IDENTITY THEFT RESOURCE CENTER

PRIVACY POLICY

In accordance with state and federal laws the following is the privacy policy for the Identity Theft Resource Center (ITRC):

Your privacy is important to us. The Identity Theft Resource Center maintains a strict privacy policy. This privacy policy governs your use of the ITRC website and mobile device application.

 What information does the ITRC collect and how is it used?

ITRC requests that you do not send us sensitive personal information such as Social Security numbers, dates of birth, crime reports, or any financial/medical account numbers. Any such information received by the ITRC will be immediately destroyed. 

Website 

The ITRC website does not collect information from a child 13 years or younger without prior parental consent or direct parental notification. The ITRC website is intended for consumers age 14 or older. By using this site, user represents they are age 14 or older. ITRC advises all children under the age of 18 to seek parental consent before using our website. 

User Provided Information: The website does have a live chat function for users to speak to ITRC Victim Advisors, but no sensitive personal information will be requested other than the state the user resides in as to provide them with relevant information according to their state’s laws. If the user chooses to provide the ITRC with sensitive personal information via live chat, said information will be immediately destroyed. 

Automatically Collected Information: In order to provide the best website experience, the ITRC website does not honor Do Not Track signal requests as this website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies,” which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.

Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above. 

Application and Live Chat Feature 

The ITRC application does not collect information from a child 13 years or younger without prior parental consent or direct parental notification. The ITRC website is intended for consumers age 14 or older. By using this application, user represents they are age 14 or older. ITRC advises all children under the age of 18 to seek parental consent before using our application. 

User Provided Information: The ITRC application may ask the user for their zip code in order to provide the user with the location of pertinent assistance, such as a Social Security office or local police station. The application does have a live chat function for users to speak to ITRC Victim Advisors, but no sensitive personal information will be requested other than the state the user resides in as to provide them with relevant information according to their state’s laws. If the user chooses to provide the ITRC with sensitive personal information via live chat, said information will be immediately destroyed. 

The ITRC ID Theft Help app case log feature allows users to make entries into this feature regarding the steps victims have taken during their remediation process.  This information can include but is not limited to date, time and duration of calls to specific entities that the victim must contact to remediate their case, forms requested or filed, and actions taken. Sensitive personal information is not collected and victims are instructed to NOT add notes to their log that contain PII.  All case log entries are housed on the device upon which they are entered and not collected, retained, or stored by the ITRC. 

If you do not want us to use your location for the purposes set forth above, you should turn off the location services for the mobile application located in your account settings or in your mobile phone settings and/or within the mobile application.  

ITRC Call Center 

The ITRC Call Center does not collect information from a child under the age of 18 years without prior parental consent or direct parental notification. The ITRC Call Center is intended for consumers age 18 or older. By calling the ITRC Call Center, the caller represents they are 18 years or older. 

User Provided Information: The ITRC Call Center collects personal information for the sole purpose of identity theft mitigation. This information consists of the caller’s name, telephone number, email address, and state of residence. If you need to have forms mailed to you, we will also collect your mailing address. 

Automatically Collected Information: The ITRC Call Center will automatically collect the phone number of the person calling.  

Usage of Information 

The ITRC uses the information collected solely for the purpose of providing identity theft case mitigation advice and conducting research on and about the crime of identity theft; however, individuals are not identified in the results of these studies. 

Do third parties see and/or have access to information obtained by the ITRC?

Yes. We will share your information with third parties only in the ways that are described below:

We may disclose User Provided and Automatically Collected Information:

  • as required by law, such as to comply with a subpoena, or similar legal process;
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;
  • with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement. 
  • for research or statistical purposes; however, individuals are not identified in the results of these studies.
  • with your express permission, we may share your information with the media or legislators who desire to contact and speak to individuals who have experienced particular identity theft abuses.

Data Retention Policy, Managing Your Information, Disposal

The ITRC will maintain personal information collected via its Call Center in electronic form using SalesForce, a database program specially designed for enterprise business services. The SalesForce database used by ITRC is accessible by ITRC staff and third party vendors for the specific purpose of case remediation only, and with permissions regulated strictly by individual login. Safeguards for the protection of electronic files include both hardware and software firewalls, use of SSL technology for all connections, verified IP for all connections, and discrete user tokens on each user machine, as well as user name and password protection. Information can include name, state of residence, phone number, and/or e-mail address, and in some cases city and street address.

All other personal and non-personal information collected by the ITRC are to be stored in electronic form on the ITRC file server, in an access controlled room, within the ITRC facility. They are protected by appropriate firewalls and intrusion detection. External access to the server is limited to secure VPN only.

Because the ITRC undertakes an advisory role with victims of identity theft, and because the nature of this crime may require years for mitigation, victims have the expectation that ITRC will retain for safekeeping and future access any case information that may be of use to the victim’s case in the future. ITRC has the ability to store client files for safekeeping indefinitely in a secure, locked storage unit housed in the same building as the ITRC offices. Data will be retained for a minimum period of three years and/or destroyed at the request of the victim. 

Children

We do not use the ITRC website or application to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.. We will delete such information from our files within a reasonable time. 

Security

We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order to operate, develop or improve our services. Please be aware that, although we endeavor provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches. 

Changes

This Privacy Policy may be updated from time to time for any reason. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here and informing you via email or text message. You are advised to consult this Privacy Policy regularly for any changes, as continued use is deemed approval of all changes. You can check the history of this policy by clicking here. 

Your Consent

By using the ITRC website or application you are consenting to our processing of your information as set forth in this Privacy Policy now and as amended by us. "Processing,” means using cookies on a computer/hand held device or using or touching information in any way, including, but not limited to, collecting, storing, deleting, using, combining and disclosing information, all of which activities will take place in the United States. If you reside outside the United States your information will be transferred, processed and stored there under United States privacy standards.  

Contact us

If you have any questions regarding privacy while using the Application, or have questions about our practices, please contact us via email at This email address is being protected from spambots. You need JavaScript enabled to view it.. 


 If you have any questions or concerns about this privacy policy, please feel free to contact us at This email address is being protected from spambots. You need JavaScript enabled to view it. 

Site built by Goldfish Consulting following the above guidelines.

 

ITRC Sponsors and Supporters 

 

 

 

 

Go to top

 

The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.