What type of information we process
- Order Data regarding orders you make online with Merchants
- Account Data regarding your account with Merchants
- Device Data
- Customer Activity on Merchant Platforms
- Geo-location when conducting a transaction on Merchant Platform
- Enriched data
- Inquiries you send to us
How we collect information
With full Merchant consent, Forter collects information utilizing Forter software installed on Merchant Platforms which is used to analyze Customer use of the Merchant Platform, information provided by Merchants, and data enrichment information from public sources and/or trusted service providers.
How we use collected information
Forter collects and uses information to help prevent malicious actors from conducting payment fraud or violating Merchant’s business policies and to allow a smoother and safer e-commerce shopping experience for non-malicious users.
With whom we share information
We do not rent, sell, or share Customers’ Personal Information. We share Customers’ Personal Information with third parties only in connection with our services to the Merchant, and only with select trusted third party service providers. This includes use of services to enrich data or to normalize the format of the data (e.g. validate address format). Such services are used by Forter while sharing the minimum information necessary. Forter may also share your information with law enforcement, compliance monitoring, or arbitrators for legal reasons or in the event of a dispute.
How we safeguard information
Forter employs industry best practices and regularly commissions third party audits and certifications to ensure the security and confidentiality of customer information.
Forter (“we” or the “Company”) has set a goal to fight online fraud. Our fraud solution provides merchants who use our expertise and proprietary technology (“Merchants”), with real-time and automated decisions for online transactions made by Merchants’ customers (“Customers”).
When a Customer lands on any of the Merchant’s websites or applications (“Merchant Platforms), and subject to a full Merchant consent, we process relevant information pertaining to the Customer usage of the Merchant Platforms and compare it to known fraudulent behavioral trends in order to protect the Merchant from fraudulent activity while allowing the Merchant to provide a seamless customer experience for non-fraudulent Customers (the “Services“).
Our Services not only help Merchants, but also provide a much safer and better online shopping experience for Customers, as they help prevent a customer account takeover by a fraudster, allow Customers to get rid of the delays in order confirmation, and minimize potential mistaken rejection of transactions, which can make shopping online very frustrating.
- What type of information we process
- How we collect Customers’ information
- Our usage of Cookies
- How we use the information
- With whom we share the information
- For how long we retain the information
- How we safeguard the information
- How to contact us
What type of information we process
Forter processes information provided from Forter’s Merchants which includes both non-identifiable information pertaining to the customer and Personal Data. This includes the following categories of data:
- Order Data. Details of orders placed with the Merchant such as your name, email, the items you purchased, price paid, shipping information. We also receive basic information about your payment and billing method, but do not collect or keep your complete credit card number.
- Account Data. A subset of the preferences stored on your Merchant e-commerce account.
- Device data. Information about the personal computer or mobile device you use to access the Merchant Platform. This may include technical information transmitted by Customers’ device, including certain software and hardware information such as the browser used to access the site, the device model and operating system, language preference, unique device identifiers, and the Internet Protocol (IP) address through which you accessed the Merchant Platform.
- Customer Activity. Information regarding Customer’s activity on the Merchant Platform such as the time and frequency of access, the referrer page domain, pages viewed, and interactions between the Merchant and the Customer.
- Geo-location data. If the Merchant’s mobile app has the relevant permissions, we may receive your precise geo-location when you actively use the app. When you access Merchant Platforms through the Merchant’s website we will collect your approximate geo-location.
- Enriched Data. We also cross-reference, verify, and enhance the accuracy of the data outlined above using publicly available third-party sources such as online search engines, online ‘white pages’, and online mapping services.
- Inquiries. If you contact us for questions or complaints, we will collect the information related to your inquiry and to verify your identity. This may include your name, email address, postal address, telephone number and other contact information, depending on the nature of your inquiry.
If we combine Personal Data with non-identifiable information, the combined information will be treated by us as Personal Data for as long as it remains combined.
How we collect information
We use three main methods to collect information, which relates to Customers:
- With full Merchant consent, we collect information through Customers’ use of any of the Merchant Platforms. In other words, when the Customer is using the Merchant Platform we may gather information relating to such usage.
- We collect information, which the Customer voluntarily provides to the Merchant or shares on the Merchant Platforms and which is provided to us by the Merchant. For example, we use Personal Information that the Customer discloses on the Merchant Platforms (e.g. delivery address, partial credit card number, etc.), when the Customer wishes to conduct an online transaction.
iii. We collect information which is available via public websites, social networks, etc. and from our trusted service providers and is relevant to our Services. For example, we may collect information such as phone type (e.g. mobile, landline, etc.), age and gender from different resources across the web and perform social network analysis in order to support our analysis of a transaction and the assessment of whether or not a transaction is suspected as fraudulent.
