Privacy Policy

Our Commitment to Your Privacy

At ScamAdvisery, privacy isn’t just a legal requirement—it’s fundamental to our mission. We handle sensitive information about scams, victims, and digital vulnerabilities, which demands the highest standards of data protection. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with our team. We encourage you to read this policy carefully to understand our practices regarding your personal data.

Who We Are and What This Policy Covers

ScamAdvisery International (“we,” “us,” or “our”) operates the website https://www.scamadvisery.com and related services. This Privacy Policy applies to information we collect through our digital platforms, email communications, telephone interactions, and in-person engagements. It covers both anonymous visitors and registered users of our services.

As an organization dedicated to protecting people from digital threats, we hold ourselves to stricter privacy standards than many commercial entities. We never sell your personal information, limit data collection to what’s necessary for our mission, and provide you with substantial control over your data.

Information We Collect

Information You Provide Directly

We collect information you voluntarily provide when you:

1. Report a Scam: When you submit a scam report through our forms, hotline, or email, we collect:
   • Contact information (name, email, phone number – optional)
   • Details of the scam incident
   • Communications from scammers (emails, texts, screenshots)
   • Financial information only if relevant to recovery efforts (handled with extra encryption)
2. Register for an Account: For enhanced services, we collect:
   • Username and password
   • Email address
   • Communication preferences
   • Optional profile information
3. Subscribe to Newsletters: We collect email addresses and topic preferences.
4. Complete Surveys or Provide Feedback: We collect responses and optional demographic information.
5. Apply to Volunteer or Work With Us: We collect application materials and contact information.
6. Request Educational Resources: We collect organizational details and contact information.

Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

1. Device and Browser Information: IP address, browser type, operating system, device identifiers.
2. Usage Data: Pages visited, time spent, links clicked, search terms used.
3. Location Information: Country and city-level location (not precise GPS coordinates).
4. Cookies and Tracking Technologies: As detailed in our Cookie Policy section below.

Information From Third Parties

We may receive information about you from:

• Partner organizations (with your consent)
• Publicly available sources when researching scam patterns
• Law enforcement agencies (only in specific investigative contexts with legal basis)

How We Use Your Information

We use collected information for legitimate purposes aligned with our mission:

Primary Purposes

1. Scam Analysis and Prevention: To investigate, verify, and warn about scams.
2. Victim Support: To provide personalized recovery assistance.
3. Educational Services: To deliver relevant safety information and resources.
4. Service Improvement: To enhance our website, tools, and educational materials.
5. Communication: To respond to inquiries and send important updates.
6. Security: To protect our systems and community from malicious activity.

Legal Bases for Processing (GDPR Compliance)

For users in the European Union, we process personal data based on:

• Consent: When you explicitly agree to specific processing
• Contractual Necessity: To provide services you’ve requested
• Legal Obligation: To comply with applicable laws
• Legitimate Interests: For scam prevention and public safety, balanced against your rights

How We Share Your Information

We are extremely cautious about sharing personal information. We only share data under these circumstances:

With Your Explicit Consent

We share information with third parties only when you give us clear, specific consent.

For Legal and Safety Reasons

We may disclose information if required by law, subpoena, or legal process, or when necessary to:

• Protect the safety of individuals
• Prevent imminent harm or illegal activity
• Defend our legal rights or property
• Comply with a judicial proceeding or government request

Service Providers

We engage trusted companies to perform functions on our behalf (hosting, analytics, email delivery). These providers:

• Are contractually prohibited from using personal data for any other purpose
• Must implement appropriate security measures
• Are subject to confidentiality agreements

Anonymized/Aggregated Data

We share anonymized statistical data about scam trends with:

• Researchers studying fraud patterns
• Government agencies developing public policy
• Financial institutions improving fraud detection
• Journalists reporting on scam trends (never with identifying details)

International Data Transfers

As a global organization, we may transfer data to countries with different privacy laws. When we do, we use approved transfer mechanisms like Standard Contractual Clauses and ensure adequate protection.

Data Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards

• Encryption: All data transmissions use TLS 1.2+ encryption
• Access Controls: Strict role-based access to sensitive information
• Network Security: Firewalls, intrusion detection, and regular penetration testing
• Data Minimization: We only collect and retain what’s necessary
• Regular Audits: Third-party security assessments biannually

Organizational Safeguards

• Employee Training: Annual privacy and security training for all staff
• Confidentiality Agreements: Required for all employees and volunteers
• Incident Response Plan: Documented procedures for potential breaches
• Vendor Assessments: Security evaluations of all third-party providers

Special Protections for Victim Data

Information from scam victims receives enhanced protection:

• Segregated storage with additional encryption
• Strict access logs with multi-factor authentication
• Shorter retention periods when possible
• Additional confidentiality agreements for relevant staff

Despite our efforts, no security system is impenetrable. We cannot guarantee absolute security but we commit to prompt notification if a breach affects your data, as required by law.

