Privacy & Data Architecture

Original Effective Date: January 12, 2026
Last System Audit: April 28, 2026

Blackline Capital Group (“the Firm”) operates as an institutional credit restoration and financial strategy entity. We are committed to the highest standards of data integrity and consumer privacy under federal law.

1. Data Protection Measures

We implement a “Security First” architecture to protect your non-public personal information (NPI):

• Encryption: All data in transit and at rest is secured via 256-bit SSL/TLS encryption protocols.
• Access Control: We utilize Multi-Factor Authentication (MFA) for all staff access to the Secure Client Portal.
• Staff Training: Our team undergoes quarterly compliance training regarding the Fair Credit Reporting Act (FCRA).

2. Data Breach Procedures

In the event of a suspected or actual data breach, Blackline Capital Group maintains an active response protocol:

• Internal Reporting: Immediate isolation of affected servers and a forensic audit of access logs.
• Notification: We will notify affected users via their registered email within 72 hours of a confirmed breach as required by law.

3. Third-Party Data Integration

The Firm receives data from verified third-party entities including Credit Reporting Agencies (Equifax, Experian, TransUnion) and Identity Verification Services.

4. Automated Decision Making & Profiling

To provide immediate value, our systems utilize Automated Forensic Analysis to identify potential errors. However, all final dispute strategies are reviewed by a Human Case Manager. Users have the right to request a manual review of any automated analysis.

5. Industry Regulatory Disclosures

Blackline Capital Group operates in strict compliance with:

• The Credit Repair Organizations Act (CROA).
• The Fair Credit Reporting Act (FCRA).
• The Gramm-Leach-Bliley Act (Financial Privacy).