USAFact, Inc. Privacy Shield Policy
“Personal Information” or “Information” means information that (1) is transferred from the EU to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
Company shall inform an individual of the purpose for which it collects and uses the Personal Information (background screening) and the types of non-agent third parties to which the Company discloses or may disclose that Information. Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to the Company, or as soon as practicable thereafter, and in any event before the Company uses or discloses the Information for a purpose other than for which it was originally collected.
For Sensitive Personal Information, the Company will give individuals the opportunity to affirmatively or explicitly consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Company shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information.
Company shall ensure that any third party for which Personal Information may be disclosed subscribes to the Principles or are subject to law providing the same level of privacy protection as is required by the Principles and agree in writing to provide an adequate level of privacy protection.
Company shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction.
All data will be secured with both physical and software-based security, including encryption of files; and all transmissions of data via the Internet will be secured with at least 128-bit TLS or SSL encryption.
Company shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, Company shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.
Company shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
Company may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using JAMS as Alternative Dispute Resolution Provider under the EU-U.S. Privacy Shield Program and the Swiss-U.S. Privacy Shield Program.
Under certain conditions, binding arbitration may be invoked. Company is subject to the investigatory and enforcement powers of the FTC.
Information Subject to Other Policies
Questions, comments or complaints regarding the Company’s Privacy Shield Policy or data collection and processing practices can be mailed or emailed to:
6240 Box Springs Blvd
Riverside, CA 92507
Effective date: January 16, 2018