Privacy Policy

Version 2025.1. January 30, 2025.

Please carefully read this Privacy Policy in order to understand how we will treat the personal information that you provide to us or that we collect from you while you are visiting our web sites; contacting us via mail, email, telephone, fax or instant message; using one of our software or software as a service products; or obtaining due diligence products or services from us. Unless otherwise specified, capitalized terms used herein are defined in Section 3, DEFINITIONS. Residents of certain U.S. states should see Section 12 for a notice of their rights under various U.S. state laws. Please Note: This Privacy Policy does not apply where we act as a service provider or a data processor to any of our customers.

1. WHO WE ARE

This Privacy Policy applies to Stretto, Inc.; its wholly-owned subsidiary Credit Infonet, Inc.; and Credit Infonet, Inc.’s wholly-owned subsidiary, Best Case, LLC (collectively referred to hereafter as, “STRETTO”). STRETTO is the leading provider of information services, software, due diligence products, and practice management solutions to the corporate restructuring and consumer bankruptcy industries. STRETTO offers Consumers and Customers a comprehensive portfolio of innovative products, services and tools that assist in the accurate, efficient, and cost-effective preparation and administration of legal cases. STRETTO’s web sites include  www.*.stretto.com*, www.cingroup.com, www.cinlegal.com,  www.bestcase.com, www.app*.bestcase.com, www.mycaseinfo.com, www.myhorizontoday.com, consumerbankruptcy.stretto.com, www.cp.bestcase.com, www.studentloanify.com, and www.dclmwp.com, and all of the web pages and subdomains thereof (“Stretto Sites” and “Sites”).  STRETTO also offers Customers bankruptcy forms preparation software including Best Case® Bankruptcy and trustee practice management software including Trustee Suite™ (collectively, “Stretto Software” and “Software”), as well as financial reports, consumer credit products and other due diligence services to be used in the investigation and preparation of consumer bankruptcy cases.

STRETTO’s wholly-owned subsidiary Credit Infonet, Inc. (“Credit Infonet”) is by definition a Consumer Reporting Agency (CRA) operating as a Reseller in accordance with the requirements of the federal Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq. Credit Infonet assembles and merges information obtained from multiple consumer reporting agencies but does not maintain a database of the assembled or merged information from which new consumer reports are produced.   STRETTO provides notices of privacy practices and opt-out notices pursuant to 12 CFR Part 1016 (Regulation P) and the Gramm-Leach-Bliley Act (15 U.S.C. § 6802 et seq); and 12 CFR Part 1022 (Regulation V) and the Affiliate Marketing Rule of the FCRA (15 U.S.C. § 1681a(d)(2)). To view STRETTO’s Privacy and Opt Out Notice, please visit www.stretto.com/legal-policies/ and click on Consumer Privacy and Opt Out Notice.

2. INTENDED AUDIENCE
STRETTO’s Sites, Products, Services, and Software are intended for the exclusive use of residents of the United States of America who are 18 or older and other individuals who are

1. an actual or potential party in a Chapter 7, 11, 12, or 13 bankruptcy case pending or to be filed in a United States bankruptcy court as set out in 11 U.S.C. § 109 (a “Party”);
2. an attorney representing a Party in a Chapter 7, 11, 12, or 13 bankruptcy (an “Attorney”); or
3. a trustee assigned to the case of such a Party (a “Trustee”).

STRETTO’s Sites, Products, Services, and Software are not intended to be used by non-U.S. residents or for the purposes of collecting or processing the data of non-U.S. residents, including but not limited to identifiable natural persons who are residents of the European Economic Area (EEA), the United Kingdom, or Switzerland, unless said use has been specifically pre-authorized in writing by STRETTO.

STRETTO’s Sites, Products, Services, and Software are not intended for use by children or for children, and STRETTO does not knowingly collect any information about children. STRETTO defines a child as any individual under the age of eighteen (18). In addition, STRETTO’s Sites, Products, Services, and Software are not intended for use by any non-U.S. residents unless said non-U.S. resident is a Party, Attorney or Trustee as defined in this section.

STRETTO is located in the United States and processes information in the United States. By using any of STRETTO’s Software and Services, including the Sites, you are consenting to your Consumer Information and Personal Information being processed in the United States.

3. DEFINITIONS

“AI Tools” means any artificial intelligence tool used on the Stretto Sites, including but not limited to chatbots such as the Conductor chatbot on the cases.stretto.com domain.

“Affiliated Companies” and “Affiliates” mean companies related by common ownership or control. They can be financial and nonfinancial companies. Stretto, Inc.’s affiliates include nonfinancial companies such as Best Case LLC and Second Bankruptcy Course, LLC; and financial companies such as Credit Infonet, Inc., a consumer reporting agency, and Default Mitigation Management, LLC.

