Privacy Policy

Introduction

This policy may change from time to time. Please check the policy each time you use our website for the latest version and most current information.

RiskAware LLC. (RiskAware) is a recognized national provider of personnel risk management solutions that include Background Checks, Drug Screening, Social Media Reporting, Incident Management and Investigations.  These services help employers improve hiring decisions and respond more quickly to ongoing behaviors that threaten employee, member, or organization safety.

To perform these services, RiskAware collects, supervises, and stores confidential consumer personal information when two conditions are met:

  1. We have expressed our legal business purpose to you when requesting your consumer personal information to you, and use your information for only that purpose,
  2. You have voluntarily provided your authorization.

In handling client and consumers personal information, whether online through our website(s) or in hard copy formats, RiskAware’s policy provides for the accurate, ethical, and responsible use of information, including the protection of individual’s privacy rights and the safeguarding of data.  The overarching covenant of our policy, it is our commitment that all information obtained by RiskAware is collected, stored and used in compliance with applicable law, including but not limited to, the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), the Driver Protection Policy Act (DPPA), and other state, national, and international applicable laws. Additionally, RiskAware has certified to the U.S. Department of Commerce, our compliance and participation with Privacy Shield Principals that protects consumer personal information when it is transacted between the US and European Union countries. For additional information about Privacy Shield and to view our Privacy Shield Certificate please visit Privacy Shield.  RiskAware’s compliance with EU/ US Privacy Shield framework applies globally whenever we collect, use, and retain consumers personal data in any overseas country.

 

RiskAware’s Website Privacy Policy

Personal Information Collected When Using Our Website(s)

Use of RiskAware’s public website www.riskaware.com , is anonymous.  In some instances, however, you may be asked to provide personal information to use a feature of our website.  As an example, some RiskAware website pages require an exchange of personal information so RiskAware can assign login and password access codes that permit your access to other website functions.  In all instances when using RiskAware’s websites (www.riskaware.com,  RiskAware’s Background Check system branded site, or Red Flag Incident Reporting), our collection of personal identification information from Users is voluntarily, and required only to perform a specific purpose as outlined by our website at the time the request for information is made.

RiskAware’s website contains the following purposes for requesting your personal information (but not limited to):

When performing these functions, RiskAware’s website may ask for personal identification information such as (but not limited to):

RiskAware’s website only collects personal consumer information that you choose to provide so we may perform our stated purpose.  This information allows us to perform our services, communicate and direct information to you, process your transactions, maintain your account, and/or improve our website for your use.  Website Users can always refuse to supply personal information, though this may prevent access to certain website functions or services.

 

Non-Personal Information Collected When Using Our Website:

As you browse RiskAware’s website, it may collect non-personal technical information that describes your system, session, and interest in our website services.  This happens automatically using tools such as your browser’s log data, cookies (a small data file stored by your browser on your computer’s hard drive), or analytics processes such as Google Analytics which help us measure statistics such as the number of visits, average time spent on the site, pages viewed and similar information.    By evaluating the data collected,, we are better able to administrate our website, track movements that signal user interest, and gather directional demographics data. This non-personal information that we collect allows us to improve the effectiveness of our website, its content, and our overall services.

Specific examples of non-personal information that may be collected during a website user session are:

A cookie file can contain additional information such as

At no point is your URL or IP address linked to any personal information entered into the website, unless you have logged into your account.  Additionally, RiskAware does not provide the non-personal information we collect to outside parties, and does not archive personal information stored in cookies.

While most browsers are set to accept cookies, if you would like not to receive cookies, you can choose browser settings to refuse cookies. Note that you may lose access to some website functions if you do so.  Your browser manufacturer has information on how to change the settings for your browser.

 

Website Links Privacy Policy

RiskAware’s Privacy Policy applies to the content and information contained on our website, that is under the direct control and/or supervision of RiskAware.  In some cases, our website may provide links to third-party websites that are useful to our users, but are outside of our control.  These linked sites are not covered by RiskAware’s Consumer Information Privacy Policy.   If you utilize a RiskAware website link and then reach another organization’s website content (as identified by the URL, branding, site name etc.) and subsequently have questions about how another site uses your personal information, then that site’s privacy statement should be consulted, and may differ from our own.

