Privacy Policy

Effective Date: November 2023
Last Updated: November 8, 2022

1. About IDIQ

Identity Intelligence Group LLC, dba IDIQ and its subsidiaries, including Credit Swag Ventures, Inc., (“IDIQ,” “we” or “us”) offers various products and services to businesses and individuals to assist them in maximizing their everyday life, from financial progress data to roadside assistance. As a company that handles important personal information about our customers, we understand that privacy is of fundamental importance. We are committed to doing our part to protect your privacy and being transparent about how we collect, process, and use your personal information.

2. About this Policy

This is our global Privacy Notice that describes how IDIQ collects, uses, and discloses information about how you use the “IDIQ Services,” which include:

Our mobile applications and Websites, including but not limited to IDIQ.com, IdentityIQ.com, MyScoreIQ.com, Resident-Link.com, DataBreachIQ.com, RoadsideIQ.com, Creditreportiq.com, Creditscoreiq.com, GetIQReportNow.com, IDIQPartners.com, IDIQSales.com, TryIdentityIQ.com, 3ScoresPlusMore.com, CreditScoreHero.com, GetMy3Scores.com, My3Scores.co, SeeMyScoreandMore.com, ScoreSafety.com, Accredian.co, creditanddebt.org, and countrywideppls.com (each a “Site” and collectively, the “Sites”)
The services offered through our Sites, including our subscription services plans and one-time offerings
User Accounts offered in connection with our Site
Our communications with you
Our partner/affiliate relationships
Our social media pages
Anywhere we collect information from you and refer to this Privacy Notice.

More information about the Service can be found in our Terms of Service. It also applies to personal information we collect from third parties about you. Please read this Notice carefully.

A. The Scope of This Privacy Notice

How we process your personal information depends on the specific IDIQ Services you use and how you use them. As a result, not every description about how we process personal information broadly may apply to you or your personal information. Moreover, some of the personal information we process is subject to specific regulation, and some users of our IDIQ Services may have additional rights under applicable laws depending on where the user resides. Please see our “Supplemental Terms” for additional information about personal information and privacy rights that may apply to you.

B. Changes to this Privacy Notice

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of the policy and, in some cases, we may provide you with additional notice (such as adding a statement to our website homepage or sending you a notification). We encourage you to review the Privacy Policy whenever you access the IDIQ Services or otherwise interact with us to stay informed about our information practices and the choices available to you.

3. Information We Collect

The personal information we collect about you depends on the nature and context of your interaction with IDIQ and its services. It may also depend on various choices you make about how to use the Services we offer, the functionality and features you choose or enable, your location, the devices you us to interact with our services, and applicable law.

A. Information You Provide to Us

We may collect information about individuals in various ways, including directly from you when you provide it to us, including through online forms, customer service communications (web, email, or phone), or in other ways. In some cases, it is necessary for you to provide personal information so that we can provide you the products and services we offer. The following describes the type of personal information we collect from you when you interact with the IDIQ services and the various contexts in which we collect it.

Consumer Contact Information. We collect information when you inquire about our IDIQ Services. Personal information may include your name, physical address, phone number, email address, and other personal information you provide to us. We may collect this information via web form, email, over the phone, or any other method by which you provide it.
Business Contact Information. We collect information about individuals who interact with us on behalf of a business or other organization, including information such as your name, company affiliation, job title, business address, phone number, business email address, and other personal information you include in a communication to us.
Account Information. We collect information when you create an account with us (or one is created by an organization on the user’s behalf). Personal information may include a username (which may also be an email address or phone number), password, and your contact information, along with metrics about how you use your account.
Billing Information. We collect billing information in order to process payment. This may include your payment card numbers, expiration date, billing address, and transaction information.
Location Information. In addition to your mailing/billing address, we may request your precise location (including your precise geolocation) from you. For example, we may ask you to provide a location for roadside assistance purposes.
Vehicle Information. We collect vehicle information related to our roadside assistance products, in credit reports, and form third parties.
Telephone Call Recordings. As part of our customer service and quality assurance commitments, we may record telephonic conversations you have with our customer service representatives or leave on our voice mailboxes. Personal information you provide over the phone may be collected in these recordings, as well as a record of the phone number from which you called.
Email Notification Information. If you request that we provide you with email communications, we will collect your email address in order to send you the requested communications.
Electronic Communications. If you send us electronic communications (emails, text/SMS messages, chat messages, etc.) then we will collect personal information pertaining to that communication. For example, we will collect the identifiers associated with the electronic communication (email address, telephone number, IP address, etc.), the content of the communications, and any personal information provided as part of the communication.
Resident Information. Some of our IDIQ Services allow you to provide rental payment information to credit bureaus. Personal information associated with this reporting includes contact information, resident address, and rental payment information.
Social Media Content. If you interact with our social media pages, we will receive information related to those interactions.
Employment Candidate Information. Individuals applying for employment or other positions in our workforce may provide personal information in connection with the candidacy for employment. Personal information may include contact information, work history, education history, salary preferences, résumé information, C.V.
Identity Verification Information. In order to verify your identity prior to using our Services, we may request personal information including your Social Security number, Date of Birth, and phone number, and recent residential history. We submit Social Security numbers to the credit reporting agencies to accurately identify your credit information.
Other Personal Information You Provide. If you provide us personal information other than that described above, we will collect it and use it for the purposes for which you provide it or other consistent purposes.

B. Information We Collect About You from Others

A primary part of the IDIQ Services we provide requires us to gather personal information about you from third parties. This section describes what information we collect from third parties and why we collect it.

Consumer Reporting Information. Our services provide you with access to credit information from credit bureaus like Equifax, Experian, and TransUnion. Much of the personal information we receive about you, including personal information contained in credit reports and credit scores, we request on your behalf, and per your written instructions, from credit bureaus. We request information from the credit bureaus and others to provide some of our membership products and to present offers based on personal information contained in your credit profile.
Social Media Information. We may receive information from you when you interact with our pages, groups, accounts or posts on social media platforms.
Rental Payment Records. Some of our IDIQ Services allow us to obtain personal information related to individuals’ rental payments.
Identity Verification Information. We may obtain information from identity verification providers intended to supplement the information you have provided to us. We use this information to ensure we process data accurately and to ensure the security of the IDIQ Services.
Our Partners and Affiliates. We collect personal information about end-users of our product offerings from our reseller partners and affiliates.
Our Service Providers. We may receive information from service providers who help us combat fraud, illegal activity and to help protect your personal information.
Third-Party Financial Account Information. By enrolling in a Service that allows IDIQ to report your rental and/or utility payments or allows you to track your third-party financial accounts on the Sites, you grant IDIQ and its third-party providers, such as eCredable or MX Technologies, Inc., permission to access your third-party financial accounts designated by you. By using such Services, you agree to the third-parties’ Terms of Service and Privacy policies.
Publicly Available Information. We collect information from publicly available sources, such as open government databases.

