We have recently updated our Privacy Notice. Be sure to review it carefully to understand our privacy practices.
This Privacy Notice (“Notice”) provides information about how Sontiq, Inc., now a TransUnion Company, (“Sontiq,” “we,” “us,” or “our”) handles personal information and describes the rights you may have regarding your personal information. It applies to our brands: EZShield, IdentityForce, and CyberScout, our online and offline services, and the processing of personal information you may provide to us or that we collect or maintain about you, to include personal information you may supply when you use our websites, mobile apps, and other online services that provide a link to this Notice (collectively, our “Services”). If you do not agree to the terms of this Notice, please do not provide us with any personal information and do not use our Services.
This Notice does not cover practices of other TransUnion businesses or products, nor your interactions with us as a job applicant. Please see those respective privacy notices listed on the left-hand panel of this page for more information on those privacy practices. We also recommend that you review our Terms of Use, which governs your use of our website.
Click here to print our full Terms of Use.
Click here to print a copy of this Privacy Notice.
Analytics Disclosure: We use Google Analytics 360, including Google Tag Manager and Google Ads. If you would like to learn more about Google Analytics, or opt out of this data collection and sharing activity, please use this link: https://www.google.com/policies/privacy/partners/. Please visit our Cookie Policy for information regarding our tracking technologies.
Notice at Collection: We collect personal information as detailed in this Notice. The categories of personal information that we collect and the sources from whom we collected the personal information are listed below under “Personal information we collect.” The purposes for which we collect and use personal information are listed below under “Purpose for collecting and use of personal information” To learn more about your privacy rights, including your right to opt out of the sale or sharing of your personal information, please navigate to the “Privacy rights and choices” sections below. Our retention practices are outlined below under “Retaining personal information.” This Notice does not apply to data we receive from third parties unless it is combined with personal information you have provided to us.
We may collect different types of personal information about you from various sources, including directly provided by you, through our partners or affiliates, or from commercially or publicly available data sources. The personal information collected varies based on the product or service purchased or otherwise obtained by our customers and consumers.
Some of the products and services we offer may include collecting information about you from credit bureaus, identify verification and fraud prevention services, social media platforms, and others consistent with the product or service. We also gather information from or about you when you use our Services, including accessing our websites, mobile applications, and other online services, as well as marketing and analytics providers.
In the past 12 months, we may have collected the following categories of personal information from the sources listed further below:
Sources of Personal Information
Our website may allow access to third-party websites, online services, or applications. In return, the third party may provide personal and other information to us. For example, if you select a social media icon (such as for Facebook, Twitter, or Instagram), we may have access to information from them.
We will use your personal information for the purposes for which we collected it and related purposes. We may also use the information we collect for our own or our service providers’ other operational purposes, purposes for which we provide you additional notice, or for purposes compatible with the context in which the personal information was collected. We may use your personal information that is subject to this Notice for the following purposes:
We may disclose your personal information and other information with third parties for business purposes (for example, to fulfill your requests, to provide our products and services to you, to protect the interests of Sontiq and others, and in the event of a transfer of the business).
Our third-party service providers and vendors are required to take appropriate security measures to protect your personal information. We do not allow our third parties to use your personal information for their own purposes. There are times when we disclose information in an anonymized or aggregated form with our partners. In these cases, the identity of the individual(s) whose information is shared cannot be directly discerned from the information we provide.
In accordance with applicable laws and their defined terms – NOTICE: We and this website may sell your sensitive personal data. Sontiq may share your personal information for a targeted advertising purpose. We may transfer personal information (identifiers) to credit reporting agencies in a manner that may be considered a sale or sharing of personal information under state privacy laws and regulations. Sontiq does not knowingly sell or share personal information of minors under the age of eighteen (18).
In the prior 12 months, we may have disclosed (business purpose) or sold/shared (commercial purpose) your personal information to different third parties, as detailed below.
The following data may be processed by third-party service providers:
You are responsible for the accuracy of the information you share with us. This information may be reviewed and updated through our website’s registration forms or via the “Manage Account” tab on your Sontiq Member Dashboard
You may also contact us directly to update or delete your contact information or to request that we stop sending you any form of communication (see “Contact information” section below). You have the choice to opt out of our marketing email communications at any time by using the opt-out provision/unsubscribe link at the bottom of every email.
