Login Register

Privacy Policy

INTRO

Your privacy is important to us. This policy explains our online information practices and the choices you can make about how your information is used at our Website (www.alfacredit.com).

At alfacredit.com, we believe in empowering individuals and organizations by providing business credit information, due diligence, individual profiling reports, and comprehensive Anti-Money Laundering (AML) services, supporting informed decision-making and regulatory compliance.

By processing data responsibly and transparently, we aim to strike a balance between leveraging legitimate interests and respecting your rights.

As a third-party background screening provider, alfacredit.com processes personal data for private and business purposes at the request of our clients. This report outlines the legitimate interest framework under which these checks are performed, ensuring compliance with the General Data Protection Regulation (GDPR) and NOTICE TO RESIDENTS OF CALIFORNIA, VIRGINIA, CONNECTICUT, UTAH, COLORADO, TEXAS, DELAWARE, MONTANA AND OREGON: Additional privacy policies, specifically developed and maintained for residents of California, Virginia, Connecticut, Utah, Colorado, Texas, Delaware, and Oregon, are found within this Privacy Policy. If you are a resident of these states, you may have additional rights regarding our use of your Personal Information. For more information, visit our privacy data center and click this link.

ALFACREDIT is processes non-direct “End-user personal data”-data introduced by clients for performing searches and making use of ALFACREDIT services. Consequently, the client is the CONTROLLER in this case and ALFACREDIT cannot be held liable by the client’s actions. For more detailed information, please see ANNEX I – ALFACREDIT information notice to END-USERS.

ALFACREDIT is a data controller that processes the directly collected data from the client when subscribing to its services.

WHY AND HOW IS ALFACREDIT PROCESSING YOUR PERSONAL DATA?

We process your personal data for the following purposes: (i) providing the services, including registration on the Website, providing demos, establishing contractual relationships, and concluding contracts; (ii) enhancing our services; (iii) ensuring information security of the services and preventing frauds; (iv) lead generation, sending newsletters and other direct marketing communications; (v) providing customer support, providing information on service updates; (vi) organizing webinars, events; and(vii) analysis of business performance and managerial decision making.

We do not carry out automated decision-making or profiling based solely on automated processing of your personal data as described by Article 22 GDPR.

We use cookies and similar technologies to collect and process data on our Website. We ask for your consent and to confirm your preferred setting to use these technologies when you first access our Website. We will reconfirm your consent on a yearly basis or in case of any changes to this Privacy Policy. You have the right to withdraw your consent or delete cookies at any time by following the instructions provided in your browser settings. For detailed information about cookies and how they are used on our Website, see our Cookie Policy.

Categories of personal data processed by Alfacredit:

Data required in order to create the account:

  • Personal data provided by you, more precisely contact details: Name, surname, phone number, email address
  • Legal bases: contractual- since the data subject purchases a service from the controller and, through the delivery of that product or service, the controller needs to process the individual’s personal data.

Retention period: 3 years, which is based on the applicable limitation period for enforcing legal claims and the statutory retention period for accounting documents.

Data required for the enhancement of the services (eg: software update)

  • Categories of personal data: Personal data provided by you, for example, contact details, information necessary to create an account, information related to the usage of the services, communication-related to the services, and data collected via cookies.
  • Legal basis: Our legitimate interest is in improving the existing features of our services and developing new features in order to remain competitive. This ground for processing can be used where the data subject is a client or in the service of the controller. Data subjects have the right to object to the use of their data.
  • Retention period: 3 years after you cancelled your account at the Website or if you do not have an account, from the last interaction with you.

