Forter Privacy Policy

Introduction

Forter’s (“we” or “the Company”) goal is to fight online financial fraud. Our fraud solution provides merchants (“Merchants”), who use our expertise and proprietary technology in order to get real-time and automated decisions for every transaction made by Merchants’ customers (“Customers”).

When a Customer lands on any of the Merchant’s websites or applications (“Merchant Platforms), and subject to a full Merchant consent, we process relevant information pertaining to the Customer usage of the merchant websites or application (“Merchant Platforms”) and compare it to known fraudulent behavioral trends in order to protect the Merchant from fraudulent activity (collectively: “the Services“).

Our Services not only help Merchants, but also provide much safer and better online shopping experience for Customers, as they help prevent a customer account takeover by a fraudster, allow Customers to get rid of the delays in order confirmation, and minimize potential mistaken rejection of transactions, which can make shopping online very frustrating.

This Privacy Policy outlines our practices with respect to using and processing Customers’ information we receive from the Merchant and from Customers’ usage of the Merchant Platform, when providing our Services to the Merchants. We encourage Customers to read the Privacy Policy carefully and use it to make informed decisions. Please note that this Privacy Policy does not apply to each Merchant’s privacy practices and any processing of information, which may be made by the Merchant outside the scope of our Services. If Customers wish to understand how the Merchant may use such information, they should review the applicable Merchant’s privacy policy.

In this Privacy Policy Customers can read about:

  • What type of information we process
  • How we collect Customers’ information
  • Our usage of Cookies
  • How we use the information
  • With whom we share the information
  • For how long we retain the information
  • How we safeguard the information
  • How to contact us

What type of information we process

We process two types of information which relate to Customers.

The first type of information is un-identified and non-identifiable information pertaining to a Customer, which may be available or collected via Customers’ use of the Merchant Platform (“Non-personal Information”). We are not aware of the identity of the Customer from which the Non-personal Information was collected. Non-personal Information which is being collected may include Customer’s aggregated usage information, device fingerprinting, browsing events and technical information transmitted by Customers’ device, including certain software and hardware information (e.g. the type of browser and operating system the Customer’s device uses, language preference, access time and the domain name of the website from which the Customer is linked to the Merchant Platform; etc.) as well as information regarding Customer’s activity on the Merchant Platform (e.g. pages viewed, clicks, actions, etc.).

The second type of information, mostly the data in the checkout page, is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”). The Personal Information we process through our Services includes information which is submitted to Merchant Platforms directly by the Customer, such as phone number; full name; address; e-mail address and other information that we may need in order to provide our Services. With regards to Customer’s payment means, we are not collecting full credit card details, but only the credit card BIN and the last four digits of the credit number, alongside the cardholder name and expiration date.

We may also process Personal Information from Customer’s device, such as geolocation data, IP address and other unique identifiers.

If we combine Personal Information with Non-personal Information, the combined information will be treated by us as Personal Information for as long as it remains combined.

How we collect information

We use three main methods to collect information, which relates to Customers:

i. With full Merchant consent, we collect information through Customers’ use of any of the Merchant Platforms. In other words, when the Customer is using the Merchant Platform we may gather information relating to such usage.

ii. We collect information, which the Customer voluntarily provides to the Merchant or shares on the Merchant Platforms and which is provided to us by the Merchant. For example, we use Personal Information that the Customer discloses on the Merchant Platforms (e.g. delivery address, partial credit card number, etc.), when the Customer wishes to conduct an online transaction.

iii. We collect information which is available via public websites, social networks, etc. and from our trusted service providers and is relevant to our Services. For example, we may collect information such as phone type (e.g. mobile, landline, etc.), age and gender from different resources across the web and perform social network analysis in order to support our analysis of a transaction and the assessment of whether or not a transaction is suspected as fraudulent.

Cookies                 

We use cookies and other technologies when Customers access the Merchant’s website.

A “cookie” is a small piece of information that the Merchant’s website assigns to the Customer’s browser while the Customer is browsing such website. Cookies are very helpful and are used by us for the purpose of gathering relevant information in order to detect possible online and identity frauds.