“Aggregated Information” means information relating to a group or category of Consumers, Clients or Customers from which the identities of individual persons have been removed and that is not linked to or reasonably linkable to any Consumer, Client, Customer or household, including via a device. “Aggregated Information” is not Deidentified Information, Consumer Information, or Personal Information (as used in Section 12 below).

“Case Data” means Consumer Information that a Customer inputs or imports into a Stretto Software program. Case Data includes but is not limited to a Client’s name, address, telephone number and email address; bankruptcy petition and schedules; bankruptcy forms, plans, claims register, and other pleadings or filings; and other case-related or consumer-related information, documents, and data. Case Data may include both Publicly Available Data and Non-Public Data.

“Client” means a Consumer who either consults one of STRETTO’s Customers for legal services or has a bankruptcy case assigned to one of STRETTO’s Customers as trustee.

“Conductor” means the artificial intelligence (“AI”) chatbot offered on cases.stretto.com for assistance in searching for and locating publicly available case docket information. Conductor is one of the AI Tools.

“Consumer” means a natural person who is 18 years of age or older, who resides in the United States of America or its territories and who is not a citizen of any country that is a member of the European Economic Area, the United Kingdom, or Switzerland.

“Consumer Information” means all information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or household. “Consumer Information” as used in this Privacy Policy (except for Section 12) includes the term “Personal Information” and any similar terms as defined under the data privacy laws of various U.S. states, and can include Non-Public Data. “Consumer Information” excludes Publicly Available Data, Deidentified Information, Aggregated Information, information subject to the Gramm-Leach-Bliley Act and HIPAA, and other information that is otherwise exempted or excluded by state data privacy laws, but includes information that is subject to the FCRA.

“Customer” means a Consumer who has a continuing contractual relationship with STRETTO by virtue of activating an account at a Stretto Site, ordering or using products or services through the Stretto Sites, and/or using Stretto Software.

“Deidentified Information” means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular Consumer, Client or Customer, provided that a business that uses said Deidentified Information: (a) has implemented technical safeguards that prohibit reidentification of the Consumer, Client or Customer to whom the information may pertain; (b) has implemented business processes that specifically prohibit reidentification of the information; (c) has implemented business processes to prevent inadvertent release of Deidentified information; and  (d) makes no attempt to reidentify the information.  STRETTO will maintain and use Deidentified Information in deidentified form and will not attempt to reidentify any Consumer Information or Personal Information that has been rendered Deidentified Information other than to assess the efficacy of deidentification methods.

“Former Customer” means a Customer who no longer has an active account at a STRETTO Site. We may share information collected from Former Customers in accordance with the terms stated in this Policy.

“Joint Marketing” means the marketing of financial products or services to Customers or Consumers by two nonaffiliated financial companies that have executed a formal agreement regarding said marketing. STRETTO has joint marketing agreements with companies that offer consumer services such as nontraditional credit reporting.

“Nonaffiliated Companies” and “Nonaffiliates” mean companies not related by common ownership or control. STRETTO’S Nonaffiliated Companies may be either financial service providers such as the national credit bureaus; or non-financial companies such as bankruptcy forms preparation software vendors, non-profit organizations approved by the U.S. Dept. of Justice to administer the consumer credit counseling courses required under current bankruptcy law, third-party service providers such as Google Analytics, and third-party entities who may purchase data from STRETTO for their own market research and marketing purposes.

“Non-Public Data” means data that is not available to the general public from any source, government records or otherwise.

“Publicly Available Data” means data that is lawfully available to the general public from any source such as news media, social media, and federal, state, or government records including but not limited to PACER.

“Services” mean STRETTO products and services such as real property appraisals and consumer credit reports that are sold by Credit Infonet, Inc.  Services assist Customers with preparing or reviewing consumer bankruptcy cases and assist Consumers with meeting their obligations under the Bankruptcy Code.

“Sites” and “Stretto Sites” mean STRETTO’s websites, including www.*.stretto.com*, www.app*.bestcase.com, www.cingroup.com, www.cinlegal.com,  www.bestcase.com, www.mycaseinfo.com, www.myhorizontoday.com, www.cp.stretto.com, www.studentloanify.com and www.dclmwp.com.

“Software” and “Stretto Software” mean STRETTO’s bankruptcy forms preparation software programs including Best Case® Bankruptcy and Best Case Cloud Solution™, and its trustee practice management software programs Trustee Suite Cloud™ and Trustee Suite Desktop™.

“STRETTO” and “Stretto Companies” mean Stretto, Inc.; its wholly owned subsidiary Credit Infonet, Inc. d/b/a CIN Legal Data Services; and Credit Infonet, Inc.’s wholly owned subsidiary, Best Case, LLC.

