Intelligence Trust LLC (“us”, “we” or “our”) operates the CheckNGN mobile app (the “App”) and www.checkngn.com web site (the “Site”). This document informs about our policies regarding the collection, use and disclosure of Personally Identifiable Information ("PII") we receive from users of the App as well as about our cybersecurity policies and procedures with respect to data breach and notifications.
We use PII only for providing the services offered and improving the App. By using the App, the consumer agrees to the collection and use of information in accordance with this policy. While using our App, we may ask the consumer to provide us with certain personally identifiable information, or we will receive that information automatically from the social login provider (Facebook, Google) if the consumer chooses to authorize us to accordingly. PII may include, but is not limited to:
Additionally, upon posting a repair request, and only at that time, the consumer will make available the following information to shops:
The privacy and security of your PII as well as other data you submit through the App is of paramount importance to us. While we strive to use commercially acceptable means to protect consumer information, we cannot guarantee its absolute security. The consumer has a right to request a copy of all PII that we maintain on his/her behalf and to amend or correct the PII, as well as the right to have his/her account entirely disabled and their information removed from our servers. At such a point, repair request information located at shops (i.e. at shop related data keys) which have provided bids or repairs to that consumer will be kept, as that information will be considered as belonging to those shops.
We use a combination of administrative, preventative and detective controls to assure our App and our users data is secured against cybersecurity attacks to maintain Confidentiality, Integrity and Availability. We rely on a reputable company (Google, through their Firebase service) as a back-end for our data, which handles connection security according to the highest standards to date. For administrative access, we use two-factor authentication, so the possibility of a breach is at industry minimum.
From a consumer perspective, access to data is provided in a perfectly isolated fashion. In other words, excluding the data administrator (which securely connects as described above) a consumer is the only one that has access to his or her own PII.
No additional information is shared with the shop. Payment is handled by CheckNGN and not by shops.
We leverage endpoint-based controls to facilitate security logging and monitoring of user activities, exceptions, faults, and events in accordance with business, legal, and regulatory requirements. Collected logs and associated analysis are appropriately archived, protected from unauthorized access, and regularly reviewed.
We have established and maintain an incident response process and where required, reporting processes for disclosures of PII in the event of data loss or a data breach. If we have reason to believe that users data was compromised we will:
All notifications will be in within 48 hours of discovery unless otherwise requested by law enforcement. We will also notify respective state administrators according to their individual disclosure requirements. In Minnesota it is pursuant to section 325E.61.