Skip to Content

                                                                                    

                                                    

Política de Privacidad en Español

Effective May 25, 2018

INTRODUCTION:

Iovation ("we" or "us") is a US headquartered company that assists businesses ("Customers") to detect and combat online fraud and other types of cybercrime ("our Services"). Over the years we have helped our Customers to protect millions of end-users from becoming the victim of fraudulent and malicious behaviour.

At iovation Inc. we recognize that privacy is important. This iovation PRIVACY POLICY ("Policy") applies to the collection of data by iovation Inc., iovation Limited, its subsidiaries, and affiliates (collectively, "iovation"). This policy explains our practices regarding the collection, use and disclosure of personal information both through our website (www.iovation.com) and its subdomains (“Website”) and in the course of providing our services.

1. Personal Information we collect through the Website

We collect the following types of personal information through our Website:

Information you provide us:

In general you can visit our Website without telling us who you are or revealing any personal information about yourself. However, you may provide us with personal information, for example, when you make enquiries about our Services through our "Contact" page, provide us with your contact information for the purpose of sending you white papers, reports, brochures, or to request a demo, attend our events or webinars, or when you sign up to our mailing list. When you communicate with us, we will keep copies of any communications that you send us.

Information we collect automatically:

We may also collect certain information through our Website by automated means, such as IP addresses, browser type and operating system, information about your visit including the URL clickstream to, through and from our Website, download errors, number of Website visits, and other page interactions. We collect this information automatically through the use of various technologies such as cookies and web beacons. For further information about the cookies that we use on our Website and how to exercise your cookie preferences, see the "How we use cookies and similar technologies" section below.

2. How we use personal information collected through the Website

  • The information collected through our Website may be used for the following purposes:
  • To provide, operate, optimize and maintain the Website;
  • To deal with enquiries through our Website or to provide you with information and access to resources that you have requested from us;
  • To analyse the use of our Website for trend monitoring, marketing and advertising purposes;
  • For network security and administration;
  • To investigate and prevent fraud, spam, malware, identity theft or other unauthorized access to or unlawful activity; and
  • For other legitimate business purposes and other purposes about which we notify you.

3. Personal information we collect through our Services

When our Customers subscribe to our Services, the following personal information may be collected to help detect the likelihood that your device is associated with fraud or other malicious behaviour.

Information collected automatically:

When a Customer subscribes to our Services, they may place iovation cookies on your device or run our JavaScript code to enable the collection of certain device identifiers, and IP addresses. This information is no different to the types of information captured by common web analytics tools. The information is sent back to the Customer and subsequently passed onto iovation for further processing.

For information about cookies and other similar technologies that are deployed through our Services and how to exercise your cookie preferences, please see the "How we use cookies and similar technologies" section below.

Additional information our Customers provide to us:

In addition, our Customers may send additional information to us for fraud analysis, system abuse purposes and to fulfil their own regulatory obligations and reasons of substantial public interest. For example, they may send us elements of your personal data that you have consented to being shared with us. They might also optionally provide us with information about the transaction you carry out on their site or app

Information about our Customers:

If you are a Customer, we may also collect certain personal information about you to enable us to manage our business relationship with you – such as your name, contact details, job title, billing and payment information.

Automated Decision Making:

iovation do not conduct Automated Decision Making, although iovation do conduct profiling as defined by the General Data Protection Regulation, which applies to persons situated in the EEA.

4. How we use personal information collected through the Services

Once the information above has been passed to iovation, we process the data through our Global Device Intelligence Platform to return a score to our Customer for the device. This score is calculated based on rules that are set by our Customers. The rules set by our Customers will depend on the business they operate and the types of fraud or system abuse pertinent to their services.

Once the Customer receives a score, it is up to the Customer to decide what action to take from there. For example, transactions with certain scores may be denied, flagged for review, or presented with further authentication challenges. In most cases, however, the transaction or activity will proceed with no issues.

We may also use personal information we collect through the Services for the following purposes:

  • To optimize and improve the Services,
  • To enable our consortium of Customers to share information about known fraudulent or malicious devices;
  • To analyse the use of the Services for internal business purposes;
  • To provide customer service and support;
  • To send our Customers communications about their account, provide service updates and marketing information (where it is in accordance with their marketing preferences);
  • To investigate any lawful or wrongful activity or unauthorized access to our Services and those of our Customers;
  • To provide services in the substantial public interest; and
  • For other legitimate business purposes and other purposes about which we will notify you.

