Privacy and Security Policy
You can find resources about FraudRecord and client management software integrations here.

Online User Privacy Statement

Information that is gathered from visitors

In common with other websites, log files are stored on the web server saving details such as the visitor's IP address, browser type, referring page and time of visit.

Cookies may be used to remember visitor preferences when interacting with the website.

Where registration is required, the visitor's email, username and password will be stored on the server.

How the Information is used

The information is used to enhance the visitor's experience when using the website to display personalised content.

E-mail addresses will not be sold, rented or leased to 3rd parties.

E-mail may be sent to inform you of news of our services or offers by us or our partners.

Visitor Options

If you have subscribed to one of our services, you may unsubscribe by disabling your membership.

You may be able to block cookies via your browser settings but this may prevent you from access to certain features of the website.

Cookies

Cookies are small digital signature files that are stored by your web browser that allow your preferences to be recorded when visiting the website. They may be used to track your return visits to the website, or to remember your login information.

How your Company Information is used

If you subscrribe to our service, your company name and website will be stored in our database. They will be visible to other subscribers, if they request a report for a client that you previously submitted.

Your company information will not be searchable. We will not disclose your membership details, like your email address or company details, to any potential advertiser or partner.

Privacy and Security of Client Information Submitted by Our Members

"Client Information" is a part of our service, it is the submitted information of the clients of the users of our service. When one of our users submit information about their clients for reporting or verification purposes, we store the received information as "client information".

Our service requires collection of client information, in a uniquely encrypted way which cannot be reversed by any feasible means by anyone.

Collected Client Information

We only request and accept client information scrambled with an industry standard one-way encryption algorithm. The algorithm is a standard SHA-1 hash, iterated 32,000 times, and during each iteration, prefixed with a custom string that is "fraudrecord-". We only accept the final result, not the sensitive source information. If all guidelines are followed by our users, unsecured and sensitive client information never reaches our servers, and we have no way of storing or using unsecured information.

Current industry standards and professional opinions of the experts in the field of data security all agree that this iterated and prefixed SHA-1 hash system is a one-way encryption, and there is no feasible way to retrieve actual client information from a hashed result. Our guarantee about the irreversibility of the encrypted information goes as far as the guarantees of the industry experts do.

It is possible for our members to inadvertently submit unsecured client data in the name of "extra information", but we highly discourage it. We do not endorse or recommend submitting any unsecured client information.

Any client information that may be submitted via our website for encryption on our side, is immediately destroyed from our server memory, leaving only the securely encrypted version in our permanent database.

All access to our system involving sensitive client information (even if they are encrypted with industry standard algorithms) is provided through 128-bit or higher SSL encryption protocols.

Guarantees and Non-liability

We protect our database as much as technically possible from any intrusion. We only provide verification of a specific client data, we do not provide or allow any type of public listing of the stored information.

We provide all encryption and security protocols that can be technically provided between two distant servers. We do not accept any responsibility of leaked client information if the member fails to adhere to the standards we have laid out and provided.

Accepting to use our service means the user acknowledges that we do everything in our power to protect all information available to us, but we cannot guarantee any form of absolute security. We do not accept any responsibility or liability, financial or otherwise, concerning the client information of our users, in case of any form of security breach. Use our service at your own risk.

We reserve the right to change our policies at any time. We will notify our users of any pending changes, via email and our web portal, prior to any change. Users can cancel their membership and terminate their use of our services at any time.