1. What Information Does the Website Collect?
The Website collects minimal information regarding anyone who uses the Website. We restrict the information collected to the following, which we collect solely to ensure the proper operation of the Website:
a. Registration Information
Registration is required to use certain parts of the Website. When you register, we ask for certain information that is required to enable you to access protected areas of the Website. The Website does require certain limited items of personal information. You can, however, provide optional information that will enable you to more fully use the Website’s services. If you give us any optional information, this information will only be used to provide a more personal and pertinent experience for users of the Website.
b. Usage Statistics and Cookies
We use trusted third party software to help track how people use our Website. We analyze the statistics provided by our trusted third party to improve access to and functionality of the Website.
What are cookies? Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide features such as personalized advertisements on other websites.
The “Help” feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on’s settings or visiting the website of its manufacturer.
c. Email Communications
To help us make e-mails more useful and interesting, we often receive a confirmation when you open e-mail from ValidityScreening.com if your computer supports such capabilities. If you do not want to receive e-mail from us, please adjust your Subscription Preferences.
2. How We Use Information We Collect
We use registration information to provide access to certain materials, learn more about how visitors use the Website and measure areas of visitor interest. By providing us information, you allow us to build features and functionality that will enhance your Website experience.
When you register, you may choose to permit us to send you information about new features and services on the Website, services offered by Validity Screening Solutions or to send you information about selected third-party products or service providers. We may also use the information to respond to emails, provide customer support or other similar matters.
Aggregate information is also used to help us run and maintain the Website, study traffic patterns and generally learn about how everyone uses the Website.
Validity Screening Solutions, in its sole discretion, reserves the right to transfer ownership of the Website, Validity Screening Solutions, or Validity Screening Solutions’s assets to any third party. Such transfer of assets may include your personally identifiable information.
Except as noted above, Validity Screening Solutions will not sell your personally identifiable information to any party.
3. Trusted Third Parties
Validity Screening Solutions reserves the right to use services or software provided by trusted third parties, such as, for instance, when you chose to contact us or sign up for our newsletter. The information shared with these trusted third parties is limited to information required to enable the Website to function properly, record usage information, and otherwise enable us to improve the features and functionality of the Website.
4. Who Information May Be Shared With
Except as otherwise stated herein, we will not knowingly disclose or authorize the disclosure of personally identifiable information (other than aggregate statistical information) to any third party without your consent unless:
(1) We have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) Validity Screening Solutions’s rights or property, other Website users or anyone else who could be harmed by such activities;
(2) We believe, in good faith, that the law requires it, such as, for instance, when a court orders the disclosure of information.
(3) No personally identifiable information will be sent outside the United States unless an international search is requested.
5. Links to Other Websites
When you are using the Website, you may be linked or directed to other third party websites outside the Website that are beyond Validity Screening Solutions’s control. Each of the third parties may have privacy policies different from that of this Website.
We are not responsible for any actions or policies of such third parties. These other websites may set their own cookies, collect data, or solicit personal information. You should review the applicable privacy policies of each third party website before providing any personally identifiable information.
One of our primary concerns is the security of your personally identifiable information. We make reasonable efforts to provide secure retention of your information. Unfortunately, no data retention policies can be guaranteed to be 100% secure. As a result, we do not guarantee, and do not warrant, the security of any information you transmit to the Website or Validity Screening Solutions.
We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
We use a combination of technological and policy methods to protect this data. You are responsible, however, for maintaining the secrecy of any account information. Please be aware that Validity Screening Solutions will never ask you for your account information in an unsolicited phone call or email.
7. We May Change This Policy
8. General Data Protection Regulation (GDPR)
The European Union (“EU”) General Data Protection Regulation (“GDPR”) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organizations across the region approach data privacy.
Validity Screening Solutions (“Validity”) is a Consumer Reporting Agency, as defined within the Fair Credit Reporting Act (15 U.S.C. § 1681) (“FCRA”), of domestic and international information for processing background screening for employment or other purposes permitted under the FCRA or other applicable law.
