How Lexington Law Protects Customer Data

Lexington Law Protects Customer Data

It seems like every week or two, another breach of consumer trust comes to light. From government agencies to department stores, banks to social networks, it is clear that criminals and hackers have their sights set on our personal information.

The Equifax data breach, which first came to light in September 2017, affected a mind-boggling 145.5 million Americans. More than half the adult population of the United States found their names, social security numbers, birth dates, addresses, and, in some cases, driver’s license information compromised. Over 209,000 credit card numbers were stolen, as were dispute documents for over 182,000 people.

While the country was still reeling from that situation, Facebook’s Cambridge Analytica scandal hit the headlines. In this case, “only” 87 million people saw their personal data — which they trusted Facebook to protect — shared with unauthorized entities, starting as far back as 2014. Cambridge Analytica collected personal information from millions of unsuspecting Facebook users due to a security flaw in Facebook’s Open Graph framework, which has since been fixed. In this case, the breach would not result in financial loss, but instead, may have potentially impacted Great Britain’s Brexit vote and the outcome of the 2016 Presidential election.

These and similar events have left an understandably sour taste in many mouths. Sometimes, it feels like there is no one we can really trust. It is important, however, to step back and take in the “big picture” when considering this subject.

At times, there have been errors in the way some organizations have handled the data entrusted to them, and regrettable delays in notifying affected parties. But, by and large, entities whose activity requires access to protected information are making concerted efforts to protect sensitive data on behalf of their customers.

Lexington Law is proud to count ourselves among that number.

What data does Lexington Law collect, and why?

As an organization dedicated to helping individuals improve their credit scores through strategic education, behavioral change, and legal support, we do need to collect a significant amount of sensitive personal information from our customers.

As noted in our official Privacy Policy, our customers “may provide Lexington a variety of personal information, including your name, mailing address, email address, phone number, payment information, and tax identification number.”

Additionally, “Lexington may supplement the personal information you provide with personal information available from other sources, such as public databases, data aggregators, and other commercially available sources.”

In simple terms, this means we need to collect a significant amount of personal identifying information from our customers directly and other sources they have previously used, in order to offer our services. The personal information we collect allows us to access your credit history, review your current credit score and report, and make informed recommendations to help you improve your financial standing. It also allows us to act on your behalf when contacting creditors, or otherwise working for the betterment of your credit situation.

In an effort to continually improve our offerings, “Lexington also may use your personal information for research, development, and analysis, and for advertising, marketing, product and service offerings, security, fraud prevention, and other business activities.”

Who can access our customers’ personal information?

First and foremost, all our customers can access and control their own information by logging into their personal accounts. Most information can be quickly updated and/or deleted at the customer’s discretion, although there are exceptions to this rule where legal or regulatory requirements demand retention.

We will share customer information with commercial partners of Lexington Law, but only with the customer’s express consent, or when our own contractual relationship with these entities guarantees they will maintain the same high standards of confidentiality we demand of ourselves. Outside of those circumstances, the only other release of protected customer data would be in compliance with legal obligation, and then, only when no other option is possible or practical.

How is all that customer data protected?

To keep things clear, we want to include exactly what is stated in our Privacy Policy:

“Lexington takes precautions to safeguard your personal information from loss, theft, and misuse, as well as unauthorized access, disclosure, alteration, and destruction. These precautions include technical, physical, and managerial procedures.

“Lexington uses Secure Sockets Layer (SSL) encryption on all pages where personal information is collected. This protects the confidentiality of your personal information while it is transmitted over the Internet.

Beyond preventing customer data from falling into the wrong hands, we also want to make sure that data is consistently protected for future access by the customer:

“We work to protect data from accidental or malicious destruction. Accordingly, we may not immediately delete or change residual copies and we may not delete or change information from our backup systems. Unless a disproportionate effort is required, we will provide information access and correction without charge.

What can you do, as a client of Lexington Law, to stay vigilant?

While we take our responsibility to protect your data very seriously, it behooves all consumers to take data security into their own hands as well.

For your own protection, you should always exercise care with the information you share over the Internet. Educate yourself on common identity theft pitfalls and actively protect yourself. For example, always use a secure browser and exercise good judgment in using passwords, such as using a combination of upper and lower case letters, numbers, special characters, and you should avoid using the same or similar passwords across multiple sites. Be very wary of public Wi-Fi hotspots, and never transmit or access sensitive information when connected to an unsecured network.

Since email and instant messaging are not recognized as secure communications, we will never solicit personal identifying information via these channels. We strongly recommend that you not send private information to us by email or instant messaging services.

Finally, we realize cybercrime is only escalating and identity thieves are always working diligently to figure out new and creative ways to part people and organizations from the personal information we want to protect. Therefore, we regularly review our compliance with our Privacy Policy and enforce safeguards within the company. And, we’re constantly considering our policies and strategies in light of the latest information.

If you are currently a client of Lexington Law, or if you are considering partnering with us to improve your credit situation, you can be confident in our commitment to protecting your data.

You can also carry on the conversation on our social media platforms. Like and follow us on Facebook and leave us a tweet on Twitter.