Privacy statement.
Introduction & Purposes
This Privacy Policy (“Policy”) explains how InformData. (“InformData”, “our”, “us”, “we”) collects, uses and handles personally identifiable information that individuals (“users,” “you,” or “your”) share with us.
We are committed to protecting the privacy of your personally-identifiable information (“PII”) that you provide to us. This is your PII that: (i) you choose to provide to us; (ii) we gather when you visit our website at www.informdata.com (the “Website”); (iii) we gather when you interact with us directly (e.g., our website, mailboxes, points of entry offline); or (iv) we possess and process.
If you have any questions about this Policy, please email us at privacy@informdata.com. Additional contact information is provided in the Contacting Us section below.
This Policy consists of the following main sections:
-
Information We Collect
-
How We Use the Information We Collect
-
Security of PII
-
Special Note About Children
-
Opting Out of InformData Use of PII
-
Contacting Us
-
Third Party Links
-
International Users
-
California Residents Privacy Policy
-
Changes to this Policy
1. Information We Collect
A. Personally Identifiable Information (“PII”)
We collect PII that you choose to provide us. This includes, for example, name, address, date of birth, social security number, national ID number, email address, telephone number, and driver's license number. You may choose not to provide us with certain PII, but you may not be able to fully utilize our services.
B. Personal information that is not PII.
We may collect or generate non-personally identifiable information about your use of the Website. This information includes, but is not limited to, browser type and version, operating system, referral source, length of visit, page views, demographics, and information collected by our Website visitor tracking tools such as “cookies,” “web beacons,” “pixels,” Internet tags and other navigational data.
C. Website Visitor Tracking Tools That We Use
“Cookies” are small pieces of information that are stored by your web browser on your computer’s hard drive or temporarily in your computer’s memory. The use of cookies is now an industry standard and you will find them on most major web sites.
InformData may place and store Internet cookies on your hard drive. The use of cookies provides benefits to you by saving your name, and other information that may make the use of our services in some instances easier. Although most web browsers are initially set up to accept cookies, if you prefer, you can decline the placement of a cookie on your hard drive by using the appropriate feature(s) of your web browser software (if available) to block or delete the cookie. Please note, however, that certain areas on a web site may not function properly if your web browser does not accept cookies.
Some of the companies we work with and provide links to in our Website use cookies on our Website. You should refer to their privacy policies for information about the tracking tools they use.
2. How we Use the Information We Collect
The information collected through this Website may be used for processing transactions, maintenance, and administration of your account, and/or responding to your inquiries. More information about how we use the information we collect is provided below.
A. To Personalize your Experience
We use your PII and non-personally identifiable information to personalize the content and experience you receive.
B. For Development and Improvement of our Services
We continually strive to improve our services. We use the information we collect to better understand how our users engage with our Website, to troubleshoot and to identify areas for improvement.
C. To Communicate with you about the Services
We use your PII to provide customer support. For information about opting out, please see Section 5.
D. Fraud Detection and Prevention; Safety and Security
We will use your information to detect and prevent fraud.
E. To Protect our Legitimate Business Interests and Legal Rights
Where required by law or where we believe it is necessary to protect the legal rights and interests of InformData, our clients, or others, we may use your PII in connection with legal claims, compliance, regulatory, and audit matters.
F. With your Consent
We also use your PII where you have provided consent for InformData to do so for a specific purpose not listed above.
G. Legal Bases for Processing (for EEA Users)
If you are an individual in the European Economic Area (EEA), we collect and process your PII only where we have legal bases for doing so under applicable EU laws. This means we collect and use your PII only where:
- We need it to provide customer support and personalized features, help prevent fraud, and to protect the safety and security of our platforms;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for our internal development of improved services, and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose; or
- We need to process your PII to comply with a legal obligation or where the processing is necessary to the establishment, exercise or defense of legal claims.
If you consented to our use of your PII for a specific purpose, you have the right to change your mind at any time but note that this will not affect processing that has already taken place.
3. Security of PII
Although no computer network is invulnerable to attack, InformData uses reasonable physical, electronic, and procedural security measures designed to protect your PII from unauthorized disclosure.
4. Special Note about Children
This Website is not intended for children under the age of 13 and InformData does not knowingly collect any information from children under the age of 13. In the event that we learn that InformData has collected information from a child, we will dispose of that information as quickly as possible.
