Effective and Last Updated on 12/20/2022
2. INFORMATION COLLECTION
CREDO primarily collects personally identifiable information from and about individuals who use our services, take actions with us, visit our websites or mobile applications, or join our marketing and activism lists. This section describes the categories of personal information CREDO collects and the ways that CREDO collects them.
CREDO does not target minors as customers or activists and does not intentionally collect information from people under 13 years of age. If we learn that we have collected personal information from an individual younger than 13, we will delete the information.
2.1 Information You Provide to Us
2.1.1 Account Information
When you sign up for services or take an action with CREDO, you provide information that we use to open an account, process an order, or action, or establish a membership with CREDO. The information you provide varies depending on the service you’ve requested, but may include:
• Contact Information: Your name, email address, zip code, billing and shipping addresses, and phone numbers
• Payment Information: Your bank account or credit card information
• Credit Check Information: Your full name, Social Security Number, and date of birth
• Order Information: A list of the products you purchase from us, the amount, and types of telephone services you enroll in, and the type of energy services you enroll in—this may include the date and method by which you joined CREDO and the dates of any purchases and account changes
• Technical Information, including your internet protocol (“IP”) address, cookies, web beacons, clear gifs, browser type and version, time zone setting and location, browser plug-in types, operating system and platform, and other technology on the devices you use to access our Web site.
• Usage Information, such as information about how you use our websites (for example time of day, duration of visit, pages visited, actions taken on pages, or other automatically collected meta-data).
• Action Information: A list of the CREDO donations groups you vote for, contributions you make through CREDO, and any other actions you volunteer for through CREDO—this may include the date and method by which you joined CREDO and the dates of any actions and account changes
2.1.2 Additional Information You Choose to Provide
While using CREDO’s services or taking an action with CREDO, you may choose to provide us with additional personal information:
• Other Information: When you engage in open ended communication with CREDO by filling in a form on our site, responding to a survey from us, entering a contest or sweepstakes, or communicating directly via phone, email, or mail with a CREDO representative, you may voluntarily choose to provide us with personal information that may be collected and stored along with the communications themselves.
2.2 Information We Collect Automatically
2.2.1 Information We Collect Automatically When You Use CREDO Telephone Services
When you are enrolled in one of our telephone services, we receive information from our underlying carriers about your usage of those services, including:
• Phone Records: The phone numbers you call or text, the phone numbers you receive calls or texts from, the timing and duration of your calls and texts, the timing and amounts of your data usage, the city and state or country your phone is in at the time of a call, and billing information related to your international roaming usage
• Device Information: The models, instrument numbers, serial numbers, and activation statuses of your connected mobile devices and SIM cards
• Port Information: Requests from another carrier to port your number from CREDO to the other carrier and responses from other carriers to requests to port your number from another carrier to CREDO
• Customer Proprietary Network Information (“CPNI”) generated using our communications services. See the CPNI section of this policy for more information.
When you are enrolled in one of our telephone services, we also generate account and billing data based on the services and plans you’re enrolled in, including:
• Billing Information: A monthly bill with itemized charges for mobile and/or long-distance telephone services based on your usage records
• Account Number: A number that CREDO assigns to mobile and long-distance telephone accounts
CREDO is committed to minimizing the data it collects and stores about how you use our telephone service. Accordingly, we want you to be aware that:
CREDO does not receive, store, or assign precise handset location information, handset IP addresses, or logs of websites visited by your phone while providing telephone service.
CREDO does not receive or store the content of customer communications sent using our services except customer communications directed to us for customer service purposes.
2.2.2 Information We Collect Automatically When You Visit Our Websites
We use website cookies, pixels, and similar tools to identify return visitors to our websites and automatically collect information about you when you visit any of our websites, including:
• Identifiers and Device Information: Your IP address, device type, operating system, browser type, and internet service provider
• Geo-location: city and country
• Site Use Information: Your referring URL, referring ad/campaign, time and date of any logins, which site pages you visit, and how you interact with them
• Do Not Track Signals: CREDO may receive “do not track” signals from your browser when you visit our websites. However, given the lack of a standard for interpreting those signals, we are not currently set up to respond to them.
2.2.3 Additional Information We May Collect Automatically
Interaction Analytics: In addition to the Order Information and Action Information listed in Section 3.1.1, we keep a record of what emails we’ve sent you and when, the IP address of the device you used to open them, the links you’ve clicked in those emails, and which partner organization, if any, referred you to CREDO.
