Privacy policy
Last updated: October 1, 2025
ValidiFI, Inc (“ValidiFI”) is a provider of risk mitigation and payment solutions. We understand the importance of protecting the privacy and security of the personal information we obtain about consumers, customers, and our employees.
ValidiFI’s services are not intended for children under 16 years of age and we do not knowingly collect the personal information of children.
Website Privacy
Our website may collect the following personally identifiable information (PII) from visitors:
- Name, company name, telephone number, email address, and any other information provided in a web form.
- We improve our products and advertising by using Microsoft Clarity to see how you use our website. By using our site, you agree that we and Microsoft can collect and use this data.
We use this PII to interact with you via our website and improve our website content, as well as our other products and services. We also may disclose this information to our vendors to assist us in those functions.
ValidiFI does not sell PII to third parties for marketing purposes. The PII collected by us—whether online or offline—is used only for purposes of providing visitors to our website, customers and consumers, and employees with services requested or authorized.
We take steps to protect against the loss, misuse, or unauthorized alteration of PII we collect. ValidiFI has implemented administrative, technical, and physical safeguards necessary to reasonably and appropriately protect the confidentiality, security, and integrity of PII in our possession. The PII we collect is protected using industry standard, secure socket layer (SSL) encryption. We limit access to PII to those employees who need access in order to carry out their job responsibilities. When we dispose of PII, we use appropriate procedures to dispose of it, such as shredding physical documents and erasing electronic media so that information cannot be practicably read or reconstructed.
Our website also collects information that is not PII, such as cookies and web server log statistics. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. Our website use first- and third-party cookies. While most browsers are set to accept cookies by default, you can set yours to refuse cookies or to alert you before accepting them. Your browser manufacturer has information on changing the default setting for your specific browser. However, be aware that if you do not accept cookies from our website, you may not be able to use some of the features.
We note that some internet browsers have “Do Not Track” features which, when turned on, send a signal (“DNT” signal) to websites that the individual visiting the website does not wish to be tracked. ValidiFI does not respond to DNT signals because we engage in online behavioral advertising on third-party sites, known as “retargeting,” through which information collected about the pages an individual visits on ValidiFI’s website is used to display ads for ValidiFI on third-party websites.
Privacy Related to Consumer Financial Products and Services
ValidiFI provides companies (“Clients”) with technology to securely obtain their customer’s banking and transactional data (“Consumer Financial Information”), which includes PII. Subject to applicable law, ValidiFI also uses this data to provide Clients with identity verification and fraud prevention services, as well as consumer reports that can be used by Clients to qualify their customers for products and services.
ValidiFI’s Federal Privacy Notice explains how it collects, stores, secures, and shares Consumer Financial Information. This policy does not cover what our Clients or third parties might do with your information, and you should review their privacy policies to find out more information on their privacy practices.
California Residents
For California Residents
Preparation and Processing of Investigative Consumer Reports: Pursuant to California law, ValidiFI is an investigative consumer reporting agency that furnishes end-users with investigative consumer reports. Under California law, an “investigative consumer report” is a report containing information on a consumer’s character, general reputation, personal characteristics, or mode of living. ValidiFI compiles investigative consumer reports about individuals and provides them to businesses for background screening and similar purposes. ValidiFI’s privacy practices with respect to our preparation and processing of investigative consumer reports is described in our Federal Privacy Notice.
For Questions About Policies on Compromise of Investigative Consumer Reporting Information: If you are a California resident and wish to obtain additional information regarding our privacy practices or policies in the event of a compromise of your information, you may contact us by phone at (866) 656-6588 or by emailing us at Privacy@ValidiFI.com.
Personal Information Disclosure: United States or Overseas. In connection with its preparation and processing of investigative consumer reports, ValidiFI does not transfer personal information about consumers outside the United States and its territories.
Privacy for California Residents: The ValidiFI California Privacy Policy and Collection Notice below contains disclosures required by the California Consumer Privacy Act (“CCPA”) and applies only to “personal information” that is subject to that law. However, the CCPA does not apply to personally identifiable financial information when that information is subject to other financial privacy laws, specifically the Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Reporting Act (FCRA). All Consumer Financial Information collected by ValidiFI is related to the financial products and services it provides and is subject to the GLBA and/or FCRA; as a result, ValidiFI does not collect, use, store, or share any personal information or sensitive personal information through its risk mitigation and payment solutions.