5. Opting Out of InformData use of PII
In general, “opting out” means that you want InformData to limit the PII it collects and stores about you. Your opt-out is only applicable to InformData marketing material and will not opt you out from platforms provided by third-party companies.
If you use multiple browsers, computers or mobile devices, and wish to limit the PII and non-personally identifiable information InformData collects and stores or do not wish to receive InformData interest-based advertising on any of them, you must opt out from each browser, computer, and mobile device individually. Please note that if cookies are not enabled in your browser, or if you use certain ad-blocking tools, our opt-out mechanism may not work properly. Please also note that deleting your cookies does not opt you out. To opt-out of InformData using your PII, you need to contact us using the contact information provided below.
6. Contacting Us
It is InformData's goal to keep all PII that you provide to us accurate. You may contact us to correct or update your PII, delete your PII or opt-out (if InformData is holding on to your PII as explained above), and to ask general questions regarding this Policy or any other privacy related issues. InformData’s Information Security Director can be reached at:
InformData
1701 Barrett Lakes Blvd. NW
Suite 380
Kennesaw, GA 30144
Telephone: (763) 420-0600
Email: privacy@InformData.com
If you are based in the European Economic Area (“EEA”), you may contact our Data Protection Officer/Information Security Director at privacy@informdata.com.
7. Third-Party Links
Hypertext links which redirect you to third-party websites may be encountered while browsing the Website. These hypertext links are maintained or operated by third-parties, not InformData. These third-party websites are not under our control, and we are not responsible for the contents, links, or any changes or updates to these websites. Further, the inclusion of any hypertext links on the Website does not imply endorsement by us of the related third-party website, that website’s contents or security, or any association or affiliation with its operators. InformData is not responsible for data and information collected by these third-party websites.
8. International Users
InformData is based in the United States, and, regardless of where you use InformData or provide PII and non-personally identifiable information, that information may be transferred to and maintained on servers located in the United States. InformData’s International Data Privacy Policy applies to our domestic and international products and services. This privacy policy explains (a) how we collect, use, and transfer personal data for operation, (b) how we maintain privacy in the performance of our services, and (c) the rights of consumers and clients on whose behalf we may maintain personal information. InformData participates in the EU-U.S. Data Privacy Framework (DPF) program, https://www.dataprivacyframework.gov, including the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF.
8.1 Notice
Our clients certify to us that they have notified consumer’s, obtained the consumer’s consent and that they have provided the consumer with notice regarding the background screening requirements and permissible purpose in accordance with all applicable laws and regulations. When collecting personal data from consumers (including EU, United Kingdom and Swiss personal data), our clients certify that consumers are properly informed about the purposes for which personal data about them is collected and used, how to contact the client with any inquiries or complaints, the types of third parties to which information is disclosed, and the choices and means the client offers consumers for limiting use and disclosure. Notice is provided in clear and conspicuous language either when consumers are first asked to provide personal data or as soon thereafter as is feasible. The consumer notice is provided before InformData uses such information for the purpose for which it was originally collected or processed by the transferring organization or discloses it for the first time to a third party (other than agents acting under our instructions).
InformData is a public records wholesaler operating on behalf of consumer reporting agencies. The information that is collected about the consumer may include, but may not be limited to, history of arrests and/or convictions, judgements, credit history, employment history, educational history, places of residence, and driving records from data sources such as law enforcement agencies, courts, educational institutions, employers, professional agencies, financial institutions, etc. Personal information may also be collected and provided to our clients for the purposes of making decisions primarily regarding employment, credential verification, and tenancy. The personal information being provided and utilized may include the name, Social Security or relevant national ID number, date of birth, address history, as well as other personal identifiers.
8.2 Choice
Our clients certify to us that they have obtained the consumer’s consent and that they have provided the consumer with notice regarding the background screening requirements and permissible purpose in accordance with all applicable laws and regulations. When collecting personal data from consumers (including EU, United Kingdom and Swiss personal data), our clients certify that consumers are properly informed or notified about the purposes for which personal data about them is collected and used, how to contact the client with any inquiries or complaints, the types of third parties to which information is disclosed, and the choices and means the client offers consumers for limiting use and disclosure.