To verify your identity, we may ask you to provide additional information before making these changes. We will make good faith efforts to make the requested changes in our systems as soon as reasonably possible. We may need to retain prior information as business records in some situations.
Withdrawing Consent. In some very limited cases we may process your personal information based upon your consent. You have the right to withdraw your consent for processing in these situations at any time. You can withdraw your consent by deleting the information from your Sontiq Member Dashboard or by contacting us directly.
Advertising. Many companies, including Sontiq, serve advertisements across Internet sites. Third-party analytics service providers may be used to gauge the use of these ads on third-party sites, the viewing of ads, and the viewing of our content. The advertisements presented may be based on your interests and activities across the Internet and mobile media.
Our third-party network advertisers and ad exchanges may set and access their own technologies on your device. This may include use of an identifier, such as a cookie or similar tracking technology, on your device. These third-party technologies, combined with personal information we may provide, may:
This Notice does not apply to the collection or use of the information by these third parties, but you can review more information regarding our use of tracking technologies in our Cookie Policy.
As applicable under privacy laws, when Sontiq is acting as a data controller you may take advantage of certain privacy rights, such as to request access, correction, or deletion of your personal information. You may also have the right to appeal a denial of your privacy rights.
To exercise your privacy rights by submitting a verifiable request (subject to limitations and exceptions under applicable law), visit your Sontiq Member Dashboard, submit your requests via the forms listed below, or contact us directly.
To make an opt-out request or confirm a limitation on our use of your sensitive personal information (subject to limitations and exceptions under applicable law), click here to submit your requests.
In some instances, Sontiq offers its services to customers as a service provider/data processor or subject to other exceptions under the applicable state privacy laws. Where Sontiq is acting as a service provider/data processor, we are processing data on behalf of others who will provide you with applicable privacy rights.
Explanation of Privacy Rights and Choices
We do not discriminate against you based on your exercise of your privacy rights, although some of the functionality and features available on our websites may change or no longer be available to you.
In calendar year 2023, we received and responded to privacy requests as set forth in the table below. This data reflects requests received in 2023 from all individuals.
Request Type | Requests Received | Requests Complied | Requests Denied* | Mean Days to Resolution |
Deletion | 322 | 114 | 208 | 32 |
Correction | 9 | 2 | 7 | 10 |
Opt Out/Do Not Sell | 777 | 777 | 0 | 0 |
Limit Use of Sensitive Data | 0 | 0 | 0 | 0 |
Access Request/Right to Know | 55 | 13 | 42 | 19 |
* Requests may have been denied if (i) the individual’s information was not in systems, (ii) we could not match the individual’s information to a unique identity in our systems, (iii) we were unable to verify the individual’s identity, or (iv) if an exception to compliance was applicable.
Using an authorized agent without power of attorney to submit a verifiable privacy request for access, correction, or deletion of a consumer’s personal information: In order to submit a verifiable request for access, correction, or deletion on behalf of another consumer, an authorized agent without power of attorney must provide one item from each of the two sections below.
Documentation may be sent to:
Sontiq
Attn: Privacy Team
9920 Franklin Square Drive, Suite 250
Nottingham, MD, 21236, USA
You can also email the information to privacy@sontiq.com
To protect the confidentiality of your data, you and/or your authorized agent may choose to submit your data using confidentiality features offered by your email provider.
All personal information provided as part of this process will be deleted after verification has been completed.
With some restrictions, you may make privacy requests with regard to your personal information by using our self-service options or contacting us in the following ways:
Explanation of Privacy Rights and Choices
Explanation of Data Processing
Our privacy practices as required under the European Union General Data Protection Regulation (“GDPR”) have been incorporated into this Privacy Notice.
Legal Basis for Processing. A legal basis for processing personal information is required under the GDPR.
Objection to Processing. You may object to the processing of your personal information. This may be done if you feel it is inappropriate for Sontiq to rely on legitimate interest as a legal basis for processing. When you object, we will limit the processing of your information. Once the objection is resolved, we will either resume processing or delete the Personal Information as appropriate.
International Transfers of Personal Information. Our Services operate in the United States. Information we collect, including personal information, will be transferred, processed, stored, and used in the United States. The data protection laws in the United States may differ from those of the country in which you are located. Your information may be subject to access requests from governments, courts, or law enforcement according to the laws of the United States. Sontiq utilizes Standard Contractual Clauses for the transfer of information outside of the Europe. This participation applies to all personal information that is received from European residents.
Registering a Compliant. There may be times when you have a concern about the processing of your personal information. We ask that you please contact the Sontiq Privacy Office at these times as detailed in our “Contact information” section below.
If you remain dissatisfied, you have the right to apply directly to the United Kingdom Data Protection Authority:
Website | |
Phone | |
Postal Mail | Information Commissioner’s Office United Kingdom |
Sontiq does not knowingly collect personal information from children. Our services are not intended for use by nor directed to individuals under the age of eighteen (18). We do not enroll children in our Services although they can be a part of the Services we provide to families and for which their parent or guardian must enroll them directly.
If we learn that we have collected or received personal information from individuals under the age of eighteen (18), we will delete the personal information or otherwise comply with applicable law. We do not knowingly sell personal information of children under the age of eighteen (18).
Parent or Guardian Privacy Opt-Out Request (child under 18 years)
If you believe we have collected Personal Information from individuals under the age of eighteen (18), a parent or guardian may make a data privacy opt-out request (subject to the limitations and exceptions under applicable law) by visiting our Opt-Out Form.
Sontiq maintains a comprehensive information security program that utilizes administrative (policies, standards, and processes), physical, and technical controls designed to protect the confidentiality, integrity, and accessibility of personal information.
We use industry-standard safeguards to protect your information. While we make reasonable efforts to safeguard personal information once we receive it, the protection of your information cannot be guaranteed as no website is completely secure. You should only access our website within a secure environment.
You are responsible for maintaining the confidentiality of any password(s) and all activities that occur using your password(s). You should notify us immediately of any unauthorized use of your password(s) or accounts, or if you believe your personal information has been exposed.
We retain personal information for as long as necessary to fulfill the purposes for which it was collected or processed, as previously described in this Notice, and consistent with applicable laws. For instance, we retain personal information, collected through our Services and website, for as long as a user’s account is active or as needed to provide Services to our customers. When you give up your membership, your personal information is retained for a short period of time in the event you decide to rejoin.
When determining retention periods, we consider our relationship with you and your information, the nature and sensitivity of the information, and what is reasonably necessary and proportionate to provide and improve our Services. We also adjust retention periods to comply with our legal, reporting, or accounting obligations, to resolve disputes, and to enforce our agreements. We regularly review our retention periods and assess our data minimization practices, retaining the least amount of information for the shortest retention period, while still upholding all our obligations.
In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, we may share your personal information. We may also share your personal information if we undergo bankruptcy or liquidation, in the course of such proceedings.
Our websites may contain content, links, or applications that are supplied by a third party. These third parties may also collect, store, or have access to your information when you interact with them for their own commercial purposes. In some cases, you may be directed to other sites and applications that are operated by third parties that we do not control. This includes when you use third-party tools such as Facebook, Twitter, Pinterest, or other posting or content sharing tools.
This Notice does not apply to other third-party sites or services. If you click on a link or browse to a third-party site from our site/service, your activity and interaction is subject to that third-party's rules and policies. We recommend reviewing the privacy statements on those other sites to understand their privacy practices and make an informed decision regarding your use or interaction with their site/service.
If you have questions or concerns regarding this Notice, our privacy practices and the protection of your personal information, or the privacy rights and choices available to you, you may contact us in the following ways:
Phone | Within the U.S. (toll-free) 1-888-6-SONTIQ or 1-888-676-6847 Outside the U.S. 01 (508) 644-8726 |
Postal Mail | Sontiq |
This Notice is subject to change at any time. If we make any changes to this Notice, we will post the revised Notice on this page with its effective date.
We will not use your previously collected personal information in a way that is significantly different than stated in the Notice which was effective on the date the information was collected. However, we may request your consent for any new uses.