Privacy Policy

Revision Date: 12/19/2016

What the Privacy Policy Covers

Global Debt Registry. (Hereinafter referred to as “GDR”, “us” or “we”) is in the business of registering the ownership of debt (“debt”, “account”), establishing title for Debt, and recording the sale of Debt (“Debt Registry”).

GDR is in the business of facilitating the archiving and distribution of account documentation (statements, applications, promissory notes, terms and conditions, etc.) also known as media (“Media”) to and between creditors, debt owners, trustees, and servicers.

GDR is in the business of tracking interests in a debt including master and sub-servicers, document custodians and lenders.

GDR is in the business of verification and validation of the debt itself including debtor verification and validation, loan disbursement verification, loan data validation, and changes in credit risk.

GDR provides consumers a method to access and independently verify ownership and servicing of their debts.

IMPORTANT NOTE: The activities referred to in the previous five paragraphs are collectively referred to ‘services” This Privacy Policy defines in general terms GDR’s commitment to protect the information which is required to perform these Services. GDR does not use any confidential consumer information received for any purpose other than those consistent with Services and described in this Privacy Policy.

SCOPE: This Privacy Policy includes information gathered from visitors and authenticated users to (the “Website”), or Services Websites or via any communication protocol (SSH, SFTP, HTTP, HTTPS, SMTP, etc.) to Websites defined herein (the “GDR Websites”). This policy documents data we collect from Clients, third party information sources, and you. It addresses what we do with the information including: the type of personal information GDR collects about you through this Website; how that information is collected; the general purposes for which that information is collected; what disclosures of information will be made; and how, and to what extent, you can limit those disclosures. In addition, this Privacy Policy documents what data we collect from third parties regarding consumers and what we do with the information including: the type of information collected; how the information is collected; the general purposes for which the information is collected; what disclosures of information will be made; and how, and to what extent, you can limit those disclosures.

The Privacy Policy Defines

and describes reasonable and appropriate precautions which are implemented to maintain the integrity, security and accuracy of confidential consumer information, information collected from you as a visitor to GDR Websites, and other confidential information provided to GDR by third parties.

This Privacy Policy also describes in what way GDR can use the information that is collected and received from GDR Websites and delivery of GDR services.

Protections Provided to Confidential Consumer Information

GDR has implemented policies and practices for the purpose of protecting confidential consumer information from unauthorized access, misuse, disclosures, alteration or destruction. Security measures have been adopted which are consistent with Payment Card Industry Data Security Standard, (“PCI” or “PCI DSS”), Gramm Leach Bliley Act (“GLBA”), ISO 27002, and SSAE 16 SOC 1/SOC 2. GDR undergoes annual third party security assessments to measure compliance with these security standards and methodologies.

Should you have specific questions about the steps GDR takes to protect confidential information or maintain the accuracy and integrity of data, please contact or by regular mail at

Global Debt Registry Attn: Compliance Department, 3 Mill Road, Suite 304 Wilmington, DE 19806.

Please be sure to include your name, contact information, and a general description of the issue or concern. Do not include confidential information about yourself or your accounts in the email as email is an unsecure communication medium.

Should you have concerns that confidential consumer information stored on GDR Websites is at risk or may have been compromised, please email Please include your name, contact information, and a general description of the issue or concern. Do not include confidential information about an account or yourself in the email as email is an unsecure communication medium.

Collecting Information

What we collect from browsing GDR Websites

Some information about your IP address, web browser, and computer system are automatically transmitted to our web servers by default. We reserve the right to automatically collect and/or track this information including but not limited to:

Domain names, e-mail addresses, type of client computer, and type of Web browsers of visitors to our websites.

What we collect from you when you login to GDR Websites

When you login (you will have been provided login instructions), we do not ask you for any additional personal information. You may be asked to accept a user agreement which defines what can and can’t be done on the Website and with the data that you access.

What we collect when you have logged in to a GDR Website

There are times when GDR may request additional information from you or your company to assist GDR in delivering to you the requested information or it may be to confirm who you are before disseminating to you information. We may or may not store this data depending upon business need. The information we request may include contact information such as phone numbers and mailing addresses.

What we collect from Clients and Third Party Data Sources

Clients and third party data sources provide us information regarding consumer and commercial debts. This includes who owns or has owned a debt, who uses the debt as collateral, the consumer who is responsible for the debt, who issued the debt, who funds the debt, who services the debt, trustees, who is storing account documentation, and other similar types of information. This information is provided to GDR with the contractual understanding that GDR will use the information for lawful purposes and will protect this information from unauthorized access and disclosure.

Does GDR purposefully collect information from persons under 18 year of age?

GDR does not purposefully collect information from persons under 18 years of age. However, GDR does not require that age be disclosed for the use of GDR Websites and GDR has no way of determining that a user of GDR Services is under 18 years old. GDR Clients may provide to GDR information about a consumer under 18 years of age if the consumer has an account with the Client.

Use and Disclosure of Data Collected

In the delivery of its services, GDR provides to its Clients account information including confidential consumer information. GDR does not nor has the authority to change, edit, delete or add records to its system without the direct request of the current owner or the owner’s authorized assignee. GDR may receive updates to account information from the current owner or its assignee. GDR does not change the existing record; only appends the new information to the existing account record.