InformData’s clients certify that through the process of obtaining the consumer’s consent, consumers have the right to choose whether their personal information is to be disclosed to a third party or to be used for a purpose that is materially different from the purpose for which it was originally collected, or a purpose subsequently authorized by the consumer.
Providing a signed consent authorizes InformData, and their designated agents, to utilize the provided personal information and transmit that information to our clients. An explicit choice is made available regarding sensitive information. Personal information will be made available to public authorities, including to meet national security or law enforcement requirements, upon receipt of a lawful request submitted to InformData.
For sensitive information (i.e., personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of the individual), consumers must provide affirmative express consent (opt in) if such information is to be disclosed to a third party or used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice.
8.3 Accountability for Onward Transfer
In order to provide our services, InformData utilizes third party agents, both domestically and internationally, to perform tasks on behalf of and under the instruction of InformData. Personal data, including EU, United Kingdom and Swiss personal data, obtained on a consumer may be disclosed from InformData's clients to third parties (such as agents, representatives, vendors, and/or subcontractors) for the purpose of performing functions related to the limited and specified purpose for which the data was collected. InformData's agents, vendors, and/or subcontractors will be contractually obligated 1) to use, protect, and maintain the same level of confidentiality and protection of personal information consistent with this Privacy Policy and Data Privacy Framework Principles (DPF) where Regulation (EU) 2016/679 applies, and 2) to notify InformData if they make a determination that they can no longer meet this obligation. We recognize that under DPF, we have potential liability for unlawful onward transfers.
8.4 Security
InformData takes reasonable and appropriate measures to safeguard personal information that we have collected, processed, transferred/exported, organized, altered, used, disclosed, combined, destroyed, or held to protect it from loss, disclosure, alteration, destruction, and misuse and unauthorized access, taking into due account the risks involved in the processing and the nature of the personal data. Existing protections include the screening of employees handling the data, physical and electronic protective measures, as well as work procedures actively designed to safeguard the information. All such capacities are directly relevant to the purposes stated above.
8.5 Data Integrity and Purpose Limitation
InformData commits to accurately provide information in its products and services. InformData takes reasonable steps (such as internal audit procedures) to ensure that the data and personal information we collect is accurate, complete, current, and reliable for its intended use. InformData cannot be responsible for errors that exist within public court records or within records of government agencies, etc.
InformData collects data for the purpose of background screening for employment and other permissible purposes under the FCRA. We may retain information in a form identifying or making identifiable the consumer only for as long as it serves a purpose that the data was collected for.
8.6 Access
In cases where the information is subject to the FCRA, we comply with the FCRA's requirements regarding access and correction rights of consumers. Consumers who wish to dispute the accuracy of their personal information that we maintain can do so by calling InformData at 1.800.203.0582 or by e-mailing: dispute.claim@informdata.com.
8.7 Recourse, Enforcement and Liability
A review of this privacy policy is performed annually to verify that it remains accurate and maintains conformity with the principles laid out in the EU-U.S., Swiss-U.S., and UK Extension of the EU-U.S. Data Privacy Framework program. Should an EU, Swiss, or UK consumer experience concern that their rights may have been violated, they should contact us directly for resolution. InformData will work diligently to respond to all complaints within 30 days in alignment with FCRA. In the event that an EU, Swiss, or UK consumer does not receive timely acknowledgment of a complaint, or if the complaint resolution is not satisfactory, InformData offers to consumers an independent recourse mechanism, JAMS, https://www.jamsadr.com/DPF-Dispute-Resolution, by which each consumer’s complaints and disputes are investigated and expeditiously resolved at no cost to the individual. JAMS is a leader in cross-border mediation and arbitration resolving international disputes worldwide. InformData accepts the possibility, under certain conditions, for the individual to invoke binding arbitration.
InformData verifies adherence to the Data Privacy Framework Principles via 1) in-house verification and internal policies and follow-up procedures. In compliance with the Data Privacy Framework Principles, InformData will cooperate with US authorities (such as FTC).
European Union, United Kingdom or Swiss citizens with inquiries or complaints should first contact InformData at 1.800.203.0582 or access https://www.jamsadr.com/file-a-dpf-claim to file a complaint with JAMS.