C. Information We Collect Automatically Through Our Services

We automatically collect certain information about your (and your device’s) interaction with our Services.

Usage information. We may collect information about your usage of the IDIQ Services, such as the pages you viewed, the services and features you used or interacted with, your browser type and details about any links or communications with which you interacted.
Device information. We may collect information about your device such as Internet Protocol (“IP”) addresses, log information, error messages, device type, and unique device identifiers. For example, we may collect IP addresses from you as part of our sign in and security features.
Information from cookies and other technologies. We use tracking technologies, including cookies, web beacons, tags & scripts, software development kids (SDKs) to track and store data about how you interact with our IDIQ Services. The information may contain your Device Information, browser information, the URLs of any pages you visit on our websites, device identifiers, advertising identifiers, and other usage information. For more information about tracking methods on IDIQ Services, and how to manage them, read our Cookie Policy. If your browser doesn’t accept our cookies, you can’t access certain parts of our websites (e.g., your account).

4. Cookie Policy.

When you visit our website, you consent to the use of cookies, and other technologies to collect and process information in accordance with this Cookie Policy. You may have seen a pop up asking for your consent to this policy on your first visit to our Sites. You may withdraw your consent at any time by following the instructions below.

A. Information We Collect.

When you visit the Sites, our web server will temporarily record certain information from the device you use to access our Sites, the domain name or IP address of the requesting computer, the access date, the file request of the client (file name and URL), the HTTP response code and the Site from which you are visiting us, the number of bytes transferred during the connection and, if applicable, other technical information that we use and statistically evaluate for the technical implementation of the website’s use (such as delivery of the content, guaranteeing the website’s functionality and security, etc.).
It is necessary to store and process the information referred to above for the duration of your session in order to deliver our Site content to your device. We also store some of this information in the log files of our servers. We will not combine this information with your IP address or other personal information relating to you except as disclosed below.

We will also use the data described above to draw conclusions about your interests from your use and to adapt our Site’s offerings according to your interests (profiling) in order to make our website as user-friendly, safe and attractive as possible and thus promote the sale of Services.

B. What Is a Cookie?

A browser cookie is a small piece of data that is stored on your device to help websites and mobile apps remember things about you. Other technologies, including web beacons, web storage, and identifiers associated with your device, may be used for similar purposes. In this Policy, we say “cookies” to refer to all of these technologies. Cookies allow a website to recognize a user’s device. Cookies allow you to navigate between pages efficiently, remember preferences and generally improve the user experience for you. They can also be used to tailor advertising to your interests through tracking your browsing across websites.

Cookies are one of two variants. Session cookies are deleted automatically when you close your browser and persistent cookies remain on your device after the browser is closed (for example to remember your user preferences when you return to the website). Persistent cookies, also known as permanent cookies, are cookies that are stored on your hard drive until they expire or until you delete the cookie.

C. We use the following types of cookies:

Essential Cookies are required to make our Site function properly and cannot be turned off in our systems. If you block these cookies, portions of our Site may not function properly.

Performance and Functional Cookies allow us to count visits and sources of traffic on our Sites so we can measure and improve performance and functionality. They help us know which pages of our Site are most and least popular and how visitors move around the Site.
Targeted Advertising Cookies may be set through our Sites by our advertising partners. They may be used by advertising companies to build a profile of your interests and show you relevant advertisements on other websites.
Social Media Cookies allow you to share information using social media sharing buttons on social networks like Facebook, Pinterest, Instagram, or Twitter. This information may then be used by the social media network to deliver targeted advertising to you.

We may combine information collected automatically (as described above) from your interactions with our website and your activity on third-party sites with other data (including personal information).

D. Managing Cookies.

If you wish to opt out of allowing certain cookies, you may do so by changing your browser settings so that cookies from our Site cannot be set. Please note that if you delete, block, or otherwise restrict cookies, or use a different computer or Internet browser, you will need to renew your cookie management choices. Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

(i) https://support.google.com/chrome/answer/95647 (Chrome);
(ii) https://support.mozilla.org/en-US/kb/enhanced-tracking-protection-firefox-desktop (Firefox);
(iii) https://help.opera.com/en/latest/security-and-privacy/ (Opera);
(iv) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(v) https://support.apple.com/en-gb/guide/safari/manage-cookies-and-website-data-sfri11471/mac (Safari); and
(vi) https://support.microsoft.com/en-gb/help/4468242/microsoft-edge-browsing-data-and-privacy (Edge).

5. Behavioral Tracking and Web Session Recording Technologies on Our Sites.

When you visit our website, we use site visit recordation technologies, to memorialize site visits, third-party cookies, beacons, tags, and scripts to help collect the categories of information described above and aggregated information from your internet browser such as your behavior on our Sites. You may have seen a pop up asking for your consent to the use of web session analytics and recording technologies on your first visit to our Sites.

We as well as the third-party entities use Cookies, pixels and other tracking technology (collectively, “Tracking Technology”) in connection with our Site for purposes of tracking users’ activities (such as websites visited, advertisements selected, and pages viewed) after they leave our Site. We and our third-party partners use this Tracking Technology to target applicable users with advertisements featuring our products and/or services, as well as third-party products and/or services, that may be of interest to applicable users and to collect and analyze data on visitor interactions for our website to help make the sites more useful to visitors. These technologies collect information about your interaction with the Services, including the resources that you access, pages viewed, how much time you spent on a page, and how you reached our website. We also log the details of your visits to our website and information generated in the course of using our website, such as mouse movements, scrolling, API calls, user behavior, tracking errors, links clicked, clicks, page visits, text entered, how long you spent on a page, and other details of your actions on our website.

Some of this information is collected through cookies, web beacons, and other tracking technologies, which may be operated by our partners who assist us in serving ads or providing other services to you.

We may use following technologies across our Sites:

We use Google Analytics, a web analysis service provided by Google, and some similar services to better understand your use of our Sites and apps. Google Analytics collects information such as how often users visit the website, what pages they visit, and what other sites they used prior to visiting. Google uses the data to track and examine the use of the Site, to prepare reports on its activities and share them with other Google services. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Service and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

We use Google Optimize, a web optimization tool by Google that helps increase conversion rates by working as a platform to build and run A/B test experiments. Google Optimize allows us to test variants of web sites and see how they perform. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

We use a tool called Heap.io, a user behavioral analytics product and service, to monitor and improve our Services by tracking and analyzing your engagement with our Sites. Heap.io may collect anonymous data on our users’ interactions, which includes pages users visit, tracking errors and events, user behavior, searches users make, users’ IP address and users’ device information (device model, operating system, and version). For more information about Heap.io’s policies and practices, please see Heap.io’s privacy policy at https://www.heap.io/privacy.

