Privacy Policy

SimpleCheck LLC ("we," "our," "us," or "SimpleCheck") is committed to protecting the privacy and security of the information we collect and process. This Privacy Policy explains exactly what data we collect, why we collect it, how we use it, when we share it, and what your rights are.

Here's the short version before you read everything:

SimpleCheck operates two distinct data flows: (1) platform data about our business clients and their accounts, and (2) consumer financial data accessed through our soft pull infrastructure on behalf of clients. This Policy covers both.

SimpleCheck collects information in three ways - directly from you, automatically when you use our Services, and from trusted third-party sources.

A. Information You Provide Directly

When you create an account, contact us, or use our Services, you may provide:

• Name, business name, email address, and phone number.
• Billing information including payment card details (processed securely via Stripe - SimpleCheck does not store raw card numbers).
• Account credentials and preferences.
• Communications you send us, including support requests, feedback, and testimonials.
• Any other information you choose to provide when contacting us.

B. Consumer Data Accessed Through the Platform (on behalf of clients)

When a consumer consents through a SimpleCheck client's opt-in form, we access and process the following consumer data on behalf of the client:

• Name, email address, and phone number (provided directly by the consumer at opt-in).
• Credit score indicator (from consumer reporting agencies via soft pull).
• Available credit information (from consumer reporting agencies via soft pull).
• Income signals (from IRS and credit bureau data sources via soft pull).
• IP address and consent timestamp (captured by CredibleCapture at the moment of opt-in).

C. Information Collected Automatically

When you visit our website or use our platform, we automatically collect:

• Identifiers: IP address, device ID, browser type, and cookie identifiers.
• Usage Data: Pages visited, features accessed, time spent on the platform, clicks, and interactions.
• Technical Data: Operating system, browser version, screen resolution, and other device attributes.
• Session Data: Session replay and behavioral heatmap data through Microsoft Clarity (see Section 5 on Cookies for detail).

D. Information From Third Parties

We may collect additional information from publicly available sources, third-party data providers, or business partners to enhance our Services. This may include address and contact verification data, demographic or household data used to verify business accounts, and financial data from consumer reporting agencies accessed via soft pull on behalf of clients as described above.

SimpleCheck uses the information we collect for the following purposes:

• Service Delivery. To provide, operate, maintain, and improve our platform, including generating financial qualification signals for our clients' lead pre-qualification workflows.
• Account Management. To create and manage your account, process payments, and communicate with you about your subscription.
• Customer Support. To respond to your inquiries, resolve disputes, and provide technical assistance.
• Analytics and Product Development. To analyze usage trends, understand how our platform is used, identify bugs, and develop new features and improvements.
• Security and Fraud Prevention. To detect, investigate, and prevent fraudulent activity, unauthorized access, and other harmful behavior.
• Legal and Compliance. To comply with applicable laws and regulations (including FCRA), enforce our Terms of Service, respond to legal process, and protect our rights and the rights of others.
• Marketing Communications. To send you information about SimpleCheck's Services, new features, and relevant offers. You can opt out of marketing communications at any time by clicking "unsubscribe" in any email or by contacting us at support@simplecheck.com.
• Improving Ad Targeting. Aggregated, non-personally-identifiable usage signals may be used to improve the relevance of advertising we run on platforms like Meta. We do not share personally identifiable consumer data with ad platforms except through FCRA-compliant anonymized conversion signals.

What we do not do:

• We do not use or sell your personal information for purposes unrelated to our Services without your explicit consent.
• We do not use consumer financial data signals (credit scores, available credit, income) for any purpose other than delivering them to the requesting client for the lead pre-qualification purpose described in our Terms of Service.
• We do not build advertising profiles from consumer financial data.

SimpleCheck shares information only as necessary to operate our Services and as permitted by applicable law. We do not sell personal information to third parties for their own marketing purposes.

Categories of parties we share information with:

• Service Providers (Sub-Processors). We share information with trusted third-party vendors who perform services on our behalf, including payment processing (Stripe), CRM and workflow automation (GoHighLevel), email communications, data analytics, cloud hosting, and security monitoring. These providers are contractually obligated to use data only for the purposes we specify and to protect it with appropriate security measures.
• Consumer Reporting Agencies. To perform soft pull queries, we transmit identifying information (name, email, phone) to consumer reporting agencies. These agencies return financial data signals that are then delivered to the requesting client. All such transmissions are covered by our FCRA compliance framework and the consumer's prior consent.
• Our Business Clients. Consumer financial data signals accessed through the platform are delivered to the specific SimpleCheck client who triggered the query for that consenting consumer. Clients agree to our Terms of Service, which restrict their use of this data to permitted pre-qualification purposes only.
• Affiliate Tracking Partners. We use Partnero to manage our affiliate program. Aggregate referral and conversion data is shared with Partnero for commission tracking purposes. No consumer financial data is shared with affiliate tracking partners.
• Analytics Providers. We use Microsoft Clarity for behavioral analytics (session replay, heatmaps) on our website. See Section 5 for detail on how Clarity collects and uses data.
• Legal and Regulatory Authorities. We may disclose information if required by law, court order, regulation, or legal process, or to protect our rights, our users, or others from harm.
• Corporate Transactions. In the event of a merger, acquisition, sale of assets, or other corporate restructuring, information may be transferred as part of the transaction. We will notify affected users via email and/or prominent notice on our website before information becomes subject to a materially different privacy policy.

SimpleCheck uses cookies and similar technologies to improve your experience, analyze usage, and support our marketing and security operations. This section summarizes how we use these technologies. For full detail, see our Cookie Policy.