Ensuring information security of the services and preventing fraud

  • Categories of personal data: Personal data provided by you and personal data that we collect from other sources, in particular, contact details, information related to the usage of the services, data collected via cookies, and public database information. As for the sources of the categories of personal data not provided by you we use publicly available open source information.
  • Legal basis: Our legitimate interest in providing our services securely for our customers and detecting and avoiding fraudulent use of our services. Recital 49 specifically identifies processing personal data strictly necessary and proportionate to ensure network and information security as constituting a legitimate interest. This ground for processing can be used where the data subject is a client or in the service of the controller. Data subjects have the right to object to the use of their data.
  • Retention period: 3 years after the fraud check query is completed.

Sending newsletters and other direct marketing communications

  • Legal basis: Data Subject’s Consent and Legitimate Interest: Consent will be freely given with a clear possibility of opting out at any time; processing based on legitimate interest pursues raising awareness about our services and improving user engagement.
  • Categories of personal data: Personal data provided by you and personal data we collected from other sources, in particular, contact details, information necessary to create an account, data collected via cookies, public database information. Sources of the categories of personal data not provided by you (indirect data)- Webinar organizing partners, business listing pages, social media providers, company email address databases, marketing lead contact search engines, and other business partners.

Retention period: According to the applicable limitation period for enforcing legal claims, 3 years or until your consent is revoked.

Suppose you no longer wish to receive our newsletter and promotional communications. In that case, you may opt out of receiving them by following the instructions included in each newsletter or communication or by visiting our Privacy Centre here.

Providing customer support, providing information on service updates

Legal basis: Our legitimate interest is in helping our customers fix bugs or unintended functioning of the services in an efficient and timely way to increase our customers’ loyalty and retain our customers.

Categories of personal data: Personal data provided by the client, for example, contact details, information necessary to create an account, information related to the usage of the services, and communication-related to the services.

PUBLICLY AVAILABLE INFORMATION

In addition to the Personal Information scanned by alfacredit.com that has been detailed above, we also collect Publicly Available Information or Public Data from various databases, government entities, commercial data providers, and websites to create our reports and provide the products and services available on our Site. Publicly Available Information includes information that is lawfully made available from federal, state, or local government records, the dark web, and information that we reasonably believe is made available to the general public, for example, by widely distributed media.

We acquire and aggregate this information about the U.S. and data from other countries’ residents, which will include users and non-users. We do not, however, include any personal information, including user data and traffic data, that we collect directly from site users in the reports and products and services we provide.

LINKED SITES

Alfacredit.com contains links to other sites that are not owned or controlled by Alfacredit Europe Ltd. Please be aware that we, alfacredit.com, are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave the Site and to read the privacy statements of each and every Website that collects personally identifiable information. This privacy statement applies only to information collected by the Site.

FRAUDULENT REQUESTS

Alfacredit.com takes consumer and business requests seriously and endeavors to protect your privacy and comply with your requests. However, if alfacredit.com has a good-faith, reasonable, and documented belief that a consumer request is fraudulent, alfacredit.com may deny such a request. This basis for denial applies to all consumer requests and may be subject to the limitations and requirements of applicable state privacy laws with which alfacredit.com will always comply.

Examples of fraudulent requests include, but are not limited to:

Impersonating another person. If you make a request, you must do so in your own name or as an authorized agent of another person. If you are an authorized agent of another person, you must disclose that fact and provide proof of the consumer’s authorization. Impersonating another person not only violates our Terms of Use, but it is also fraud.

Obscuring your identity as a consumer making a request. Knowing who is making a request about their information is foundational to the process of completing those requests. It also is against our Terms of Conditions for users to disguise the identity or origin of any message sent to alfacredit.com.

Examples of this include forging headers, using a virtual private network (VPN) to obscure your IP address, or otherwise obscuring or anonymizing your email or IP address. alfacredit.com is happy to comply with your request, but it is essential that we know you are a real person and that you are who you claim to be.

Using automated means to send multiple unverified requests or requests without proof of authorization.

Alfacredit.com is happy to work with third-party authorized agents to process bulk consumer requests and does so successfully with a number of agents. Using automated means to submit multiple or bulk unverified requests, or requests without any proof of authorization, alfacredit.com is against our Terms of Conditions puts a disproportionate load on our systems, and interferes with our processing of legitimate consumer requests

DATA TRANSFERS

ALFACREDIT safeguards personal data stored on the servers in the United States and Europe. We are committed to protecting such GDPR Personal Data in accordance with our obligations under applicable law, such as GDPR Articles 45 to 50, and the Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.

ALFACREDIT relies on EU-U.S. Data Privacy Framework (EU-U.S. DPF) for its servers located in the USA. Alfacredit also relies on EU-U.S. Data Privacy Framework for data transfers to data brokers processors located in the U.S.

In all cases where ALFACREDIT transfers personal data to a third party acting as an agent (processor for GDPR purposes), ALFACREDIT will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require the agent to notify ALFACREDIT if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing;

HOW DO WE SHARE YOUR PERSONAL DATA?

Your personal data will be primarily processed by the employees at ALFACREDIT for the purposes listed above.

We may share your personal data with the following categories of business partners for the above listed purposes: cloud providers, integration tool providers, invoicing tool providers, video conferencing tool providers, webinar partners, contact search engines, and business listing pages.

We do NOT sell your data.

We use non-personally identifiable information to analyze site usage (such as aggregated information on the pages visited by our users), which allows us to improve the design and content of our Site.

In the ordinary course, we use the personally identifiable information you provide solely to respond to your inquiry or process an application form you have completed on various sections of our Web site.

Any data gathered will be shared, if appropriate, with any of the offices or associate companies of alfacredit.com throughout the world, including the United States and any third parties who provide services on our behalf. Personal information that users in the European Union provide to us may be transferred to other countries (including the United States), the data protection laws of which may differ from those of the European Union. You expressly agree to such transfer.

OUR COMMITMENT TO SECURITY

The security of your personal information is important to us. If you enter sensitive information, such as credit card numbers, social security numbers, or Identification cards on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). Alfacredit.com is committed to handling your customer information with high standards of information security.

  1. We store the Personal information that we collect and that you provide is and contained behind a “firewall” and only accessible by those who need to know that information and who have special access rights to our production systems. We maintain physical, electronic, and procedural safeguards that comply with the law to guard your non-public personal information.
  2. We will make all reasonable business efforts to protect your information, but no system can prevent all malicious attacks against our system or commonly used Internet protocols or software (e.g., SSL). Please see our technical pages for more information about the security systems used.
  3. The security of your alfacredit.com account also relies on protecting your alfacredit.com password. You are responsible for maintaining the security of your password. You are solely responsible for any and all activities that occur under your account. You should not share your alfacredit.com password with anyone.
  4. alfacredit.com will never ask you to send your password or other sensitive information to us in an email, though we may ask you to enter this type of information on the Site, which will always have a URL beginning with alfacredit.com. If you receive an email that asks you for your log in information or password, it is not from us, and you should not respond.
  5. Any email or other communication requesting your password, asking you to provide sensitive account information via email, or linking to a website with a URL that does not begin with alfacredit.com should be treated as unauthorized and suspicious and should be reported to alfacredit.com, immediately by emailing [email protected].
  6. If you do share your alfacredit.com password with a third party for any reason, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password.
  7. If you believe someone else has accessed your password, please change it immediately by logging in to your account at com and changing your Profile settings. If you believe that unauthorized access has already occurred, please report it immediately by emailing [email protected]
  8. alfacredit.com may have access to your password and may use such password to access your account for debugging, quality assurance, or other internal purposes.

We employ security measures to prevent unauthorized access to information that we collect online. However, we cannot guarantee the security of your personal information.

