Revision Date: 12/19/2016
Global Debt Registry. (Hereinafter referred to as “GDR”, “us” or “we”) is in the business of registering the ownership of debt (“debt”, “account”), establishing title for Debt, and recording the sale of Debt (“Debt Registry”).
GDR is in the business of facilitating the archiving and distribution of account documentation (statements, applications, promissory notes, terms and conditions, etc.) also known as media (“Media”) to and between creditors, debt owners, trustees, and servicers.
GDR is in the business of tracking interests in a debt including master and sub-servicers, document custodians and lenders.
GDR is in the business of verification and validation of the debt itself including debtor verification and validation, loan disbursement verification, loan data validation, and changes in credit risk.
GDR provides consumers a method to access and independently verify ownership and servicing of their debts.
and describes reasonable and appropriate precautions which are implemented to maintain the integrity, security and accuracy of confidential consumer information, information collected from you as a visitor to GDR Websites, and other confidential information provided to GDR by third parties.
GDR has implemented policies and practices for the purpose of protecting confidential consumer information from unauthorized access, misuse, disclosures, alteration or destruction. Security measures have been adopted which are consistent with Payment Card Industry Data Security Standard, (“PCI” or “PCI DSS”), Gramm Leach Bliley Act (“GLBA”), ISO 27002, and SSAE 16 SOC 1/SOC 2. GDR undergoes annual third party security assessments to measure compliance with these security standards and methodologies.
Should you have specific questions about the steps GDR takes to protect confidential information or maintain the accuracy and integrity of data, please contact firstname.lastname@example.org or by regular mail at
Global Debt Registry Attn: Compliance Department, 3 Mill Road, Suite 304 Wilmington, DE 19806.
Please be sure to include your name, contact information, and a general description of the issue or concern. Do not include confidential information about yourself or your accounts in the email as email is an unsecure communication medium.
Should you have concerns that confidential consumer information stored on GDR Websites is at risk or may have been compromised, please email email@example.com. Please include your name, contact information, and a general description of the issue or concern. Do not include confidential information about an account or yourself in the email as email is an unsecure communication medium.
What we collect from browsing GDR Websites
Some information about your IP address, web browser, and computer system are automatically transmitted to our web servers by default. We reserve the right to automatically collect and/or track this information including but not limited to:
Domain names, e-mail addresses, type of client computer, and type of Web browsers of visitors to our websites.
What we collect from you when you login to GDR Websites
When you enroll with DebtLookup.com, we will ask you for information about you including your name, email address and a password which you create. We ask you for this information to authenticate you when you use Debtlookup.com. We will ask you to provide additional information to access each individual debt that might be registered with Debtlookup.com including, but not necessarily limited to, the last four digits of your SSN, account number, and loan type. We ask this second set of questions to ensure we are matching the right person with their debt. If you request certain services on a GDR Website, you may be asked for additional information such as your mailing address, phone number, and best and authorized ways you can be contacted by GDR or third parties you are seeking information from.
Other GDR Services
When you login (you will have been provided login instructions), we do not ask you for any additional personal information. You may be asked to accept a user agreement which defines what can and can’t be done on the Website and with the data that you access.
What we collect when you have logged in to a GDR Website
There are times when GDR may request additional information from you or your company to assist GDR in delivering to you the requested information or it may be to confirm who you are before disseminating to you information. We may or may not store this data depending upon business need. The information we request may include contact information such as phone numbers and mailing addresses.
What we collect from Clients and Third Party Data Sources
Clients and third party data sources provide us information regarding consumer and commercial debts. This includes who owns or has owned a debt, who uses the debt as collateral, the consumer who is responsible for the debt, who issued the debt, who funds the debt, who services the debt, trustees, who is storing account documentation, and other similar types of information. This information is provided to GDR with the contractual understanding that GDR will use the information for lawful purposes and will protect this information from unauthorized access and disclosure.
Does GDR purposefully collect information from persons under 18 year of age?
GDR does not purposefully collect information from persons under 18 years of age. However, GDR does not require that age be disclosed for the use of GDR Websites and GDR has no way of determining that a user of GDR Services is under 18 years old. GDR Clients may provide to GDR information about a consumer under 18 years of age if the consumer has an account with the Client.