We use ‘session cookies’, which are stored temporarily during a browsing session and are deleted from Customer’s device when the browser is closed, and ‘persistent cookies’, which are saved on Customer’s device for a fixed period and are not deleted when the browser is closed.

The Customer may disable the storage of and/or remove the cookies via his browser settings.

How we use the information

We use Customers’ Personal Information in the manners described in this Privacy Policy. In addition to the purposes listed above, the information we collect is being used for any of the following purposes:

  • To provide our Services to Merchants to detect fraudulent activity by Customers on Merchant Platforms;
  • To conduct fraud detection analysis, enrich our database and improve its accuracy;
  • To support and troubleshoot our Services;
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.

With whom we share the information

We do not rent, sell, or share Customers’ Personal Information with third parties except as described in this Privacy Policy.

We may share Personal Information which relates to the particular Merchant from whom the information was collected in order to provide our Services. This includes sharing of information regarding each transaction decision the Merchant initiates and access to our ‘Decision Dashboard’;

In addition, in order to provide our Services we may share Personal Information with (i) affiliated companies within the Forter group of companies, as listed below; (ii) subcontractors (e.g. enrichment services with whom data points are shared securely and without the transaction context.  For example, shipping addresses, without an individual’s name/phone/etc., are normalized using a dedicated address validation provider. All third party services must be evaluated and approved by the Forter security team before integration or chargeback dispute agencies); (iii) third party service providers (e.g. cloud web services for storing information on our behalf or processing information);

We may also disclose Personal Information, or any information submitted via the Services if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, the Merchants, the Customers or any third party; or (vi) for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.

For how long we retain the information

We value Customers’ privacy and control over their Personal Information. In cases where we are required under the applicable law (for example, under the EU Data Protection Directive), a Customer may request that we will correct errors with regard to his Personal Information and allow him to receive certain details with regard to his Personal information, by following this procedure:

  • The requesting Customer will issue a request by emailing us at privacy@forter.com by which he will ask to access, receive or correct certain details relating to his Personal Information.
  • We will request documentation (which may include Personal Information) verifying the identification of the requesting Customer. If additional identifying information is required by us in order to match the requesting Customer with his information, such information will be requested and verified as well.
  • After we will confirm the identity and the legal right of the requesting Customer to retrieve Personal Information, we will query our database and respond to the Customer’s request. We may scrub the requested information from any irrelevant or proprietary data, at our own discretion.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

We will retain the information we collect for as long as needed to provide our Services and to comply with our legal obligations, resolve disputes and enforce our policies.

How we safeguard the information

We take great care in implementing and maintaining the security of the Services and safeguarding information which relates to Customers. We employ industry standard procedures and policies to ensure the safety of Customers’ information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard such information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Services, and we make no warranty, express, implied or otherwise, that we will prevent such access.

If Customers are to believe that their privacy was not treated in accordance with our Privacy Policy, or if any person attempted to abuse our Services or acted in an inappropriate manner, it will be advisable to contact us directly at privacy@forter.com.

Corporate transaction

We may share information which relates to Customers, including Personal Information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale) of the Company. In this event, the acquiring company will assume the rights and obligations as described in this Privacy Policy.

Minors

We do not collect any information, which relates to Customers who are under the age of 13. In the event that we become aware that an individual under the age of 13 has shared any information, we will discard such information. If Customers have any reason to believe that a minor has shared any information with us, it will be advisable to contact us at privacy@forter.com.

Updates or amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our website (as reflected in the “Last Revised” heading).

How to contact us

If Customers have any general questions about the Services or the information that we collect about them and how we may use it, they may contact us at privacy@forter.com

 

 

Details of Company and affiliated companies in the group:

Forter Ltd., 7 Tozeret Haaretz Street, Tel Aviv 6780104

Forter, Inc., 315 W 36th Street, New York, NY 10018, USA

 

 

Last update: 22/12/2016