We use a tool called Lucky Orange, a user behavioral analytics product and service, to monitor and improve our Services by recording and analyzing your engagement with our Sites. Lucky Orange may collect anonymous data on our users’ interactions, which includes pages users visit, tracking errors and events, user behavior, searches users make, users’ IP address and users’ device information (device model, operating system, and version). For more information about Lucky Orange’s policies and practices, please see Lucky Orange’s privacy policy at https://www.luckyorange.com/legal/privacy.

We use a tool called Lucky Orange, a user behavioral analytics product and service, to monitor and improve our Services by recording and analyzing your engagement with our Sites. Lucky Orange may collect anonymous data on our users’ interactions, which includes pages users visit, tracking errors and events, user behavior, searches users make, users’ IP address and users’ device information (device model, operating system, and version) and provide session replays and heatmaps. For more information about Lucky Orange’s policies and practices, please see Lucky Orange’s privacy policy at https://www.luckyorange.com/legal/privacy.

We use a tool called Mouseflow, a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback surveys, and similar features/functionality. Mouseflow may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), referrer, anonymized IP address, location (city/country), language, and similar meta data. Mouseflow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. If you’d like to opt-out, you can do so at https://mouseflow.com/opt-out. If you’d like to obtain a copy of your data, make a correction, or have it erased, please contact us first or, as a secondary option, contact Mouseflow at privacy@mouseflow.com. For more information, see Mouseflow’s Privacy Policy at https://mouseflow.com/legal/company/privacy-policy/

We use a tool called Branch.io, in order to create short and deep links for our Service and analyze the user’s engagement to these links. Branch.io uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device’s IP address (captured and stored only in anonymized form), device type (unique device identifiers), browser information, geographic location, preferred language used to display our website), among others. Branch.io stores this information in a pseudonymized user profile. For more information about branch.io’s privacy policy please see https://branch.io/policies/#privacy.

We use a tool called Prove Identity, Inc., that provides digital identity verification and authentication services to help prevent fraudulent transactions on our Sites. Prove Identity, Inc. may collect and process Personal Information you provide on our Sites or applications to help verify your identity and/or authenticate you into our applications. For more information about Prove Identity, Inc.’s, please see the privacy policy at https://www.prove.com/legal/overview#Privacy-Policy.

We also use Active Prospect’s TrustedForm, a site visit recordation technology to memorialize site visits. We use TrustedForm to independently document users’ consent to be contacted. We use TrustedForm to independently document users’ consent to be contacted. The TrustedForm Script is embedded on our website and collects the following information when you interact with the page(s) where the script is present: page URL, mouse movements and clicks, contact information inputted by the user, a snapshot of the page, including IP address of the user’s computer, time on the page, date and time that the TrustedForm Script was loaded, as well as the date and time of the various user interactions with the page, and HTTP headers from the user’s browser. For more information about ActiveProspect’s data use and collection policies and practices, please see ActiveProspect’s Privacy Policy, located at https://activeprospect.com/privacy-policy/.

These site visit recordation technologies help us provide the best digital experience, diagnose usability problems, identify areas for improvement, help personalize user experience on our website, to better understand your preferences, and operate our business.

We reserve the right to remove or add new analytic technologies.

6. Chat Bot Technology

We may also use third-party service providers, such as Adobe Engage Chat Bot and Marketo ChatBot to provide chat services for our clients to communicate with us regarding your account, payments, and other general questions you may have. As you navigate our websites and use the chat systems with us, we attempt to protect your privacy to the maximum extent possible. However, some of the information that we receive through this website and your interactions with the chat systems may be tracked, such as the date you communicate with us, the last day you contacted us, and other messages, comments and conversations made through the chat messages. The chat system collects the information that you voluntarily type in the chat bot when you initiate a query through the chat system and respond to a query from the chat system. Additionally, when you are using our chat system, it collects interactions that you have made into the chat system while communicating with a customer service representative. You can maximize the benefits of your privacy partnership with us by making informed decisions about whether to share personally identifiable information with us through our website. Third party chat bot systems may capture, record, or analyze your chat bot communications with us.

Under no circumstances shall IDIQ be liable for any direct, indirect, special, incidental, or consequential damages arising out of or in connection with the use of the chat bots on its Sites. This includes, without limitation, any damage, loss, or injury caused by error, omission, interruption, deletion, defect, delay in operation or transmission, computer virus, communication line failure, theft or destruction, or unauthorized access to, alteration of, or use of the chat bot.

While we make efforts to ensure the availability and reliability of the chat bot, there may be instances where it is unavailable or experiences technical issues. IDIQ shall not be held responsible for any inconvenience or damages arising from such occurrences.

For more information about Adobe’s data use and collection policies and practices, please review the Adobe Privacy Policy, located at https://www.adobe.com/privacy/policy.html.

7. Your Sensitive Information

We process sensitive personal information about you for limited purposes. For example:

We collect your social security number and transmit it to the credit reporting agencies to ensure that we are providing you with accurate credit reporting information and not someone else’s information.
We require account log-in credentials to ensure the security of your account. To protect the security of your log-in credentials, we store passwords in an encrypted and obfuscated format.
We generally don’t collect or disclose information about your racial/ethnic origin, religious beliefs, union membership, sexual orientation, trade union membership, criminal background history, or similar information. However, such information may be contained within your credit or other report prepared by a consumer reporting agency. We process this information only to display it to you.

Otherwise, we don’t intentionally collect any sensitive personal information about you, and we prefer that you not share this information with us.

8. How We Use Your Personal Information

We use information that we collect about you or that you provide to us, including any personal information:

To deliver our IDIQ services, products, and other offerings, including information such as insights and recommendations, as necessary to perform our contract with you.
To validate your identity as necessary to perform our contract with you.
To send you important information, such as about your account and membership options, including expiration and renewal notices.
To respond to your requests related to our IDIQ Services.
To maintain and improve the security and performance of the IDIQ Services.
To anonymize, aggregate, or de-identify your personal data so it can no longer identify you in furtherance of our interest in conducting research and analysis.
To develop and improve our current and future offerings and your experience.
To make strategic decisions concerning our business operations.
To send you promotional offers, advertising, or other marketing content.
To enforce, and review compliance with, the legal terms that govern our offerings in furtherance of our legitimate interest in ensuring adherence to the relevant terms.
To comply with our legal obligations under applicable laws.
To protect the rights, safety, and property of IDIQ, our users, and third parties.
In any other way we may describe when you provide the information.
For any other purpose with your consent.

When we process personal data about you to comply with legal requirements or to perform our obligations under a contract with you or with our customer through whom you use our offerings, failure to provide such data may prevent or delay our fulfillment of these obligations.

9. Sharing Your Personal Information

We disclose the categories of information described above to the following categories of persons:

Our service providers. We share personal information with our third-party service providers, including vendors, consultants, and other parties who assist in our operations, and who perform services or functions on our behalf. Our service providers include companies who support us with marketing, sales, data storage, web management, communications, software maintenance and support, analytics, social media, market research, auditing, security, user verification, localization, and payment processing. Our service providers process your information subject to contractual terms that restrict their ability to use your information.
Our affiliates. We may share personal information with our affiliates to provide our IDIQ Services and for internal administrative purposes.
Our third-party business partners. We may share personal information with one or more of our third party business partners, such as resellers, event sponsors, marketing partners (our “Third Party Partners”). This may include sharing of personal information at a point in time after the personal information is initially collected.
Third-party platform advertising. We may share your information with third-party platform providers who assist us in serving advertising regarding the IDIQ Services to others who may be interested. We also partner with third party platforms (such as Facebook and Google) who use cookies to serve interest based advertising and content on their respective third-party platforms that may be based on your preferences, location and/or interests.
Social networking services and platforms to connect with or share information publicly, with service providers, or with your contacts on such services or platforms.
Affiliate and business transfer. If IDIQ is involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.
Compliance and harm prevention. We may share personal information as we believe necessary (i) to comply with applicable law, rules and regulations; (ii) to enforce our contractual rights; (iii) to investigate possible wrongdoing in connection with the Site and Services; (iv) to protect and defend the rights, privacy, safety and property of IDIQ, you or others; and (v) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.

The selection of a Third-Party Partner to acquire your personal information may be determined by a comparison with available products and services. The position of each potential purchaser may also be determined primarily by the price the purchaser is willing to pay for the information (e.g., the higher the price, the better the purchaser’s position).

We may create aggregated, anonymous or de‑identified data from personal information by removing data components that make the data personally identifiable to you or through obfuscation or other means. Our use of aggregated, anonymized, and de‑identified data is not subject to this Privacy Policy.

We may also disclose your personal information to other parties when we have your consent to do so or when you direct us to, for any purposes requested or permitted by you.

We may share aggregate, anonymous, or de-identified demographic, statistical, and other information regarding use of our offerings with third parties for marketing, analytics, planning, and other purposes. Such information will not specifically identify any user.

We do not market any products or services to children under the age of eighteen or knowingly collect any information from children under the age of eighteen. Parents or legal guardians may provide information about their children to use certain family plan services. Our Sites are not meant for children, and we request that individuals under the age of eighteen not provide personal information through the Sites. If you are under the age of eighteen, you may not provide personal information to use such as name, address, or email address, and you may not register for, enroll in, and/or make product purchases.

10. Your Privacy Rights and Choices

A. Accessing, Updating, and Downloading Your User Account Information.

Depending on your jurisdiction or location of residence, you may have the right to access, update, and obtain a copy of your personal information. These rights may be limited in some circumstances by applicable law in your jurisdiction or location of residence. For example, you do not have the right to ask us to update information contained in your credit report, since this information is controlled by the credit reporting agencies (See “Correcting your Credit Information,” below).

If you have an account with us, you may view and edit some of your personal information by logging into your account and navigating to the account profile page. You may also contact us during regular business hours using the appropriate phone number found below under “Contact Us”.

We may need to verify your identity before completing your request. How we verify your identity depends on whether you hold an account with us.

Individuals with IDIQ accounts can verify their identity by logging into their account.
Individuals without IDIQ accounts (non-accountholders) will need to provide information establishing their identity. We will use this information for verification purposes only.

Unless required by applicable local law in your jurisdiction or location of residence, we do not permit agents to submit requests on behalf of individuals.

B. Deleting and Disputing the Accuracy of Your Personal Information.

You have the right to request that we delete personal information we process about you and close your account. We may retain certain data about you for legal and internal business purposes, such as fraud prevention, in accordance with applicable laws. Please note, we are not able to delete any personal information about you contained in a credit report, credit score, credit history, or otherwise provided by a credit reporting agency pursuant to the Fair Credit Reporting Act.

C. Opting-Out of Cross-Contextual Behavioral Advertising.

We may share your personal information with third parties to allow for targeted advertising to you. These ads may be based on your interactions with multiple businesses, including ours, and their websites and applications. We do this so that you see our ads when you visit other websites. You can find out more about this practice or opt out of your web browsing activity for interest-based advertising purposes by visiting https://aboutads.info/choices. You can opt out of Google Analytics by visiting https://tools.google.com/dlpage/gaoptout.

D. Digital Advertising and Analytics Services Provider by Others:

We may allow others to provide analytics services and display advertisements for our IDIQ Services. These providers (for example, Google Analytics) may use cookies, web beacons, device identifiers, and other tracking technologies that collect information about your use of our Services. This information may be used by us and others to determine the popularity of our IDIQ Services, deliver advertising and content targeted to your interests in the Services, and on other websites, apps, and other services, and to better understand your online activity.

E. Opting Out of Email and Text Messages.

You can opt-out of certain commercial marketing emails at any time by clicking the “Unsubscribe” or “Opt-Out” link in the email you received. You can also email us your opt-out request at privacy@idiq.com and compliance@creditswag.com We are not, however, able to accept requests to cancel an existing membership account through email. We may send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt-out of receiving them. You can opt out of text alerts any time by replying “STOP,” or any alternative keyword we’ve shared with you. We complete any opt-out request as quickly as we can. This opt-out request won’t prohibit us from sending you important nonmarketing notices.

F. Correcting your Credit Information.

Credit Information is provided by one or more of the three major credit reporting agencies that each provide their own score. If you think there are errors in your credit report, contact the appropriate credit reporting agency directly. You are also entitled to a free credit report every year that includes info from each of the three reporting agencies at www.annualcreditreport.com. If you wish to dispute the completeness or accuracy of any item of information contained in your file at a consumer reporting agency, you may do so by contacting the applicable consumer reporting agency. Information about how to submit a dispute may be found here: https://www.consumerfinance.gov/ask-cfpb/how-do-i-dispute-an-error-on-my-credit-report-en-314/.

G. Do Not Track Signals.

Because the “Do Not Track” browser-based standard signal has yet to gain widespread acceptance, we don’t currently respond to those signals unless stated otherwise elsewhere in this Privacy Notice.

11. Data Retention

We will retain your personal information only for so long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information; the potential risk of harm from unauthorized use or disclosure of your personal information; the purposes for which we process your personal information and whether we can achieve those purposes through other means; and the applicable legal requirements. In some circumstances you can ask us to delete your data. In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

12. Security

We protect your personal information with a series of organizational, technological and physical safeguards. However, we cannot guarantee the total and complete security of your personal information. We recommend that you use complex and unique passwords for your IDIQ accounts. Do not share your password with anyone. If you have reason to believe your interaction with us is no longer secure, notify us immediately.