The Consumer, defined within the GDPR as the Data Subject, provides personal data to you, the Client, defined within the GDPR as the Controller. Validity is a Processor of the personal data as defined within the GDPR. The personal data has been supplied to Validity by the Controller, in order to provide the services according to, and as notified in the service agreement, where applicable. This notice is intended to inform you, the Controller, about the personal information Validity collects and processes as a Processor under the GDPR.
Categories of Data to be collected
The following types of personal information may be collected when conducting a background screening. Some of this data may be considered sensitive personal information. The type of information collected will depend on the specific type of search required by you, the Client.
- Identification information
- National Identification numbers
- Address information
- Right to work / work permit information
- Education history and qualifications
- Employment history
- Personal and Professional References
- Professional qualifications and registrations with professional bodies
- Publicly sourced information (e.g. media information)
- Criminal history
- Financial Information such as credit history, bankruptcy or financial judgments
- Appearance on global sanctions or terrorist watch lists
- Driving Record Information
In addition to the information described above, additional information may be required per each individual jurisdiction source, which may include, but not limited to, special authorization forms by a government agency, academic documents such as diplomas and transcripts, application forms, etc. These requirements will be communicated further by Validity.
Processing of Data
Validity will process the personal data per the instructions of the Controller. Validity will verify that the information provided is accurate and complete for processing the background screening to include, but not limited to, retrieving criminal records, educational records, employment history, credit/financial reports, motor vehicle/driving records, civil records, reference checks, sex offender status information, professional license(s) verifications, and identification verifications including those records maintained by both public and private organizations, law enforcement agencies, educational institutions (including public and private schools/universities), foreign and domestic corporations, employers, information service bureaus, record/data repositories, courts and police stations, within or outside the European Union and other countries to release such information.
Use of Third Party Agents and/or Sub-Processors
In order to provide our services, Validity utilizes in some cases, third party agents, both domestically and internationally, to perform tasks on behalf of and under the instruction of Validity. Personal data, including EU and Swiss personal data, obtained on a consumer may be disclosed from Validity’s clients to third parties (such as agents, representatives, vendors, and/or sub-processors) for the purpose of performing functions related to the limited and specified purpose for which the data was collected. Validity’s agents, vendors, and/or sub-processors are contractually obligated 1) to use, protect, and maintain the same levels of confidentiality and protection of personal information consistent with Validity standards.
International Onward Transfer
Validity may transfer the personal data to other countries outside of the residence country, including to and from the United States (“U.S.”), by whatever means is determined to be appropriate in order to perform a background screening per your instruction. The information may also be processed and stored in other countries where third party agents and providers are located. The information may be subject to U.S. or other laws for disclosure and may be accessible to foreign law enforcement, national security agencies, or courts. Note that the laws regarding personal information in some of the jurisdictions involved may be different or less stringent than the laws of the country of residency. Please be aware that Validity may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.
The personal information provided will be kept by Validity for as long as needed to conduct the background screening or for legal, regulatory, or contractual requirements we may have to meet. This is to allow for audits and for the resolution of any disputes and complaints. Personal data can be deleted or returned to the Controller after the end of services relating to processing.
Obligations of Controller
As the Controller, you have obligations to the Data Subject under the GDPR, which includes, but is not limited to the following information:
- the identity and contact details of the Controller
- the contact details of the Data Protection Officer (where applicable)
- the purpose and legal basis for the processing
- the interest, if the legal basis for processing is a legitimate interest
- the categories of personal data collected
- the recipients or categories of recipients of the personal data
- consequences for failing to provide personal data per a statutory or contractual requirement
- the Controller’s intent to transfer personal data to a third country or international organization where there may be existence of or absence of an adequacy decision regarding appropriate safeguards (where applicable)
- the data retention policy
- the Data Subject’s rights under the GDPR, including but not limited to, the right to access personal data; to correct the data; erase the data; restrict the processing of; or object to its portability
- additional rights not specified under this provision but included in Section 2, Article 13 of the GDPR