Privacy Policy - USA

Privacy

1. About this Policy

  1. InDebted respects your privacy and wants you to understand how we collect, hold, use, and share your personal information about you.
  2. This privacy policy (Privacy Policy) applies to the below related bodies corporate of the InDebted Group (InDebted and jointly the InDebted Group, we, us and our):
    1. InDebted USA, Inc.;
    2. InDebted Australia Pty Ltd;
    3. InDebted New Zealand Ltd;
    4. InDebted Canada Ltd;
    5. InDebted Platform Co UK Limited, and
    6. any other company which is at any time a related entity or a wholly owned subsidiary of any of the above companies.
  3. This Privacy Policy covers our data collection practices and describes your rights to access, correct, or restrict our use of your personal information which includes information such as a name, email address, identification number, or any other type of information that can reasonably identify an individual, either directly or indirectly.
  4. This Privacy Policy applies when you visit or use our website, mobile applications, APIs or when we are providing relevant services to you involving debt collection and account recovery services and if you become an employee, contractor, agent, vendor or service provider (the Services). We are committed to safeguarding the privacy of our website visitors and Service users.
  5. By using our Services, you agree to the terms of this Privacy Policy. You shouldn’t use our Services or visit our website if you don’t agree with this Privacy Policy or any other agreement that governs your use of our Services. Our Services are intended for persons over the age of 18 or the age of Majority as determined by state law.

2. Collection of personal information

  1. As part of providing any of our Services to you, InDebted Group will, from time to time, collect, hold, process and share your personal information provided to us directly by you or other organizations that you have client relationships with or given to us in other forms.
  2. We will not collect and use any of your sensitive personal information unless it is necessary for us to provide our Services to you and with your prior consent or where a permitted general situation exists.
  3. You may provide basic information such as your name, phone number, address and email address, social media profile name to enable us to communicate with you when we provide our Services to you, when you contact us and when we provide you with updates.
  4. We may collect additional information at other times, including but not limited to, when you provide feedback, make a complaint, when you provide information about your personal or business affairs, change your content or email preference, provide financial or credit card information, communicate with our customer support teams or interact with us through our website, Services applications or digital communication channels.
  5. Additionally, we may also collect any other information you provide while interacting with us and when we manage our customer, client and service provider relationships and while employed by us.
  6. We may also collect personal information about you from third parties or organizations including our related companies, publicly available sources of information (such as public registers), your approved representatives, other organizations, who jointly with us, provide products or services to you, third-party websites, applications or platforms containing interactive InDebted content or that interface with our own websites and applications, social media platforms (if you publicly comment or send us a private message) and digital tracking tools such as cookies.
  7. When you visit our offices, CCTV footage may be recorded and other information that may be collected include details provided on a resume sent to us relating to an employment opportunity.
  8. We may also receive your personal information from third parties that we deal with on your behalf and from our clients and service providers.
  9. Any information we receive that we are not lawfully required to hold will be deleted or destroyed.

3. On what basis we use your personal information

  1. Under applicable privacy laws (Privacy Laws) we are allowed to use your personal information in the following circumstances:
    1. to provide our Services to you and to fulfill a contract that we have with our clients and you;
    2. when you provide your consent to our clients or to us; or
    3. to comply with our legal and regulatory obligations as well as effectively manage our business risks; and/or
    4. when it is necessary for the purposes of our legitimate interest.
  2. When we use your personal information for our legitimate interest it means that:
    1. processing your personal information is necessary and we cannot achieve the same outcome in any other way; and
    2. we have undertaken a balancing exercise and ensuring that our interests are not outweighed by your interests, rights and freedoms.

