This policy1 only applies to all U.S.-based CyberScout entities including CyberScout LLC (U.S.), CyberScout Claims LLC (U.S.), and CyberScout Consulting LLC (U.S.). All of the above companies shall be collectively referred to in this policy as “CyberScout.”
CyberScout provides identity management services including identity monitoring services and resolution of identity fraud and account takeover situations for consumers and individuals. Our services are provided on an institutional basis and are not available direct to the public, though members of the public can purchase services when referred to CyberScout by their employer or one of their business providers. This means that services are made available to the public and to you through insurance providers, financial institutions, employee benefits providers and other entities that have paid us to be able to refer individuals like you to CyberScout for assistance with your fraud or identity theft situation.
CyberScout policy is to inform you any time we may be about to collect any personal information about you, regardless of whether it is online, in person or over the telephone. This means that any time you are asked to reveal personal information about yourself to CyberScout or to a CyberScout affiliate, we'll always do our best to inform you:
- why we need to collect the information
- what we intend to do with it
- who, if anybody, we intend to share it with and why.
At that time, we will give you the option to either:
- affirmatively consent to that collection of information and proceed with providing it to us for its intended purpose to redeem a service or product, or
- stop what you are doing and discontinue providing us with that information at the risk that the relevant service or product may not be able to be provided to you.
U.S.-E.U. and U.S.-Swiss Privacy Shield details for residents of the European Union, United Kingdom and Switzerland
For inquiries and complaints via email:
For inquiries and complaints via standard mail/post:
Attn: Global Privacy Officer and Custodian of Personal Records
7580 N Dobson Rd, Suite 201
Scottsdale, AZ 85256 USA
CyberScout has further committed to refer unresolved privacy complaints under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Principles to the BBB E.U. PRIVACY SHIELD, a nonprofit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. In certain circumstances you have a right to invoke binding arbitration before the Privacy Shield Panel as a last resort in resolving your issues.
In your relationship with CyberScout you are the data controller. CyberScout provides identity theft, fraud remediation, security breach notification, identity monitoring and other support services to individuals (hereinafter referred to collectively as “consumer services”) via their employer, insurance provider, financial institution or other third-party business. CyberScout does not solicit business directly from any individuals as it is a business-to-business entity.
However, if you have been referred to CyberScout for any consumer services CyberScout may collect any relevant information needed to assist you with enrollment in services, fulfillment of identity monitoring or fraud remediation case management. The types of information we may collect to assist you may include but is not limited to: name; address; government issued identification numbers (e.g., Social Security, Social Insurance, National Insurance, and Passport numbers); compromised or fraudulent financial or other account information; tax information; or any other information necessary to assist you with the consumer services you have chosen to utilize through CyberScout.
Please note that any and all information collected is provided directly by you during interviews with a case manager or during the online or telephone enrollment process. The information provided by you to CyberScout may be used to help populate letters and fraud victim affidavits and documents provided to you to sign and execute accordingly. You are in control of any sharing of this information with third parties by CyberScout. This sensitive and personal information in the form of letters and communications would be sent by you directly to law enforcement, fraud departments, collection agencies, regulators, attorneys and/or any other necessary third parties required to help resolve your fraud or identity theft situation.
CyberScout also provides special monitoring services including cyber monitoring and credit monitoring. These special monitoring services are provided to help you detect fraudulent activity on your personal accounts as well as track the use of your account information and personal information by fraudsters and criminals. In certain situations, in order to sign up for these services you may be asked to provide certain personal information. This information is used to (1) verify your identity for security purposes and (2) for CyberScout to know what information you want us to monitor for fraud and other illicit uses. Examples of data you may want to monitor could include account numbers or government issued identification numbers. Any information being monitored by you would have to be provided by you to CyberScout.
CyberScout collects information from its employees in connection with our employer-employee relationship. This information is limited to information necessary to pay our employees, provide them with benefits and to comply with tax and other government reporting requirements applicable in each jurisdiction. For additional information on E.U. Employee data transfers and privacy please refer to the section “7. What are CyberScout’s policies regarding transfer of E.U. and U.K. employee data to the U.S.? ” of this policy.
CyberScout acknowledges the individual’s right to access their personal data. If you haven't provided us with information about yourself in the past, we don't have information about you. However, if you have provided information to CyberScout and would like to know what information we currently have about you, feel free to contact CyberScout's custodian of personal records to provide you with access to any information CyberScout has about you. In addition, should you note any inaccuracies in the information we have about you, you have a right to correct that information or to even have the information deleted.
CyberScout may be required to disclose an individual’s personal information in response to a lawful request by public authorities including but not limited to meeting national security or law enforcement requirements and/or requests.
In your relationship with CyberScout you are the data controller. You have full control of what information, if any, you provide about yourself to CyberScout. However, in our efforts to service you CyberScout may utilize third-party vendors or agents and their solutions to provide you with certain services and support. While most services and the data collected in carrying out that service is managed in house by CyberScout, some services must be provided by outside vendors. These limited situations are when CyberScout is required to share data in order to help provide these services.
For instance if you were to be offered or provided any special monitoring services including cyber monitoring and/or credit monitoring which is available in both the U.S. and certain limited markets outside of the U.S., specific information such as that used (1) to verify your identity for security purposes and/or (2) specific information or data you may want to monitor including but not limited to account numbers or government issued identification numbers; that information would be shared with relevant CyberScout services vendors to provide you with this monitoring. CyberScout limits the purposes of this sharing with its vendors to providing the monitoring service they were contracted to provide. That data is not shared for marketing or resale purposes by our vendor(s) and any such activity would be a violation of CyberScout’s agreements with any such vendor(s).
CyberScout offers individuals an opportunity to opt out of having their data shared with third parties by simply not signing up for monitoring and other services that, by definition, involve the sharing of personal information with third parties. Individuals are presented at time of sign up with the request for them to provide and submit this personal information to be verified and monitored as part of the service. The request is in response to them redeeming a service with the understanding that the basis for the services involves sharing of this information individuals can opt out of this sharing by simply not enrolling in these services.
CyberScout does not share or sell any of the personal information provided to CyberScout with any third-party organizations for the purposes of marketing or further reselling of your data. Information is only shared if necessary to provide you services.
Category 1: Strictly necessary cookies. These cookies are essential to allow us to provide services that you have requested. Category 1 cookies used by CyberScout websites: Login status cookies identify you as being logged in to our website. Load balancing cookies may be used to distribute traffic across our web servers to ensure that our websites perform well and give you the best possible experience. Subscription cookies allow us to ensure that subscribers can access resources for which they have registered.
Category 3: Functionality cookies. These cookies allow us to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more relevant features. Category 3 cookies used by CyberScout websites: User preference cookies remember settings you’ve applied to this site such as layout, default views, search filters. Login cookies may be used to communicate your login details across pages of this website. This data is encrypted and not shared with third parties. User profile data, such as email addresses, address and contact information: CyberScout uses a third party solution to collect this information for CyberScout and CyberScout purposes only. The user-profile data collected by CyberScout is collected by Marketo on CyberScout’s behalf and is provided directly to CyberScout. This data is not shared with third parties and is used to better provide additional services like newsletters and use of user specific online tools and resources.
CyberScout has employees who are citizens of European Union countries and the United Kingdom and respects the unique privacy and data protection rights those employees have under applicable national and E.U. laws and regulations. While CyberScout limits the Human Resources data transferred about its E.U.- and U.K.-based employees to the extent possible, some information must be shared between CyberScout’s European and U.K. operations and CyberScout’s U.S. operations for those HR-related functions that cannot be managed in their respective E.U. countries and/or the U.K.
CyberScout’s participation in the U.S.-E.U. Privacy Shield Program, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from E.U. member countries and/or the United Kingdom to companies in the United States, requires that CyberScout have in place appropriate independent recourse mechanisms (IRMs) for dispute resolution.
CyberScout has consented to work with applicable E.U. Data Protection Authorities (E.U. DPAs) and the U.K. Information Commissioner’s Office (U.K. ICO) to serve as an IRM for dispute resolution surrounding HR specific data transfer, data protection and privacy disputes. Therefore, should your concerns around the transfer or treatment of your personal HR data by CyberScout’s U.S. entity not be properly addressed by CyberScout’s HR staff or privacy staff, you have the right to access and utilize the E.U. DPAs’ and/or U.K. ICO’s dispute resolution panel as your IRM for the dispute. CyberScout will adhere to the decisions of the E.U. DPAs’ and/or U.K. ICO’s Dispute resolution panel and IRM.
CyberScout does its best to provide clear and transparent information around its privacy and data sharing practices. If you have additional questions not covered by this policy, please feel free to contact us for more information via email at at Records@CyberScout.com
1 For privacy notices for any of our non-U.S. entities, please visit their respective websites for applicable privacy statements and policies. Non-U.S. entities include CyberScout Inc. (Canada), CyberScout Ventures Limited (Ireland), CyberScout Limited (U.K.), CyberScout Pty Ltd. (Australia), CyberScout Sdn Bhd (Malaysia), and CyberScout Pty Ltd., and Taiwan Branch (Taiwan).