Types of cookies and technologies we use:

• Essential Cookies. Required for the platform to function. These include session cookies, authentication tokens, and security cookies. They cannot be disabled without breaking core platform functionality.
• Analytics Cookies. We use Google Analytics (GA4) to track website and platform usage, including page views, session duration, traffic sources, and conversion events. Data is aggregated and anonymized before analysis.
• Behavioral Analytics - Microsoft Clarity. We use Microsoft Clarity to capture how users interact with our website through behavioral metrics, heatmaps, and session replay. This helps us identify usability issues and improve our product. Microsoft Clarity uses first and third-party cookies to collect this data. For information on how Microsoft handles this data, visit microsoft.com/privacy. Clarity does not capture financial data entered through SimpleCheck's platform.
• Advertising and Conversion Cookies. We use Meta Pixel (via PixelFlow) and Google Ads conversion tracking to measure the effectiveness of our advertising campaigns. These technologies track whether a visitor who came from one of our ads completed a conversion event (e.g., booked a demo, started a trial). We do not share consumer financial data with Meta or Google through these mechanisms.
• Affiliate Tracking Cookies. We use Partnero to track affiliate referrals and attribute conversions to affiliate partners.

Managing Cookies. You can manage or disable non-essential cookies through your browser settings or through our Cookie Preference Center. Note that disabling certain cookies may affect your ability to use some features of the platform. Most browsers allow you to block third-party cookies, clear existing cookies, or receive a warning before cookies are set.

Depending on your jurisdiction, you have the following rights regarding your personal information. SimpleCheck honors these rights for both business clients and consumers whose data is accessed through the platform.

How to Exercise Your Rights. To submit any of the above requests, contact us at:

SimpleCheck implements appropriate technical and organizational security measures designed to protect your information against unauthorized access, disclosure, alteration, loss, or destruction.

Security measures we implement include:

• Encryption in Transit: All data transmitted between your browser, our platform, and our backend systems is encrypted using TLS 1.2 or higher.
• Encryption at Rest: All data stored in our systems is encrypted using AES-256 or equivalent standards.
• Access Controls: Role-based access controls ensure that only authorized personnel can access personal data, and only for defined purposes. Access is logged and reviewed.
• Audit Logging: All data access and modification events are logged with timestamps and user identifiers. Logs are immutable and retained for compliance review.
• CredibleCapture Integrity: Consent records created by CredibleCapture are cryptographically signed and cannot be modified retroactively.
• Payment Security: Payment card information is processed directly by Stripe, a PCI DSS Level 1 certified payment processor. SimpleCheck does not store raw card numbers.
• Vendor Security Reviews: All third-party sub-processors are evaluated for security compliance before integration and reviewed on an ongoing basis.

Important Limitation. No method of data transmission over the internet or electronic storage is 100% secure. While we implement commercially reasonable measures to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you as required by applicable law.

SimpleCheck retains personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

After the applicable retention period, personal information is securely deleted or anonymized. If you request deletion of your account before the end of the applicable period, we will delete your data as soon as legally permissible, subject to the exceptions noted in the table above.

SimpleCheck LLC is a United States-based company with operations and data infrastructure located in the United States. Information we collect - including information submitted by users outside the United States - may be processed, stored, and transferred to and within the United States.

The United States may not provide the same level of data protection as the country in which you are located. By using our Services, you acknowledge and consent to the transfer of your information to the United States for the purposes described in this Privacy Policy.

For users located in the European Economic Area (EEA), United Kingdom, or other jurisdictions that restrict data transfers, such transfers are conducted under appropriate legal mechanisms. Where required, we rely on Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms. If you have questions about how your data is transferred, please contact us at support@simplecheck.com.

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect, process, or retain personal information from anyone under 18. Our consent language explicitly requires users to certify that they are 18 years of age or older before any data is collected.

If we become aware that we have inadvertently collected information from a person under 18, we will take prompt steps to delete that information from our systems. If you believe we may have collected information from or about a minor, please contact us immediately at support@simplecheck.com.

Residents of California and certain other U.S. states have additional privacy rights under applicable state law. This section describes those rights and how to exercise them.

California (CCPA/CPRA). If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: The right to request information about the categories and specific pieces of personal data we collect, the sources of that data, the business purpose for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: The right to request deletion of your personal information, subject to certain exceptions.
• Right to Correct: The right to request correction of inaccurate personal information.
• Right to Opt Out of Sale/Sharing: The right to opt out of the sale or sharing of your personal information. SimpleCheck does not sell personal information. We may share certain data with advertising platforms (e.g., Meta, Google) for conversion tracking purposes, which may constitute "sharing" under CPRA. You may opt out of this by contacting us at support@simplecheck.com.
• Right to Limit Use of Sensitive Personal Information: The right to limit the use of sensitive personal information to what is necessary to provide the Services.
• Right to Non-Discrimination: The right not to be discriminated against for exercising your CCPA rights.

Other States. Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and other states with comprehensive privacy laws have similar rights including access, correction, deletion, portability, and opt-out of targeted advertising. SimpleCheck honors these rights for all applicable residents.

How to Exercise State Rights. To exercise any of the above rights, contact us at:

• Email: support@simplecheck.com
• Phone: (800) 677-1481

We will verify your identity and respond within the timeframe required by applicable law (typically 45 days, with an extension of an additional 45 days where reasonably necessary).

SimpleCheck reserves the right to modify this Privacy Policy at any time. When we make changes, we will:

• Update the "Last Updated" date at the top of this Policy.
• For material changes that significantly affect how we collect or use personal information, notify active account holders via email at least 14 days before the change takes effect.
• For all changes, post the updated Policy at simplecheck.com/privacypolicy.

Your continued use of the Services following the effective date of any change constitutes your acceptance of the revised Policy. If you do not agree with a change, you may close your account before the change takes effect by contacting us at support@simplecheck.com.

For any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us: