Here is the fully recompiled Desk article with the recommended “Next Steps” conclusion in place and everything formatted cleanly for a customer-facing knowledge base article.
Welcome to iSoftpull! Before you begin using the platform, it’s important to review the compliance requirements outlined below. These guidelines help ensure you remain in good standing with the credit bureaus and maintain consumer trust.
This article covers the following topics:
Capturing Authorization
Safe Handling of Data
Handling Consumer Disputes
Permissible Purpose
Cybersecurity
Resources and Support
Ongoing Responsibilities
You must obtain consumer authorization before every credit pull. Authorization must always be captured prior to initiating the credit pull.
Authorization records must be retained for 60 months (five years). Credit bureaus may audit iSoftpull and request proof of authorization for specific consumers. If that occurs, we will contact you to provide documentation showing the consumer authorized the credit pull.
There are two accepted ways to capture authorization:
If you use iSoftpull’s built-in authorization webform, iSoftpull will store the authorization on your behalf. In the event of an audit, no action is required from you.
If you choose to use your own authorization method, it must include appropriate credit authorization language. Acceptable methods include:
An online form that meets required authorization guidelines
An e-sign platform such as DocuSign or HelloSign
Over the phone on a recorded line using an approved script
A wet ink signature on a paper document
Authorization requirements may vary depending on the method used and the credit bureau data being accessed. If you have questions, please contact your sales representative for guidance.
A core part of the credentialing process is ensuring that you can securely handle sensitive information.
This includes Personally Identifiable Information (PII) and credit data, which is considered highly sensitive. By completing onboarding, you have demonstrated your ability to safeguard this information through appropriate physical and digital security measures, such as locked storage, password-protected devices, secure servers, and two-factor authentication.
Maintaining these safeguards is an ongoing requirement.
Under the Fair Credit Reporting Act (FCRA), consumers have the right to dispute inaccurate or incomplete information on their credit reports. Credit bureaus are required to investigate and resolve verified disputes within 30 days.
Consumers can submit disputes directly through the iSoftpull dispute form at:
https://isoftpull.com/disputes
Once a dispute is submitted, the iSoftpull team will follow up directly with the consumer and manage the process. You do not need to handle disputes yourself.
Credit reports may only be accessed for a legitimate, stated permissible purpose.
You must not pull your own credit report, pull reports for friends or family, or share credit reports with consumers or third parties. Credit reports must not be shared outside your organization.
Protecting consumer data is critical. Follow industry best practices, including:
Using secure, password-protected networks
Enabling two-factor authentication
Granting access only to users who require it
If you need assistance, you can:
Visit the iSoftpull Knowledge Base
Submit a support ticket
Contact your sales representative
Call our main office during business hours
Please notify iSoftpull if:
Your business address changes
Your business name changes
Your primary contact changes
Your business closes
Keeping your information current helps ensure continued compliance and uninterrupted access to the platform.
Now that you’ve reviewed these compliance requirements, you’re ready to begin using iSoftpull. Please ensure these guidelines are followed consistently to maintain compliance with credit bureau requirements.
If you have questions or need clarification on any of the topics covered above, our team is here to help.