Privacy Policy

Last updated on 07/08/2020

Fugu Risk Ltd., a limited liability company organized under the laws of Israel (“We” or “Fugu”) provides online merchants (each, a “Merchant”) access to a payment risk monitoring platform that monitors, records and analyzes customer behavior after check-out in order to assess the risk of fraud and the merchants ability to confront it while minimizing cart abandonment, false declines and manual labor (the “Services”). Merchants integrate our Services on their websites and mobile apps where consumers like you place orders (collectively, the “Merchant Website”). After you place an order, the Merchant Website may request that We process your personal data to provide our Services.

This Privacy Policy (the “Policy”) explains our privacy practices for our Services. It describes how We collect, use, and share personal data, and the rights and options available to you with respect to such information.

You are not obligated by law to provide us with your personal data, but the Merchant may require that you provide us with your personal data to enable the processing of orders you place. Please note that this Policy does not cover the practices or policies of Merchants, the Merchant Website, or other parties.

We collect information directly from you, from Merchants, from our service providers, from publicly available sources and through the Merchant Website and is used by us to provide Services for our Merchants, to improve those Services and as otherwise described in Section ‎2 below (“Use of Collected Information”).

Transaction Data. When you place an order with a Merchant Website, We may collect various data regarding your transaction, which may include: personal data, such as your name, email, address, the items you purchased, price paid, shipping information, and (if you have one) basic information from your account on the Merchant Website. We also may collect basic information about your payment and billing method. We do not collect or keep your complete credit card number.

Device Data. We may collect information about the personal computer or mobile device you use to access the Merchant Website. This includes the device model, operating system, unique identifiers, browser type, mobile network information, and the Internet Protocol (IP) address through which you accessed the Merchant Website.

Geo-location Data. If you use the mobile app of a Merchant Website, we may collect your geo-location when you are actively using the app. If you use the Merchant website, we may collect your city-approximate geo-location.

Analytical Data. We may collect analytical data about your interactions with the Merchant.

Cross-references. We may also cross-reference, verify, and enhance the accuracy of the data outlined above using third-party online sources such as search engines, social networks, white pages, and mapping services. If you have provided the Merchant with access to information of third-party platforms, (including social networks), we may also receive the same access permissions to the information that you made public.

When a Merchant asks us to review an order you place on a Merchant Website, We review the data of your activities across all the Merchant Websites of our Merchants as well as any other data collected. We use this data to provide the Merchant a fraud analysis indicating whether or not the order is, in our assessment, a fraudulent online transaction. It is then at the discretion of the Merchant (not Fugu’s) to accept or decline your order.

We also use the information We collect for the following purposes: (i) improving and enhancing Services and developing new services; (ii) Statistical analysis of consumers’ activities; and Enforcing this Policy and preventing misuse of the Services;

We may share the information outlined in this Policy with others, in the following instances:

With the Merchant. We may share limited elements of your personal data with the Merchant from whom you made your transaction as part of our Services and/or for the purpose of reviews, audits or dispute handling or responding to your request for access to your personal data.

With our third-party service providers. We use service providers to assist us in providing the Services. We may only share with them the limited elements of the personal data We collect which are strictly necessary for them to provide us with their service. These service providers include data sources, such as white pages, data providers, and mapping services and other similar services. We may do this in order to cross-reference, verify, and enhance the accuracy of the data that We collect. Some of these service providers may use the data We share with them for their own permitted purposes, in accordance with their own terms and policies subject to applicable law, such as Google’s Privacy Policy and Terms of Service.

With Our Partners. We may partner with certain entities, such as banks, card networks, and/or payment gateways, and may provide them with elements of your personal data in order to optimize order approval.

When required for Legal Purposes. We may share your personal data with third parties if We believe it is required by law or for the purpose of exercising legitimate legal rights. For instance, it could be necessary to share your data in order to comply with legal proceedings, to protect or exercise the legal rights of Fugu or our Merchants, or to respond to lawful requests.

With Corporate Group Entities or in a Business Transfer. We may share your personal data with our corporate group entities but their use of such information must comply with the Policy. Your data may also be shared if the operation of the Services is organized within a different framework or through another legal structure or entity, such as due to a merger or acquisition.
In addition, We may use the information we collect to compile aggregated, anonymized, or de-identified information. We may share de-identified or aggregated information with any number of parties.

We may store and process information in the US, the EU, Israel, and in other countries. We may also process information using cloud services.
We frequently process information under arrangements aimed at providing an adequate level of data protection. This may include processing in countries that the EU has determined maintain adequate data protection, the use of model contract clauses, or other mechanisms.

We implement industry standard measures to reduce risks caused by the potential loss of information, unauthorized access, or use of information. However, no measure can provide absolute information security and we cannot provide protections beyond what is within our reasonable control.

The personal data we collect is retained only for as long as necessary to provide the Services or any newly developed services under this Policy. We retain the personal data We receive from the Merchant for no more than 48 months, unless you request that We delete this information, or if it is required by us to establish, exercise, or defend against legal claims, or comply with legal obligations. When We dispense with data it is either deleted from our system or anonymize without further notice to you.

If we materially change this Policy in a manner that adversely affects your rights, or the protections afforded to your personal data, such changes will only affect the personal data we collect after the Policy change, unless you agree to us treating the personal data previously collected in accordance with the new Policy.

You may contact us with any questions or comments, at: info@fugu-it.com