📘 2025 Report:Mexico Economic Review 2025 — outlook, charts, and sector signalsRead

    Privacy Policy

    How we collect, process, protect, and share information across CRiskCo's website, platform, APIs, and reports.

    Last updated: July 2026

    This website and the CRiskCo platform are operated by CRiskCo Inc. ("CRiskCo", "we", "us", or "our"). Our registered Federal Employer Identification Number is 47-3094377 and our registered address is 1420 York Ave, New York, NY 10021, USA.

    CRiskCo provides credit intelligence, business risk analysis, data processing, monitoring, reporting, and related software services for companies, financial institutions, lenders, fintech companies, credit providers, and other business customers.

    This Privacy Policy explains how we collect, access, process, use, store, protect, share, and retain information when you use our website, software, onboarding flows, APIs, reports, products, and related services.

    1. Scope of this Privacy Policy

    This Privacy Policy applies to:

    • Visitors to our website.
    • Users of CRiskCo software, APIs, portals, dashboards, and reports.
    • Companies, business owners, applicants, legal representatives, shareholders, guarantors, obligors, or other persons related to a credit, financing, compliance, monitoring, or business-risk process.
    • Customers, partners, and institutions that use CRiskCo services.

    Depending on the service, CRiskCo may process information as a service provider acting under the instructions of a customer, or as the party responsible for specific processing activities, including model improvement, statistical analysis, product development, and generation of aggregated, derived, disassociated, or anonymized insights.

    This Privacy Policy also describes how we protect business and commercial information, even when such information is not considered personal data under applicable law.

    2. Information we may collect or process

    We may collect, access, receive, process, analyze, or store the following categories of information, depending on the service used and the authorizations provided.

    Account, contact, and website information

    This may include name, username, business name, country, email address, phone number, IP address, login information, device information, usage data, cookies, communications with us, and preferences.

    Business, tax, financial, and commercial information

    With your authorization, or under the authorization provided through the institution or customer with which you are interacting, we may access, process, and analyze information from SAT and other authorized sources, including:

    • Tax and fiscal information.
    • Digital tax invoices and related invoice metadata.
    • Revenue, expenses, customers, suppliers, commercial relationships, and business activity.
    • Tax status, tax obligations, certificates, filings, and related fiscal indicators.
    • Transactional, commercial, operational, and financial indicators.
    • Credit, risk, compliance, fraud, and monitoring signals.
    • Data obtained from public, private, contractual, regulatory, customer-provided, or authorized third-party sources.

    Related personal information

    Where applicable, we may process information related to individuals connected to a company, application, or account, including legal representatives, shareholders, beneficial owners, authorized users, guarantors, obligors, applicants, employees, customers, suppliers, or other related persons.

    This may include identification, contact, role, authorization, relationship, and other information relevant to credit evaluation, business verification, compliance, fraud prevention, or risk analysis.

    3. How we use information

    We may use information for the following purposes.

    Primary service purposes

    We use information to provide, operate, and improve our services, including:

    • Financial analysis.
    • Credit evaluation and credit intelligence.
    • Risk analysis and risk prevention.
    • Fraud prevention and validation.
    • Business verification and compliance review.
    • Generation of reports, scores, alerts, dashboards, and monitoring outputs.
    • Delivery of results to the institution, customer, partner, or entity with which you are submitting an application or maintaining a business relationship.
    • Operation, security, support, troubleshooting, and maintenance of our platform, APIs, and services.
    • Compliance with contractual, legal, regulatory, audit, and security obligations.

    Model improvement, analytics, and product development

    We may use information to develop, train, validate, calibrate, monitor, update, and improve analytical, predictive, statistical, and risk models, including FinScore and other CRiskCo models.

    We may also use information to generate statistical indicators, benchmarks, market analysis, sector analysis, risk trends, portfolio insights, business intelligence, and other analytical outputs.

    Aggregated, derived, disassociated, or anonymized information

    CRiskCo may generate, use, share, license, or commercialize aggregated, statistical, derived, disassociated, or anonymized information, provided that such information does not identify and cannot reasonably be used to identify a company, user, applicant, legal representative, shareholder, customer, supplier, employee, guarantor, obligor, beneficial owner, or other related person.

    CRiskCo does not sell identifiable personal information or identifiable company-specific commercial information except where authorized, required by law, required by contract, or otherwise permitted under an applicable legal basis.

    4. Legal bases and authorization

    We process information based on one or more of the following legal bases, depending on the context:

    • Your consent or authorization.
    • The consent or authorization provided through a customer, partner, or institution.
    • The performance of a contract.
    • Compliance with legal or regulatory obligations.
    • Legitimate business purposes related to providing, protecting, improving, and developing our services.
    • Other legal bases permitted under applicable law.

    Where required, we will request consent or authorization before accessing or processing information from tax authorities (SAT in Mexico and LATAM), accounting firms or other authorized sources.