8.8 Data Privacy Framework Compliance
InformData complies with the EU-U.S. Data Privacy Framework (DPF) program, including the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF. as set forth by the U.S. Department of Commerce and European Commission, United Kingdom, and Swiss authorities regarding the collection, use, dissemination, and retention of personal information transferred from the European Union, United Kingdom and Switzerland to the United States. InformData is subject to the investigatory and enforcement power of the Federal Trade Commission (FTC). InformData has certified to the Department of Commerce that it adheres to the Data Privacy Framework Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the Data Privacy Framework Principles shall govern. To learn more about the Data Privacy Framework Program, and to view InformData Data Solution’s certification, please visit https://www.dataprivacyframework.gov/
8.8.1 Access
A consumer may request, in writing, access to all EU, United Kingdom or Swiss Personal Data collected and maintained about him or her. We will always make good faith efforts to provide access to the data and provide the consumer a reasonable opportunity to correct, amend, or delete information that is inaccurate or incomplete, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy, or where the rights of persons other than the individual would be violated. If we determine that access should be restricted in any particular instance, we will provide the consumer requesting access with an explanation of why we have made that determination and a contact point for any further inquiries.
InformData understands that under the Data Privacy Framework Principles, the right of access is fundamental to privacy protection as it allows consumers to verify the accuracy of information held about them. A consumer has the right to 1) obtain confirmation from InformData, whether or not we are processing personal data relating to them, 2) have communicated to them such data so that they could verify its accuracy and the lawfulness of the processing, 3) have the data corrected, amended or deleted where it is inaccurate or processed in violation of the principles.
To request information relating to his or her EU, UK or Swiss personal data, a consumer may contact InformData by e-mail at the following email address, privacy@informdata.com. For security reasons, we will engage in reasonable efforts to confirm the identity of the individual requesting EU, UK or Swiss Personal Data to ensure the information is provided to the correct subject of the data.
8.8.2 Performing Due Diligence and Conducting Audits under EU-U.S., Swiss-U.S., or United Kingdom Extension to the EU-U.S. Data Privacy Framework Principles
In case of a required audit by law or a due diligence review, InformData understands the requirements and obligations of the EU-U.S., Swiss-U.S., and United Kingdom Extension to the Data Privacy Framework Principles as it regards the collection and processing of personal data, such as information on senior executives and other key personnel.
8.8.3 The Role of the Data Protection Authorities
InformData understands the responsibilities incurred when receiving personal data from the EU, UK and Switzerland and commits to employ effective mechanisms for assuring compliance with the Data Privacy Framework Principles.
InformData understands the requirement to disclose personal information, including transparency reports, in response to lawful requests by public authorities which have jurisdiction over the organization's compliance with the Framework.
8.8.4 Onward Transfer
InformData does employ third-party agents, both domestically and internationally. Transfer of personal information to a third-party agent is contingent upon their adherence to privacy restrictions at least as restrictive as this Privacy Policy. The possibility of transfer is disclosed to the consumer at the time consumer consent is requested.
8.8.5 Data Security & Integrity
InformData has taken appropriate steps to ensure the security of private information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Existing protections include the screening of employees handling the data, physical and electronic protective measures, as well as work procedures actively designed to safeguard the information. We gather and utilize personal information in capacities that are directly relevant to the purposes stated above. Internal audit procedures are in place to ensure that personal information gathered and provided is accurate, complete, and current.
8.8.6 Access
InformData can be contacted to receive a report allowing the consumer to review, correct, amend, or delete inaccurate information. The report will be provided to the consumer only after the identity of the consumer has been satisfactorily confirmed. Upon identity confirmation, the report will be sent to the consumer by mail.
8.8.7 Enforcement
Periodically, review and updating of this privacy policy is performed to verify that it remains accurate and is in conformity with the principles laid out in the EU-U.S., Swiss-U.S., and UK Extension to the EU-U.S. Data Privacy Framework program. Should an EU, UK or Swiss consumer experience concern that their rights may have been violated, they should contact InformData directly.
8.9 Amendments
InformData may amend this Privacy Policy from time to time, to reflect new products and services, or as necessary to reflect a new business practice. If we make changes to the Privacy Policy, in accordance with Data Privacy Framework, we will notify you by posting an announcement on the InformData website.
