End User Privacy Policy

Updated January 11, 2022

No Fraud LLC and its affiliates (“NoFraud”, “we”, “our”, or “us”) respect your concerns about privacy. Our fraud prevention solution helps our merchant customers (“Customers”) identify fraudulent transactions on their eCommerce websites and mobile applications (“Customers’ Platforms”). This Privacy Policy describes the types of personal information we collect about users of our Customers’ Platforms and our hosted checkout pages (collectively, “End Users” or “you”) , how we use the information, with whom we may share it and the choices available to you regarding our use of the information. We also describe measures we take to protect the security of the information and how you can contact us about our privacy practices. 

If you are a California consumer, please see the section of this Privacy Policy called California Consumer Privacy Statement for more information about your privacy rights.

Click on one of the links below to jump to the listed section:

Applicability of this Privacy Policy

This Privacy Policy applies to our fraud prevention products and services that link to or reference this Privacy Policy (collectively, the “Services”). Please keep in mind that this Privacy Policy applies to the personal information of End Users we process as a data controller. This Privacy Policy does not apply to the personal information we process in our role as a processor on behalf of and at the direction of our Customers. For that personal information, please check with the Customer that you interact with directly for additional information about their privacy practices and policies. We are not responsible for the privacy or data security practices of our Customers, which may differ from those explained in this Privacy Policy.

Personal Information We Obtain

The personal information we may obtain about you includes: 

  • Contact and shipping information, such as name, telephone number, postal and email address;
  • Payment details, such as payment cardholder name, card number, billing information and security code;
  • Purchase information, such as information about products and services you purchase or consider on our Customers’ Platforms;
  • General location information, such as zip code and IP address area;
  • Demographic information, such as income information; and
  • Device information, as described in the Automated Data Collection section below.

We may collect this information from you when you visit our Customers’ Platforms or interact with us directly, such as through our checkout services.

Automated Data Collection

When you interact with our Customers’ Platforms, we may obtain certain information by automated means, such as through cookies, web server logs, web beacons (including pixels and tags), device fingerprinting, and other technologies. These technologies help us (1) remember your information so you do not have to re-enter it; (2) track, understand and analyze how you use and interact with our Services; (3) personalize your experience with our Services; (4) measure the usability of our Services; (5) authenticate your identity, protect against fraud and provide our products and services; and (6) otherwise manage and enhance our products and services, and help ensure they are working properly.

We may use these automated technologies through our Services to collect information about your device, browsing actions, usage patterns and location. Through these automated means, we obtain:

  • Device and Browser Information: Such as your device IP address, general location information, unique device identifiers, device type and model, device characteristics and settings, browser and other app information (e.g., browser type, settings and characteristics), operating system information (e.g., type and version), hardware-based identifiers (e.g., MAC address), network connection type, error information, language and country preferences, referring or exit URLs, and other device and application details. 
  • Information about your interactions with our Services: Such as pages visited, links clicked, features used, dates and times of access, session information, and other information about your use of our Services and Customers’ Platforms that use them. 

Through these automated technologies, we may track information about your online activities over time and across third-party websites and apps, such as our Customers’ Platforms. Your browser may tell you how to be notified about certain types of automated collection technologies and how to restrict or disable them. Please note, however, that without these technologies, you may not be able to use all of the features of our products or services. For mobile devices, you may be able to manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.  

How We Use the Information We Obtain

We use the personal information we obtain about you to perform our contract with you or to take steps at your request prior to entering into a contract with you, including to:

  • Provide our Services;
  • Process and fulfill transactions in connection with our Services;
  • Provide, onboard and manage your account (e.g., if you use our hosted checkout services); and
  • Verify your identity.

We also use the information we obtain for our legitimate interests in providing our products and services, maintaining our business, and for security and safety purposes, including to: 

  • Provide products and services to you and our Customers;
  • Manage our relationships with you and our Customers;
  • Communicate with you and provide technical and customer support;
  • Personalize your experience on our services;
  • Advertise and market our products and services and provide you with offers and other communications about products and services of NoFraud and others;
  • Administer participation in surveys, sweepstakes, promotions or other programs;
  • Compile, anonymize or aggregate personal information for our business purposes;
  • Perform analytics and market, trend or statistical research and analysis (including developing, deriving and compiling market research, data sets, insights, trends, benchmarks, algorithms, models and other analyses or information);
  • Operate, evaluate and improve our business (including developing new products and services; enhancing, improving and analyzing our Services; managing our communications; and performing accounting, auditing and other internal functions);
  • Maintain and enhance the safety and security of our products and services, prevent misuse, and troubleshoot technical issues;
  • Prevent or detect fraud and other criminal activities, claims, and other liabilities; 
  • Exercise our rights and remedies and defend against legal claims; and
  • Comply with and enforce applicable legal requirements, relevant industry standards and NoFraud policies and terms and conditions, including our Terms of Use and End User Terms of Use.