4. Use and disclosure of your personal information

  1. We will use or disclose your personal information held about you as permitted by law and for the business purposes for which it is collected. We may use your personal information on the following basis:
    1. where such processing is necessary for the performance of our contracts and compliance with our contractual arrangements with our clients including where we have contracts with our clients who place your accounts with us for collection;
    2. to provide and manage our Services to you;
    3. the proper management of our client and customer relationships;
    4. to verify your identity and to authenticate you when you contact us;
    5. when we communicate with you by sending you mail, email, telephone, SMS, mobile applications and social media platforms,
    6. for legitimate business purposes;
    7. using your personal information helps us to operate and improve our business, website, systems and minimize any disruption to the services that we may offer to you;
    8. where we are processing information based on your consent;
    9. to comply with our legal and regulatory obligations;
    10. for the establishment, exercise or defense of legal claims, proceedings or in an administrative or out-of-court procedure;
    11. for the purposes of obtaining or maintaining insurance coverage, managing risks and operations or obtaining professional advice;
    12. for the purpose of fraud, crime prevention, suppression, or detection and help us run our business and maintain integrity;
    13. ensuring workplace health and safety of our employees or enforcing our rights, making legal enquiries, or taking legal action; or
    14. record-keeping purposes.
  2. When you are a client of our Services, we may also use your personal information to tell you about our Services we think may be of interest to you.
  3. We do not knowingly collect or process the personal information of anyone under the age of 18 years old.
  4. We may create statistical and anonymized reports, analysis and predictive models, rules and insights using information about you and other customers. Aggregated reports may also be shared with other businesses for business development and to provide insights into collection performance, identify customer demographics or behavioral insights and the information in these reports is not personal and cannot be used to identify you.
  5. We will not process your personal information for direct marketing purposes, and we will not sell your personal information to other companies or organisations.
  6. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

5. Automated decisions using your personal information

To provide an efficient and helpful customer experience we use automated decisioning in how we communicate with you. For example, if you communicate with us via email or SMS our system will automatically tailor communications with you based on your preferred digital method of communication, without any involvement of human intervention. We may also use automated decisions to detect and prevent fraud, detect and prevent money laundering and determining the most efficient and helpful way to provide our Services to you.

6. How we keep secure your personal information

  1. We will keep your personal information securely whether in physical or electronic form. The security of your personal information is important to us. We will take appropriate technical and organizational precautions to secure your personal information and to prevent the loss, misuse, unauthorized access, disclosure or alteration of your personal information.
  2. We will store all your personal information on secure servers, personal computers and mobile devices, and in secure manual record-keeping systems.
  3. Much of the information we hold about you will be stored electronically. We store your information in secure data centers via our cloud data storage service provider Amazon Web Services.
  4. We use a range of physical, electronic and other security measures to protect the security, confidentiality and integrity of the personal information we hold and protect it from misuse, interference, loss and unauthorized access, modification and disclosure. For example:
    1. access to our information systems is controlled through identity and access management controls;
    2. all of our employees are required to comply with our privacy framework and information security policies;
    3. all of our employees complete training about privacy and information security;
    4. we regularly monitor and review our security measures and compliance with internal policies and industry best practice; and
    5. our contracted service providers are contractually bound to comply with the Privacy Laws and have appropriate information security measures and are obligated to keep the information secure.
  5. You acknowledge that the transmission of unencrypted (or inadequately encrypted) data over the internet is inherently insecure, and we cannot guarantee the security of data sent to us by you over the internet and you do so at your own risk.
  6. Although we take measures to safeguard against unauthorized disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy. If you are concerned that the security of your interaction with us has been compromised, please contact us immediately by emailing us at privacy@indebted.co.
  7. Also, our website may have links to external websites, and we take no responsibility for the privacy practices or the content of those other sites.

7. InDebted Employees

  1. Access to your information is restricted to authorized employees who have a legitimate business purpose for using it.
  2. Unauthorized use and or disclosure of client and customer information by an employee of InDebted is strictly prohibited. All employees are required to maintain the confidentiality of client and customer information at all times and failing to do so will result in appropriate disciplinary measures, which may include dismissal.

8. Do you have to provide your personal information?

You can withhold your personal information when speaking with us if you are making a general enquiry. However, if you withhold your personal information, it may not be possible for us to provide you with our products and services or for you to fully access our website.

