Privacy Policy

1. Who We Are

TrustScore Credit Repair is a division of TrustScore, LLC, a New Mexico limited liability company located at 1342 NM 333, Tijeras, NM 87059. We provide credit repair, credit monitoring, and consumer financial education services. In this Privacy Policy, “we,” “us,” and “our” refer to TrustScore, LLC, doing business as TrustScore Credit Repair.

2. Information We Collect

2.1 Information You Provide Directly

• Full legal name, email address, phone number, and mailing address
• Date of birth and last four digits of Social Security Number (SSN) for credit report retrieval
• Full SSN (encrypted) when required for identity verification and credit bureau communication
• Financial information: creditor names, account numbers, balances, payment history
• Identity verification documents: government-issued ID, utility bills, bank statements
• Communication records: emails, chat transcripts, phone call notes
• Payment information: credit/debit card numbers, billing address (processed via PCI-DSS Level 1 compliant processor)

2.2 Information We Collect Automatically

• Device information: IP address, browser type, operating system, screen resolution
• Usage data: pages visited, time spent, click patterns, referring URLs
• Cookies and tracking technologies (see Section 8)
• Geolocation data (city/state level only, for compliance and fraud prevention)

2.3 Information from Third Parties

• Credit reports from Experian, Equifax, and TransUnion (with your written authorization)
• Credit scores and credit monitoring data
• Identity verification services
• Public records and court filings

3. How We Use Your Information

• Credit Repair Services: Analyze credit reports, identify disputable items, draft and submit dispute letters to credit bureaus and creditors, track dispute outcomes
• Account Management: Create and manage your client account, dashboard access, and case history
• Communication: Send progress updates, dispute results, billing notifications, and educational content
• Legal Compliance: Comply with FCRA, CROA, GLBA, CCPA, and applicable state and federal regulations
• Service Improvement: Analyze usage patterns to improve our services, website, and user experience
• Fraud Prevention: Detect and prevent unauthorized access, identity theft, and fraudulent activity
• Marketing: With your consent, send promotional materials about our services (you may opt out at any time)

4. Legal Bases for Processing (FCRA / GLBA / CCPA)

We process your personal information under the following legal bases:

• Contractual Necessity: To perform our credit repair services as outlined in your service agreement
• Consent: For credit report access (FCRA Section 604), marketing communications, and optional data collection
• Legal Obligation: To comply with CROA record-keeping requirements, FCRA dispute procedures, GLBA privacy safeguards, and state-specific regulations
• Legitimate Interest: For fraud prevention, service improvement, and security

5. Information Sharing and Disclosure

We do NOT sell, rent, or trade your personal information. We share information only in these circumstances:

• Credit Bureaus: Experian, Equifax, and TransUnion — to submit disputes on your behalf (with your authorization)
• Creditors and Data Furnishers: To dispute inaccurate information directly with the reporting entity
• Service Providers: Payment processors, hosting providers, email services, and CRM platforms — all bound by data processing agreements
• Legal Requirements: When required by law, subpoena, court order, or government investigation
• Business Transfer: In the event of a merger, acquisition, or sale of assets (you will be notified in advance)
• With Your Consent: For any purpose you explicitly authorize

6. Your Rights Under Federal and State Law

6.1 Fair Credit Reporting Act (FCRA) Rights

• Right to obtain a free copy of your credit report annually from each bureau (AnnualCreditReport.com)
• Right to dispute inaccurate or incomplete information directly with credit bureaus
• Right to be told the name of anyone who received your credit report in the last year (two years for employment)
• Right to have inaccurate information corrected or deleted
• Right to have a consumer statement added to your file if a dispute is not resolved
• Right to have negative information removed after 7 years (10 years for bankruptcies)
• Right to opt out of prescreened credit offers (1-888-5-OPT-OUT)
• Right to place a fraud alert or credit freeze on your file
• Right to sue credit bureaus and furnishers who violate the FCRA

6.2 Gramm-Leach-Bliley Act (GLBA) Rights

• Right to receive our privacy notice before we share nonpublic personal information
• Right to opt out of having your nonpublic personal information shared with non-affiliated third parties
• Right to know how your information is collected, shared, and protected

6.3 California Consumer Privacy Act (CCPA) Rights (California Residents)

• Right to know what personal information is collected and how it is used
• Right to delete personal information collected from you
• Right to opt out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights
• Right to correct inaccurate personal information
• Right to limit the use of sensitive personal information

6.4 State-Specific Rights

Residents of Colorado, Connecticut, Utah, Virginia, Texas, Oregon, Montana, and other states with comprehensive privacy laws may have additional rights including data portability, automated decision-making opt-out, and enhanced consent requirements. Contact us at privacy@trustscore.com to exercise any state-specific right.

7. Data Security

• 256-bit AES encryption for all stored personal and financial data
• TLS 1.3 encryption for all data in transit
• SOC 2 Type II certified hosting infrastructure
• PCI-DSS Level 1 compliant payment processing
• Multi-factor authentication (MFA) for employee access to client data
• Role-based access controls with principle of least privilege
• Regular penetration testing and vulnerability assessments
• 24/7 intrusion detection and monitoring systems
• Annual third-party security audits
• Employee background checks and mandatory security training

8. Cookies and Tracking Technologies

We use the following categories of cookies:

• Essential Cookies: Required for website functionality (login sessions, security tokens)
• Analytics Cookies: Help us understand how visitors use our site (Google Analytics with IP anonymization)
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used only with your consent to deliver relevant advertisements

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect site functionality.

9. Data Retention

• Active Client Data: Retained for the duration of your service engagement plus 3 years (CROA record-keeping requirement)
• Credit Reports: Retained for the duration of active disputes plus 30 days, then securely deleted
• Financial Records: Retained for 7 years as required by federal and state law
• Communication Records: Retained for 3 years after service conclusion
• Marketing Data: Retained until you opt out or request deletion

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will delete it immediately. If you believe a child has provided us with personal information, contact us at privacy@trustscore.com.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email and/or a prominent notice on our website at least 30 days before the changes take effect. Your continued use of our services after the effective date constitutes acceptance of the updated policy.

12. Contact Us