Wasatch Credit Consulting, LLC Effective Date: March 11, 2026 | Last Updated: March 11, 2026

1. Introduction

Wasatch Credit Consulting, LLC (“Company,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, store, and safeguard your information when you visit our website at wasatchcredco.com (the “Site”), use our credit repair and credit restoration services (the “Services”), communicate with us via telephone, email, SMS, or any other means, or otherwise interact with us. By accessing our Site, using our Services, or providing your information to us, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access our Site or use our Services. Your data will be stored and processed in whole or in part in the United States. If you access our Site or use our Services from outside the United States, your usage constitutes consent to the transfer of your data out of your country and to the United States, where data protection laws may differ from those in your jurisdiction.

2. Information We Collect

We collect information about you in a variety of ways, depending on how you interact with us:

A. Personal Information You Provide Directly

When you register for our Services, submit forms on our Site, or communicate with us, we may collect:

• Contact Information: Full legal name, email address, phone number(s), mailing address, and other contact data
• Identification Information: Social Security Number, date of birth, driver’s license number, and government-issued identification numbers as required for credit dispute processes
• Financial Information: Credit reports, credit scores, account numbers, creditor information, payment history, and other financial data necessary to perform our Services
• Payment Information: Billing address, credit card or debit card numbers, bank account information, and other payment-related data processed through our secure payment systems
• Communication Records: Records of all correspondence with us, including emails, phone calls, text messages, live chat transcripts, and messages through our client portal
• Authorization Documents: Signed service agreements, powers of attorney, dispute authorization forms, and other legal documents

B. Information Collected Automatically

When you visit our Site, we may automatically collect certain information, including:

• Device Information: IP address, browser type and version, operating system, device type, screen resolution, and unique device identifiers
• Usage Data: Pages visited, time and date of visits, time spent on pages, clickstream data, referring URL, and browsing patterns
• Location Data: General geographic location derived from your IP address
• Log Data: Server logs, error reports, and diagnostic data

C. Information from Third Parties

We may receive information about you from third parties, including:

• Credit reporting agencies (Equifax, Experian, TransUnion)
• Creditors, lenders, and collection agencies in connection with dispute processes
• Identity verification service providers
• Payment processors and financial institutions
• Analytics and marketing service providers

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide credit repair, credit restoration, and credit education services as described in your service agreement
• Credit Disputes: To prepare, submit, and track dispute letters to credit reporting agencies, creditors, and collection agencies on your behalf
• Account Administration: To create and manage your client account, process payments, and maintain accurate records
• Communication: To communicate with you about your account, service updates, dispute progress, appointment scheduling, and other service-related matters
• Compliance: To comply with applicable laws and regulations, including the Credit Repair Organizations Act (CROA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), and other federal and state consumer protection laws
• Improvement: To analyze usage patterns, improve our Services, enhance our website, and develop new features
• Security: To detect, prevent, and address fraud, unauthorized access, and other security issues
• Legal: To establish, exercise, or defend legal claims and to respond to legal process
• Marketing: To send you promotional communications about our Services, but only if you have opted in to receive such communications

4. Legal Basis for Processing

We process your personal information based on one or more of the following legal grounds:

• Contractual Necessity: Processing is necessary to perform our obligations under your service agreement
• Legal Obligation: Processing is required to comply with applicable laws, regulations, or legal processes
• Consent: You have given us explicit consent to process your information for specific purposes (e.g., SMS communications, marketing)
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention and service improvement, provided such interests are not overridden by your rights

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information only in the following limited circumstances:

• Credit Reporting Agencies: To submit disputes, verify information, and obtain credit reports on your behalf as authorized by you
• Creditors and Collection Agencies: To communicate regarding disputed items, negotiate resolutions, and verify account information on your behalf
• Service Providers: With trusted third-party vendors who assist us in operating our business, including payment processors, cloud hosting providers, and email delivery services, all of whom are bound by contractual confidentiality obligations
• Legal Requirements: When we believe in good faith that disclosure is necessary to comply with applicable law, regulation, or legal process; to enforce our agreements; to protect the rights, property, or safety of our company, clients, or the public; or to address fraud or security issues
• Business Transfers: In connection with any merger, acquisition, reorganization, or sale of assets, your information may be transferred as a business asset. We will provide notice before your information becomes subject to a different privacy policy
• With Your Consent: We may share your information when you have given us your explicit consent to do so

6. SMS and Phone Number Privacy

We maintain strict policies regarding SMS consent and phone number usage:

• Information obtained as part of the SMS consent process will NOT be shared with third parties or affiliates for marketing purposes.
• Your phone number is treated with the utmost confidentiality and is used solely for the purposes explicitly stated in this Privacy Policy and our Terms of Service.
• SMS communications are limited to service-related updates, appointment reminders, credit dispute notifications, account notifications, and other communications directly related to our Services.
• You may opt out of SMS communications at any time by replying STOP to any message or contacting us directly.
• For assistance with SMS communications, reply HELP to any message or contact us at 435-990-5686 or [email protected].

7. Data Security

We take the security of your personal information seriously and implement robust, industry-standard technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, destruction, or loss. These measures include, but are not limited to:

• Encryption: Sensitive data is encrypted in transit (TLS/SSL) and at rest using industry-standard encryption protocols
• Access Controls: Strict role-based access controls limit access to personal information to only those with a legitimate business need
• Secure Infrastructure: Our systems are hosted on secure servers with firewalls, intrusion detection systems, and regular security monitoring
• Employee Training: All employees and contractors receive regular training on data protection and security best practices
• Incident Response: We maintain documented incident response procedures to promptly address any data security breaches
• Regular Audits: We conduct periodic security assessments to identify and address vulnerabilities

While we employ commercially reasonable security measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest practicable level of protection.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected:

• Active Clients: For the duration of our service relationship plus the applicable statute of limitations period
• Former Clients: Records are retained for a minimum of seven (7) years following termination of services, or as required by applicable law
• Legal and Compliance Records: As required by federal and state law, including the CROA, FCRA, GLBA, and state record retention requirements
• Website and Usage Data: Anonymized analytics data may be retained indefinitely for service improvement

When personal information is no longer needed, we will securely destroy or anonymize it in accordance with our data retention and destruction policies.

9. Cookies and Tracking Technologies

A. What Are Cookies

Cookies are small data files placed on your device when you visit a website. They help websites function properly, remember your preferences, and provide information to the site owners.

B. Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the operation of our Site
• Functional Cookies: Enable enhanced functionality and personalization
• Analytics Cookies: Help us understand how visitors interact with our Site
• Marketing Cookies: Used to display relevant advertisements (only with your consent)

C. Your Cookie Choices

Most web browsers are set to accept cookies by default. You can modify your browser settings to decline cookies or alert you when cookies are being sent. Disabling cookies may affect the functionality of certain features of our Site.

D. Do Not Track Signals

Some browsers offer a “Do Not Track” (DNT) feature. Our Site does not currently respond to DNT signals. You may opt out of certain tracking by adjusting your browser settings.

10. Your Rights

You have the following rights regarding your personal information, subject to applicable law:

• Right to Access: You may request a copy of the personal information we hold about you
• Right to Correction: You may request correction of any inaccurate or incomplete information
• Right to Deletion: You may request deletion of your personal information, subject to legal retention requirements
• Right to Data Portability: You may request your personal information in a structured, machine-readable format
• Right to Object: You may object to certain processing, including direct marketing
• Right to Restrict Processing: You may request that we limit processing under certain circumstances
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time
• Right to Opt Out of Marketing: You may opt out of marketing communications at any time
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise any of these rights, please contact us using the information in Section 18. We will respond within forty-five (45) days of receipt. We may request verification of your identity before processing your request.

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

A. Right to Know

You have the right to request disclosure of the categories and specific pieces of personal information we have collected, the sources, the purposes, and the third parties with whom we share it.

B. Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

C. Right to Correct

You have the right to request correction of inaccurate personal information.

D. Right to Opt Out of Sale or Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. If this changes, we will update this Privacy Policy and provide you with the right to opt out.

E. Right to Limit Use of Sensitive Personal Information

You have the right to limit the use of your sensitive personal information to uses necessary to perform the services you request.

F. Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights.

G. Authorized Agent

You may designate an authorized agent to submit requests on your behalf. We may require verification of identity and authority.

H. Categories of Personal Information Collected

In the preceding twelve (12) months, we have collected the following categories of personal information:

Category	Examples	Collected
Identifiers	Name, email, phone, SSN, address	Yes
Financial Information	Credit reports, account numbers, payment info	Yes
Commercial Information	Services purchased, service history	Yes
Internet/Network Activity	Browsing history, site interactions	Yes
Geolocation Data	Approximate location from IP address	Yes
Sensitive Personal Information	SSN, financial account details	Yes
Professional/Employment Info	Employment status (if provided)	Yes

12. Utah Consumer Privacy Act (UCPA)

If you are a Utah resident, you have rights under the Utah Consumer Privacy Act (UCPA), effective December 31, 2023, including the right to access, delete, and obtain a portable copy of your personal data, as well as the right to opt out of targeted advertising or the sale of personal data. To exercise your rights under the UCPA, please contact us using the information in Section 18.

13. Nevada Privacy Rights

If you are a Nevada resident, you have the right under Nevada Revised Statutes Chapter 603A to direct us not to sell your covered information. We do not currently sell covered information as defined under Nevada law. To submit a request, please contact us using the information in Section 18.

14. Gramm-Leach-Bliley Act (GLBA) Compliance

As a company that provides financial services, we are committed to compliance with the Gramm-Leach-Bliley Act (GLBA) and its implementing regulations, including the Safeguards Rule. We:

• Maintain a comprehensive written information security program to protect the security, confidentiality, and integrity of nonpublic personal information (NPI)
• Designate a qualified individual to oversee our information security program
• Regularly assess risks to customer information and implement safeguards
• Oversee our service providers to ensure they maintain appropriate safeguards
• Regularly evaluate and update our information security program

15. International Data Transfers

If you access our Site or Services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where our servers are located. The data protection and privacy laws of the United States may differ from those of your country of residence. By using our Site or Services, you consent to the transfer of your information to the United States.

16. Children’s Privacy

Our Site and Services are not directed to individuals under the age of eighteen (18). We do not knowingly collect, solicit, or maintain personal information from anyone under 18. If we learn that we have collected personal information from a child under 18, we will promptly delete that information. If you believe a child under 18 has provided us with personal information, please contact us immediately using the information in Section 18.

17. Third-Party Links and Services

Our Site may contain links to websites or services operated by third parties. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party websites you visit. The inclusion of a link does not imply endorsement by Wasatch Credit Consulting, LLC.

18. Contact Information

If you have any questions, concerns, or complaints about this Privacy Policy, wish to exercise any of your rights, or want to report a data security concern, please contact us:

Wasatch Credit Consulting, LLC 2795 E. Cottonwood Parkway, Suite 300 #1156, Salt Lake City, UT 84121

Phone: 435-990-5686 Email: [email protected] Website: wasatchcredco.com

We are committed to responding promptly to all inquiries regarding your personal data and privacy rights.

19. Policy Updates

We may update this Privacy Policy from time to time. When we make material changes, we will post the revised policy on our Site with an updated “Last Updated” date and notify you via email or other prominent means if required by applicable law. Your continued use of our Site or Services after any modifications constitutes acceptance of the revised Privacy Policy.

20. Accessibility

This Privacy Policy is available at all times in the footer of our website, within our client portal, and upon request by contacting us. We are committed to ensuring that all users can easily access and understand our privacy practices.

By using our Site, Services, or providing your information to us, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.