9. Providing your personal information to others

  1. We may disclose your personal information to any member of the InDebted Group of companies (this means our subsidiaries, our ultimate holding company and all of its subsidiaries) insofar as reasonably necessary for the purposes of providing our services and managing our business and on the legal bases allowed under the Privacy Laws.
  2. We may disclose your personal information to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
  3. We may disclose personal information to our suppliers or subcontractors insofar as reasonably necessary for providing our services and managing our business.
  4. In addition to the specific disclosures of personal information set out in this section 9, we may disclose your personal information where such disclosure is necessary for compliance with a legal or regulatory obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
  5. We may also disclose your personal information when we have obtained your consent.

10. Outside Service Suppliers

  1. We may use service providers to perform specialized services on our behalf. Our service providers may at times be responsible for processing or handling personal information. They are provided only the information necessary to perform the services.
  2. In addition, we require them to protect the information in a manner that is consistent with our privacy policies and security practices.

11. Your rights

  1. You have certain rights as to how your personal information is obtained and used and InDebted complies with your rights under the Privacy Laws as to how your personal information is collected, used and handled.
  2. Except as otherwise provided in the Privacy Laws, you generally have the following rights:
    1. if we rely on your consent to process your personal information, to withdraw your consent where we will stop processing the activities relevant to your consent;
    2. to be informed how we received your personal information and how it is being used;
    3. access your personal information (we will provide you with a free copy of it);
    4. to object to us using your personal information, where we are relying on our legitimate interest to do so and we can challenge your objection and communicate with you in accordance with our legal obligations;
    5. to correct your personal information if it is inaccurate or incomplete;
    6. to restrict processing of your personal information including opt-out of the sale or sharing of your personal information (i.e., we will not sell your personal information); and
    7. to not be subject to any retaliation for exercising your privacy rights.
  3. Please contact us at any time to exercise any of your rights under the Privacy Laws at the contact details in this Privacy Policy.
  4. We may ask you to verify your identity and provide us with additional information before acting on any of your requests.
  5. We will respond to you as soon as possible but within 30 days from the date of your request.

12. Countries to Which We Transfer Your Information

  1. Your personal information may be transmitted through, stored or processed in countries other than your home country, in which case the information is bound by the laws of these countries.
  2. InDebted and its Group companies operate in:
    1. United States of America;
    2. Canada;
    3. Australia;
    4. New Zealand;
    5. Philippines; and
    6. United Kingdom.
  3. We made an “adequacy decision” with respect to the Privacy Laws of each of these countries. Transfers to each of these countries will be protected by appropriate safeguards, namely:
    1. with respect of any disclosure to our InDebted Group companies that they will comply with this privacy policy and have the same or similar obligations that we have under the Privacy Laws and will be done pursuant to agreements setting out the requirements for use, safeguarding, retention and disposal of such information, or as required by law;
    2. with respect of any of our service providers:
      1. the recipient does not breach the Privacy Laws; or
      2. the recipient is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the protection under the Privacy Laws; and
      3. any disclosure will be done pursuant to agreements setting out the requirements for use, safeguarding, retention and disposal of such information, or as required by law; or
    3. you have consented to us making the disclosure.

13. Access to your personal information

  1. You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Laws. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at privacy@indebted.co.
  2. We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Laws or any other applicable law.

14. Retention of your personal information

  1. We will keep your personal information for as long as required by InDebted in compliance with its Privacy Laws and its legal and regulatory obligations. We also generally retain your personal information for at least seven (7) years after we have stopped interacting with you to comply with our legal obligations and so that we can respond to any questions or complaints regarding our interactions with you.
  2. We may also need to keep your personal information for a longer period, where required for legal or regulatory reasons.
  3. We will keep your data safe and secure for as long as we hold it.

15. Complaints about privacy

  1. If you have any complaints about our privacy practices, please feel free to send in details of your complaints to privacy@indebted.co. We take complaints very seriously and will respond shortly after receiving written notice of your complaint. We will let you know if we need any additional information from you.
  2. If you are displeased with the way we are handling or have handled your personal information, you can contact the Office of the Attorney General in California for Californian data privacy matters or your local consumer regulator in the other States of the USA.

