Files
dre/deliverables/PRIVACY_POLICY_DRAFT.md
2026-07-15 17:32:00 -04:00

16 KiB

Privacy Policy — Debt Recovery Experts (DRE)

Website: https://debtrecoveryexperts.com
Business Name: Debt Recovery Experts (DRE)
Jurisdiction: State of Texas, USA
Effective Date: [Date to be inserted upon legal approval]
Status: ⚠️ DRAFT — FOR LEGAL REVIEW ONLY

IMPORTANT DISCLAIMER: This document is a draft prepared for initial review and discussion. It has not been reviewed or approved by a licensed attorney. It must be reviewed, edited, and approved by a licensed Texas attorney before being used, posted, or presented to any client, customer, or third party. Debt Recovery Experts (DRE) assumes no liability for the use of this draft prior to legal review.


1. Introduction

Debt Recovery Experts ("DRE," "we," "us," or "our") is committed to protecting the privacy of individuals who use our website (https://debtrecoveryexperts.com, the "Site") and our debt recovery services (the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Site or use our Services.

Please read this Privacy Policy carefully. By accessing the Site or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, do not use the Site or Services.

This policy applies to:

  • Clients (individuals and businesses submitting claims for debt recovery).
  • Visitors to our website.
  • Debtors whose information we receive as part of the debt collection process.

2. Information We Collect

We collect information in the following ways: (a) information you voluntarily provide to us, (b) information we collect automatically when you use the Site, and (c) information we receive from third parties.

2.1 Information You Provide to Us

Account Information:

  • Full name
  • Business name (if applicable)
  • Email address
  • Phone number
  • Mailing address
  • Username and password

Claim and Financial Information:

  • Social Security Number (SSN) or Employer Identification Number (EIN)
  • Tax identification numbers
  • Bank account and routing numbers (for disbursement)
  • Debt details (amount, date incurred, nature of the debt)
  • Debtor information (name, address, phone number, email)
  • Supporting documentation (contracts, invoices, statements, correspondence, payment records)
  • Any other information you choose to upload or provide in connection with a claim

Communication Information:

  • Records of correspondence with us via email, phone, or the Site
  • Records of communications with debtors (if provided)

Notarization Information (RON):

  • Government-issued identification (driver's license, passport, or other ID)
  • Video and audio recordings of the online notarization session
  • Digital signature records

2.2 Information Collected Automatically

When you visit our Site, we may automatically collect:

  • Log Data: IP address, browser type, operating system, referring URLs, pages viewed, and time/date stamps.
  • Device Information: Device type, screen resolution, and browser settings.
  • Usage Data: How you interact with the Site, including features used and actions taken.
  • Cookies and Tracking Technologies: See Section 9 (Cookie Policy).

2.3 Information from Third Parties

We may receive information from:

  • Notary Services: Confirmation of identity verification and notarization records.
  • Payment Processors: Payment confirmation and transaction details (we do not store full payment card numbers).
  • Credit Reporting Agencies: Skip tracing and debtor location information (where permitted by law).
  • Public Records: Information from court records, public databases, and other lawful sources.

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

  • Processing and evaluating debt recovery claims.
  • Communicating with you regarding your account and claims.
  • Executing Limited Powers of Attorney via online notarization.
  • Collecting debts on your behalf.
  • Processing payments and disbursing funds.
  • Complying with the Fair Debt Collection Practices Act (FDCPA), Texas Finance Code, and other applicable laws.
  • Responding to lawful requests from government authorities.
  • Establishing, exercising, or defending legal claims.
  • Detecting and preventing fraud, abuse, or illegal activity.

3.3 Business Operations

  • Managing your account and providing customer support.
  • Improving our Site and Services.
  • Sending administrative notices, updates, and security alerts.
  • Conducting analytics and research (using anonymized or aggregated data).

3.4 Communication

  • Responding to your inquiries and requests.
  • Sending service-related notifications (e.g., claim status updates, fee disclosures).
  • As permitted by law, sending marketing communications about our Services. You may opt out of marketing communications at any time.

4. How We Share Your Information

We may share your information with the following categories of third parties:

4.1 Service Providers

Provider Type Purpose Data Shared
Online Notary Services Remote Online Notarization (RON) of LPOA documents Name, ID documents, video/audio of notarization session, digital signature
Certified Mail Services Service of legal process and demand letters Debtor name and address, correspondence content
Payment Processors Disbursement of collected funds Name, bank account/routing number, payment amount
Legal Counsel Legal advice, litigation, and compliance Claim documents, debtor information, correspondence records
IT and Cloud Services Data storage, hosting, and security All categories of data stored on our systems
Analytics Providers Website analytics (anonymized) Aggregated, non-identifiable website usage data

4.2 Cloudflare Turnstile

This website uses Cloudflare Turnstile, a free bot detection service provided by Cloudflare, Inc., to protect against spam and abusive traffic. Turnstile collects certain device and network information (including IP address, browser type, operating system, and user agent) solely for the purpose of security verification. This processing is governed by the Cloudflare Turnstile Privacy Addendum. By submitting forms on this site, you acknowledge and agree to the processing of this data by Cloudflare.

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to:

  • Comply with a legal obligation, court order, or governmental request.
  • Protect and defend the rights, property, or safety of DRE, our clients, or others.
  • Investigate, prevent, or take action regarding suspected fraud or illegal activity.
  • Enforce our Terms of Service or other agreements.

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

We may share your information with third parties when you have given us explicit consent to do so.

4.6 We Do Not Sell Your Information

DRE does not sell, rent, or trade your personal information to third parties for their own marketing purposes. This includes compliance with the Texas Data Privacy and Security Act and similar state laws.

5. Data Security

We implement reasonable and appropriate technical, administrative, and physical security measures to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include:

5.1 Technical Safeguards

  • Encryption: Data is encrypted in transit using TLS/SSL protocols and at rest using AES-256 encryption.
  • Access Controls: Role-based access controls restrict data access to authorized personnel only.
  • Firewalls and Intrusion Detection: Network security measures to prevent unauthorized access.
  • Multi-Factor Authentication: Required for administrative access to systems containing sensitive data.
  • Regular Security Assessments: Periodic vulnerability scans and penetration testing.

5.2 Administrative Safeguards

  • Employee training on data privacy and security practices.
  • Written information security policies and procedures.
  • Background checks for employees with access to sensitive data.
  • Incident response plan for data breaches.

5.3 Physical Safeguards

  • Secure data center facilities with restricted access.
  • Locked storage for physical documents (if applicable).

5.4 No Guarantee

While we take security seriously, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your information.

6. Data Retention and Deletion

6.1 Retention Periods

We retain your information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Data Type Retention Period Rationale
Account information Duration of account + 3 years Business records and legal compliance
Claim documentation 5 years after claim closure Statute of limitations, legal defense
Notarization records As required by Texas notary law Texas Government Code Chapter 406
Financial/payment records 7 years IRS and tax compliance
Communications 3 years Dispute resolution and legal compliance
Website analytics (anonymized) 2 years Business analysis
Log data 12 months Security monitoring

6.2 Deletion

Upon expiration of the applicable retention period, your information will be securely deleted or anonymized so that it can no longer be associated with you.

6.3 Account Closure

When you close your account or we terminate your account, we will retain your information only as required by applicable law or for legitimate business purposes (e.g., legal holds, dispute resolution). After the required retention period, the data will be securely deleted.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

7.1 Right to Access

You may request access to the personal information we hold about you, including a copy of the data and information about how we process it.

7.2 Right to Correct

You may request that we correct any inaccurate or incomplete personal information we hold about you.

7.3 Right to Delete

You may request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, active claims, or legitimate business purposes).

7.4 Right to Restrict Processing

You may request that we restrict the processing of your information in certain circumstances.

7.5 Right to Data Portability

You may request a copy of your data in a structured, commonly used, machine-readable format.

7.6 Right to Object

You may object to the processing of your information for direct marketing purposes at any time.