5. How we share your personal information with third parties

We may share personal information collected through our Website and Services in the following ways:

Information we share with our group companies: We may share your personal information with other members of the iovation and TransUnion group of companies for purposes consistent with this Privacy Policy.

Information we share with our customers: In making the internet a safer place, we may share personal data with our customers, which iovation call “Subscribers”. Our Subscribers provide the online services that iovation protect from online fraud and abuse.

Information we share with our service providers: We may also engage certain trusted third-party service providers, consultants or vendors to assist us in the provision of the Website and Services. We will only share your personal information with third parties to the extent necessary to perform such functions and in accordance with the purposes set out in this Privacy Policy and applicable laws.  Our service providers include Cloud Hosting and Data Warehousing Vendors.

Information disclosed in connection with business transfers: In the event of a corporate sale, merger, reorganization, acquisition, dissolution, financing or other similar event, your personal information may be shared or transferred in connection with, or during negotiations of, such event or transaction.

Information disclosed for legal purposes and the protection of others: We may disclose personal information to a third party where we are legally required to do so in order to comply with applicable laws, regulations, legal process or governmental requests. We will also disclose personal information to the extent we believe necessary or appropriate: (i) to respond to claims, judicial orders, subpoenas, warrants or other process issued by a court of competent jurisdiction; (ii) to protect the vital interests of any person; (iii) to exercise, establish or defend our legal rights; and (iii) to stop any activity we consider illegal, unethical or legally actionable.

6. How long we retain the data we collect

iovation retain data within our services for the following periods:-

Category of DataRetention Period
Device Data linked to Fraud5 years from the date last recognised by iovation.
Device Data not linked to Fraud2 years from the date last recognised by iovation.
Transaction Insight Data180 days.

7. How we use cookies and similar technologies

“Cookies” are small text files that are placed on your device when you visit (i) our Website or (ii) our Customers' websites who have integrated iovation's Services. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide certain device and other analytical information.

How we use cookies on our Websites:

We may use cookies to personalize web pages during your visit to our Website, to remember you for easy navigation and access during return visits, provide you with relevant offers of our products and services, to monitor web traffic routing and aggregate usage, and to customize and improve our Website and Services.

We work with certain third parties (such as web analytics service providers) to provide us with information about our site traffic and usage. These third parties may set and access their own cookies or tracking technologies, such as web beacons and embedded scripts, on our Website in order to recognize your device and for example, identify whether you have visited our Website before, what you have viewed on our Website and how you found us. Such information is used for statistical purposes.

How we use cookies through our Services:

As stated in "How we use personal information collected through our Services" above, our Customers may place iovation cookies and similar technologies in order to collect information about your device for fraud and malicious activity prevention purposes. Although we seek to give information about our cookies through this Privacy Policy, we must also rely on our Customers to ensure that sufficient notice and consent is obtained for the use of such cookies on their sites and apps.

How to disable cookies: If you do not want us to deploy cookies on your browser, you can set your browser to reject cookies. You can find information on popular browsers and how to adjust your cookie preferences at the following websites:  

Please note, however, that if you don’t accept cookies on our Website, you may not be able to access all portions or features of the site.

If you disable the cookies placed by our Customers for fraud and malicious activity prevention purposes, you may not have access to all the services provided by our Customer on their website.

We may also use Flash or Flash Local Shared Objects (LSOs) through our Services to collect the data outlined above. You can manage Flash storage through your browser settings where supported, or you may manage Flash storage. To learn how to manage these, click here for Windows and here for OS/Mac.

8. Security

We will use appropriate security measures to help protect your personal information. These measures include technical, administrative, physical and organizational measures to protect your data from misuse, unauthorized access or disclosure, loss, alteration or destruction. Please be aware that no website is completely secure. Although we will do our best to protect your personal information, you should only access the Website within a secure environment.

9. International transfers

If you are visiting our Website or using our Services from outside the United States (US), including in the European Economic Area, please be aware that your personal information may be transferred to the US and potentially other countries whose data protection laws may not be as protective as those in your country of residence. However, our collection, storage and use of your personal information will at all times be in accordance with this privacy policy wherever it is processed.

For our Services, we will work with our Customers to put in place any appropriate data export solutions that may be needed under applicable laws.

