, search warrant or subpoena) requires us to do so or in other circumstances where we believe it is necessary to protect the rights or property of us, our users, or other parties.

g) Third-Party Partners

We may share certain personal and pseudonymized information with third-party partners, including to jointly offer a product or service to you or create interoperability between our products and services and theirs.

h) Consent

We may disclose your information to third parties based on your authorization to do so.

4. Cookies

a) What are cookies?

Cookies are small text files containing a string of alphanumeric characters that are downloaded by your web browser when you visit a website. Like many online services, we and companies we work with may use cookies and similar technologies (including pixel tags, web beacons, and mobile identifiers) when you access and use the Services. Cookies are used to remember your user account information and your preferences, to customize the Services for you and to assist us in measuring and analyzing utilization of the Services.

b) What types of cookies do we use?

We use the types of cookies described below on our Services:

Types of Cookies	Description
Strictly Necessary	Some of the cookies we use are necessary to provide our Services to you. For example, they help you: navigate from page to page; stay logged into your account; and support and enable security features.
Functional	Functional cookies collect information about how you use our Services, provide you with certain functions on our Services, and remember your preferences.
Analytics, Performance and Research	These cookies help us understand how well our Services are doing. They collect information about your use and interaction with our Services so that we can continue to improve and expand our Services.
Marketing	Marketing cookies allow us to collect information about your interactions with our marketing activities, such as parts of our website and our emails. They help us measure performance of our Services and advertising campaigns.

c) How to manage cookies

We use both first-party and third-party cookies that allow us to automatically collect information through our Services. Third-party cookies are operated by third parties that can recognize your device both when it visits our Services and when it visits other websites or mobile apps. We encourage you to check the websites of any third-party cookie providers for more information about how they use the information they collect. Below we describe how you can manage first-party and cookies on our Services.

First-Party Cookies. You can enable, disable or delete cookies via your browser settings. To do this, follow the instructions provided by your browser, usually located within the “Help”, “Tools” or “Edit” settings of your browser or mobile device. Please be aware that if you set disable cookies on your browser, you may not be able to access secure areas of the Services and parts of the Services may also not work properly (e.g., preferences, referral links).

Many browser manufacturers provide helpful information about cookie management, including, but not limited to:

If you use a different browser than those listed above, please refer to your specific browser’s documentation or check out http://www.allaboutcookies.org/browsers/index.html to learn more about different browsers. You can also find out more information about how to change your browser cookie settings at www.allaboutcookies.org.

Similarly, many mobile devices allow you to manage cookies. To do this, follow the instructions provided by your mobile device, usually located in “Settings” of your mobile device. Many mobile device manufacturers provide helpful information about how to do this:

Third-Party Cookies. You may control third-party cookies that are placed on your browsing device through your browser (as described above).

5. Marketing Emails and Other Communications

We may use your personal information to send you messages about new products and services, events, or other information that may be of interest to you, whether through email, text messages (SMS), or other methods as permitted under the applicable law. If you no longer wish to receive marketing communications, you can change your account settings, click the “unsubscribe” button in email communications, respond to a text with “STOP” to stop receiving such messages, or you can send an email to support@kredifi.com. Please note that you will not be able to opt out of receiving service-related communications (i.e., communications related to your use of the Services, your account, or changes in our policies); otherwise, you may miss important information about your account or the Services.

6. Transfers of Your Information

Kredifi is located in the United States. When you access or use our Services, your personal information may be processed in the United States, or any other country in which we, our affiliates, service providers, or furnishers and researchers maintain facilities. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you are located, you should immediately stop accessing or using the Services.

If you are in the European Economic Area, United Kingdom, or Switzerland, please refer to the section below entitled Notice to Individuals in the European Economic Area, United Kingdom, and Switzerland.

7. Accessing, Changing, and Deleting Information

Users should promptly update their contact information if it changes or is inaccurate. Users may review, access, change, or delete certain account information in their account settings or by contacting us at support@kredifi.com.

8. Retention

Our policy is to retain personal information only as long as reasonably necessary to provide the Services or as otherwise required for legal compliance purposes. For example, we may retain information, including from closed accounts, in order to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations of any user, enforce our Terms of Use, and/or for any other purposes otherwise permitted by law that we deem necessary in our sole discretion.

9. Security

Kredifi maintains safeguards to help protect the security of information we maintain about you. We may use encryption, passwords, and physical security measures to help protect your information against unauthorized access and disclosure. Unfortunately, due to the nature of the internet, no systems are 100% secure. We rely on you to do your part in protecting against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, keeping your log-in and password private, and not recycling passwords from other websites or accounts. Kredifi is not responsible for the unauthorized use of your information nor for any lost, stolen, or compromised passwords, or for any activity on your account via unauthorized password activity.

10. Children

You must be at least 18 years of age to use the Services. If you are under 18, you may not use our Services. We do not knowingly collect personal information of individuals under 18 years of age. If you are a parent or guardian, and believe that your child under the age of 18 has provided personally identifiable information to us through the Services, please contact us at the contact information listed below. If we discover that an individual under 18 has provided us with personal information, we will take steps to delete the account and any such personally identifiable information to the extent required by applicable law.

11. Do Not Track

Some Internet browsers – like Internet Explorer, Firefox, and Safari – include the ability to transmit “Do Not Track” (“DNT”) signals. Since uniform standards for DNT signals have not been adopted, we currently do not process or respond to DNT signals on our Services.

12. Your California Privacy Rights

California law permits California residents to ask us for a notice that identifies the categories of personal information that we share with our affiliates and/or third parties for marketing purposes, and that provides contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us with your name, account information, and proof of California residence at the email below.

13. Special Notice to Individuals in the European Economic Area, United Kingdom, and Switzerland

This section only applies to individuals located in the European Economic Area, United Kingdom, or Switzerland (collectively, the “Designated Countries”) at the time their personal information was collected.

We may ask you to identify which country you are in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in the Designated Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in the Designated Countries.

a) Our Relationship to You

Under the General Data Protection Regulation (“GDPR”), a “data controller” is an entity that determines the purposes and the manner in which any personal information is processed and a “data processor” is an entity that processes personal information on behalf of a data controller. Kredifi has the following relationships:

A user is an individual providing personal information to us via our website or other services, products or platforms, such as by signing up for our newsletter or making an account. Here, Kredifi is a data controller.
A “Customer” is a specific type of user that has engaged us to act as an agent (a “data processor”) by obtaining our Services, including processing their Applicants’ personal information. The Customer is the data controller, and Kredifi is their data processor. The Customer controls the purposes or the means by which the Applicants’ personal information is collected, and we are not in a direct relationship with a Customer’s Applicants.

b) Legal Bases for Processing Your Personal Information

Below is a list of the purposes described in this policy with the corresponding legal bases for processing.

Processed based on our contract with you or to take steps at your request prior to entering into a contract.