In the delivery of its services, GDR provides to its Clients account information including confidential consumer information. GDR does not nor has the authority to change, edit, delete or add records to its system without the direct request of the current owner or the owner’s authorized assignee. GDR may receive updates to account information from the current owner or its assignee. GDR does not change the existing record; only appends the new information to the existing account record.
GDR is not required to notify consumers when a consumer’s information is accessed, updated or removed from GDR’s Services.
Data collected from you when using GDR Services
Data collected from the use of the GDR Website and Services can be used by GDR for several purposes consistent with the following: system maintenance, data security and validation checks, for improving the delivery of services to our clients; data security and data integrity purposes; analytics to review system usage and trends; and to deliver products and services requested by a user or Client consistent with allowable purposes under the law.
Data provided by Clients and Third Parties to GDR
Data provided to GDR by Clients and third parties is used to provide certainty in the ownership of and account; improved certainty in the collateral positions of lenders to owners of a debt; improved transparency into servicing rights, validation of a consumer, and validation and verification of account information. The information provided can also be used consistent with federal and state law including the Fair Credit Reporting Act (FCRA), the Fair Debt Collection Practices Act (FDCPA), and the Gramm Leach Bliley Act (GLBA). Cardholder data provided by third parties to GDR shall be protected consistent with the Payment Card Industry Data Security Standard (PCI DSS).
What else can GDR do with the data?
We may aggregate information collected from third parties from the use of GDR Websites and Services. This information can be used by GDR to provide information about marketplace performance, consumer loan performance, and other similar types of reports and/or data. This information may be provided for free or for a fee to GDR Clients and other third parties consistent with federal and state law. This aggregated information cannot identify an individual (SSN, name), an individual’s debt (account number, payment amount, term, due date, account status, etc.), or other information deemed confidential under the law.
We may disclose personal data when we believe in good faith that the law requires it or we have received a request from law enforcement agencies to disclose the information. In these instances, we are not required to notify you of the disclosure.
We reserve the right to disclose personal data, with proper notification to you of the disclosure, in special cases when we believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with our Website, other users of our Website, or anyone else who could be harmed by such activities unless we have a good faith belief that notifying you would be contrary to applicable law.
We may share any personal data necessary to complete the type of transactions requested by you or your Company in order for you and/or your company to receive requested services. This would include disclosure to vendors which are used by GDR to complete your and/or your Company’s requested services. Any vendors receiving information must take reasonable and appropriate steps to protect confidential consumer information. This includes requiring vendors receiving cardholder information to provide reasonable and appropriate protections of cardholder data consistent with the Payment Card Industry Data Security Standard (“PCI DSS”).
What GDR cannot do with the data?
GDR or its Clients cannot use confidential consumer data provided to GDR a) as a basis for extending or denying credit to a consumer, b) to market products and services directly to a consumer via any medium/channel, and c) to disseminate to interested parties the information that is not consistent with this policy and with applicable and current law, regulation or guidance.
As a consumer, can I opt of out GDR receiving and storing my information?
Information collected by GDR is required to deliver the Services provided by GDR to its Clients. You may not opt out of having your personal information collected by GDR including information received from third parties. If the information is provided to GDR, we capture and store the information for the delivery of Services. If you decide you want to opt out of your information being included in information provided to GDR, you must notify the current owner or servicer of your account and request that the information not be provided to GDR.
You may request, via e-mail or regular mail, that we provide you with a summary of personal information we retain concerning you. If you terminate the use of the Website and notify us in writing, information collected about you will be retained in our records until GDR has met its legal requirement and contractual requirements for archiving of material or business records.
Should you believe that information provided to GDR is inaccurate, your best solution is to contact your current servicer (who you send your payments to or who is attempting to collect payments from you) to correct the information. If you do not have success, please contact GDR at:
Compliance 3 Mill Road Suite 304 Wilmington, DE 19806 Or email: firstname.lastname@example.org
If you choose email, remember that email is not a confidential communication medium. Please include contact information and an overview of your concern without disclosing detailed account data or confidential personal information.
Whether you contact GDR via mail or email, GDR will respond to your request promptly.
Our Website may include links to other Internet Websites. We encourage our partners, contributors and third parties to implement policies and practices that respect the privacy of visitors to our Website.
We reserve the right to change this policy at any time, and will provide notice of material changes on the homepage of www.globaldebtregistry,com.