YOUR RIGHTS

You have the following rights regarding the processing of your personal data carried out by us:

Right to information and access

Under Article 13 of the Regulation, data subjects have the right to be provided with certain pieces of information that describe their relationship with the controller. You also have the right to request access to your personal data and obtain information from us regarding (among others): the purpose of processing (the Regulation’s right of access set out in Article 15 is in a sense the active counterpart to the more passive right of information in Articles 13 and 14); what categories of personal data are processed; to whom we transfer or disclose your personal data; for what period we process your personal data; your rights in connection with data processing carried out by us regarding your personal data; your right to lodge a complaint with a supervisory authority regarding the processing; in case we collect your personal data from other sources than from you, any available information as to the source; the existence of automated decision-making and related information, including the logic involved, as well as the significance and the envisaged consequences of such processing for you; whether your personal data is transferred outside the EEA and regarding the conditions of these transfers. We will provide you with a copy of your personal data at any time in case you require us to do so.

Right to rectification

You have the right to request us to rectify your inaccurate personal data and to request us to complete your incomplete personal data by means of providing us with a supplementary statement.

Right to erasure

According to article 17 of the Regulation at any time, in writing or verbally, We erase any of your personal data if you request us to do so in the event of the following:

  • your personal data is no longer necessary for the purpose concerned;
  • you withdraw your consent and there is no other legal basis for the processing;
  • you object to the processing and there are no overriding legitimate grounds for the processing (or, in case of direct marketing, you simply object to the processing);
  • your personal data has been processed unlawfully;
  • your personal data has to be erased according to relevant laws.

Please note that we are entitled to not erase your personal data if it is necessary – inter alia – for exercising the right of freedom of expression and information, for compliance with legal obligations, and for the establishment, exercise or defense of legal claims.

Right to restriction of processing

As per article 18 of the Regulation, you have the right to obtain a restriction of processing from us where one of the following applies:

  • you have contested the accuracy of your personal data, in which case you will obtain restriction for a period enabling us to verify the accuracy of your personal data;
  • the processing is unlawful, and you oppose the erasure of your personal data and request the restriction of their use instead;
  • we no longer need your personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or
  • you objected to the processing and the verification is pending whether our legitimate grounds override yours.

Where processing has been restricted, personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of an EU member state.

Right to object to processing

According to art. 21, you have the right to object to the processing of personal data on grounds relating to your particular situation, where the legal basis of the processing activity is our legitimate interest (or the legitimate interest of a third party). We will no longer process the personal data unless we demonstrate compelling legitimate grounds, which override your interests, rights, and freedoms or for the establishment, exercise or defense of legal claims.

You do not need to ascertain grounds relating to your particular situation if your personal data is processed for direct marketing purposes, and we will no longer process personal data if you objected to the processing.

Right to data portability

As per Article 20, if certain conditions are met, you have the right to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller without hindrance from us. You also have the right to have your personal data transmitted directly from us to another controller, where technically feasible.

Right to withdraw your consent.

For the processing operations based on consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing based on your consent before its withdrawal.

Our actions

If you wish to exercise any of your rights, please contact us at the email contact details indicated in this Privacy Notice. We will provide information on the actions taken on your request without undue delay and in any event within one month of the receipt of your request. This period may be extended with a reasoned notification to you by two months where necessary, taking into account the complexity and number of requests. We will take the necessary actions free of charge except when your request is manifestly unfounded or excessive. In case we have reasonable doubts as to the identity of the natural person making the request, we may request additional information necessary to confirm your identity.

In case we do not take any action regarding your request, we will inform you within one month of receipt of your request as to the reasons for and the possibility of lodging a complaint with a data protection supervisory authority and seeking a judicial remedy.

If you have any questions or concerns about the privacy policy for alfacredit.com or its implementation, you may contact us. Or visit our privacy portal.

REMEDIES

In case you do not agree with our response or action, or if you consider that your rights have been infringed, you may lodge a complaint with the data protection supervisory authority in Cyprus or the EU Member State of your habitual residence or place of the alleged infringement, in particular, with the following data protection supervisory authorities:

Please see EU authorities at https://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm.