Data Privacy Policy

This Privacy Policy describes the privacy practices of Cybercrime Support Network (“CSN”) in connection with cybercrimesupport.org; fraudsupport.org; criss.fraudsupport.org; and scamspotter.org, or any other website we own or control and which posts or links to this Privacy Policy (collectively, the “Sites”).  This Privacy Policy also describes the rights and choices available to individuals with respect to their information.

Table of Contents

  • Personal Information We May Collect
  • How We Use Your Personal Information
  • How We Share Personal Information
  • Your Choices
  • Third-Party Sites and Services
  • Security Practices
  • Changes to this Privacy Policy
  • How to Contact Us

Personal Information We May Collect

Information you provide to us.  We collect personal information you provide to us through the Site.  This includes:

  • Information you may provide to subscribe to ongoing newsletters, reports, or other communication, or to send us feedback, such as name and e-mail address. 
  • Information you may provide when reporting a cyber incident, such as first and last names, age range, e-mail and mailing addresses, contact information, and other information relating to the cyber incident you are reporting.

Information we obtain from other third parties.  We may receive personal information about you from third-party sources.  For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our services, or the types of products or services we offer.  We may obtain your personal information from other third parties, such as publicly available sources and data providers.

Cookies and Other Information Collected by Automated Means.  We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Site, including but not limited to, your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, IP address, your media access control (MAC) address, the website you visited before browsing to our website, general location information such as city, state or geographic area; information about your use of and actions on the Site, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access; and other personal information.  Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.

On our webpages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies. 

A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected devices to identify the visitor’s browser uniquely or to store information or settings in the browser.  Browser web storage, or LSOs, is used for similar purposes as cookies.  Browser web storage enables the storage of a larger amount of data than cookies.  A “web beacon,” also known as a pixel tag or clear GIF, is typically used to demonstrate that a webpage was accessed or that certain content was viewed, typically to compile statistics about usage of our webpages.  

Web browsers may offer users of our website the ability to disable receiving certain types of cookies; however, if cookies are disabled, some features or functionality of our websites may not function correctly.

How We Use Your Personal Information

We use your personal information for the following purposes:

To operate the Site.  We use your personal information to:

  • provide, operate, and improve the Site and services; 
  • provide information about our services; 
  • communicate with you about the Site, including by sending you updates, security alerts, and support and administrative messages; 
  • provide support and maintenance for the Site; 
  • to respond to your requests, questions, and feedback.

For research and development.  We analyze use of the Site to improve the Site and services, and to develop new services, including: 

  • by studying user demographics; 
  • creating summaries for purposes of public reporting; and
  • for statistical analysis (e.g., to identify trends such as high-volume and emerging threats) and testing purposes.

To comply with the law.  We use your personal information as we believe necessary or appropriate to comply with: 

  • applicable laws; 
  • lawful requests; and
  • legal process, such as to respond to subpoenas or requests from government authorities or others.

For compliance, fraud prevention, and safety.  We may use your personal information and disclose it to: 

  • law enforcement; 
  • government authorities; and
  • private parties as we believe necessary or appropriate to: 
    • protect our, your or others’ rights, privacy, safety, or property (including by making and defending legal claims); 
    • enforce the terms and conditions that govern the Site and our services; and 
    • protect, investigate, and deter against fraudulent, harmful, unauthorized, unethical, or illegal activity.

With your consent.  In some cases, we may specifically ask for your consent to: 

  • collect, use, or share your personal information, such as when required by law.

To create anonymous, aggregated, or de-identified data.  We may: 

  • create anonymous, aggregated, or de-identified data from your personal information and other individuals whose personal information we collect; Once we anonymize, aggregate, or de-identify your personal information, it will not be considered as personal information for purposes of this privacy policy unless later linked to your personal information.
  • use this anonymous, aggregated, or de-identified data and share it with third parties for lawful purposes, including to identify emerging cybersecurity threats and trends, promote cybersecurity education and awareness, improve the Site and our services, and promote our organization.

How We Share Personal Information

We do not share your personal information with third parties without your consent, except in the following circumstances or as described in this Privacy Policy:

Law Enforcement and Regulatory Agencies: When you submit an incident report via criss.fraudsupport.com, we may share your personal information with law enforcement and regulatory agencies, including: 

  • various federal law enforcement and regulatory agencies; 
  • various non-federal law enforcement and regulatory agencies, including state, local, tribal, and territorial (SLTT) law enforcement; and
  • law enforcement and regulatory agencies may use any information disclosed for their own internal purposes and may redisclose the information to other federal, state, local, or international law enforcement or regulatory agencies for possible investigations. 

Service Providers: We may share your personal information with: 

  • third-party companies, organizations, or individuals that provide services on our behalf or help us operate the Site (such as customer support, hosting, analytics, e-mail delivery, and database management services).  These third parties may use your personal information only as directed or authorized by us and are prohibited from using or disclosing your information for any other purpose.

Professional advisors.  We may disclose your personal information to professional advisors, such as: 

  • lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services they render to us.

For compliance, fraud prevention, and safety.  We may share your personal information for:  

  • compliance, fraud prevention, and safety purposes.

Business transfers.  We may sell, transfer or otherwise share some or all of our business or assets, including: 

  • your personal information, in connection with a business transaction (or potential business transaction) such as a divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

Your Choices

In this section, we describe the rights and choices available to all users.

Cookies & Browser Web Storage.  We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Site and third-party websites.

  • Most browsers let you remove or reject cookies.  To do this, follow the instructions in your browser settings.  Many browsers accept cookies by default until you change your settings.  
  • Please note that if you set your browser to disable cookies, the Site may not work correctly.  
  • Similarly, your browser settings may allow you to clear your browser web storage.

Do Not Track.  Some internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit allaboutdnt.com.

Third-Party Sites and Services

This Site may contain links to other websites, mobile applications, and other online services and functionalities operated by third parties.  These links are not an endorsement of, or representation that we are affiliated with, any third party.  In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us.  We do not control third-party websites, mobile applications or online services, and we are not responsible for their actions.  Other websites, mobile applications and services follow different rules regarding the collection, use, and sharing of your personal information.  We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use or that we present to you throughout the Site.

Security Practices

We employ reasonable organizational, technical, and physical safeguards designed to protect the personal information we collect.  However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal information.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time.  If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Site.  We may, and if required by law, will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Site.

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the latest changes on the Site (or as otherwise indicated at the time of posting).  In all cases, your continued use of the Site after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.  If you do not accept this Privacy Policy, you must discontinue use of the Site immediately.

How to Contact Us

Please direct any questions or comments about this Policy or privacy practices to: info@cybercrimesupport.org.  Please also include in your communication the website or service you are reaching to us about. You may also write to us via postal mail at:

Cybercrime Support Network
Attn: Privacy Inquiry
2232 S. Main St. #422
Ann Arbor, MI 48103