Federal Privacy Notice (GLBA) Rev. Oct 1, 2025
|
Facts |
What does ValidiFI do with your personal information? |
|
Why? |
Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do. |
|
What? |
The types of personal information we collect and share depend on the product or service you have with us. This information can include: • Social Security number • Checking account information • Employment information and income • Account balances and transaction history • Credit history and payment history |
|
How? |
All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons ValidiFI chooses to share; and whether you can limit this sharing. |
|
Reasons we can share your personal information |
Does ValidiFI share? |
Can you limit this sharing? |
|
For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus |
Yes |
No |
|
For our marketing purposes – to offer our products and services to you |
Yes |
No |
|
For joint marketing with other financial companies |
No |
No |
|
For our affiliates’ everyday business purposes – information about your transactions and experiences |
No |
ValidiFI does not share |
|
For our affiliates’ everyday business purposes – information about your creditworthiness |
No |
ValidiFI does not share |
|
For our affiliates to market to you |
No |
ValidiFI does not share |
|
For nonaffiliates to market to you |
No |
ValidiFI does not share |
|
Questions |
Call us at (866) 656-6588 – or email us at Privacy@ValidiFI.com. |
|
Who we are |
|
|
Who is providing this notice? |
This notice is being provided by ValidiFI. |
|
What we do |
|
|
How does ValidiFI protect my personal information? |
To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. |
|
How does ValidiFI collect my personal information? |
We collect your personal information, for example, when you: • Use your credit or debit card • Pay your bills • Pay by check • Give us your income information • Apply for a loan • Provide account information • Provide employment information We also collect your personal information from others, such as credit bureaus, affiliates, or other companies. |
|
Why can’t I limit all sharing? |
Federal law gives you the right to limit only: • Sharing for affiliates’ everyday business purposes – information about your creditworthiness • Affiliates from using your information to market to you • Sharing for nonaffiliates to market to you State laws and individual companies may give you additional rights to limit sharing. See Other Important Information section for more on your rights under state law. |
|
What happens when I limit sharing for an account I hold jointly with someone else? |
Your choices will apply to everyone on your account. |
|
Definitions |
|
|
Affiliates |
Companies related by common ownership or control. They can be financial and non-financial companies. ValidiFI has no affiliates. |
|
Nonaffiliates |
Companies not related by common ownership or control. They can be financial and non-financial companies. ValidiFI does not share with non-affiliates so they can market to you. |
|
Joint marketing |
A formal agreement between nonaffiliated financial companies that together market financial products or services to you. ValidiFI doesn’t jointly market. |
|
Other Important Information |
|
California residents: See ValidiFI’s California Privacy Policy and Collection Notice for California Residents for information on your rights under the California Consumer Privacy Act. |
ValidiFI California Privacy Policy and Collection Notice
Effective Date: Oct 1, 2025
Last Reviewed on: Oct 1, 2025
This California Privacy Policy and Collection Notice (the “Notice”) supplements the information contained in ValidiFI’s Federal Privacy Notice and applies solely to residents of the State of California (“consumers” or “you”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act (CPRA). Any terms defined in the CCPA and CPRA have the same meaning when used in this Notice.
Information We Collect
ValidiFI is collecting your personal information and sensitive personal information to support its business operations, including for business purposes set forth below.
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“Personal Information”). Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; and
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
In the preceding twelve (12) months, we may have collected and disclosed for our business purposes each of the following categories of personal information relating to California residents covered by this Notice:
|
Personal Information Category
|
Sold or Shared |
|
Identifiers |
Not Sold or Shared |
|
California Customer Records personal information |
Not Sold or Shared |
|
Protected classification characteristics under California or federal law |
Not Sold or Shared |
|
Commercial information |
Not Sold or Shared |
|
Internet or other similar network activity |
Not Sold or Shared |
|
Geolocation data |
Not Sold or Shared |
|
Professional or employment-related information |
Not Sold or Shared |
|
Sensitive Personal Information Category |
Sold or Shared |
|
Government identifiers (social security, driver’s license, state identification card, or passport number) |
Not Sold or Shared |
|
Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password) |
Not Sold or Shared |
|
Precise geolocation |
Not Sold or Shared |
|
Racial or ethnic origin |
Not Sold or Shared |
|
Mail, email, or text message contents not directed to us |
Not Sold or Shared |
|
Health, sex life, or sexual orientation information |
Not Sold or Shared |
We obtain the categories of personal information and sensitive personal information listed above from the following categories of sources:
- Directly from you. For example, from documents you provide or forms you fill out.
- Indirectly from you. For example, from observing your usage of and actions and submissions on our Website.
- From third parties that interact with us in connection with the services we perform. For example, from credit bureaus or other companies that provide tracking data related to our website.
- From publicly accessible sources, such as commercial
Use of Personal Information and Sensitive Personal Information for Business Purposes
We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill the request for which you provided us information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry.
- To evaluate your candidacy for employment or employ you.