16. Changes to Privacy Policy

  1. This USA Privacy Policy is Version 2.0 dated 1 June 2024.
  2. Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy which can be found at www.indebted.co/en-us/privacy-policy/.

Privacy Statement for California Consumer

This Privacy Statement for California Consumers (California Privacy Statement) supplements our Privacy Policy. The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), sets out the framework for data protection law in California. The CCPA sets out the key principles and rights of individuals whose personal information is collected, used, and handled and the obligations for organizations that collect, use, and handle. The CCPA and any guidance issued by the California’s Attorney General and under regulatory entities of the state of California govern the way in which we must manage your personal information (California Privacy Laws).

This California Privacy Statement applies solely to California consumers and individuals working on behalf of third parties we use, subject to exceptions listed below. This California Privacy Statement applies to personal information we collect about California consumers through our Website and offline.

This California Privacy Statement does not apply to information we collect, process or disclose in connection with the provision of our Services. This information is governed by the U.S. Gramm-Leach-Bliley Act and its implementing regulations or the California Financial Information Privacy Act. If you have an account with us, this California Privacy Statement does not apply to you.

This California Privacy Statement does not apply to InDebted personnel or employment applicants.

In some cases, we will not be able to complete your request or right under the CCPA because we do not collect information about you.

InDebted will handle your personal information in accordance with the obligations under the CCPA regardless of whether your personal information is collected, used or handled in other States of the United States of America (USA) and outside of the State of California.

1. Notice of Collection and Use of Personal Information

We may collect and may have already collected during the previous 12 months prior to the date of this California Privacy Statement the following types of personal information about you:

  • Basic personal information such as name, phone number, address and email address, social media profile name or alias, to enable us to communicate with you when we provide our Services to you, when you contact us and when we provide you with updates.
  • Information regarding your online activity, including information about your interaction with our Website or services, including any advertisements;
  • Certain employment-related information, such as profession or business affairs; and
  • Certain financial information, including your signature, bank account or debit card number, or other financial information, subject to Cal. Civ. Code § 1798.80.

We may use and may have already used during the previous 12 months prior to the date of this California Privacy Statement your personal information for the purposes described in our Privacy Policy and for the following business purposes specified in the CCPA:

We may use your personal information on the following basis:

a. where such processing is necessary for the performance of our contracts and compliance with our contractual arrangements with our clients including where we have contracts with our clients who place your accounts with us for collection;

b. to provide and manage our Services to you;

c. the proper management of our client and customer relationships;

d. to verify your identity and to authenticate you when you contact us;

e. when we communicate with you by sending you mail, email, telephone, SMS, mobile applications and social media platforms,

f. for legitimate business purposes;

g. using your personal information helps us to operate and improve our business, website, systems and minimize any disruption to the services that we may offer to you;

h. where we are processing information based on your consent;

i. to comply with our legal and regulatory obligations;

j. for the establishment, exercise or defense of legal claims, proceedings or in an administrative or out-of-court procedure;

k. for the purposes of obtaining or maintaining insurance coverage, managing risks and operations or obtaining professional advice;

l. for the purpose of fraud, crime prevention, suppression, or detection and help us run our business and maintain integrity;

m. ensuring workplace health and safety of our employees or enforcing our rights, making legal enquiries, or taking legal action; or

n. record-keeping purposes.

We will not collect and use any of your sensitive personal information unless it is necessary for us to provide our Services to you and with your prior consent or where a permitted general situation exists.

We may create statistical and anonymized reports, analysis and predictive models, rules and insights using information about you and other customers. Aggregated reports may also be shared with other businesses for business development and to provide insights into collection performance, identify customer demographics or behavioral insights and the information in these reports is not personal and cannot be used to identify you.