 

RiskAware Use of Consumer Personal Information

 

RiskAware Notice on Purposes for Collecting Consumer Personal Information

As stated by RiskAware’s Website Privacy Policy, RiskAware collects your personal information so we may serve the following business purposes, for which you are notified:

While our website is our primary method for requesting and obtaining your consumer personal information, we may also collect your information and consent using hard copy forms.

Consumer Personal Information We Collect

After providing you with notice on our business purpose for collecting your information, you decide what personal information you are willing to share with RiskAware in conjunction with our request, so we may fulfill that purpose.  Your exchange of information with us is voluntary, and in strict compliance with FCRA and other applicable laws that protect your consumer information privacy rights.  When personal information is being pursued to perform a Background Check, you will be notified on the company name that has certified the request, and their permissible purpose – such as for employment.

RiskAware may request the following types of information from you (but not limited to):

 

When using our websites and applications, we may ask for information such as:

Without the information, you agree to provide us, RiskAware would be unable to perform our services.  This makes the integrity of our exchange very important to us.

 

Your Choices When Providing Personal Information

RiskAware only collects and holds information that the consumer has authorized or has provided voluntarily, per the uses described by this policy and stated at the time of the request.

Opting Out

Consumers who wish to opt out from the collection and disclosure of their information can choose not to provide it to RiskAware and/or to our Client, and should not therefore complete any form of Authorization requested.  Any consumer who wishes to withdraw their consent to our services and cancel an Authorization previously given, may do so by notifying RiskAware using any method of contact or as described by this policy in the ‘Contact’ section.  Once you have withdrawn authorization or opted out, RiskAware will no longer use or disclose your personal information and the service for which the information was provided will end.  While in this case RiskAware will no longer use your information, it is not necessarily deleted from our system so that we remain compliant with laws, including Privacy regulations.

Unsubscribing

If you had previously requested our communication, authorized direct contact, or provided us your contact information via trade show attendance, the web, or other applications, we may use your contact information to connect you to our marketing so you are informed on RiskAware products, services, or news.  At any point, you may unsubscribe from our mailing lists and email communication by notifying us by any method (See ‘Contact Section’), by following “unsubscribe” instructions included in our emails, or by using your own account settings to prevent further contact.

Reporting Changes to Personal Information

RiskAware recognizes that from time to time, consumer personal information and preferences may change.   RiskAware supports consumer’s rights to review the information we collect about you, as we will describe in more detail later under our ‘Accessing Your Information’ section.  If a consumer wishes to make changes, updates, or modifications to personal information they have submitted to us, including the closure of their Account(s), RiskAware will provide this opportunity to our greatest extent possible.  Or if you are an Account holder, you may log in and use your User Account Settings to initiate changes at will.  To initiate changes to personal information, you may contact us using information found below in the ‘Contact’ section of this policy.   RiskAware will acknowledge all requests and respond within reasonable timeframes.  In all instances, we respond to your change requests as best we are able and in accordance with FCRA and other laws including Privacy regulations.

 

Onward Transfer of Your Personal Information

Under no circumstance does RiskAware sell, share, trade, rent or otherwise dispose consumer personal information to third parties for their promotional purposes.  There may be times however, when, while performing and completing our services as listed in our Notices section, RiskAware may transfer consumer personal information to a third party to obtain their information. These third parties may access or process personal data while providing their services to us.   Any transfer of your consumer personal information to a third party will occur in the context of our performing our contracted services, and is likewise conditional upon these two factors:

  1. You have been informed of our purpose for using your personal information
  2. You have voluntarily provided us your personal information

Please note that before transmitting or acquiring information on you with a third party, RiskAware takes steps to ensure the source is credible, reliable, and manages strong data security practices.   When RiskAware shares information with any third party, it is transmitted and stored in the secure manner that will later be described under the ‘Our Data Security’ section’ of this Consumer Information Privacy Policy.