4. CONSUMER INFORMATION WE COLLECT VIA SITES

1. Information Collected.STRETTO may collect and track the following information when Consumers, Customers and/or Clients visit one of our Sites: (1) their home server domain name, type of computer, and the type of Web browser they are using; (2) the Internet Protocol Address of their computer; (3) information they knowingly provide to STRETTO on the Sites (including demographic and personal profile data such as name, postal address, email address and phone number), for example by filling out online order forms, registration forms, surveys, or contest entries, or by providing feedback regarding the Conductor chatbot or any other AI Tool; (4) aggregate and user-specific information on which pages of the Sites they accessed and their activities on our Sites through the use of electronic technologies such as cookies; (5) information they knowingly provide to STRETTO when purchasing or using Services on the Sites; (6) information from documents and forms they knowingly submit via the Sites or portals accessed via the Sites; and (7) information about their transactions with us, our affiliated companies, or others.
2. Collection Methods. STRETTO uses the following to collect Consumer Information via our Sites

1. We use data entry forms on the Sites and on ordering and delivery platforms that are integrated with Sites to collect Consumer Information, as well as any chat interactions between Conductor and Consumers on the Sites, if the Consumer chooses to receive an email with a copy of the chat transcript.

2. We collect data from documents and information that Consumers submit through the Sites or portals available on the Sites. STRETTO uses this information to measure to measure the use of our Sites, the number of visits, the average time spent on the Sites, the pages viewed per visit, and similar information, with the goal of developing ideas to improve the content and flow of our Sites.

3. We use web site analytics, and our web servers automatically collect the domain names, not the e-mail addresses, of visitors to the Sites, as well as certain other information that is not linked to an individual, such as browser type for Conductor users. STRETTO uses this information to measure to measure the use of our Sites, the number of visits, the average time spent on the Sites, the pages viewed per visit, and similar information, with the goal of developing ideas to improve the content and flow of our Sites.4>

4. We use cookies on our Sites to ensure a great browsing experience for you and to show you relevant advertising from us. If you continue to use our website, you are agreeing to us placing cookies on your computer or mobile device (unless you have changed your device or browser settings to prevent this). If you do not allow cookies, then our Sites may not work properly for you. You have the right to delete the cookies placed on your computer or mobile device at any time. However, doing so will prevent our Sites from recognizing you and customizing your experience when you revisit the Sites. For more details on the types of cookies we use on our websites and what they do, please read our Cookie Policy.

5. We use third-party service providers (hereinafter, “TSP”) to collect data from Consumers, Customers, and/or Clients who visit our Sites. The following table identifies TSPs we use, describes the information the TSP collects, tells how the TPS uses the collected data, and gives information on each TSP’s opt out procedures.

• • • Google Analytics includingGoogle Data Studio andGoogle Tag Manager.  Google Analytics uses cookies to collect information such as how often users visit the Sites, what pages they visit when they do so, and what other sites they used prior to coming to the Sites. Google Analytics collects only the IP address assigned to a visitor on the date that visitor visits the Sites. Google Analytics then assigns a user ID code to that visitor. Google does not obtain visitors’ names or other identifying information. We use Google Analytics measurement service on our web sites to understand how visitors engage with the Sites. We use anonymized information obtained from Google Analytics to improve our Sites.

Google Analytics uses collected information to analyze visitors’ use of the Sites, to generate reports about Site activities for website operators and to provide further services related to use of the Sites and the Internet. Google’s Privacy Policy: https://policies.google.com/privacy#intro. How Google Analytics Collects and Processes Data: https://www.google.com/policies/privacy/partners/ How Google Analytics Shares Collected Information: https://policies.google.com/privacy#infosharing How Google Analytics Safeguards Data: https://support.google.com/analytics/answer/6004245. For more information on Google Tag Manager’s terms of service and privacy policy, please visit www.google.com/analytics/tag-manager/use-policy/

If you don’t want Google Analytics to be used in your browser, you can install the Google Analytics Opt-out Browser Add-on by going to https://tools.google.com/dlpage/gaoptout.

• • • Google Analytics includingGoogle Data Studio andGoogle Tag Manager.  Google Analytics uses cookies to collect information such as how often users visit the Sites, what pages they visit when they do so, and what other sites they used prior to coming to the Sites. Google Analytics collects only the IP address assigned to a visitor on the date that visitor visits the Sites. Google Analytics then assigns a user ID code to that visitor. Google does not obtain visitors’ names or other identifying information. We use Google Analytics measurement service on our web sites to understand how visitors engage with the Sites. We use anonymized information obtained from Google Analytics to improve our Sites.

Google Analytics uses collected information to analyze visitors’ use of the Sites, to generate reports about Site activities for website operators and to provide further services related to use of the Sites and the Internet. Google’s Privacy Policy: https://policies.google.com/privacy#intro. How Google Analytics Collects and Processes Data: https://www.google.com/policies/privacy/partners/ How Google Analytics Shares Collected Information: https://policies.google.com/privacy#infosharing How Google Analytics Safeguards Data: https://support.google.com/analytics/answer/6004245. For more information on Google Tag Manager’s terms of service and privacy policy, please visit www.google.com/analytics/tag-manager/use-policy/

If you don’t want Google Analytics to be used in your browser, you can install the Google Analytics Opt-out Browser Add-on by going to https://tools.google.com/dlpage/gaoptout.

• • • Meta Pixel
      Meta Pixel (formerly Facebook Tracking Pixel) uses data tags and cookies to collect information from a webpage’s header, such as a visitor’s IP address or browser, which it then forwards to an advertiser. The advertiser uses the information for the purpose of providing advertising to its customers that is based on the customers’ personal interests.

We use Meta Pixel to monitor how Site Visitors move from one page within our Sites to another, to understand whether Site Visitors have come to our Sites from an online advertisement displayed on a third-party website, to measure how ads have been viewed, and to improve Site performance.

Meta may link information collected from Site visitors to those visitors’ Facebook accounts and/or use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy posted at https://www.facebook.com/privacy/policy.  To object to Meta’s collection and use of your data for the purpose of displaying Facebook ads, visit
https://www.facebook.com/help/109378269482053/?helpref=hc_fnav .

• • • Pendo Analytics
      Pendo Analytics collects the following categories of personal information: Profile or Contact Data, Commercial Data, Device/IP Data, Web Analytics, Social Network Data, Geolocation Data, Professional or Employment-Related Data, Inferences drawn from other personal data collected and other identifying information users choose to provide. To collect this information Pendo Analytics uses cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”).
      We use Pendo Analytics on our web sites to understand how visitors engage with the Sites and the Software as a Service offered through the Sites, and to operate and improve services.

Pendo uses collected information according to its privacy policy which is posted at https://www.pendo.io/legal/privacy-policy/

If you do not want Pendo Analytics to run in your Internet browser, you can configure your browser’s settings to disable existing cookies and to reject new cookies. For more information on browser configurations, please visit https://allaboutcookies.org/how-to-manage-cookies.

• • • X Pixel
      X Pixel (formerly Twitter Tracking Pixel) uses data tags and cookies to collect visitors’ IP addresses, track users’ web browsing, associate users with certain browsers or devices, and associate visitors’ X accounts with information about users visitors’ browsers or devices. X does not associate web browsing history with a visitor’s name, email address, phone number, or X handle. We use X’s Conversion Tracking Program to measure the number of X users that perform a desired action after viewing and engaging with our ads on X. It gives us the capability to measure which of our campaigns drive actions such as site visits, sign ups, and purchases. X’s Privacy Policy: https://x.com/en/privacy

How X uses cookies and similar technologies: https://help.x.com/en/rules-and-policies/x-cookies

If you do not want X to show you interest-based ads on and off of X, there are several ways to turn off this feature:   https://help.x.com/en/personalization-data-settings
and https://x.com/settings/account/personalization

If you are online and want to opt out of seeing interest-based advertising from X in your current browser, visit  www.networkadvertising.org/choices.

• • • AppDynamics includingAPM, Database Visibility, andBrowser Real User Monitoring Software.  AppDynamics collects the following data from Site visitors who are our customers: STRETTO account number, current time, business name, software serial number, user ID and username.  We use AppDynamics’ software products to monitor and analyze the performance of our business applications and the databases and infrastructure that support them.

AppDynamics Privacy Policy: https://www.appdynamics.com/privacy-policy/

To opt out of interest-based advertising, send an email to privacy@appdynamics.com.

