JuicyScore is the first global device bureau without any personal data. Our system is fully compliant with Russia legislation on personal data as well as GDPR.
Our technology is aimed
- to show the value of non-personal data;
- to increase the level of security of the end-users via restriction of personal and biometric data collection;
- to present the ease of use of non-personal data as an alternative to personal data.
We are very cautious with any external data
- We are not using personal data (full name, passport details, addresses, contact and payment data, public IDs, other direct identifiers);
- We are using only our proprietary cookies based on the signed mutual agreement;
- We do not synchronize our cookies with third parties — cookies are used only for user trace route and web traffic analysis to identify potentially fraudulent behaviour;
- We do not collect and store keystroke dynamics information on real key scan codes to avoid personal data collection;
- Applicants device and behaviour data collected from partners’ websites and mobile apps are stored for 90 days. Moreover, the data will be removed in case of direct request on these data;
- Our partners-financial institutions that are using our service may define the set of non-personal data fields to be collected from their websites and mobile apps;
- Opt-out functionality allows removing the collected data (such as cookie, etc) on direct end-user request.
The ease of use
- Installing JuicyScore script to the website and/or mobile app;
- Defining data collection and transferring options;
- Getting response from the service, containing the score, stochastic device ID, stochastic user ID and wide range of attributes for decision engine, fraud prevention rules, credit and insurance applications approval rate increase.
Data collection and analysis — our know-how
- JuicyScore Users are the financial institutions only. Registered in Russia or in any other jurisdiction these institutions must provide certified financial services such as secured or unsecured loans and/or voluntary or obligatory insurance products, etc. Data subject or Subject is a web-site / web-portal visitor or mobile application virtual user who may have been or may not have been identified within the legislation requirements of User’s country operations.
- JuicyScore technology is deeply embedded into User’s operational process and is entitled to exchange data basing on legitimate basis only such as: mutual non-disclosure agreement, agreement of confidentiality with a specified goal, service agreement, license agreement or any other agreement. (EU GDPR, Article 13, legitimate basis).
- Collected on User’s web resources Subjects’ data is allowed to be processed by JuicyScore for credit or operational risk evaluation and reduction, or any other types of risk which may lead to financial damage or losses and/or User’s company brand damage or Subject’s damage (EU GDPR, Article 13, legitimate basis).
- JuicyScore sessions are not synchronised with third parties. JuicyScore sessions cannot be used for targeted advertising or active marketing purposes (EU GDPR, Article 21).
- JuicyScore follows the principles of necessity and sufficiency in terms of Subject’s data collection on User’s web resources, taking into consideration the reasonable expectations of Data subjects based on their relationship with the User. List of data attributes collected by JuicyScore is open; it contains device, software and connection characteristics, which are allowed for collection by device software settings. JuicyScore is also compliant with online behaviour ethics code, end-user security rules, and Apple and Google standards for mobile applications development (EU GDPR, Recital 47 and Article 6(1)(f)).
- JuicyScore does not collect Subjects’ data which may override their interests or the fundamental rights and freedoms. JuicyScore does not process Subjects’ data attributes such as full name, contact data including full registration or mail delivery address, full phone numbers, full e-mail address, passport or any other direct identities, as well as sensitive data like disposable income, expenses, religion and so on (EU GDPR, Recital 47).
- Users in EU jurisdiction must notify their Subjects about device fingerprinting mechanisms and/or external sessions running on their online resources. This notification must be present before Subjects enter the page(s) created with mentioned mechanisms and/or containing mentioned sessions.
- JuicyScore sessions should be classified as essential cookies; Subject’s decline for such cookies should be treated as a decline to continue a visit of the web-portal or application process session termination (EU GDPR, Article 21).
- JuicyScore response is provided only on User’s request; JuicyScore is not accountable for any actions which were taken or were not taken with the JuicyScore provided data vector on User’s request.