9. California Residents Privacy Policy
This California Resident Privacy Policy disclosure (“Disclosure”) is provided pursuant to the California Consumer Privacy Act (“CCPA”) as amended, and applies only to California residents. Any terms defined in the CCPA have the same meaning when used in this Disclosure. Terms defined in the Policy maintain the same meaning when used in this Disclosure.
This Disclosure is effective as of January 1, 2021.
The Personal Information (defined in Cal. Civ. Code §§ 1798.140(o)) that we collect and the manner we use it is covered in sections 1 and 2 above.
A. Categories. Below is a summary for the preceding 12 months of the Personal Information categories (as identified and defined by the CCPA) that we collected in the course of providing our services:
Category | Examples | Identify is processed |
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | Yes |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license, or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. | Yes |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | No |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | Yes |
F. Internet or similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | Yes |
G. Geolocation data. | Physical location or movements. | Yes |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | No |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | Yes |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary codes. | Yes |
K. Inferences drawn from other personal information. | Profile a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | Yes |
B. Categories Shared. We may use or disclose Personal Information in the following categories in the course of providing our services (the “Business Purpose Disclosures” in the table below).
Category | Category of Third-Party Recipients | |
Business Purpose Disclosures | Sales | |
A. Identifiers. | Yes | No |
B. Personal information categories listed in the California Customer Records statute | Yes | No |
C. Protected classification characteristics under California or federal law. | Yes | No |
D. Commercial information. | No | No |
E. Biometric information. | Yes | No |
F. Internet or similar network activity. | No | No |
G. Geolocation data. | No | No |
H. Sensory data. | No | No |
I. Professional or employment-related information. | Yes | No |
J. Non-public education information | Yes | No |
K. Inferences drawn from other personal information. | Yes | No |
C. No Sale. In the 12 months prior to the effective date of this Disclosure, InformData has not sold (as the term “sell” is defined in the CCPA) your Personal Information.
D. Requests Regarding Personal Information. You may have the right to request information about our collection of your Personal Information, to access it, or instruct us to delete it (subject to the exceptions below). Note that we may ask you to verify Personal Information we already have on file for you. If we cannot verify your identity based on the Personal Information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes. If we cannot comply with your request, we will provide you with an explanation.
E. Timing. We will use reasonable efforts to respond to your request within 45 days of receipt. If we require additional time, we will inform you of the reason and the extension period in writing.
F. Exceptions. We may deny your deletion request if retaining the Personal Information is necessary for us to:
-
Complete the transaction for which we collected the Personal Information;
-
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
-
Identify and/or repair errors that impair the functionality of our services;
-
Make other lawful uses of the Personal Information that are compatible with the context in which you provided it; and
-
Comply with a legal obligation.
G. Content. Any Personal Information we provide you with will only cover the 12-month period preceding our receipt of your request. Once we receive your request, validate your identity (and unless one of the exceptions above apply) we will disclose to you:
-
The categories of Personal Information we collected about you;
-
The categories of sources for the Personal Information we collected about you;
-
Our business purpose for collecting that Personal Information and whether it was sold;
-
The categories of third parties with whom we shared the Personal Information;
-
If we sold or disclosed your Personal Information for a business purpose, we will provide you with information about those sales and disclosures along with the Personal Information categories that were provided and each recipient's category.
-
The specific pieces of Personal Information we collected about you (also called a data portability request, as detailed below).
H. Data Portability. For data portability requests, we will select a data format that is readily useable and should allow you to transfer the Personal Information to another entity without difficulty.
I. No Charge. We do not charge a fee to process or respond to your Personal Information request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
J. No Discrimination. InformData will not discriminate against any consumer for exercising their rights under the CCPA.
10. Changes to this Policy
This Policy was last updated on October 25, 2021. However, this Policy will change over time, for example, to comply with legal requirements or to meet changing our business needs. The most up-to-date version can be found on the Website. In case there is a change that we want to highlight to you, we will also inform you in another appropriate way (for example, via a pop-up notice or statement of changes on our Website).
Contact Information
If you have questions regarding our Domestic and International Data Privacy Policy contact:
InformData
800.203.0582
Privacy@informdata.com
Effective Date of These Privacy Policies
Original Effective Date: January 1, 2009
Last Update Date: May 16, 2024