    5. Sharing and disclosure of information

    We may share or disclose information with:

    • The financial institution, lender, fintech, customer, partner, or entity with which you are submitting an application or maintaining a business relationship.
    • Service providers, technology vendors, hosting providers, cloud infrastructure providers, security vendors, analytics providers, and professional advisors who support our services.
    • Affiliates, subsidiaries, successors, or parties involved in a merger, acquisition, financing, restructuring, sale of assets, or similar corporate transaction.
    • Authorities, regulators, courts, or third parties when required by law, legal process, contractual obligation, or to protect rights, security, users, customers, or the integrity of our services.

    We require service providers and vendors to protect information and use it only for the purposes for which they provide services to us, unless otherwise permitted by law or contract.

    6. Security

    We use administrative, technical, and physical safeguards designed to protect information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

    These safeguards may include encryption, access controls, authentication, monitoring, logging, segmentation, secure infrastructure, confidentiality obligations, and restricted access based on business need.

    No system is completely secure. However, we work to apply security measures appropriate to the nature of the information and the risks involved.

    7. Data retention

    We retain information for as long as necessary to provide our services, comply with legal, regulatory, contractual, audit, tax, accounting, security, and operational obligations, resolve disputes, enforce agreements, improve our models and services, and maintain appropriate business records.

    When information is no longer required for the purposes for which it was processed, we may delete it, block it, aggregate it, disassociate it, anonymize it, or retain it where permitted or required by law.

    8. Your rights and choices

    Depending on your location and applicable law, you may have rights to access, correct, update, cancel, delete, oppose, restrict, or request information about the processing of your personal data. These rights may include ARCO rights where Mexican data protection law applies.

    You may also request revocation of your consent where applicable. Revocation may affect our ability to provide certain services or may be limited where continued processing is required or permitted by law, contract, regulatory obligation, security need, or legitimate retention requirement.

    To exercise your rights or submit a privacy request, please contact us at: contact@criskco.com.

    We may request information to verify your identity, authority, or relationship to the relevant company, application, or account before processing your request.

    9. Cookies and website technologies

    We may use cookies and similar technologies to operate the website, authenticate users, remember preferences, improve user experience, analyze usage, secure our services, and support marketing or communication activities.

    You can manage cookies through your browser settings. Some cookies may be necessary for the website or platform to function properly.

    10. International data processing

    CRiskCo operates internationally and may process or store information in the United States, Mexico, Israel, or other locations where we, our affiliates, our customers, or our service providers operate.

    When information is processed internationally, we take reasonable steps to protect it in accordance with this Privacy Policy, contractual obligations, and applicable law.

    11. Children

    Our services are intended for businesses, financial institutions, and adult users. We do not knowingly collect personal information from children through our business services.

    12. Changes to this Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal requirements, business practices, or data-processing activities.

    The updated version will be posted on this page with the "Last updated" date. Where required by law, we may provide additional notice or request additional consent.

    13. Contact us

    For privacy questions, requests, or complaints, please contact: contact@criskco.com.

    Applicant, SAT, and Financial Data Processing Notice

    When you submit an application, complete an onboarding flow, authorize access to SAT or another authorized source, or interact with a financial institution, lender, fintech, credit provider, customer, or partner that uses CRiskCo services, this Privacy Policy also serves as our privacy notice for the processing of your business, tax, financial, commercial, and transactional information.

    With your authorization, or under the authorization provided through the institution or customer with which you are interacting, CRiskCo may consult, obtain, access, receive, process, analyze, store, and use information from SAT and other authorized sources.

    This information may include tax and fiscal information, digital tax invoices and invoice metadata, revenue, expenses, customers, suppliers, commercial relationships, business activity, tax status, tax obligations, financial indicators, transactional patterns, credit-risk indicators, fraud-risk indicators, compliance indicators, and other information relevant to financial analysis, credit evaluation, monitoring, reporting, risk prevention, and business verification.

    CRiskCo may use this information to provide credit intelligence, financial analysis, risk analysis, fraud prevention, monitoring, alerts, reports, scores, dashboards, and analytical outputs to the institution, customer, partner, or entity with which you are submitting an application or maintaining a business relationship.

    CRiskCo may also use this information to develop, train, validate, calibrate, update, and improve analytical, predictive, statistical, and risk models, including FinScore and other CRiskCo models, and to generate statistical indicators, benchmarks, market analysis, sector analysis, portfolio insights, and other analytical outputs.

    CRiskCo may generate, use, share, license, or commercialize aggregated, statistical, derived, disassociated, or anonymized information, provided that such information does not identify and cannot reasonably be used to identify you, your company, your legal representatives, shareholders, employees, guarantors, obligors, beneficial owners, or other related persons.

    You may request information about the processing of your personal data, exercise applicable privacy rights, or request revocation of your authorization by contacting CRiskCo at contact@criskco.com. Revocation may affect our ability to provide certain services and may be limited where continued processing is required or permitted by law, contract, regulatory obligation, security need, or legitimate retention requirement.

    CRiskCo Inc.
    Email: contact@criskco.com

    © 2026 CRiskCo Inc. All rights reserved.

    Explore More