Data Retention Practices

We retain personal data only as long as necessary for legitimate purposes:

Retention Periods

• Active Accounts: Duration of account plus 24 months of inactivity
• Scam Reports: 7 years from submission (for pattern analysis and legal requirements)
• Victim Support Cases: 5 years from case closure
• Newsletter Subscriptions: Until unsubscribed (immediate deletion upon request)
• Website Analytics: 26 months before anonymization
• Financial Information: Only as long as needed for recovery assistance, then deleted

Deletion Procedures

Upon expiration of retention periods or upon request:

1. Data is permanently deleted from active systems
2. Backups are encrypted and scheduled for deletion
3. Confirmation is provided when requested by user

Your Privacy Rights

Depending on your location, you may have specific rights regarding your personal data:

General Rights (All Users)

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (with certain exceptions)
• Restriction: Request limitation of processing in specific circumstances
• Objection: Object to certain types of processing
• Portability: Request transfer of your data to another organization

Region-Specific Rights

• GDPR (EU/UK): Rights to data portability, objection to automated decision-making, etc.
• CCPA/CPRA (California): Right to opt-out of “sale” of data (we don’t sell data), right to limit use of sensitive information
• Other Jurisdictions: Rights as provided by local laws

Exercising Your Rights

To exercise any privacy rights:

1. Submit a request via our Privacy Portal: www.scamadvisery.com/privacy-request
2. Email privacy@scamadvisery.com
3. Call 1-800-555-SCAM and select the privacy option
4. Mail a written request to our physical address

We respond to all legitimate requests within 30 days, free of charge. We may request verification of identity to prevent unauthorized access.

Cookies and Tracking Technologies

Our Use of Cookies

We use cookies and similar technologies for:

• Essential Functions: Site operation and security
• Preferences: Remembering your settings
• Analytics: Understanding how visitors use our site
• Limited Advertising: Promoting educational resources (never retargeting victims)

Cookie Categories

1. Necessary: Required for site functionality (no consent needed)
2. Performance: Help us improve our website (opt-out available)
3. Functional: Remember your preferences (opt-out available)
4. Targeting: Limited to educational content promotion (opt-out available)

Managing Cookies

You can control cookie settings:

• Browser Controls: Most browsers allow cookie management
• Our Cookie Consent Tool: Available on every page footer
• Global Opt-Outs: For advertising cookies, use industry opt-out platforms

We do not use “dark patterns” in our cookie consent interface. All choices are equally accessible.

Children’s Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If we learn we have collected such information, we delete it immediately. Parents or guardians can contact us to request deletion of any inadvertently collected children’s data.

Third-Party Links and Services

Our website contains links to external sites. This Privacy Policy applies only to ScamAdvisery. We encourage you to review privacy policies of any third-party sites you visit. We are not responsible for the content or privacy practices of external sites.

International Users

ScamAdvisery operates globally. By using our services, you understand that your information may be transferred to and processed in countries with different data protection laws than your country of residence. We ensure appropriate safeguards for such transfers.

Changes to This Privacy Policy

We may update this policy periodically to reflect:

• Changes in our practices
• New services or technologies
• Legal or regulatory requirements

We will notify you of material changes through:

• Website notices
• Email communications (for account holders)
• Updated “Last Updated” date at top of policy

Continuing to use our services after changes constitutes acceptance of the updated policy.

Contact Our Privacy Team

For privacy-related questions, concerns, or requests:

Data Protection Officer: privacy@scamadvisery.com
Mail: ScamAdvisery International, Attn: Privacy Office, 123 Digital Safety Plaza, Suite 450, San Francisco, CA 94107, USA
Phone: 1-800-555-SCAM (select privacy option)

We respond to all privacy inquiries within 72 hours.

Additional Regional Disclosures

California Residents

Under the CCPA/CPRA, California residents have specific rights. We do not sell personal information. See our separate California Privacy Notice for details.

European Union/UK Residents

Our EU Representative:
ScamAdvisery EU Privacy Office
Dublin, Ireland
eu-privacy@scamadvisery.com

Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate. Contact us for jurisdiction-specific information.