5. CONSUMER INFORMATION WE COLLECT VIA SOFTWARE AND SOFTWARE AS A SERVICE

1. . Information Collected.
   1. STRETTO collects the following Consumer Information whenever Customers use one of our Stretto Software products, whether desktop software or software-as-a-service: (a) Customers’ names, addresses and contact information including telephone and email addresses; (b) the Software licensee’s name and serial number; (c) the Internet Protocol Address of licensee’s computer; (d) the identity of the jurisdictions in which licensee is preparing forms using the Software; (e) the package, version and release numbers of the Software and any add-ons installed; (f) the total number of files created by the licensee in the Software; (g) electronic case filing logs that are automatically created by the Software to allow for the maintenance and monitoring of electronic case filing functions; (h) one or more electronic copies of Filed Data, or Case Data that Customers have filed with the United States Bankruptcy Courts using the Software’s electronic filing interface with PACER; and (i) information about Customers’, Clients’ and Consumers’ interaction, transactions and experiences with our products and services.
   2. STRETTO also collects Case Data. Collected Case Data may include but is not limited to the following: (a)a Client’s full name, address, telephone number and email address; (b) any real property owned by the Client, appraisals of the value thereof and any liens against said real property; (c) the identity of Client’s creditors and the amounts Client owes to creditors; (d) the Client’s income; (e) the Client’s personal property, any appraisals of the value thereof, and any liens against said property; (f) additional Client information added to the Software by the Customer; and/or (g) details about claims filed in a Client’s cases.
2. Collection Methods

STRETTO collects Consumer Information from Customers’ use of desktop Software like Best Case Bankruptcy whenever Customers use certain features and on-line services of the Software, including but not limited to using the Software to order STRETTO products and services, using the Software’s “Check for Updates” feature, and using the Software’s electronic filing interface with the United States Bankruptcy Courts. STRETTO collects information from Customers’ use of cloud Software as a service like Best Case® Cloud Solution whenever Customers are logged in to their accounts.

6. CONSUMER INFORMATION WE COLLECT VIA ORDERS FOR SERVICES

1. Information Collected.
   STRETTO collects the following Consumer Information whenever Customers, Consumers or Clients order one of our Services: (1)names, addresses and contact information including telephone numbers and email addresses, of both the ordering party and the parties for whom the Services are being ordered; and (2)information about Customers’, Clients’ and Consumers’ interaction, transactions and experiences with our Services. This information may be either Publicly Available or Non-Public Data.
2. Collection Methods.
   STRETTO collects Consumer Information from Customers’, Clients’ and Consumers’ ordering of Services via an interface integrated in our Software programs or via an online ordering platform.

7. HOW WE STORE COLLECTED CONSUMER INFORMATION

All Consumer Information collected by STRETTO is securely stored following industry-accepted practices and permanently deleted after use. Some data elements are deidentified immediately upon collection and stored as Deidentified Information which is incapable of identifying a Consumer. Other data elements are aggregated immediately upon collection with data elements of other Consumers and stored as Aggregated Information which is also incapable of identifying a Consumer. Still other data elements are stored in the form in which STRETTO collected them and are protected by measures described in Section 10 herein until they are securely and permanently destroyed.

8.HOW WE USE AND SHARE THE CONSUMER INFORMATION WE COLLECT
STRETTO uses and shares Consumer Information collected from Sites, Software and orders for Services in the following ways.

1. For STRETTO’s and Affiliated Companies’ everyday business purposes, which include but are not limited to (1)conducting our core businesses; (2) processing Customers’ orders; (3) maintaining Customers’ and Consumers’ account(s); (4) fulfilling actions initiated through the Software, such as electronic case filings and the processing of a credit card payments; (5) providing customer and technical support, and preventing or addressing service or technical problems; (6) complying with court orders, subpoenas and legal investigations; (7) developing, enhancing, improving positioning, and marketing our core products and services;  (8) conducting internal audits for compliance; (9) conducting secure internal research and development on products and services; (10) conducting statistical analyses of Customers’, Consumers’ and Clients’ behavior; (11) customizing Site and product content; (12) reporting consumer-initiated disputes to the nationwide credit bureaus; and (13) using Deidentified Information, Aggregated Information and Publicly Available Data for developing, training, and improving AI Tools like Conductor; and gaining business insights with the help of AI and automated systems. You cannot limit this sharing and use.
2. For STRETTO’s and Affiliated Companies’ marketing purposes, which include but are not limited to contacting you via calls, emails and/or mailings to (1)offer you our products and services; (2) let you know about updates to the Sites and/or new products and services; and (3) inform you about upcoming events. You can limit this sharing and use.
3. For Joint Marketingby STRETTO and other financial companies. You can limit this sharing and use.
4. For Joint Marketingby STRETTO and other financial companies. You can limit this sharing and use.
5. For Nonaffiliated Companies to use for their general business purposes. You can limit this sharing and use.
6. For Nonaffiliated Companies to use as Aggregated Information or Deidentified Information for their general business purposes You cannot limit this sharing and use.
7. Additional Use and Sharing of Consumer Information.  STRETTO may disclose Consumer Information as is necessary to: (1) comply with a subpoena or court order; (2) cooperate with law enforcement or other government agencies; (3) establish or exercise our legal rights; (4) defend against legal claims; (5) help with internal and external investigations; or (6) as otherwise required by law or permitted by law. In addition, STRETTO may disclose Consumer Information (7) in connection with the sale or merger of STRETTO or any transaction that involves the sale or assignment of some or all our assets; or (8) if you or STRETTO become the subject of a petition in bankruptcy or any proceeding relating to insolvency, receivership, liquidation or assignment for the benefit of creditors.  You cannot limit this sharing and use.In the event that STRETTO should be requested or required (as by subpoena, civil investigative demand or similar process) to disclose any Consumer Information that is input into, accessed through or maintained or stored in a database related to the Sites or Software to any third party, STRETTO will use reasonable efforts to notify Consumers, Customers, or Clients, as applicable, so that these individuals may seek a protective order or take other appropriate action. Notwithstanding, STRETTO shall have no liability to Consumers, Customers, or Clients or any third parties for disclosing such Consumer Information as contemplated by the previous sentence even if the individuals involved were not afforded sufficient time to seek a protective order or to take other appropriate action.When you are no longer our Customer, STRETTO will continue to share your Consumer Information, Personal Information and/or Non-Public Information as described in this notice. However, you can contact us at any time to limit our sharing according to the terms set out herein.
8. Statement on Information Collected Pursuant to SMS Consent.  Notwithstanding paragraphs A – F of Section 8 herein, STRETTO does not share any information collected as part of a consent for SMS texting, including telephone numbers, with any Affiliated or Nonaffiliated Companies, except as set out in paragraph G of Section 8 herein.