Inferences from Other Information: We keep a record of inferences about you or your account from the other information collected in this Section 2, including preferences, characteristics, behaviors, and evaluations
2.3 Additional Information We Collect About You from Third Parties
Credit Information: When you sign up for service with CREDO Mobile, we may collect your credit score and other credit information from third party credit agencies.
List Information: From time to time, we obtain lists of consumer names, addresses, email addresses, and/or phone numbers to market our products and services.
2.4 Third Party Collection Practices
Our sites and/or mobile applications may link to merchants and information sites. Each of these sites has its own privacy practices and any information you share with these sites is subject to their policies and practices and is independent of CREDO.
3. INFORMATION USE
This section describes the categories of purposes for which CREDO uses the information we collect about you. Capitalized terms refer to the categories of personal information described in Section 2.
• Registration and Ordering. Before using certain parts of the Web site or purchasing CREDO products or services, you must complete an online registration form or provide certain information to CREDO’s representatives. During registration (whether via the Web site or otherwise), you will be prompted to provide us with your contact information and payment information. This personal information is used for billing purposes, fulfilling your orders, and communicating with you about your order and the Web site, and for marketing purposes. If CREDO encounters a problem when processing your order, it will use your personal information to contact you.
• Responding to Your Questions and Requests. Certain locations of the Web site may permit you to enter your email address and other contact information to receive further information about CREDO or for other purposes. We will use your information to respond to your questions and send you marketing information about CREDO’ (including Affiliates’) products and services.
• Improve our Web site and Improve your Experience. We will use technical and usage information that is collected automatically when you use our Web site to provide you with access to our Web site, improve our Web site, perform analytics, and personalize your experience when you use our Web site.
• Improve our Products and Services.
• Provide Personalized Marketing to You. We may reach out to you to provide you with special offers or otherwise tell you about our products and services.
• Manage and Develop our Business Operations. This includes administering your account and collecting and processing payments.
• Route Wireless Communications and Provide 911 Service. We use your location information to allow emergency services to locate your general location. We may disclose, without your consent, the approximate location of a wireless device to a governmental entity or law enforcement authority when we are served with lawful process or reasonably believe there is an emergency involving risk of death or serious physical harm. Depending on your device, you may also be able to obtain a wide array of services based on the location of your device (for example, driving directions, enhanced 411 Directory Assistance or search results, etc.). These data services, known as Location-Based Services (“LBS”) are made available by us and other entities, usually via applications. These services use various location technologies and acquire location data from various sources. These applications and services use various location technologies (including Global Positioning Satellite (“GPS”), Assisted GPS (“AGPS”), cell ID and enhanced cell ID technologies) to identify the approximate location of a device, which is then used in conjunction with the application to enhance the user’s experience (for example, to provide driving directions, to provide enhanced 411 Directory Assistance or search results, etc.).LBS may, or may not, involve any interaction with or dependency on our supplier’s network, and location-based services may or may not look to our network to obtain location data. Where our network supplier allows third parties the capability of accessing data about your location that is derived from our supplier’s network, our network supplier requires those third parties to observe specific privacy and security protections consistent with this policy. It is important that you understand the location capabilities and settings of your device, and that you carefully read and understand the terms under which these services are provided – whether by us or another entity. You should carefully review the privacy policies and other terms of third parties with whom you have authorized the sharing of your location information, and you should consider the risks involved in disclosing your location information to other people. Where we provide a location-based service, you will receive notice of the location features of the service and collection of location data is with your consent. You will be provided options for managing when and how such information should be share.
• Protect our Rights and Property.
• Comply with a Court Order, Law, or Legal Process, including responding to any government or regulatory request.
• Any other Purpose, with your Consent.
3.2 Email Policy
CREDO uses your e-mail address to communicate with you about your account, the services you’re enrolled in, actions and activism opportunities you may be interested in, your vote on donations distributions, CREDO newsletters and tips, and special marketing offers. You can opt out of receiving non-account-related communications from us by following the opt-out instructions in our e-mails or by visiting https://www.credomobile.com/subscriptions/.
3.3 Call/SMS Policy
By signing up for CREDO Mobile Service through our website or by opting into any of our optional offers and activism opportunities contact lists, you give express permission for us to contact you on your device. Message and data rates may apply if your device is not using CREDO Mobile service. Text “stop” to any promotional or list text to opt out of non-account-related SMS communications from us.
4. INFORMATION SHARING AND DISCLOSURE
CREDO does not sell your personal information.
We may share your personal information with:
• Our vendors and service providers that support us in providing our Web site and service
• Third parties for the purpose of identity verification
• Our subsidiaries and affiliates
• Law enforcement or regulatory agencies, if required to do so by law (for example, a subpoena or court order) or when we believe disclosure is necessary or appropriate
• Other entities in connection with the sale, merger, acquisition or other reorganization of our business
• Others, to protect our legal rights, or to protect ourselves or others (for example, in order to reduce the risk of fraud or illegal activities)
4.1 Company Sale or Change of Corporate Control
If CREDO enters a merger, acquisition, bankruptcy, receivership, sale of all or a portion of its assets, your information will also be shared and/or transferred as one of the business assets of CREDO.
4.2 Aggregated or Anonymized Information
CREDO and/or its third-party providers may provide aggregated or anonymized information such as the number of users who visit a particular linked site to other parties.
5. INFORMATION PROCESSING AND RETENTION
5.1 Telephone Account and Usage Record Retention
CREDO is committed to minimizing the data it collects and stores about how you use our telephone services. CREDO retains customer name, address, phone number, email address, and product type information for historical purposes. CREDO stores individually identifiable customer telephone billing data for five years unless longer storage is needed for tax, business, accounting, or legal purposes.
5.2 Information Transmission
To protect the security of your personal information, we use Transport Layer Security (TSL), which ensures all information is encrypted while being transmitted across the Internet between CREDO’s system and your web browser.
We take precautions and have implemented certain technical measures intended to protect against unauthorized access to, disclosure of, and unlawful interception of personal information submitted via the Web site, including Secure Sockets Layer (“SSL”) for all financial transactions through the Web site. However, your communications containing personal information may be unlawfully intercepted or accessed by third parties and/or the Web site may be subject to network attacks or malfunctions. We cannot and do not guarantee the security of any information transmitted over the Internet. Once we receive your personal information, we take steps that we believe are reasonable to limit access to your personal information to only those employees and service providers whom we determine need access to the personal information to provide the requested products, services, offers or opportunities that may be of interest to you or that you have ordered, or that we otherwise disclose as explained above. However, even after we receive your personal information, we cannot and do not guarantee that your personal information will not be accessed, disclosed, altered, or destroyed because of a breach of our security efforts or because of any other event beyond our reasonable control. Accordingly, we cannot and do not guarantee that your personal information or any other information is completely secure and safe from any risk.
5.3 Information Security
Our sites and apps have security measures in place to protect the loss, misuse, and alteration of the information under our control. CREDO follows all state and federal guidelines protecting customer information. Additional protections apply for certain information CREDO collects and maintains about the telecommunications services you obtain from CREDO and how you use those services. This information is categorized by the federal government as Customer Proprietary Network Information or CPNI, and its use and sharing is governed by specific laws.
Under federal law, you have a right, and CREDO has a duty, to protect the confidentiality of information regarding your telephone use, the services you purchase from us, the calls you place and the location of your device on our network when you make a telephone call. This information is referred to as, among other things, “Customer Proprietary Network Information.” We may share Customer Proprietary Network Information with Affiliates; provided, however, that we will first notify you of your rights under applicable law, describe how we intend to use the Customer Proprietary Network Information, and give you an opportunity to opt out of such use (or opt in, to the extent required by applicable law).
6. YOUR RIGHTS
Upon your request, CREDO will: (a) correct or update your personal information; (b) stop sending emails to your email address; (c) stop sending text messages to your mobile phone number; (d) stop sending mail (including promotional materials) to your mailing address; and/or (d) disable your account to prevent any future purchases through that account. You may make these updates / changes yourself by managing your account preferences on the Web site or by any other reasonable account update mechanism available to you. You also have the ability, at any time, to click through an “Unsubscribe” link, contained in all marketing e-mails, to stop receiving such e-mails. You may also send your requests to: CREDO Care Team at firstname.lastname@example.org. Please do not email your credit card number or other sensitive information. Please note that CREDO may have to communicate with you about product or service orders that you choose to place. Accordingly, you cannot opt out of receiving product or service-related emails or mailings.