We also may use the information in other ways for which we provide specific notice at the time of collection or with your consent, if required under applicable law.

Automated Decision Making

Our automated screening process helps our Customers make decisions about the validity of an End User’s actions on the relevant Customer’s Platform for fraud prevention purposes. The Customer is responsible for how they use the information we provide them through our services, including if a Customer implements rules and criteria for making automated decisions on its respective Customer’s Platform based on the information we provide. The Customer’s decisions may result in the freezing or denial of an activity or transaction on the relevant Customer’s Platform. In these cases, the Customer has the discretion to ask End Users to take further steps to authenticate their identity or transactions. If the End User does not do so, an End User may potentially be unable to complete a transaction, or the Customer may dispute a chargeback. Please contact the relevant Customer directly for information about the Customer’s practices.

Information We Share

We may share personal information, as set forth below:

  • Affiliated Entities: We share personal information with our affiliates for the purposes described in this Privacy Policy.
  • Our Customers: We may share your personal information with our Customers (and their service providers) from whom we obtained your personal information when you made purchases on their websites or mobile apps. 
  • Service Providers: We share personal information with vendors and other entities to perform services for us on our behalf, such as consultants, auditors, attorneys and providers of information and communication technology, data enrichment, information verification, analytics, security, payment processing and billing, customer service, and others.
  • Business Transfers: We reserve the right to transfer any personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation).
  • Others: We may disclose personal information (1) if we are required to do so by law or legal process, such as a court order or subpoena; (2) in response to requests by government agencies, such as law enforcement authorities; (3) to establish, exercise or defend our legal rights; (4) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss, or to protect the safety, property or rights of NoFraud or any third party; (5) in connection with an investigation of suspected or actual illegal activity or security issues, or (6) otherwise with your consent or as directed by your representative.

NoFraud does not share your personal information with third parties for their own marketing purposes.

Data Transfers

In connection with our Services, your personal information may be transferred to NoFraud or its service providers in countries other than the country in which you reside. Those countries may not have the same data protection laws as the country in which you initially provided the personal information. When your personal information is transferred to these other countries (such as the U.S.), we will protect that information as described in this Privacy Policy, including, to the extent required by applicable law, by entering into Standard Contractual Clauses or other data transfer safeguards. You may request a copy of these safeguards by contacting us as described in the How to Contact Us section of this Privacy Policy.

How We Protect Personal Information

We maintain administrative, technical and physical safeguards designed to protect personal information against accidental, unlawful or unauthorized access, destruction, loss, alteration, disclosure or use.

Retention of Personal Information

To the extent required by applicable law, we keep the personal information we obtain about you for the period necessary to achieve the purposes described in this Privacy Policy, taking into account applicable statute of limitations periods and any legal, regulatory, tax, accounting or other records retention requirements. We may retain your personal information for a longer period in the event of a complaint or in reasonable anticipation of litigation.

Your Rights and Choices

To the extent provided by applicable law, you may (1) request access to certain personal information we maintain about you; (2) request that we update, correct, amend or erase your personal information; (3) restrict or object to the processing of your personal information; or (4) exercise your right to data portability. To exercise these rights, update your preferences, or submit a request, please contact us as specified in the How to Contact Us section below. Where provided by law, you may withdraw any consent you previously provided to us, and we will apply your preferences going forward as appropriate. This will not affect the lawfulness of our processing based on your consent prior to such withdrawal. You may have the right to file a complaint with a government regulator if you are not satisfied with our response.

If we are required by law or the contract we have with you to collect personal information, and you choose not to provide that information when requested, we may not be able to provide you with our services and it is possible that your ability to purchase certain products and services may be impacted.

California Consumer Privacy Rights 

If you are a California consumer, please see the California Consumer Privacy Statement section of this Privacy Policy for more information about your privacy rights.

Children’s Privacy

Our Services are designed for a general audience and are not directed to children. In connection with the Services, we do not knowingly solicit or collect personal information from children under the age of 16 without parental consent. If you believe that a child under age 16 may have provided us with personal information without parental consent, please contact us as specified in the How to Contact Us section of this Privacy Policy.

Our Services may provide links to other online services such as our Customer’s Platforms, and may include third-party features such as apps, tools, widgets and plug-ins. These online services and third-party features may operate independently from us. The privacy practices of the relevant third parties, including details on the information they may collect about you, are subject to the privacy statements of these parties, which we strongly suggest you review. To the extent any linked online services or third-party features are not owned or controlled by NoFraud, we are not responsible for these third parties’ information practices.

Updates to Our Privacy Policy

We may change this Privacy Policy from time to time. We will indicate at the top of the Privacy Policy when it was most recently updated. You should periodically check this Privacy Policy for updates. For significant changes, we will notify you by posting a notice on our website.

How to Contact Us

You can update your preferences, submit a request or ask us questions about this Privacy Policy by contacting us at info@nofraud.com

For individuals located in the EU/UK, No Fraud LLC is the controller of the personal information we process about you pursuant to this Privacy Policy. 