9. HOW TO LIMIT OUR SHARING AND USE

If you are a Client and would like to limit our sharing of your Consumer Information and/or opt out of receiving marketing communications, you should visit us online at https://account.myhorizontoday.com and navigate to “My Accounts”. If you are a Customer or other Consumer, you may use the Consumer Privacy and Opt-Out Form available at https://stretto.com/legal-policies to limit our sharing and/or opt out of marketing communications.  Finally, all Consumers may limit our sharing and/or marketing communications by calling 1.866.218.1003, emailing a request to Legal@stretto.com, or writing to STRETTO, ATTN: Opt-Out, 410 Exchange, Ste. 100, Irvine, CA 92602.  Please Note: Residents of certain U.S. states have additional rights. Please refer to Section 12 for more information.

10. HOW WE SAFEGUARD CONSUMER INFORMATION

1. 1. STRETTO uses security measures that comply with federal laws and regulations and industry best practices to protect Consumer Information and Non-Public Data from unauthorized access and use. These measures include network security, computer safeguards, file encryption and secured-entry worksites as well as procedural safeguards and employee training on maintaining information security. However, due to the prevalence of security threats such as malicious hackers and zero-day attacks, we cannot guarantee that your information will never be unlawfully intercepted or accessed.
   2. Neither STRETTO nor our affiliates will ever send a request via e-mail for Consumer Information (e.g., social security number, account number, date of birth, etc.). If you receive an e-mail appearing to come from STRETTO or one of its affiliates asking for Consumer Information, please contact the appropriate department below so that we can take the proper action to protect you.

For communications regarding Trustee Suite™ by Stretto and Stretto’s document portal

Mail: STRETTO, 410 Exchange, Ste. 100, Irvine, CA 92602
Phone: 1.800.634.7734
Email: web-webmaster@stretto.com

For communications regarding Best Case® by Stretto, Stretto Due Diligence Services, and/or the Best Case® by Stretto client portal

Mail: STRETTO, 410 Exchange, Ste. 100, Irvine, CA 92602
Phone: 1.866.218.1003
Email: CINCLR@stretto.com

11. CONTACTS FOR CHANGES AND ADDITIONAL INFORMATION; UPDATES TO THIS

POLICY

1. If you have questions or concerns regarding this Policy or the protection of your Consumer Information or privacy rights, or you would like to update or correct information you have provided us, you can do so by emailing us at Legal@stretto.comor calling us at 1.866.218.1003
2. For additional information about privacy or consumer reporting, visit the following Web sites:
   • Consumer Financial Protection Bureau: www.cfpb.org
   • TransUnion: www.transunion.com/corporate/personal/personal.page
   • Consumer Data Industry Association: www.cdiaonline.org
   • Experian: www.experian.com/consumer/credit_education.html
   • Federal Trade Commission: www.ftc.gov
   • Equifax: www.econsumer.equifax.com
3. STRETTO may update this Privacy Policy at any time. We will post the updated version on the SITES. Please check this page periodically for any updates to our information practices.