2. Sources of Personal Information

We may obtain, and may have already obtained during the previous 12 months prior to the date of this California Privacy Statement, personal information about you from the following categories of sources:

  • through your device, through cookies, or similar technologies;
  • from third parties or organizations including our related companies;
  • publicly available sources of information (i.e. such as public registers);
  • your approved representatives, other organizations, who jointly with us, provide products or services to you,
  • third-party websites, applications or platforms containing interactive InDebted content or that interface with our own websites and applications,
  • social media platforms (if you publicly comment or send us a private message) and digital tracking tools such as cookies.

3. Retention of Personal Information

We will retain your personal information to comply with applicable law or regulation and record retention requirements and as reasonably necessary to achieve the purposes described in our Privacy Policy and in this California Privacy Statement.

4. Use for Marketing

We will not process your personal information for direct marketing purposes, and we will not sell your personal information to other companies or organizations.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes.

5. Disclosure of Personal Information

During a period of 12 months prior to the date of this California Privacy Statement, we may have disclosed the following categories of personal information about you for a purpose described in this California Privacy Statement, to the following categories of third parties:

Category of Personal InformationCategory of Third Party
Basic personal information• Our affiliates and subsidiaries
• Our service providers who provide services on our behalf
• Professional services organizations, such as independent auditors and law firms
• Data analytic providers
• Online advertising services
Information regarding your online activity• Our affiliates and subsidiaries
• Our service providers who provide services on our behalf
• Professional services
• Data analytic providers
• Online advertising services
Certain employment-related information• Our affiliates and subsidiaries
• Our service providers who provide services on our behalf
• Professional services
Certain financial information subject to Cal. Civ. Code § 1798.80• Our affiliates and subsidiaries
• Our service providers who provide services on our behalf
• Professional services

In addition to the categories of third parties identified above, during a period of 12 months prior to the date of this California Privacy Statement, we may have disclosed personal information about you to law enforcement or other government agencies if needed to respond to a lawful request.

6. Rights under the California Consumer Privacy Act

Under the CCPA, you have the:

  • Right to know: You can request up to twice a year and free of charge that we disclose to you: (1) the categories and/or specific pieces of personal information they have collected about you, (2) the categories of sources for that personal information, (3) the purposes for which we use that information, (4) the categories of third parties with whom we disclose the information, and (5) the categories of information that we sell or disclose to third parties.
  • Right to delete: You can request that we delete personal information we collected from you and tell our service providers to do the same, subject to certain exceptions (such as if we or they are legally required to keep the information).
  • Right to opt-out of sharing: You may request that we stop selling or sharing your personal information (“opt-out”), including via a user-enabled global privacy control.We cannot sell or share your personal information after we receive your opt-out request unless you later authorize us to do so again.
  • Right to correct: You may ask us to correct inaccurate information that we have about you.

7. Making a Request

To make a request under this California Privacy Statement, please contact us at privacy@indebted.co or you can reach us at 888-306-3160.

We may ask you to verify your identity and provide us with additional information before acting on any of your requests.We may need to ask you for additional information to make sure we take the action requested for your information. We will only use additional personal information for this verification purpose.

If you use an authorized agent, we may require more information from either the authorized agent or from you to verify that you are the person directing the agent, including asking for signed permission for the authorized agent to submit a request to know or have us delete your personal information. Or we may require you to verify your identity directly with us or directly confirm with us that you gave the authorized agent permission to submit the request. If you ask for specific pieces of personal information, we may require you to attest under penalty of perjury that you are the consumer whose personal information is the subject of the request.

8. Non-Discrimination

You have the right to not be discriminated against or receive discriminatory treatment by us if you choose to exercise your rights under CCPA. Where permitted by applicable law, we may charge a reasonable fee to comply with your request.

9. Complaints about Privacy

If you are displeased with the way we are handling or have handled your personal information, you can contact the Office of the Attorney General in California for Californian data privacy matters.

10. Changes to this California Privacy Statement

This California Privacy Statement is Version 2.0 dated 01 June 2024. Please be aware that we may change this California Privacy Statement in the future at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy and this California Privacy Statement which can be found at www.indebted.co/en-us/privacy-policy/.

Accessibility