RiskAware’s Sources

Before our sharing your information with any third party, where possible and applicable RiskAware performs due diligence.   We verify the provider is a reputable, trusted, and reliable supplier of information, is recognized by our industry or trade organizations such as the National Association of Professional Background Screeners (NAPBS),is acknowledged by credentialing organizations, or has been sponsored and integrated with RiskAware by our technology host.  Whenever possible, RiskAware 1) requires legal contracts or certifications with third party sources to obligate confidential and secure handling of consumer personal information, and 2) takes steps to test the organization’s credentials and quality processes.  Before transferring consumer personal information to a source, RiskAware makes effort to ensure the third party maintains the security of your personal data consistent with our own Consumer Information Privacy Policy (and Privacy Shield as it applies).

 Transferring Data to Third Parties

Below are types of third parties with whom RiskAware may transfer consumer personal information (but not limited to):

RiskAware is subject to the investigatory and enforcement powers of the Federal Trade Commission and may be required to share personal information in response to lawful requests by public authorities (subpoenas, court orders, regulations)in representing our own legal rights; or in matters of national security.

Once RiskAware has vetted its applicable source for onward transfer of consumer personal information, RiskAware takes additional steps during the transaction to protect consumer personal information including but not limited to these steps:

When RiskAware transfers a consumer’s personal information to any third party, it is electronically transmitted and stored in a secure and confidential manner, as will be further described by our ‘Data and Information Security’ section of this policy, below.

 

Data and Information Security

RiskAware recognizes the highly confidential nature of the information we collect, transfer, store, and dispose.  To protect the security of this information, RiskAware continually invests in its robust network architecture to guard against unintended access, malicious intrusion, and natural disasters.  Additionally, we maintain strict adherence to internal Information Security Policies that apply to the use of our technologies, and to all members of our organization.

RiskAware Personnel Security Measures:

RiskAware’s security practices begins at the date of hire.  RiskAware employees undergo comprehensive background investigation, repeated for most employees every two years.  All employees are trained on RiskAware’s Information Security Policies and certify confidentiality and ethics statements that require compliance to our internal Policies.  Only RiskAware employees who require access to consumer personal information are permitted logins and passwords to view client and consumer data.

RiskAware Network Security:

RiskAware’s technology and wired infrastructure protects against data loss, mishandling, unintended access, or threat to security due to  the many installed features and protocols that guard the safety of our networks.

Important attributes are (but not limited to):

Access Security features:

Intrusion Security Features:

Protocols for Change Management

Fully Redundant Network

Physical Building Security and Environmental Controls

 

Data Storage and Retention:

RiskAware retains secure possession and access to information we collect in compliance with applicable laws; to prevent fraud, or to be used in the event of legal action.  Safe data storage is built-in to both our network architecture and supported by strong data protection practices.  Data Storage security features include but aren’t limited to:

Personal Information we receive in hard copy is stored in locked file cabinets accessible only to authorized RiskAware team members.   Data stored in electronic databases or formats are protected with multi-tiered security and role based access.

Personal Identification Number Protection –  Social Security Numbers

RiskAware’s system takes added precaution when safe-handling consumer’s sensitive personal identifier information, such as Social Security and dates of birth.   When possible and/or under our control, RiskAware’s systems and practices promote automatic redaction, and/or electronic de-identification of this information from both hard copy printed and online view.  Only authorized viewers who perform operations that require access to this information are permitted to view this data.

Disposal of Information

RiskAware follows FCRA and Federal Trade Commission guidelines when disposing of personal consumer information, taking care in our methods to destroy information in a manner that renders it inaccessible, unreadable and/or unrecoverable. In compliance with current Federal Trade Commission guidelines, this may include:

In addition to all Data Security methods referenced above, RiskAware performs in-depth security audits and penetration testing, and is required to maintain evidence of required data security practices as a condition of our Cyber Liability Insurance Policy. While no method of transmission or storage can be guaranteed to be 100% secure, RiskAware follows acceptable industry-standard Data Security practices to ensure information entrusted with us remains protected and kept confidential.

 

Data Integrity and Accuracy

RiskAware clients and consumers depend on the quality of our processes and services that ensure the accuracy of our information.  To that point, , we utilize an intensive 7-point quality process to promote thorough investigation and data research so our information is accurate, complete, and up to date.  While RiskAware makes every effort to provide fully accurate data, we cannot ever guarantee that information we receive from our sources may not contain errors.  If upon your inspection of your information, you find that our information is inaccurate or incomplete, of if you wish to make changes, you may utilize RiskAware’s Dispute process to update our records or report information by contacting us using any method listed by our ‘Contact’ section below.  Our research team will acknowledge your request and will reinvestigate and correct any inaccurate information at the source when able, updating our statements or reports with the corrected data.