12. STATE PRIVACY RIGHTS.

This section has been incorporated into STRETTO’s Privacy Policy to comply with the consumer data privacy laws of various U.S. states, including but not limited to California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey , Oregon, Texas, Utah, and Virginia (“State Privacy Laws”). For purposes of this Section 12, the terms “Personal Information” and “Sensitive Personal Information” include the terms “personal data” and “sensitive personal data” and any similar terms as defined under State Privacy Laws.  All other capitalized terms shall have the meanings ascribed to them by Section 3 “Definitions” in this Privacy Policy. Please Note: “Personal Information” as used in this Section 12 excludes Publicly Available Information, Deidentified Information, Aggregate Information, information subject to the FCRA, Gramm-Leach-Bliley Act, and HIPAA, and other information that is otherwise exempted or excluded by State Privacy Laws.

1. Depending on your jurisdiction, you may have the following rights, subject to certain exceptions and limitations under applicable law:
   1. Right to Know/Disclosure Right. You have the right to request a disclosure of the Personal Information collected, sold, and shared about you over the past 12 months and the purpose for doing so. If you are a consumer or employee living in an applicable jurisdiction and you submit a verifiable request for disclosure, we will provide you with the following information. Please be aware that the disclosure results will not include credit report information, certain health information, financial information or driving records.
      • • The categories of sources from which we collect Personal Information;
        • The specific pieces of Personal Information we have collected about you;
        • Our business or commercial purpose for collecting, selling or sharing Personal Information;
        • The categories of Personal Information about you that we sold or shared;
        • The categories of third parties to whom we sold or shared the Personal Information about you; and
        • The categories of Personal Information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose.The categories of Personal Information we have collected about you;
   2. Right to Deletion. If we collected Personal Information from you, you may have the right to request the deletion of this Personal Information.
   3. Right to Correct. You may have the right to request correction of inaccurate Personal Information that we have about you.
   4. Right to Opt-Out of the Sale of Personal Information or the Sharing, Use, or Processing of Personal Information for Targeted Advertising. You may have the right to opt out of the sale of your Personal Information to third parties, or the sharing, use or processing of your Personal Information by third parties for targeted advertising.
   5.  Right to Opt Out of Profiling/Automated Decision Making. STRETTO does not use Personal Information for the purposes of any profiling or automated decision making that produces legal effects or similarly significant effects.
   6. Right to Limit Use and Disclosure of Sensitive Personal Information. You may have the right to limit how we use your Sensitive Personal Information to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services.  STRETTO does not collect or process any Sensitive Personal Information for the purpose of inferring characteristics about a Consumer, and therefore, this right is unavailable.
   7. Right to Be Free from Discrimination. You have the right to be free from discrimination and/or retaliation for exercising any of these rights. STRETTO will not discriminate against you for exercising any of your rights under State Privacy Laws. However, if you choose to block or deny certain cookies or other technologies, certain parts of the Sites may not function for you.
   8. Right to Opt-In to the Sale of Personal Information for Children.  We do not knowingly collect, sell, or share the Personal Information of any minor under the age of 18.
   9. Right to Appeal. If you believe we have denied any of your privacy rights in error, you have the right to appeal our decision. To appeal, please contact us by email at Legal@stretto.com and include the words “Privacy Rights Appeal” in your subject line.
2. Personal Information STRETTO Collects. In the past 12 months, we have collected the following categories of Personal Information:
   1. Identifiers. Examples include a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
   2. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“customer records information”). Examples include a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.
   3. Commercial information. Examples include products or services purchased, obtained, or considered or other purchasing or consuming histories or tendencies.
   4. Internet or other electronic network activity. Examples include browsing history, search history and information on a Consumer’s interaction with a website, application, or advertisement.
   5. Rough geolocation. STRETTO collects IP addresses, which can provide an approximate geolocation of city and state.
   6. Professional or employment-related information. Examples for STRETTO employees include current or past job history or performance evaluations; and log in credentials for company-owned applications. Examples for job applicants not employed by STRETTO include verification of past and current employment and education verification.
   7. Sensitive personal information. STRETTO may collect a Client’s government identifier such as a state-issued driver’s license or a passport to process an order for a credit report product for that Client.  STRETTO may collect its employees’ sensitive personal information in the following categories for its everyday business purposes such as human resources management:  government identifiers, financial account information, communication contents, health information, criminal convictions, and citizenship and immigration status.
3. Personal Information and Sensitive Personal Information STRETTO does Not Collect. We have not collected the following Personal Information or Sensitive Personal Information:
   1. Protected classification characteristics under State or federal law.  Examples include age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