California residents have additional rights to their personal information as described below.
6.1 California Privacy Rights
If you are a California resident, the California Consumer Privacy Act (“CCPA”) allows you to request that CREDO disclose to you the categories and/or specific pieces of personal information CREDO has collected about you in the last twelve months, as well as the categories of sources for that information, the business or commercial purposes for collecting that information, and the categories of third parties with which the information was shared. Under certain circumstances, California residents may also request deletion of personal information from our records. These are rights afforded to you by California law, and CREDO will not charge you different prices or discriminate against you if you exercise those rights. Please be aware that, pursuant to various CCPA exceptions and to protect your information and our ability to provide services, there are certain specific pieces of personal information we will not provide to you and certain categories of information we will not delete.
Notice at Collection
Personal data that we collect about you
We collect and process different categories of personal data about you as described below:
• Identifiers such as first name, last name and state issued identification numbers including driver’s license number and Social Security number.
• Customer Records Information including personal data defined by the California customer records law, such as your contact information including email address, phone number, address, city, zip code and/ or country.
• Characteristics of Protected Classes such as your gender.
• Biometrics such as a recording of your voice or a photograph of you.
• Purchase Information including the products and services that you purchase from us.
• Internet and other electronic network activity such as your IP address, device information, time zone setting and location, operating system and platform and other technologies you use to access our website. We also collect information about how you use our website, such as the pages you visit.
• Inferences including your preferences and characteristics, which we may use for marketing purposes.
How we use your personal data
We will only use your personal data in compliance with applicable laws. We typically use your personal data for the following business purposes:
• Registration and Ordering
• Responding to Your Questions and Requests
• Improving our Web site and Improve your Experience
• Improving our Products and Services
• Providing Personalized Marketing to You
• Managing and Developing our Business Operations
• Routing Wireless Communications and Provide 911 Service
• Protecting our Rights and Property
• Complying with a Court Order, Law or Legal Process
• Any other Purpose, with your consent
Your California Rights
California residents have the following consumer rights to their personal information. These rights apply to personal information that we have collected from or about you in the previous 12 months.
Access Right: You may request that we provide the following information:
The categories of personal data we have collected about you and the categories of sources from which we collected the personal data.
• The business or commercial purpose for which we collected the personal data.
• The categories of third parties to whom we disclosed your personal data; and
• The specific pieces of personal data that we have collected about you.
You may exercise this right twice during a 12-month period.
Deletion Right: You may request that we delete the personal data that we have collected about you.
Right to Opt-Out. We do not sell your personal data. If we did, you would have the right to opt-out of that sale.
Right to Non-Discrimination. You have the right to not be discriminated against when you exercise your CCPA rights. We will not treat you differently because you exercise your CCPA rights.
Exercising your Consumer Rights
You may exercise your access or deletion rights by submitting a verifiable consumer request in the following ways:
• Calling us at 1-866-306-2900
• Email us at email@example.com
To protect you, we will not disclose information in response to a request for access or complete a deletion request unless we can verify your identity or verify that that you are an authorized representative of the person making the request.
We will not respond to requests to know/requests for access or requests for deletion unless we can verify your identity to a reasonable degree of certainty. To verify your identity, we will use information about you that we already have when feasible; however, we may need to request additional information, which we will use only for the purposes of verification. We may also use a third-party identity verification service. The information we need to verify your request will depend on the nature and scope of your request. Upon receipt of your request, we will notify you if we need additional information from you to verify your request.
Shine the Light
California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. Please contact us directly to make this request.
If you are a CREDO Mobile account holder in California, you may log in to your Member Services account here to make a request. For all other California residents, you may visit this page to submit a request. You will be asked to provide your name and email address. We may also require that you provide additional information and submit a signed affidavit for verification purposes.
We do not sell your personal information. We do, however, share personal information with third parties for business purposes as described in Section 5. This includes advertising and marketing on our sites and elsewhere based on users’ online activities over time and across different sites, services, and devices.
6.2 Nevada Privacy Rights
We do not sell your personal information. To contact us regarding NRS 603(a) – Nevada’s online privacy law, Nevada members may email us at firstname.lastname@example.org.
Customer Service Team
PO Box 88878
Carol Stream, IL 60188