13. Children’s Data

Our Services are not intended for persons under 18 years of age. We do not knowingly collect or process the personal information of individuals under the age of 18. If you are a parent or guardian and you believe we have collected information from your child in a manner not permitted by law, contact us using the information below and we will remove the data to the extent required by applicable laws.

14. Supplemental Disclosures

A. Gramm-Leach-Bliley Act Information.

Certain of your personal information is protected by federal law, including the Gramm-Leach-Bliley Act (“GLBA”). Personal information that is subject to the GLBA may not be subject to certain of the other laws referenced in this Section 11. By accessing or using IDIQ Services, you agree to receive notices about your financial privacy electronically. Please see our GLBA Policy for more information about your financial privacy.

B. California Privacy Notice

The California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (together, the “CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, sale, and sharing of personal information, as well as rights to access, delete, correct, and restrict the use, disclosure, and sale of certain personal information we collect about them. Additionally, California residents have the right to opt-out of the sale/sharing of their personal information, including for purposes of cross-context behavioral advertising and targeted advertising. California residents also have the right not to receive discriminatory treatment for the exercise of their privacy rights under the CCPA. These rights do not apply to certain personal information that is already subject to certain federal and state regulation.

The CCPA does not apply to personal information that is already protected by certain federal privacy laws, including the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA). As such, this California Privacy Notice does not apply to personal information: (i) obtained from or transmitted to a consumer reporting agency; (ii) contained in a credit report, credit score, or credit profile provided by a consumer reporting agency; and (iii) otherwise regulated under FCRA or GLBA. This may include personal information obtained in connection with IDIQ’s credit monitoring services, identity theft protection and insurance products, and counseling and advisory services, including debt, student loan, and refinancing counseling, as well as related IDIQ Services.

Personal Information We Collect

For the purposes of this California Privacy Notice, except where a different definition is noted, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household. Personal information does not include (i) publicly available information; (ii) lawfully obtained, truthful information that is a matter of public concern; (iii) information that has been de-identified; (iv) or aggregated consumer information. For purposes of this section, “publicly available information” includes: information is made available from federal, state, or local government records information that a business has a reasonable basis to believe is lawfully available to the general public, either through widely distributed media, or by the consumer and information that is made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience.

Category of Personal Information	Examples
Identifiers	First and last name; Social Security and other government-issued identification numbers; date of birth; mailing/billing address; state of residence; email address; phone number; IP address and device IDs; advertising identifiers; account username and/or member identification number and password; and/or other similar identifiers.
Personal information categories listed in the California Civ Code § 1798.80(e)	First and last name; address; telephone number; signature; Social Security and other government-issued identification numbers; bank account numbers, credit card numbers, debit card numbers, rental payment information, and/or similar payment card and financial information; employment- and education-related information.
Characteristics of protected classifications under California or federal law	Age and/or date of birth
Commercial information	Payment histories; account balances and activity; enrollment and cancellation dates; products and services that you have purchased, obtained, or considered; and/or other purchasing or consumer histories, tendencies, and preferences; recent residential history and payment information; utility payment information; some vehicle information and the contents of your communications with us; unsecured debt amount and related information; and/or similar information
Internet or other electronic activity information	Cookie identifiers; pixel tags; embedded scripts; tags; IP address, device identifier, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons, and the language version of the Sites you are visiting; geolocation data, browsing history, time spent on the Sites, pages visited, links clicked, language preferences, patterns of use, and the pages that led or referred you to our Sites
Audio, electronic, or visual information	Recordings of calls to or from our customer service centers; photographs
Professional or employment-related information	Company affiliation; job title; business address; business email address; business phone number; work history, and/or other similar information.
Education information	Education history
Inferences about you	Inferences made using the about personal information

Sensitive personal information. Certain types of personal information that we collect, as described above may constitute “sensitive personal information” under California law, including:

Social Security, driver’s license, state identification card, and passport number; and
Account log-in and password or other access credentials;

Please note that because of the overlapping nature of certain of the categories of personal information identified above, which are required by state law, some of the personal information we collect may be reasonably classified under multiple categories.

2. How We Use Your Personal Information

We may collect, use, or disclose personal information about you for the purposes detailed in Sections 3-5 of this Privacy Notice.

3. Sources of Personal Information

We may collect personal information directly from you, as well as from the categories of sources detailed in Section 3(B) of this Privacy Notice.

We may supplement the information described above with information we obtain from other sources, including from both online and offline data providers.

4. Disclosure of Personal Information

We disclose the categories of personal information detailed in Section 11(B)(1) above to our service providers for one or more business purposes. “Business purposes” means the reasonably necessary and proportionate use of personal information for our operational purposes, other purposes described in this Privacy Notice, for the operational purposes of our service providers and contractors, as well as other purposes compatible with the context in which the personal information was collected.

In addition, we may “sell”/”share” personal information with third parties to participate in cross-context behavioral advertising, as those terms are defined by the CCPA. We may also “sell” personal information, as that term is defined by the CCPA, to our Third Party Partners as further detailed in Section 6 of this Privacy Notice and in the information below.

The following table provides a description of the personal information that we have disclosed for our business purposes, the personal information that we have sold/shared, and the categories of third parties that received the personal information.

Personal Information Category	Category of Third-Party Recipients
Personal Information Category	Business Purpose Disclosures	Sales/Sharing
Identifiers	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers Third Party Partners
Personal information categories listed in the California Civil Code § 1798.80(e)	Business services providers, affiliates, partners, operating systems, social networks.	Third Party Partners
Characteristics of protected classifications under California or federal law	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Geolocation	Business services providers, affiliates, partners, data analytics providers, operating systems.	None
Commercial information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers Third Party Partners
Internet or other similar network activity	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers
Audio, electronic, or visual information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Professional or employment-related information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Education information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Inferences drawn from other personal information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None

5. Your California Privacy Rights

California residents about whom we have collected personal information have the right to submit the following requests:

Right to Know. Right to, up to twice in a 12-month month period, to know what personal information we collect, use, disclose, and/or sell/share, as applicable.
Right to Delete. Right to request under certain circumstances that we and our service providers and contractors delete the personal information that we collect about them.
Right to Opt-Out of Sale/Sharing. Right to opt-out of our sale/sharing of their personal information, as those terms are defined by the CCPA.
Right to Correct. The right to request the correction of inaccurate personal information.
Right to Limit Use and Disclosure. The right to limit the use or disclosure of sensitive personal information to only the uses necessary for us to provide our products and services to them, or for certain other authorized purposes.
Right to Non-Discrimination. The right not to receive discriminatory treatment for the exercise of the privacy rights described above.