GDR is not required to notify consumers when a consumer’s information is accessed, updated or removed from GDR’s Services.

Data collected from you when using GDR Services

Data collected from the use of the GDR Website and Services can be used by GDR for several purposes consistent with the following: system maintenance, data security and validation checks, for improving the delivery of services to our clients; data security and data integrity purposes; analytics to review system usage and trends; and to deliver products and services requested by a user or Client consistent with allowable purposes under the law.

Data provided by Clients and Third Parties to GDR

Data provided to GDR by Clients and third parties is used to provide certainty in the ownership of and account; improved certainty in the collateral positions of lenders to owners of a debt; improved transparency into servicing rights, validation of a consumer, and validation and verification of account information. The information provided can also be used consistent with federal and state law including the Fair Credit Reporting Act (FCRA), the Fair Debt Collection Practices Act (FDCPA), and the Gramm Leach Bliley Act (GLBA). Cardholder data provided by third parties to GDR shall be protected consistent with the Payment Card Industry Data Security Standard (PCI DSS).

What else can GDR do with the data?

We may aggregate information collected from third parties from the use of GDR Websites and Services. This information can be used by GDR to provide information about marketplace performance, consumer loan performance, and other similar types of reports and/or data. This information may be provided for free or for a fee to GDR Clients and other third parties consistent with federal and state law. This aggregated information cannot identify an individual (SSN, name), an individual’s debt (account number, payment amount, term, due date, account status, etc.), or other information deemed confidential under the law.

We may disclose personal data when we believe in good faith that the law requires it or we have received a request from law enforcement agencies to disclose the information. In these instances, we are not required to notify you of the disclosure.

We reserve the right to disclose personal data, with proper notification to you of the disclosure, in special cases when we believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with our Website, other users of our Website, or anyone else who could be harmed by such activities unless we have a good faith belief that notifying you would be contrary to applicable law.

We may share any personal data necessary to complete the type of transactions requested by you or your Company in order for you and/or your company to receive requested services. This would include disclosure to vendors which are used by GDR to complete your and/or your Company’s requested services. Any vendors receiving information must take reasonable and appropriate steps to protect confidential consumer information. This includes requiring vendors receiving cardholder information to provide reasonable and appropriate protections of cardholder data consistent with the Payment Card Industry Data Security Standard (“PCI DSS”).

What GDR cannot do with the data?

GDR or its Clients cannot use confidential consumer data provided to GDR a) as a basis for extending or denying credit to a consumer, b) to market products and services directly to a consumer via any medium/channel, and c) to disseminate to interested parties the information that is not consistent with this policy and with applicable and current law, regulation or guidance.

As a consumer, can I opt of out GDR receiving and storing my information?

Information collected by GDR is required to deliver the Services provided by GDR to its Clients. You may not opt out of having your personal information collected by GDR including information received from third parties. If the information is provided to GDR, we capture and store the information for the delivery of Services. If you decide you want to opt out of your information being included in information provided to GDR, you must notify the current owner or servicer of your account and request that the information not be provided to GDR.

Access To And Ability To Correct Personal Data, Company Information, And Debt Portfolio And Media Data

You may request, via e-mail or regular mail, that we provide you with a summary of personal information we retain concerning you. If you terminate the use of the Website and notify us in writing, information collected about you will be retained in our records until GDR has met its legal requirement and contractual requirements for archiving of material or business records.

Should you believe that information provided to GDR is inaccurate, your best solution is to contact your current servicer (who you send your payments to or who is attempting to collect payments from you) to correct the information. If you do not have success, please contact GDR at:

                    3 Mill Road Suite 304
                    Wilmington, DE 19806 

                    Or email:

If you choose email, remember that email is not a confidential communication medium. Please include contact information and an overview of your concern without disclosing detailed account data or confidential personal information.

Whether you contact GDR via mail or email, GDR will respond to your request promptly.

Cookie Disclosure Information

A “cookie” is a file which transferred to your computer when you visit a website. Cookies can retain information which is used each time you return to the website. Some of the information, which is stored in a cookie, may include information about you or the company you work for. The use of cookies is a widespread industry practice.

Most browsers are initially configured to accept and process cookies. You can configure your browser to refuse cookies; however, use of the Website may be negatively affected by such a configuration. Most browsers allow you to configure them to notify you when you receive a cookie and to thereby allow you to decide whether to accept that cookie.

We reserve the right to use cookies on our Website.

Links to Other Websites

Our Website may include links to other Internet Websites. We encourage our partners, contributors and third parties to implement policies and practices that respect the privacy of visitors to our Website.

We are not, however, responsible for the privacy practices or content of any other Website not covered by this Privacy Policy. You may occasionally receive cookies from third parties including, but not limited to, advertisers/partners/vendors. We do not control these cookies.

Our Right To Change This Privacy Policy

We reserve the right to change this policy at any time, and will provide notice of material changes on the homepage of www.globaldebtregistry,com.

Your Acceptance Of This Privacy Policy

By your continuing use of this Website you signify your assent to this Privacy Policy. If you do not assent to this Privacy Policy, please do not use this Website. When we make changes to the Privacy Policy, your continuing usage of this Website following posted changes to this Privacy Policy and after having notified you of the changes signifies your continuing assent to the changes.