1. Privacy Policy Overview:
As one of the nation’s leaders in the debt collection and receivables management industry, Financial Recovery Services, Inc. is committed to conducting its business affairs and relationships according to the rules and guidelines that are compliant with industry self regulatory principles set forth by the American Collectors Association (ACA), the Debt Buyers Association (DBA), the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC), and various state banking regulatory agencies. We realize the importance of customer privacy and accept our responsibility to keep consumer and customer nonpublic personal information private and safe.
This Privacy Policy discloses the privacy practices of Financial Recovery Services, Inc (“FRS”, “us,” or “we”). We are committed to protecting your privacy. As one of the nation’s leaders in the debt collection and receivables management industry, FRS recognizes and respects the privacy expectations of today’s consumers and the requirements of applicable federal and state privacy laws. We believe that making you aware of how we collect and use your non-public personal information (Personal Information), and to whom it is disclosed will form the basis for a relationship of trust between the public and us. This Privacy Policy provides that explanation.
FRS’ website is located at www.fin-rec.com (its "website") is not intended for individuals less than the age of eighteen and FRS does not knowingly collect data relating to individuals less than the age of eighteen.
Nothing in this Privacy Notice is intended to contradict your rights under the Fair Debt Collection Practices Act. FRS will not disclose any information to third parties that is otherwise prohibited by the FDCPA.
2. The Gramm-Leach-Bliley Act:
On November 12, 1999, the president signed Public Law 106-102, the Gramm-Leach-Bliley Act. (“G-L-B Act”) (Much of the Act will be found in 12 U.S.C.) This act, many years in the making, repealed the Depression era prohibition against banks, insurance companies, and/or stock brokers/underwriters from being commonly owned.
It also created new consumer information privacy and anti-disclosure policies for a wide range of entities, including collection agencies. The law required the banking regulatory agencies, the Securities and Exchange Commission (SEC), and the Federal Trade Commission (FTC) to adopt rules by mid May 2000.
Under the Act, all financial institutions must provide notification to each of their customers outlining their specific privacy policies related to the sharing of nonpublic personal information. If the institution does or intends to share such information with a nonaffiliated third party, they must first provide the customer with the option to request an opt-out. If the customer elects to opt-out, the nonpublic information may not be shared with any nonaffiliated third parties except under certain circumstances.
3. Customer Defined:
A “customer” is a consumer who has a “customer relationship” with the institution. A “customer relationship” means a continuing relationship with the debt buyer or the “financial institution.” Once a debtor on purchased debt has been located or an attempt has been made to collect on a purchased debt, a “customer relationship” with that debtor is established and the Act guidelines must be followed. Accounts that are still owned by the originator and that are being collected for on behalf of the original creditor (contingency collection services), are not subject to the notification rules as set forth in the Act. These debtors are considered “customers” of the original creditor, who is obligated to the notification rules and guidelines of the Act. However, the disclosure rules and regulations of the FDCPA must be strictly applied and adhered to.
4. Nonpublic Personal Information Defined:
Nonpublic personal information is defined as any personally identifiable financial information provided by the consumer to obtain a financial product; or resulting from transactions with that product; or information the “financial institution” obtains about the consumer in connection with that product (e.g., credit bureau information). For example: Social Security number; driver’s license numbers (in some states); place of employment or work telephone number; non-listed home phone; where the consumer banks; details about the particular account. Other examples of nonpublic personal information include: account balances; payment histories; transaction history; or any information that discloses that this individual has a financial relationship with the institution. This type of information is governed and restricted by the Gramm-Leach-Bliley Act.
5. Public Personal Information Defined:
Public personal information (or information which the “financial institution” reasonably believes is publicly available) can be disseminated without restriction under the Act and regulations; this type of information includes:
Motor vehicle ownership, drivers’ license information (in some states) and real estate ownership data, which have been, derived from public records; addresses and phone numbers from paper or electronic. Information obtained from any website which can be accessed by anyone without restriction (paying a fee for this information is not a restriction). Presumably, and the regulations do not mention it, information about a debtor that is publicly available in court records (e.g., banks successfully garnished for a debtor; employers successfully garnished for a debtor; existence of a debtor’s Chapter 7 or Chapter 13 filings) are examples of “public personal information” not subject to this regulatory regime.
However, you cannot disclose data about the debt or financial relationship to third parties unless that transaction is a matter of public record (for example, real estate mortgages).
These “public” data can be exchanged with third parties without privacy notices because the data is not “nonpublic personal information.” HOWEVER, as a “debt collector” under the Fair Debt Collection Practices Act (“FDCPA”), there are other restrictions on disclosure of any data about a debtor and his/her debt that are NOT supplanted or superseded by the privacy regulations. Familiarize yourself with the FDCPA and consult legal counsel before you transfer information about a debtor and his/her debt to a third party.
6. Privacy Notifications:
Privacy notifications will be sent to every account that Financial Recovery Services, Inc. has purchased and whereby a “customer relationship” has been created. All active accounts that maintain a “customer relationship” according to the Act’s definition will receive annual privacy and opt out notifications.
7. Opt Out Rights of Customers:
If a “customer” requests that information not be shared with any nonaffiliated third party, that request must be honored. The customer is provided with a Toll Free number to call to make these requests. Once these requests are received they must be fully documented on the account and the request must be honored. Only in certain circumstances as outlined in the Act can information then be shared, such as court orders, etc.
8. Authorized Access to Customer Information:
Access to “customer” information is restricted to legitimate Financial Recovery Services, Inc. business and is limited to only those employees’ that have a legitimate purpose. Access to customer information is restricted based on “need to know” and all systems must be configured in conformance to the “least privilege” standard. Customer information must be safeguarded through all means available including physical and electronic means. All unauthorized access to customer information is strictly prohibited.
9. Skip-Tracing:
The Act does not prohibit the sharing or transfer of “public personal information” nor does it prohibit any lawful utilization of such information for legitimate business purposes. However, the Fair Debt Collection Practices Act must be strictly applied to third party disclosures and inquiries. The success of future skip-tracing attempts may be affected by other creditors’ application of the Act.
If skip-tracing calls are received by representatives of Financial Recovery Services, Inc., the representative must be careful to only disseminate public personal information according to the Act and FDCPA guidelines.
10. Fraudulent Attempts to Obtain Information:
Employees of Financial Recovery Services, Inc. must be careful in safeguarding the nonpublic personal information of the customers of its clients. In the event that a representative becomes suspicious of a third party’s attempt to fraudulently obtain nonpublic personal information, they should immediately report this suspicious activity to management. Financial Recovery Services, Inc. goal is to preserve the integrity of its operations and the collection industry by safeguarding sensitive materials and data.
11. Conformance with Applicable Industry Standards and “Certifications”
Financial Recovery Services will adapt and comply with the security and operating Standards applicable to the asset recovery industry and required by FRS clients. Such Standards include, but are not limited to, the Payment Card Industry Data Security Standard (PCI-DSS), the ISO27001, the SSAE16 (SOC 1 or SOC 2), Gramm-Leach Bliley Act. This adherence will include the body of standards set forth by each of the above as well as the ancillary operations which may include external and internal network vulnerability scans and penetration testing by a Qualified ASV at the intervals recommended. Such penetration testing will include both the network and application layers and will also be performed following any significant infrastructure or application upgrade or modification which may conceivably alter the security and integrity of the environment.
12. Information We Collect
Financial Recovery Services may collect, use and store different types of personally identifiable information. This information includes business and personal contact information, such as your name, address, email address, telephone number, personal identification number, Social Security number, file number and payment information. Newtek Clearing House may also collect and use your personal information, including your name, address and payment information.
We may have collected the following categories of personal information from consumers within the last 12 months:
| Categories of Personal Information | Examples of Specific Types of Personal Information Collected | Collected |
|---|---|---|
| A. Identifiers | A real name, alias, postal address, email address, telephone numbers, Internet Protocol address, account number, Social Security number, date of birth, or other similar identifiers. | Yes |
| B. Personal Information categories listed in California Customer Records Statute (Cal. Civ. Code §1798.80(e)) | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | Yes |
| C. Protected classification characteristics under California or Federal law | Age (40 years or older), veteran or military status | Yes |
| D. Internet or other electronic network activity information | Information regarding a consumer’s interaction with an Internet Web site, application, or advertisement. | Yes |
| E. Geolocation data | Physical location. | Yes |
| F. Professional or employment-related information | Current or past job history. | Yes |
| G. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | Yes |
13. How We Use Your Information
Financial Recovery Services may use your personal information for authentication purposes, to update your contact information and to process payments on your account. Financial Recovery Services will retain your personal data in line with its retention policy and will delete the information once it is no longer needed, after which it will be deleted or anonymized.
Personal information is collected solely for the purpose of debt recovery in a lawful manner and remains part of our records until we determine the information is no longer needed, or we are required by law to delete such information. We will collect the minimum amount of data necessary to collect a debt.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. We do not sell and will not sell your personal information.
14. How We Collect Your Information
Financial Recovery Services collects your personally identifiable information when you update your personal information on the website and when you make a payment, either by credit card or by check.
We collect most of this personal information directly from our clients for whom we provide services to, as well as from you by telephone, written correspondence through the mail, email or fax, by viewing public social media/network pages, or other information available online. However, we may also collect information:
15. How We Share Your Information
Financial Recovery Services does not disclose personal information it obtains about you, except as provided in this Privacy Policy. Financial Recovery Services may share personally identifiable information obtained on its website with financial institutions, such as banks, credit unions or clearing houses.
FRS may share personally identifiable information it collects with its employees who need to know that information to service your account. Except as provided below, FRS does not share or disclose any personally identifiable information to any company or marketing group external to FRS. FRS may share your personal information with third parties to the extent it is reasonably necessary to manage or service your account, verify employment, determine location, process payment, fulfill a transaction, provide customer service, or as otherwise authorized by law. Further, FRS may disclose personally identifiable information (i) to another entity with which FRS enters or reasonably may enter into a corporate transaction, such as, for example, a merger, consolidation, acquisition, or asset purchase, (ii) to a third party pursuant to a subpoena, court order, or other form of legal process or in response to a request by or on behalf of any local, state, federal, or other government agency, department, or body, whether or not pursuant to a subpoena, court order, or other form of legal process, or in connection with litigation brought against, or on behalf of, FRS, where appropriate, (iii) to a third party if determined by FRS in its sole judgment that such disclosure is appropriate to protect the life, health, or property of FRS or any other person or entity, all in compliance with applicable law, (iv) to third parties as authorized or designated by you, or (v) to conduct any other legitimate business activity not otherwise prohibited by law. The foregoing is not intended to obviate or displace any legal obligations or duties applicable to FRS. Except as necessary for FRS to provide the services, information, or products requested by a website user, or except for the disclosures identified in the preceding paragraphs, the user may opt out of having his or her personally identifiable information, which has been voluntarily provided to FRS through or from its website, prospectively retained by FRS, used by FRS for secondary purposes, or disclosed by FRS to third parties. E-mail posted or sent to FRS may not be secure against interception by unauthorized individuals. To protect against interception by unauthorized individuals, or because we can not verify your identity, we may be unable to respond to e-mail requests concerning accounts placed for collection unless you have requested or authorized us to do so.
Sharing your information with Consumer Reporting Agencies
Consumer Reporting Agencies (CRAs) collect and maintain information on consumer and business credit profiles on behalf of organizations in the United States. We may share information about you with CRAs and may carry out periodic searches with them to verify your identity or manage your account. Details of your account(s) with us may be sent to CRAs and recorded by them. This information may be supplied by CRAs and may be used and searched by us and other organizations, such as debt collection agencies, in order to:
FRS may furnish account information to Experian, Equifax, and Trans Union.
You have a right to obtain an annual copy of your credit file from CRAs by visiting
https://www.annualcreditreport.com.
16. Your Rights and Choices
Financial Recovery Services offers you certain choices in connection with the personal data it collects from you, including:
Your FRS Account: You may review, update and correct your contact information, including your telephone number and email address, after logging in to the website, or by calling our office.
Your Choice to Decline Cookies: You may adjust your browser settings to decline cookies if you do not want to accept FRS' cookies. However, declining cookies may affect proper operation of FRS' website.
Your Payments: You can elect not to utilize the payment portal of FRS' website and not to make payments via credit card or check.
If you have any questions regarding any of these choices, please contact FRS.
Our Contact Address is:
Financial Recovery Services, Inc.
1345 Mendota Heights Road, Suite 100
Mendota Heights, MN 55120
Toll-free Telephone Number: 866-438-2860
17. How Long We Keep Your Information
FRS will retain your personal data until we determine the information is no longer needed, or as otherwise required by law.
18. How We Protect Information
FRS has implemented physical, electronic, and procedural security safeguards to protect against the unauthorized release of or access to personal information. We employ internal and external system safeguards designed to protect confidentiality and security of personal information.
The confidentiality of any communication or material transmitted to or from FRS via the website or via e-mail cannot be, and is not, guaranteed. You acknowledge that the technical processing and transmission of the website’s content may be transferred unencrypted and involve: (a) transmissions over various networks; and (b) changes to confirm and adapt to technical requirements of connecting networks or devices.
We will collect the IP Address of all visitors to the FRS website for internal security and other proprietary purposes. We do not release this data outside of our corporate team nor utilize the data other than for internal purposes.
If any questions arise about security, please contact FRS using the information provided above.
19. ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS
The state Rosenthal Fair Debt Collection Practices Act and the federal Fair Debt Collection Practices Act require that, except under unusual circumstances, collectors may not contact you before 8 a.m. or after 9 p.m. They may not harass you by using threats of violence or arrest or by using obscene language. Collectors may not use false or misleading statements or call you at work if they know or have reason to know that you may not receive personal calls at work. For the most part, collectors may not tell another person, other than your attorney or spouse, about your debt. Collectors may contact another person to confirm your location or enforce a judgment. For more information about debt collection activities, you may contact the Federal Trade Commission at 1-877-FTC-HELP or www.ftc.gov.
Nonprofit credit counseling services may be available in the area.
California Residents - Your Legal Rights
If you wish to exercise any of these rights, please contact FRS by doing one of the following:
If you choose to contact directly by [email/phone/in writing], you will need to provide us with:
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.
20. Links To Other Websites
Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide while visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
21. Updates to Our Online Privacy Policy
Financial Recovery Services may update its Privacy Policy periodically and without prior notice to you. Financial Recovery Services will provide the updated version of its Privacy Policy on its website and list when it was last revised.
22. Privacy Policy Effective Date:
FRS may change this Privacy Notice at any time. Notice of any new or revised Privacy Notice, as well as the location of the new or revised statement, will be posted on the website after the change. It is the obligation of users visiting the website before the change to learn of changes to the Privacy Notice since their last visit. Last Updated: [05/03/2022]