A “cookie” is a small piece of information that the Merchant’s website assigns to the Customer’s browser while the Customer is browsing such website. Cookies are very helpful and are used by us for the purpose of gathering relevant information in order to detect possible online and identity frauds.
We use ‘session cookies’, which are stored temporarily during a browsing session and are deleted from Customer’s device when the browser is closed, and ‘persistent cookies’, which are saved on Customer’s device for a fixed period and are not deleted when the browser is closed.
The Customer may disable the storage of and/or remove the cookies via his browser settings.
How we use the information
- To provide our Services to Merchants to detect fraudulent activity and policy abuse by Customers on Merchant Platforms;
- To conduct fraud detection analysis, enrich our database and improve its accuracy;
- To support and troubleshoot our Services;
- To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.
With whom we share the information
We may share Personal Information which relates to the particular Merchant from whom the information was collected in order to provide our Services. This includes sharing of information regarding each transaction decision the Merchant initiates and access to our ‘Decision Dashboard’;
In addition, in order to provide our Services, we may share Personal Information with (i) affiliated companies within the Forter group of companies, as listed below; (ii) our service providers, in connection with performance of the Services, including (a) enrichment services with whom specific data points – typically already known to the enrichment service – are transmitted securely and without the transaction context in order to enrich the data or format it. For example, shipping addresses, without an individual’s name/phone/etc., are normalized using a dedicated address validation provider; (b) third party service providers (e.g. cloud web services for storing information on our behalf or processing information); and (c) subcontractors such as chargeback dispute agencies.
All third party services are evaluated and must be approved by the Forter security team before integration.
We may also disclose Personal Information, or any information submitted via the Services if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, the Merchants, the Customers or any third party; or (vi) for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.
Rights to your information
Customers located in certain countries, including the European Economic Area, have certain statutory rights to their personal data. Subject to exemptions provided by law, and with proper identification, you may have the right to certain actions to your data such as:
- Right to verify your information
- Right to see what personal information about you we have
- Right to request that we erase data about you
- Right to restrict Forter from processing data pertaining to you
- Right to export data in a portable format
If you wish to exercise any of these rights, contact us at: firstname.lastname@example.org. When handling your request, we will ask for additional information to confirm your identity (which may include Personal Data). However, please note that if you choose not to allow us to process your personal data, we may be prevented from providing fraud prevention services regarding transactions you attempt to complete on Merchant Platforms and, as a result, this may affect your use of the Merchant Platform.
For how long we retain the information
Forter retains your information for as long as needed to provide our Services and to comply with our legal obligations, resolve disputes and enforce our policies unless you or the merchant that sent us your data request the deletion of your information. In some cases, we may retain certain information about you as required by law or compliance, even if your information is deleted.
We may use the information we collect to compile aggregated, anonymized, or de-identified information. We may share such anonymized or de-identified information with any other third party, at our sole discretion.
How we safeguard the information
We take great care in implementing and maintaining the security of the Services and safeguarding information which relates to Customers. We employ industry standard procedures and policies to ensure the safety of Customers’ information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard such information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Services, and we make no warranty, express, implied or otherwise, that we will prevent such access.
Automated decision making
The Merchant may, in its discretion, use Forter’s fraud assessment to make a decision on whether to accept or decline your order based solely on automated processing. Please direct inquiries concerning the decision about your order to the applicable Merchant.
We do not collect any information, which relates to Customers who are under the age of 16. In the event that we become aware that an individual under the age of 16 has shared any information, we will discard such information. If Customers have any reason to believe that a minor has shared any information with us, it will be advisable to contact us at email@example.com.
Forter may transfer data outside of your country of residence. Forter complies with international data transfer laws and ensures that it has a legally approved mechanism in place to allow for the international data transfer such as the US-EU Privacy Shield or the Standard Contractual Clauses.
Data Protection Authority
Subject to applicable law, you also have the right to restrict Forter’s use of other information that constitutes your Personal Information and lodge a complaint with your local data protection authority or the United Kingdom’s Information Commissioner’s Office:
United Kingdom Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow – Cheshire SK9 5AF
Tel. +44 1625 545 745
How to contact us
If Customers have any general questions about the Services or the information that we collect about them and how we may use it, they may contact us at firstname.lastname@example.org
Details of Company and affiliated companies in the group:
Forter Ltd., Totseret ha-Arets St 7, Tel Aviv-Yafo, Israel 6789104
Forter, Inc., 12 East 49th St, New York, NY 10017
Last update: 20/05/2018