CALIFORNIA CONSUMER PRIVACY STATEMENT

This California Consumer Privacy Statement (“Statement”) supplements our Privacy Policy and applies solely to California consumers who are End Users of our Services. For further clarity, this Statement does not apply to NoFraud personnel or job applicants or to other personnel working on behalf of our merchant customers and business partners with whom we are conducting business. 

This Statement uses certain terms that have the meaning given to them in the California Consumer Privacy Act of 2018 and its implementing regulations (the “CCPA”).

1. Notice of Collection and Use of Personal Information

We may collect (and may have collected during the 12-month period prior to the effective date of this Statement) the following categories of personal information about you: 

  • Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, and other similar identifiers;
  • Additional Data Subject to Cal. Civ. Code § 1798.80: education, credit card number, and other financial information;
  • Commercial Information: commercial information, including records of products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;
  • Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements; 
  • Employment Information: professional or employment-related information; 
  • Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We may use (and may have used during the 12-month period prior to the effective date of this Statement) your personal information for the purposes described in our Privacy Policy and for the following business purposes specified in the CCPA: 

  • Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytics services, or providing similar services;
  • Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance;
  • Short-term, transient use, including, but not limited to, the contextual customization of ads shown as part of the same interaction;
  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
  • Debugging to identify and repair errors that impair existing intended functionality;
  • Undertaking internal research for technological development and demonstration; and
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us. 

2. Sources of Personal Information

During the 12-month period prior to the effective date of this Statement, we may have obtained personal information about you from the following categories of sources: 

  • Directly from you, such as when you provide us information in connection with our Services;
  • Your devices, such as when you use our Services or interact with Customer Platforms;
  • Our affiliates and subsidiaries;
  • Our Customers and their service providers and partners (such as their payment processors);
  • Vendors who provide services on our behalf; 
  • Internet service providers;
  • Data analytics providers;
  • Operating systems and platforms;
  • Social networks;
  • Data brokers.

3. Sale of Personal Information

We do not (and will not) sell your personal information unless we post a notice of the right to opt out of such sale and comply with other relevant legal requirements. We do not have actual knowledge that we sell personal information of minors under 16 years of age. 

4. Sharing of Personal Information

During the 12-month period prior to the effective date of this Statement, we may have shared your personal information with certain categories of third parties, as described below.

We may have disclosed the following categories of personal information about you for a business purpose to the following categories of third parties:  

Category of Personal InformationCategory of Third Party
Identifiers Vendors who provide services on our behalfConsultants and professional services organizations, such as auditors and law firmsOur CustomersData analytics providers
Additional Data Subject to Cal. Civ. Code § 1798.80 Law Vendors who provide services on our behalfConsultants and professional services organizations, such as auditors and law firmsOur CustomersData analytics providers
Commercial InformationVendors who provide services on our behalfConsultants and professional services organizations, such as auditors and law firmsData analytics providers
Online Activity Vendors who provide services on our behalfConsultants and professional services organizations, such as auditors and law firmsData analytics providersInternet service providersOperating systems and platforms
Inferences Vendors who provide services on our behalfConsultants and professional services organizations, such as auditors and law firmsData analytics providers

In addition to the categories of third parties identified above, during the 12-month period prior to the effective date of this Statement, we may have shared personal information about you with government entities.

5. California Consumer Privacy Rights

You have certain choices regarding your personal information, as described below.

  • Access: You have the right to request, twice in a 12-month period, that we disclose to you the personal information we have collected, used, disclosed and sold about you during the past 12 months.  
  • Deletion: You have the right to request that we delete certain personal information we have collected from you. 
  • Opt-Out of Sale: California law provides consumers with the right to opt-out of the sale of personal information. We do not sell your personal information.

How to Submit a Request.  To submit an access or deletion request, email us at info@nofraud.com or call us at 888-773-3669. You also may submit an access or deletion request using the webform at the following link: https://www.nofraud.com/contact/. To submit a request as an authorized agent on behalf of a consumer, please email us at info@nofraud.com. For questions or concerns about our privacy policies and practices, please contact us as described in the “How to Contact Us” section of our Privacy Policy.

Verifying Requests.  To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request. We may verify your identity by requiring you to authenticate your email address or providing information about your transactions or prior contact information. In addition, if you do not have an account and you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.  

Additional Information.  If you choose to exercise any of your rights under the CCPA, you have the right to not receive discriminatory treatment by us. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request.  

Ready to learn more?

Book a demo and see our accurate real-time fraud screening for eCommerce in action.

Ready to learn more?

Book a demo and see our accurate real-time fraud screening for eCommerce in action.

We offer Starter Plans for even the smallest sized businesses, including a free plan and plans that include chargeback protection for companies that process less than $50,000/month.

Businesses that process more than $50,000 in revenue/month qualify for custom pricing. Book a demo and see our accurate real-time fraud screening for eCommerce in action.

— or —
complete the form for us to reach out to you