- To provide, support, personalize, and develop our Website, products, and services.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third party sites, and emails or text messages. Emails and text messages are sent only with your consent, where such consent is required by law.
- To help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our website, products, and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA/CPRA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users/consumers is among the assets transferred.
- To audit a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Disclosing Personal Information and Sensitive Personal Information
We may disclose your personal information and your sensitive personal information to a third party for a business purpose. When we disclose personal information and sensitive personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We may share your personal information and sensitive personal information with the following categories of third parties:
- Our clients.
- Service providers.
- Contractors.
- Government or regulatory authorities.
Disclosures of Personal Information and Sensitive Information for a Business Purpose
In the preceding twelve (12) months, we may have disclosed the following categories of personal information (as described above) for a business purpose:
- Identifiers.
- California Customer Records personal information categories.
- Protected classification characteristics under California or federal law.
- Commercial information.
- Internet or other similar network activity.
- Geolocation data.
- Professional or Employment-related information.
In the preceding twelve (12) months, we may have disclosed the following categories of sensitive personal information (as described above) for a business purpose:
- Government identifiers (social security, driver’s license, state identification card, or passport number).
- Complete account access credentials (user names, account numbers, or card numbers combined with required access/security code or password).
- Precise geolocation.
- Mail, email, or text messages contents.
- Health, sex life, or sexual orientation information.
We disclosed your personal information and sensitive personal information for a business purpose to the following categories of third parties:
- Service providers.
- Contractors.
- Government or regulatory authorities (employees only).
Sales of Personal Information or Sensitive Personal Information
In the preceding twelve (12) months, we have not sold any personal information or sensitive personal information.
Sensitive Personal Information Use and Disclosure Limitations
We have not and will not use or disclose to a service provider, contractor, or other third party, sensitive personal information for purposes other than the following:
- To perform services or provide goods that an average consumer requesting those goods or services would reasonably expect.
- To help ensure security and integrity, if that use is reasonably necessary and proportionate.
- To perform short-term, transient uses, including but not limited to non-personalized advertising shown as part of a consumer’s current interaction with us. However, we will not:
- disclose the sensitive personal information to another third party; or
- use it to build a profile about you or otherwise alter your experience outside your current interaction with us.
- To verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us.
- To improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.
- To perform other actions that California data privacy regulations authorize.
The length of time that we intend to retain each category of Personal Information will depend on several criteria, including:
- the length of time we are required to retain Personal Information in order to comply with applicable legal and regulatory requirements;
- the length of time we may need to retain Personal Information in order to accomplish the business or commercial purpose(s) for which such Personal Information is collected, used or disclosed (as indicated in this Notice); and
- whether you choose to exercise your right, subject to certain exceptions, to request deletion of your Personal Information.
Your Rights and Choices
Access to Specific Information and Copy of Personal Information
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months and to request a copy of the specific pieces of personal information that we have collected about you in the prior 12 months (collectively, referred to as your ‘access’ right). Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The categories of personal information we disclosed or shared with a third party for a business purpose.
- The specific pieces of personal information we collected about you (also called a data portability request).
- The categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party (if applicable).
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if an exception applies, such as regulatory or legal obligations or as required for servicing the account.
Correction Request Rights
You have the right to request that we correct inaccurate personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will correct (and direct our service providers to correct) your personal information in our records, unless an exception applies.
Do-Not-Sell Rights
California residents also have the right to opt-out of the sale of their personal information by us, including the sharing of personal information for cross-context behavioral advertising. As noted above, we do not sell personal information about California residents.
Right to Restrict Sensitive Personal Information Processing
California residents have the right to limit the use or disclosure of their sensitive personal information to just actions necessary to perform specific purposes under California law. As noted above, we do not use or disclose your sensitive personal information beyond what is necessary to perform the purposes permitted under law.
Exercising Access, Data Portability, Correction, and Deletion Rights
To exercise the access, data portability, correction, and deletion rights described above, please submit a verifiable consumer request to us by:
- Calling us at (866) 656-6588;
- Emailing us at Privacy@ValidiFI.com; or
- Writing to us at ValidiFI, 6120 Windward Pkwy, Suite 100, Alpharetta, GA 30005.
Only you, or someone legally authorized to act on your behalf (an “authorized agent”), may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
Request Verification
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
We will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
Non-Discrimination
We will not discriminate against you for exercising any of your rights under California’s data privacy laws and regulations.
Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the website and update the notice’s effective date. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.
![[OLA Member]](https://validifi.com/wp-content/uploads/2024/06/seal.png)
![[Nacha Preferred Partner]](https://validifi.com/wp-content/uploads/2024/06/Frame-63.png){kind=small}
