Service Privacy & Security Policy

Last Modified: July 17, 2017

This Service Privacy Policy ("Service Privacy Policy") governs your use of the services and of our website fraud.net and its subdomains (the "Website") as provided by Fraud.net Inc., a Delaware corporation, and its affiliates, successors, and/or assigns ("Fraud.net" or "we"). Fraud.net provides online businesses (our "Members" or "you") with services that help Members detect and address fraud and other malicious behavior on their digital properties. In doing so, we collect and analyze information about how Internet users ("Members’ Customers" or "Users") interact with our Members’ digital properties such as websites and mobile applications (their "Member Sites"). Any content, functionality, and services offered on or through our cloud-based, machine-learning platform or Website that is used to analyze, predict or prevent fraudulent activity as well as any of Fraud.net’s other products, services, or terms that may be incorporated herein through separate Work Order(s) executed by you and Fraud.net ("Work Order"), are referred to collectively as the "Services." The Services identify patterns, using custom and global models that leverage both the specific Member’s data and data provided by all other Members enabling Members to streamline the review their Users’ activities and prevent misuse of their assets and services. This Service Privacy Policy should be read in conjunction with the Terms of Service, Website Privacy Policy, and, if applicable, the Work Order.

This Service Privacy Policy describes the types of information that we may collect from you or that you may choose to provide when you use our Services and our practices for collecting, using, maintaining, protecting and disclosing that information.

Note that this Service Privacy Policy does not describe our collection and use of information when visitors access our public website, fraud.net and its subdomains. Please see our Website Privacy Policy.

Member Information and How We Use It

Information Members send us about themselves ("Member Information")

We collect information about each Member when they register for the Services such as company name, URL, address, industry, company size, fraud related information and payment information. If the Member pays by credit card, our processor collects that information (we do not store full credit card information). We also collect personal information of those individuals that represent the Member in connection with the use of the Services such as name, job title, email address and phone number.

We use Member Information you provide to:

  • provide Members with the Services and for billing and collections;
  • create internal analysis and business analytics to improve the Services;
  • notify Members regarding technical alerts, updates, security notifications and administrative communications
  • send Members marketing information, including product updates, industry news and reports, if it is in accordance their newsletter and marketing preferences, and
  • any other purpose about which we notify Members.

  • At any time you may ask us to stop sending newsletters or marketing communications to you by clicking the "unsubscribe" link in any email that we send you. If you have any questions, on how to unsubscribe, contact us at support@fraud.net.

    Service Data and How We Use It

    Members may submit data through our application programming interface or through the API, including personal information and transaction data with respect to Members’ Customers. Such data includes but is not limited to email addresses, billing and shipping addresses, usernames, telephone numbers, payment information (does not include full credit card information), User behavior, transaction information and transaction history (collectively, "Service Data").

    Fraud.net generates analysis and results using the Service Data, whether alone or in combination with other sources, and creates risk profiles for Users, risk assessments, and analytics reports based on the Service Data submitted ("Analytical Results"). Members own their Service Data, but Fraud.net owns the Services and Analytical Results. Each Member decides the types and format of the Service Data they wish to submit for analysis using the Services.

    Members may also place JavaScript code issued by Fraud.net onto their Member Sites in order to enable us to collect unique device identifiers, including device metadata, from Users automatically. We collect and analyze this information to identify unique properties about the device being used, how the Users interact with the Member Sites, and IP locations for use in the creation of the Analytical Results.

    Similarly, in connection with mobile applications, Members may integrate Fraud.net-provided software development kits ("SDKs") to help prevent fraud that may occur through their applications. The SDKs provide Fraud.net more precise information about the Users’ locations such as GPS (if the location settings allow it) and IP address. Additionally, the SDKs collect phone-related metadata (including battery level, device properties, carrier name, motion and proximity information) and unique device identifiers.

    From time to time, we may alter our device fingerprinting technology, SDKs, and APIs to improve their effectiveness.

    Disclosure of Your Information

    Vendors, consultants, and other service providers: We may share Member Information and Service Data with third party vendors, consultants, and other service providers who are working on our behalf and with whom the sharing of such information is necessary to undertake that work, e.g. to process billing or to provide customer support.

    Data enrichment: We may share minimal User information (e.g. email addresses) with select third-party vendors for data enrichment purposes. Enriching data allows us to provide a richer subset of data from which to make more informed fraud risk assessments. For example, we share select user email addresses with third parties to obtain links to publicly available social profiles.