   2. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) Examples include education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
   3. Sensory data. Examples include audio, electronic, visual, thermal, olfactory or similar information.
   4. Inferences drawn from other Personal Information to create a profile about you reflecting your preferences, characteristics, behavior, attitudes and aptitudes, intelligence and abilities.
   5. Biometric information.  Although STRETTO may record incoming calls to its customer support telephone numbers for internal use in employee training and quality control, it does not use the audio files to identify people.
4. Sources STRETTO Uses to Collect Personal Information. We collect Personal Information and Sensitive Personal Information from the following categories of Sources:
   1. Individuals themselves when they visit our Sites, use our Software and/or order our Services;
   2. Consumer Reporting Agencies, such as Experian, TransUnion and Equifax;
   3. Online and Mobile Websites & Applications, through Cookies and web site analytics Service Providers such as Google Analytics;
   4. Other Authorized Data Compilers;
   5. Public Records, such as judgments and foreclosures;
   6. Publicly available information sources;
   7. Publishing Product Companies, such as LexisNexis;
   8. Government Entities, such as the Internal Revenue Service;
   9. Attorneys representing individuals in bankruptcy cases; and
   10. Trustees assigned to the bankruptcy cases filed by individuals.
5. Why STRETTO Collects, Uses, and Shares Personal Information. We collect, use, and disclose the Personal Information and Sensitive Personal Information described in Section 12. B. for one or more of the following commercial and business purposes:
   1. STRETTO’s Commercial Purposes. Our Commercial Purposes include marketing, developing insights as to consumer interests and behaviors, keeping contact information up to date and relevant and enabling relevant and personalized marketing messages.
   2. STRETTO’s Business Purposes. Our Business Purposes include internal research, product development, auditing, quality control, improving our services, legal compliance, order fulfillment, identity verification, maintaining and servicing accounts, providing customer service, and detecting security incidents and protecting against fraudulent or illegal activity.
   3. Affiliated Companies’ Business and Commercial purposes, including marketing, internal research, product development, order fulfillment, quality control and providing customer service.
   4. Joint marketing by STRETTO and other financial companies.
   5. Nonaffiliated Companies’ Business and Commercial Purposes, including marketing, internal research and product development.
6. Recipients of Personal Information and Sensitive Personal Information.STRETTO discloses Personal Information and Sensitive Personal Information for the business purposes identified in Section 12. E. 1 and 2 to the following recipients: service providers, including analytics providers, Affiliated Companies, public or government entities, consumer reporting agencies, operating systems and platforms, Internet service providers.STRETTO has disclosed the following categories of Personal Information and Sensitive Personal Information for a business purpose in the past twelve months: identifiers, commercial information, customer records information, internet activity or network activity, and professional or employment related information.State Privacy Laws may consider STRETTO to be “selling” or “sharing” Personal Information to the following recipients: Affiliated Companies, financial company partners, nonaffiliated companies such as Experian and TransUnion, analytics providers, and marketing partners.STRETTO has “sold” or “shared” the following categories of Personal Information in the past twelve months: identifiers, commercial information, customer records information, internet and network activity, inference data, and professional or employment related information.STRETTO does not “sell” or “share” Sensitive Personal Information
7. Retention of Personal Information and Sensitive Personal Information. STRETTO retains collected Personal Information, including Sensitive Personal Information, only as long as reasonably necessary for the effectuation of each disclosed purpose for which the information was collected and as required by applicable law.
8. Making a Privacy Rights Request. To make a privacy rights request, please contact us using one of the methods described below. In order to verify your identity and process your request, we will require you to provide us with your first name, last name, and mailing address. We may require additional information from you to verify your identity or understand the scope of your request. Only you or someone legally authorized to act on your behalf may make a request related to your personal information. To designate an authorized agent to act on your behalf, please submit your request by U.S. Mail and include a signed authorization permitting a named person to request information as your agent.
   1. Request by Email:  Email your request along with your name and address to Legal@stretto.com and include “Privacy Request” in your subject line.
   2. Request by Form:
      1. Fill out the Form(s) for the request(s) you are making.
         • Do Not Sell or Share My Personal InformationYou may also opt out of the “sale” or “sharing” of Personal Information by blocking or refusing cookies or other tracking technologies. Please consult our Cookie Policy for more information.
         • Disclose, Correct or Delete My Personal Information
      2. Return the Form(s)
         • BY FAX to 1.866.307.1003, or
         • BY EMAIL to Legal@stretto.com, or
         • BY MAIL to STRETTO, ATTN: Privacy Rights Request, 410 Exchange Ste, 100, Irvine, CA 92602.
   3. Request by Telephone:Please call 1.866.218.1003 between the hours of 8:00 a.m. and 8:00 p.m. ET, Monday – Friday.
   4. For Appeals: Email us at Legal@stretto.com and include the words “Privacy Rights Appeal” in your subject line.
9. Contact Information. For questions or concerns about Stretto’s State Privacy Rights policy or practices, please call us toll free at 1.866.218.1003 between the hours of 8:00 a.m. and 8:00 p.m. ET, Monday – Friday; or email us at Legal@stretto.com.