How to submit a request.

You may exercise any of the rights described in this section by emailing us at privacy@idiq.com or compliance@creditswag.com.and by calling us at any of the phone numbers under “Contact Us.”

Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”) as permitted by the CCPA. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information on. In order to verify you, you must provide us with your first and last name and email address. These rights are also subject to various exclusions and exceptions under applicable laws.

We will respond to your request within forty-five (45) days after receipt of a Verifiable Consumer Request for a period covering twelve (12) months and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional forty-five (45) days when reasonably necessary and provided consumer notification of the extension is made within the first forty-five (45) days.

Authorized agents.

You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise the above rights on your behalf. If you designate an authorized agent to exercise your various rights under the CCPA, we may require that you provide your authorized agent with written permission to exercise your various rights and to verify your own identity with us. If your authorized agent does not submit proof that they have been authorized by you to submit verified requests, we reserve the right to deny such a request that we have received and will explain to your authorized agent why we have denied such request.

The authorized agent may submit a request to exercise these rights by emailing the letter of authorization or power of attorney to privacy@idiq.com.

Household data.

We currently do not collect personal information at the household level. If we receive a privacy rights request submitted by all members of a household, we will individually respond to each request. We will not be able to comply with any request by a member of a household under the age of 13, as we do not collect personal information from any person under the age of 13.

Direct marketing by third parties.

We do not disclose personal information to third parties for their own purposes, and you may opt-out of any disclosures of non-identifiable personal information. However, because California residents have the right to request information regarding such practices under California’s “Shine the Light” Law, please contact us using the information provided at the end of this Privacy Notice under “Contact Us.” You must include your full name, email address and postal address in your email or mail request so that we can verify your California residence and respond. “Personal information” under this California law means any information that identified, described, or was able to be associated with an individual at the time of disclosure.

We will continue to update our business practices as direct regulatory guidance becomes available.

6. Notice of Right to Opt-Out

If you wish to opt-out of the “sale”/“sharing” of personal information as described in Sections 11(B)(4) above, please email us at privacy@idiq.com or compliance@creditswag.com or call us at any of the phone numbers under “Contact Us.”

For more information about opting out of the “sale”/”sharing” of your personal information for purposes of cross-context behavioral advertising, see the Opting-Out Cross-Contextual Behavioral Advertising, section, above. After 12 months, we may ask you if you want to opt into the “sale” of your personal information.

C. Virginia Privacy Notice

This Virginia Privacy Notice applies to any Virginia residents about whom we have collected personal information. The provisions contained within this section are intended to provide notices in compliance with the Virginia Consumer Data Protection Act (“VCDPA”). Any capitalized term used and not otherwise defined below has the meaning assigned to it in this Privacy Notice.

The VCDPA provides Virginia residents with rights to receive certain rights to receive certain disclosures and access regarding collection, use, sale, and sharing of personal information, as well as rights to delete, correct, and affirmatively consent to the use, disclosure, and sale of certain personal data we collect about them. Additionally, Virginia residents have the right to opt-out of targeted advertising, sale of their personal data, and profiling. Virginia residents also have the right not to receive discriminatory treatment by us for the exercise of their privacy rights. This Virginia Privacy Notice does not apply to certain personal data that is already subject to certain federal and state regulation.

The VCDPA does not apply to personal information that is already protected by certain federal privacy laws, including the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA). As such, this Virginia Privacy Notice does not apply to personal information: (i) obtained from or transmitted to a consumer reporting agency; (ii) contained in a credit report, credit score, or credit profile provided by a consumer reporting agency; and (iii) otherwise regulated under FCRA or GLBA. This may include personal data obtained in connection with IDIQ’s credit monitoring services, identity theft protection and insurance products, and counseling and advisory services, including debt, student loan, and refinancing counseling, as well as related IDIQ Services.

1. Personal Data We Collect

For the purposes of this Virginia Privacy Notice, except where a different definition is noted, “personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person. Personal data does not include de-identified data or publicly available information. For the purposes of this section, “publicly available information” includes: information that is lawfully made available through federal, state, or local government records; information that a business has a reasonable basis to believe is lawfully made available to the general public through widely distributed media, by the consumer; and information that is made available by a person to whom the consumer has disclosed the information, unless the consumer has restricted the information to a specific audience.

We may collect personal data from or about you as detailed in Sections 3 and 11(B)(1).

Sensitive data.

Certain types of personal data that we collect, as described above, may constitute “sensitive data” under Virginia law, including:

Social Security, driver’s license, state identification card, and passport number;
Account log-in and password or other access credentials;
Precise geolocation;
Racial or ethnic origin, religious or philosophical beliefs, and union membership; and
Sexual orientation.

We generally don’t collect or disclose information about your racial/ethnic origin, religious beliefs, union membership, sexual orientation, trade union membership, criminal background history, or similar information. However, such information may be contained within your credit or other report prepared by a consumer reporting agency. We process this information only to display it to you.

Otherwise, we don’t intentionally collect any sensitive personal data about you, and we prefer that you not share this information with us. Sensitive personal information will not be sold or shared and will only be used for business purposes.

Please note that because of the overlapping nature of certain of the categories of personal data identified above, which are required by state law, some of the personal data we collect may be reasonably classified under multiple categories.

2. How We Use Your Personal Data

We may collect, use, or disclose personal data about you for the purposes detailed in Sections 3-5 of this Privacy Notice.

3. Sources of Personal Data

We may collect personal information directly from you, as well as from the categories of sources detailed in Section 3(B) of this Privacy Notice.

We may supplement the information described above with information we obtain from other sources, including from both online and offline data providers.

4. Disclosure of Personal Data

We disclose the categories of personal data detailed in Sections 11(B)(1) and 12(B)(1) above to our service providers for one or more business purposes. “Business purposes” means the reasonably necessary and proportionate use of personal information, in a way that is adequate, relevant, and necessary for specific purposes described in this privacy policy, compatible with the nature and purpose(s) for the collection, use, and retention of the personal data.

In addition, we may “sell” personal data with third parties to participate in targeted advertising, as that term is defined by the VCDPA, as well as with our Third Party Partners as described in this Privacy Notice. The personal data that we have sold and the categories of third parties that have received the personal data is detailed in Section 11(B)(4).