7.7 Texas Privacy Rights

If you are a Texas resident, the Texas Data Privacy and Security Act (effective July 1, 2024) may provide you with additional rights regarding your personal data, including the right to opt out of targeted advertising and profiling. DRE does not engage in targeted advertising or profiling that triggers these additional rights.

7.8 How to Exercise Your Rights

To exercise any of these rights, please contact us using the information in Section 14. We will respond to your request within forty-five (45) calendar days, as required by applicable law. We may need to verify your identity before processing your request.

8. Texas Privacy Law Compliance

DRE complies with applicable Texas privacy laws, including:

  • Texas Finance Code Chapter 392 (Debt Collection): Governing the collection of debts from Texas consumers.
  • Texas Business and Commerce Code Chapter 541 (Identity Theft): Regarding the protection of personal identifying information.
  • Texas Data Privacy and Security Act (Tex. Bus. & Com. Code § 541.001 et seq.): Governing the processing of personal data of Texas residents.
  • Texas Government Code § 406.101 et seq. (Remote Online Notarization): Governing the retention and handling of notarization records.

9.1 What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help the website function properly, improve user experience, and provide analytics.

9.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential/Strictly Necessary Required for Site functionality (login, security, navigation) Session / persistent
Functional Remember preferences and settings Persistent (up to 1 year)
Analytics/Performance Understand how visitors use the Site (page views, load times, error reports) Persistent (up to 2 years)
Marketing Not used. DRE does not use tracking cookies for advertising or targeted marketing. N/A

9.3 Analytics Providers

We may use services such as Google Analytics or similar providers to collect anonymized information about Site usage. These providers use cookies that do not directly identify you.

9.4 Your Choices

Most browsers allow you to control cookies through browser settings. You may block or delete cookies, but this may affect Site functionality. To opt out of Google Analytics, visit: https://tools.google.com/dlpage/gaoptout.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

Our Site may contain links to third-party websites or services (e.g., notary platforms, payment processors). This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you use.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Effective Date." Material changes will be communicated via email (if we have your email address) or through a notice on the Site. Your continued use of the Services after changes take effect constitutes acceptance of the updated Privacy Policy.

13. Data Breach Notification

In the event of a data breach that compromises your personal information, DRE will:

  1. Notify you without unreasonable delay, consistent with the legitimate needs of law enforcement.
  2. Provide information about the nature of the breach, the types of data involved, and steps we are taking to address it.
  3. Comply with all applicable breach notification laws, including those under Texas law.

14. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Debt Recovery Experts (DRE)
[Address to be inserted]
[City, TX Zip Code]
Email: [Privacy email to be inserted]
Phone: [Phone to be inserted]

Data Protection Contact: [Name/Title to be inserted]

15. Complaints

If you believe we have violated your privacy rights, you have the right to file a complaint with:

Texas Attorney General
Consumer Protection Division
P.O. Box 12548
Austin, TX 78711-2548
Phone: (800) 621-0508
Website: https://www.texasattorneygeneral.gov


⚠️ FINAL DISCLAIMER

THIS IS A DRAFT DOCUMENT. IT HAS NOT BEEN REVIEWED OR APPROVED BY ANY ATTORNEY. IT IS PROVIDED FOR DISCUSSION AND REVIEW PURPOSES ONLY.

BEFORE USING THIS DOCUMENT:

  1. A licensed Texas attorney must review and approve this Privacy Policy.
  2. All bracketed fields ([Address], [Email], [Phone], etc.) must be completed.
  3. The Texas Data Privacy and Security Act compliance provisions (Section 8 and Section 7.7) should be reviewed to ensure they align with the attorney's interpretation of the Act.
  4. Cookie policy disclosures should be reviewed for compliance with evolving state and federal law.
  5. Data retention periods should be confirmed against specific legal requirements for debt collection businesses in Texas.
  6. Consider whether additional state-specific privacy notices are required for clients in other states.

© 2026 Debt Recovery Experts (DRE). All rights reserved.