The General Data Protection Regulation (GDPR) requires that iovation, Inc. have a representative within the EU/EEA. iovation, Inc. have appointed iovation Limited of 29/30 Fitzroy Square, London, United Kingdom, W1T 6LQ e:uk@iovation.com.

10. Your privacy rights

If you are from certain territories (such as the European Economic Area) you may have certain rights in relation to your personal information, such as the right to request from iovation access to and rectification or erasure of personal data or restriction of processing concerning your data subject or to object to processing as well as the right to data portability (where applicable), under the General Data Protection Regulation (GDPR).

Where your personal data has been provided to us with your consent, and the GDPR is applicable, you are able to withdraw your consent at any time. Please note that other methods of lawful processing are also used.  If you wish to exercise such rights, or you have any questions or comments concerning your personal information, please contact us at privacy@iovation.com.

Please note, that where personal data is collected within iovation’s services, iovation are not able to directly identify end users of the services provided by our subscribers. In these circumstances, iovation invite data subjects to contact the iovation subscriber who they believe used iovation fraud prevention and account authentication solutions.   

If you wish to make a general complaint about our privacy practices, please write to us at the email address above and we will respond within a reasonable time and in accordance with applicable laws. If you are situated in the EEA, you also have the right to complain to the supervisory authority at any time.

We will consider and respond to your request promptly and in accordance with any applicable laws.

If you wish to be removed from our mailing list, you can do so my clicking "unsubscribe" in any email communications we send you, or by emailing us at the address above.

11.  Privacy Shield

iovation complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  Iovation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

The types of data collected by iovation can be seen in Sections 1 and 2 of this Data Protection and Privacy Policy.

Iovation are committed to the principles of the Privacy Shield and all relevant data received from the EU and Switzerland will be processed under these principles.

Should you need to contact the business in relation to anything related to iovation’s participation in the Privacy Shield or any of its principles, please contact the business at privacy@iovation.com.

In compliance with the Privacy Shield Principles, iovation commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact iovation at:

privacy@iovation.com.

If you prefer to mail your complaint, you can contact us at the following address:

ATTN: Compliance Manager

iovation Inc.
111 SW 5th Avenue
Suite 300
Portland OR 97204
USA

iovation has further committed to refer unresolved Privacy Shield complaints to JAMS ADR, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit with JAMS ADR for more information or to file a complaint.  The services of JAMS ADR are provided at no cost to you.

iovation may share personal data with third party service providers and subscriber organisations for the purposes of the provision of the Service and for other purposes connected with business operations. Examples of third party service providers might include Cloud Storage providers and Data Centres.

End User’s covered by the Privacy Shield arrangement can contact iovation to access their personal data and/or to discuss the choices and means that iovation use and disclose personal information.

As participants of the Privacy Shield arrangement, iovation are subject to investigatory and enforcement powers of the Federal Trade Commission, who are a statutory body located in the United States.

iovation remind the End User that in certain circumstances, should the need arise, recourse to binding arbitration is available.

iovation may, as required by law, disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

iovation confirms, as participants of the Privacy Shield arrangement, it retains liability for onward transmission, save for circumstances beyond its control and/ or where breaches to the Privacy Shield arrangement are as a consequence of the acts, omissions and/or negligence of the data controller and/or data processor to whom it has transmitted data covered under the Privacy Shield arrangement.

12.  Links to other sites

Our Website may contain links to other websites and services. Our Privacy Policy does not apply to such websites or services and we are not responsible for the content, privacy or security practices and policies of those websites or services. To protect your information, we recommend that you carefully review the privacy policies of other websites and services that you access.

13. Changes to our Privacy Policy

If we change our privacy policy, we will post those changes here and amend the "Last Updated" date at the top of this page. If we make any material changes to the privacy practices relating to our Services, we will amend this privacy policy and notify our Customers more directly – for example by posting a notification or sending a message through their account or by email. We encourage you to review this page frequently to stay informed of the latest modifications.

14. How to contact us

If you have any questions, comments or concerns about this privacy policy, then please contact us at privacy@iovation.com. If you prefer to mail your complaint, you can contact us at the following address:

ATTN: Compliance Manager/ Data Protection Officer

iovation Inc.
111 SW 5th Avenue
Suite 300
Portland OR 97204
USA