5. Your Virginia Privacy Rights

If you are a Virginia resident, you have the following rights under applicable Virginia law in relation to your personal information, subject to certain exceptions:

Right to Know. You have the right to, up to twice in a 12-month period, request what personal data we collect, use, disclose, and/or sell, as applicable;
Right to Delete. You have the right to request under certain circumstances that we delete your personal data.
Right to Opt-Out. You have the right to opt-out of targeted advertising, our sale of your personal data, and profiling decisions that could produce legal or similarly significant effects.
Right to Correct. You have the right to request the correction of your inaccurate personal data.
Right to Data Portability. When accessing your data, you have a right to obtain that data in a portable and, to the extent technically feasible, readily usable format that allows you to transmit that data to another business.
Right to Provide Affirmative Consent. We cannot process your sensitive data or use your personal data for certain purposes without your affirmative consent.
Right to Non-Discrimination. You have the right to not receive discriminatory treatment for the exercise of the privacy rights described above.

How to submit a request.

You may exercise any of the rights described in this section by emailing us at privacy@idiq.com or compliance@creditswag.com.and by calling us at any of the phone numbers under “Contact Us.”

Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”) as permitted by the VCDPA. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information on. In order to verify you, you must provide us with your first and last name and email address. These rights are also subject to various exclusions and exceptions under applicable laws.

Authorized agents.

You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise the above rights on your behalf. If you designate an authorized agent to exercise your various rights under the VCDPA, we may require that you provide your authorized agent with written permission to exercise your various rights and to verify your own identity with us. If your authorized agent does not submit proof that they have been authorized by you to submit verified requests, we reserve the right to deny such a request that we have received and will explain to your authorized agent why we have denied such request.

The authorized agent may submit a request to exercise these rights by emailing the letter of authorization or power of attorney to privacy@idiq.com.

D. Colorado Privacy Notice

The Colorado Privacy Act (the “CPA”) provides Colorado residents with rights to receive certain disclosures regarding the collection, use, sale, and sharing of personal information, as well as rights to access, delete, correct, and restrict the use, disclosure, and sale of certain personal information we collect about them. Additionally, Colorado residents have the right to opt-out of the sale/sharing of their personal information, including for purposes of cross-context behavioral advertising and targeted advertising. Colorado residents also have the right not to receive discriminatory treatment for the exercise of their privacy rights under the CPA. These rights do not apply to certain personal information that is already subject to certain federal and state regulation.

The CPA does not apply to personal information that is already protected by certain federal privacy laws, including the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA). As such, this Colorado Privacy Notice does not apply to personal information: (i) obtained from or transmitted to a consumer reporting agency; (ii) contained in a credit report, credit score, or credit profile provided by a consumer reporting agency; and (iii) otherwise regulated under FCRA or GLBA. This may include personal information obtained in connection with IDIQ’s credit monitoring services, identity theft protection and insurance products, and counseling and advisory services, including debt, student loan, and refinancing counseling, as well as related IDIQ Services.

1. Personal Information We Collect

Category of Personal Information	Examples
Identifiers	First and last name; Social Security and other government-issued identification numbers; date of birth; mailing/billing address; state of residence; email address; phone number; IP address and device IDs; advertising identifiers; account username and/or member identification number and password; and/or other similar identifiers.
Personal information categories listed in the CPA	First and last name; address; telephone number; signature; Social Security and other government-issued identification numbers; bank account numbers, credit card numbers, debit card numbers, rental payment information, and/or similar payment card and financial information; employment- and education-related information.
Characteristics of protected classifications under Colorado or federal law	Age and/or date of birth
Commercial information	Payment histories; account balances and activity; enrollment and cancellation dates; products and services that you have purchased, obtained, or considered; and/or other purchasing or consumer histories, tendencies, and preferences; recent residential history and payment information; utility payment information; some vehicle information and the contents of your communications with us; unsecured debt amount and related information; and/or similar information
Internet or other electronic activity information	Cookie identifiers; pixel tags; embedded scripts; tags; IP address, device identifier, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons, and the language version of the Sites you are visiting; geolocation data, browsing history, time spent on the Sites, pages visited, links clicked, language preferences, patterns of use, and the pages that led or referred you to our Sites
Audio, electronic, or visual information	Recordings of calls to or from our customer service centers; photographs
Professional or employment-related information	Company affiliation; job title; business address; business email address; business phone number; work history, and/or other similar information.
Education information	Education history
Inferences about you	Inferences made using the about personal information

Sensitive personal information.

Certain types of personal information that we collect, as described above may constitute “sensitive personal information” under Colorado law, including:

Social Security, driver’s license, state identification card, and passport number;
Account log-in and password or other access credentials

2. How We Use Your Personal Information

We may collect, use, or disclose personal information about you for the purposes detailed in Sections 3-5 of this Privacy Notice.

3. Sources of Personal Information

We may collect personal information directly from you, as well as from the categories of sources detailed in Section 3(B) of this Privacy Notice.

We may supplement the information described above with information we obtain from other sources, including from both online and offline data providers.

4. Disclosure of Personal Information

Personal Information Category	Category of Third-Party Recipients
Personal Information Category	Business Purpose Disclosures	Sales/Sharing
Identifiers	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers Third Party Partners
Personal information categories listed in the CPA	Business services providers, affiliates, partners, operating systems, social networks.	Third Party Partners
Characteristics of protected classifications under Colorado or federal law	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Geolocation	Business services providers, affiliates, partners, data analytics providers, operating systems.	None
Commercial information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers Third Party Partners
Internet or other similar network activity	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	Advertisers
Audio, electronic, or visual information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Professional or employment-related information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Education information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None
Inferences drawn from other personal information	Business services providers, affiliates, partners, data analytics providers, operating systems, social networks.	None

5. Your Colorado Privacy Rights

If you are a Colorado resident, you have the following rights under applicable Colorado law in relation to your personal information, subject to certain exceptions:

Right to Know. You have the right to, up to twice in a 12-month period, request what personal data we collect, use, disclose, and/or sell, as applicable;
Right to Delete. You have the right to request under certain circumstances that we delete your personal data.
Right to Opt-Out. You have the right to opt-out of targeted advertising, our sale of your personal data, and profiling decisions that could produce legal or similarly significant effects.
Right to Correct. You have the right to request the correction of your inaccurate personal data.
Right to Data Portability. When accessing your data, you have a right to obtain that data in a portable and, to the extent technically feasible, readily usable format that allows the you to transmit that data to another business.
Right to Non-Discrimination. You have the right to not receive discriminatory treatment for the exercise of the privacy rights described above.

How to submit a request.

You may exercise any of the rights described in this section by emailing us at privacy@idiq.com or compliance@creditswag.com or by calling us at any of the phone numbers under “Contact Us.”

Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”) as permitted by the CPA. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information on. In order to verify you, you must provide us with your first and last name and email address. These rights are also subject to various exclusions and exceptions under applicable laws.

Authorized agents.