    Compliance with laws: We may disclose Member Information and Service Data to a third party where we are legally required to do so in order to comply with any applicable laws, regulations, legal process, or law enforcement or government requests.

    Vital interests and legal rights: We may disclose information about you if we believe it necessary to protect the vital interests or legal rights of Fraud.net, our Members, or the rights or property of others.

    Corporate Affiliates and Transactions: We may provide Member Information and Service Data to our affiliates, including any subsidiary, parent company or company under common control with Fraud.net (collectively, "Affiliates"). Affiliates will use Member Information and Service Data only as described in this Service Privacy Policy. Additionally, if Fraud.net is involved in a merger, acquisition or sale of all or a portion of its assets, Member Information and Service Data may be shared or transferred as part of that transaction.

    Fraud.net does not (i) share User information with third party marketers or advertisers; (ii) contact Members’ Customers; or (iii) identify individual Members to other Members as the source of Service Data for any Analytical Results.

    Information Security

    Fraud.net is committed to privacy and security. Members may contact us for additional information regarding our security measures. Examples of Fraud.net’s security measures include: physical, electronic, and procedural safeguards; sophisticated security monitoring tools; documented security policies; use of strong encryption for transmissions to and from Fraud.net Members; restricting access to personally identifiable information; and periodic security reviews by third party security experts.

    Following termination or deactivation of an account, we may retain personal information and content for backup, archival, audit, disaster recovery, or otherwise in accordance with the Terms of Service and applicable law.

    International Data Transfer

    Information collected via the Services is transferred to and hosted on our servers in the United States and Fraud.net may also maintain servers located in Europe or Asia. Fraud.net protects all personal data in accordance with this Service Privacy Policy wherever it is processed.

    EU-US Privacy Shield Framework

    Fraud.net complies with the EU-US Privacy Shield Framework and the Privacy Shield Principles as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Fraud.net has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Service Privacy Policy or the Website Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

    Fraud.net is committed to subjecting to the Privacy Shield Principles all personal data received from the European Union in reliance on the Privacy Shield. We comply with the Privacy Shield Principles regarding onward transfers of personal data to third parties for external processing on our behalf. We may disclose information to comply with any court order, law or legal process, including to respond to any government or regulatory request, including in response by lawful requests to meet national security or law enforcement requirements in accordance with the EU-US Privacy Shield Framework. You may be able to invoke binding arbitration under certain conditions as described in the Privacy Shield Principles.

    In accordance with the Privacy Shield Framework, Fraud.net has designated JAMS, a dispute resolution provider located in the United States, to address complaints and provide appropriate recourse free of charge. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint. Fraud.net is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

    As a processor, Fraud.net does not accept information directly from Members’ Customers, and Members’ Customers do not submit information directly to Fraud.net. Members’ Customers should first contact their respective Members directly with concerns. In accordance with the EU-US Privacy Shield Principles (see "EU-US Privacy Shield Framework" below), Members and Members’ Customers may access their personal data for the purpose of correcting, amending, or deleting that information.

    Should you have any questions and/or complaints, please feel free to contact us by submitting your request in writing to:

    Fraud.net Inc.
    Attn: Legal Department
    330 7th Avenue
    New York, NY 10001
    legal@fraud.net

    Accessing and Correcting Your Information

    If you want Fraud.net to access or correct your information that is stored on Fraud.net systems, please submit your request in writing to:

    Fraud.net Inc.
    Attn: Legal Department
    330 7th Avenue
    New York, NY 10001

    In the event that Members’ Customers contacts Fraud.net in order to correct information submitted to Fraud.net by a Member, a fee may be accessed, to the extent that it is legally permissible. Subject to our ability to verify your request, Fraud.net will correct the Information within thirty (30) days of receipt of your request.

    Changes to Our Service Privacy Policy

    This Service Privacy Policy may change from time to time. Any material changes will be posted to this page and we will notify you through a notice on the Website and/or by any other reasonable means. The date that the Service Privacy Policy was last modified is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our Website and this Service Privacy Policy to check for any changes. Your continued use of the Services after we make changes is deemed to be acceptance of those changes.

    Your California Privacy Rights

    California Civil Code Section 1798.83 permits Members who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to legal@fraud.net.