You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise the above rights on your behalf. If you designate an authorized agent to exercise your various rights under the CPA, we may require that you provide your authorized agent with written permission to exercise your various rights and to verify your own identity with us. If your authorized agent does not submit proof that they have been authorized by you to submit verified requests, we reserve the right to deny such a request that we have received and will explain to your authorized agent why we have denied such request.

The authorized agent may submit a request to exercise these rights by emailing the letter of authorization or power of attorney to privacy@idiq.com.

E. Connecticut Privacy Notice

The Connecticut Data Privacy Act (together, the “CTDPA”) provides Connecticut residents with rights to receive certain disclosures regarding the collection, use, sale, and sharing of personal information, as well as rights to access, delete, correct, and restrict the use, disclosure, and sale of certain personal information we collect about them. Additionally, Connecticut residents have the right to opt-out of the sale/sharing of their personal information, including for purposes of cross-context behavioral advertising and targeted advertising. Connecticut residents also have the right not to receive discriminatory treatment for the exercise of their privacy rights under the CTDPA. These rights do not apply to certain personal information that is already subject to certain federal and state regulation.

The CTDPA does not apply to personal information that is already protected by certain federal privacy laws, including the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA). As such, this Connecticut Privacy Notice does not apply to personal information: (i) obtained from or transmitted to a consumer reporting agency; (ii) contained in a credit report, credit score, or credit profile provided by a consumer reporting agency; and (iii) otherwise regulated under FCRA or GLBA. This may include personal information obtained in connection with IDIQ’s credit monitoring services, identity theft protection and insurance products, and counseling and advisory services, including debt, student loan, and refinancing counseling, as well as related IDIQ Services.

1. Personal Data We Collect

For the purposes of this Connecticut Privacy Notice, except where a different definition is noted, “personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person. Personal data does not include de-identified data or publicly available information. For the purposes of this section, “publicly available information” includes: information that is lawfully made available through federal, state, or local government records; information that a business has a reasonable basis to believe is lawfully made available to the general public through widely distributed media, by the consumer; and information that is made available by a person to whom the consumer has disclosed the information, unless the consumer has restricted the information to a specific audience.

We may collect personal data from or about you as detailed in Sections 3 and 11(B)(1).

Sensitive data.

Certain types of personal data that we collect, as described above, may constitute “sensitive data” under Virginia law, including:

Social Security, driver’s license, state identification card, and passport number;
Account log-in and password or other access credentials;
Precise geolocation;
Racial or ethnic origin, religious or philosophical beliefs, and union membership; and
Sexual orientation.

2. How We Use Your Personal Data

We may collect, use, or disclose personal data about you for the purposes detailed in Sections 3-5 of this Privacy Notice.

3. Sources of Personal Data

We may collect personal information directly from you, as well as from the categories of sources detailed in Section 3(B) of this Privacy Notice.

We may supplement the information described above with information we obtain from other sources, including from both online and offline data providers.

4. Disclosure of Personal Data

We disclose the categories of personal data detailed in Sections 11(B)(1) and 12(B)(1) above to our service providers for one or more business purposes. “Business purposes” means the reasonably necessary and proportionate use of personal information, in a way that is adequate, relevant, and necessary for specific purposes described in this privacy policy, compatible with the nature and purpose(s) for the collection, use, and retention of the personal data.

In addition, we may “sell” personal data with third parties to participate in targeted advertising, as that term is defined by the CTDPA, as well as with our Third Party Partners as described in this Privacy Notice. The personal data that we have sold and the categories of third parties that have received the personal data is detailed in Section 11(B)(4).

5. Your Connecticut Privacy Rights

If you are a Connecticut resident, you have the following rights under applicable Connecticut law in relation to your personal information, subject to certain exceptions:

Right to Know. You have the right to, up to twice in a 12-month period, request what personal data we collect, use, disclose, and/or sell, as applicable;
Right to Delete. You have the right to request under certain circumstances that we delete your personal data.
Right to Opt-Out. You have the right to opt-out of targeted advertising, our sale of your personal data, and profiling decisions that could produce legal or similarly significant effects.
Right to Correct. You have the right to request the correction of your inaccurate personal data.
Right to Data Portability. When accessing your data, you have a right to obtain that data in a portable and, to the extent technically feasible, readily usable format that allows the you to transmit that data to another business.
Right to Non-Discrimination. You have the right to not receive discriminatory treatment for the exercise of the privacy rights described above.

How to submit a request.

You may exercise any of the rights described in this section by emailing us at privacy@idiq.com or compliance@creditswag.com and by calling us at any of the phone numbers under “Contact Us.”

Any request you submit to us is subject to an identification and residency verification process (“Verifiable Consumer Request”) as permitted by the CTDPA. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information on. In order to verify you, you must provide us with your first and last name and email address. These rights are also subject to various exclusions and exceptions under applicable laws.

Authorized agents.

to exercise your various rights under the CTDPA, we may require that you provide your authorized agent with written permission to exercise your various rights and to verify your own identity with us. If your authorized agent does not submit proof that they have been authorized by you to submit verified requests, we reserve the right to deny such a request that we have received and will explain to your authorized agent why we have denied such request.

The authorized agent may submit a request to exercise these rights by emailing the letter of authorization or power of attorney to privacy@idiq.com.

F. Vermont Residents

IDIQ will not share your non-public personal information with unaffiliated third parties unless you authorize us to make those disclosures without your consent, other than as permitted by law. Further, we will not share credit reports with our affiliates without your consent.

G. International Users.

We are headquartered in the United States, and the information we collect will be processed in the United States. Your personal information may be stored, transferred to, and processed in any country where we have facilities or in which we engage service providers. These countries may be outside the United States and may have different data protection laws than in the United States.

15. Contact Us

If you need to contact us for a question about our products or any member account related service, you may contact us by phone during regular business hours Monday through Friday at the appropriate toll-free phone number below. If your phone call requires us to access specific or personal account information, then our representative will need to successfully validate your identity before any confidential or account information is discussed. Confidential account information may only be discussed with the account owner.

Personal Account (non-business): Choose the IDIQ service brand that you are enrolled in or have questions about from the list below. Our customer service teams are available during regular business hours. If you find that any information in your personal credit report(s) provided as part of the Services that you believe is incorrect and wish to correct it with the credit reporting agencies, you can do so through the dispute resolution process provided under the Fair Credit Reporting Act or other applicable laws.

IdentityIQ®: Call (877) 875-4347
MyScoreIQ®: Call (800) 637-5590
DataBreachIQ®: Call (800) 331-3865
ResidentLink™: Call (800) 500-8880
Credit & Debt: Call (866) 250-6624

Business Account: For businesses that offer our services to their employees or customers, contact IDIQ Business Account Management at (888) 467-7102 during regular business hours. Non-business account support is not available through this phone number. Specific customer account information may only be discussed with the actual consumer account owner.