Accessing Your Information

Whether you are an applicant, employee, volunteer, or other subject of a consumer report,or a client or prospective client of our organization, you have rights and protections under The Fair Credit Reporting Act (FCRA) and other consumer privacy laws.  At RiskAware, we honor these protections and view you as an important customer and priority of our process.   RiskAware is committed to delivering you exceptional and professional support and services that ensures you the following:

Any individual for whom RiskAware has collected information by any method, including through our website, or as a result of our services (such as a final background check report) and who seeks a copy of our information has the right to request access to their personal information at any time, subject to proof of identity.  This request may be sent to us by contacting our Applicant Services either by phone, email, website “Contact Us” forms, or by using any method described by the ‘Contact’ section of this policy.  Once RiskAware has received your request, to the greatest extent possible and as is permitted by law, we will share full disclosure of our information openly, at no charge, and with respect for the individual.

 

Amendments  

From time to time, this RiskAware’s Policy for Overseas Transfer of Consumer Information may change.  Consistent with Privacy Shield requirements, we will post our current policy to our www.riskaware.com website, and keep it updated with any revisions.

 

Children

RiskAware’s website(s) and services are not intended for the use of children under the age of 13.  We do not set up accounts for children, provide login or password access to children.  Neither do we intend or knowingly perform services for, or collect information from or about children.  It is noted that RiskAware’s Red Flag system can be configured by clients to accept Incident Reports from anyone using an internet enabled device without restriction.  Clients may use Red Flag to gather important information on safety issues that may intentionally name or include reports describing children.  Red Flag reported incident data is not RiskAware data, but rather is the property of the client and subject to each client’s own Privacy Policies.

 

Privacy Notice for California Residents

Investigative Consumer Reports   

The Fair Credit Reporting Act defines an “Investigative Consumer Report” as a consumer report which provides “information on a consumer’s character, general reputation, personal characteristics, or mode of living obtained through personal interviews with neighbors, friends, or associates of the consumer reported on or with others with whom he is acquainted or who may have knowledge concerning any such items of information”.

RiskAware provides Investigative Consumer Reports in compliance with the Fair Credit Reporting Act (15 U.S.C. § 1681 et seq., as amended) and the California Investigative Consumer Reporting Agencies Act (Cal. Civ. Code § 1786 et seq.), and applies this Consumer Personal Information Privacy Policy to our practices.

RiskAware’s Transfer of California Consumer Personal Information: United States or Overseas

In the course of providing or completing investigative consumer reports, subject to our business purposes that have been disclosed to you, and your authorization to provide personal information for such purpose, RiskAware may be required to transfer your consumer personal information to third parties outside the United States.  Overseas onward transfer of consumer personal information will follow all policies as outlined by this policy and in accordance with all applicable laws and regulations.

For more information on RiskAware’s Consumer Personal Information Privacy Policies as they relate to California Laws, please contact RiskAware using any method described in the below “Contact” section.

California’s ‘Do Not Track’ Law-

Our website does not currently respond to “Do Not Track” browser settings.

California Privacy Rights
RiskAware does not share, sell, rent, trade, or otherwise dispose any California consumer personal information with third parties for their promotional use.  Additionally, RiskAware only uses California Consumer Personal Information to perform our services as defined previously in this policy, and as expressed at the time of data collection, and only once we have received the California consumers voluntarily consent to perform such outlined services.

 

Children’s Information

RiskAware’s website(s) and services are not intended for the use of children under the age of 13.  We do not set up accounts for children, provide login or password access to children, or intend or knowingly perform services for, or collect information from or about children.

 

No Warranties

RiskAware’s website, and its products and services may change without notice.  RiskAware makes no warranties or representations as to the accuracy or timeliness of information on this website, and does not assumes liability for errors or omissions in our content, which may also contain technical inaccuracies or typographical errors.

RiskAware makes no warranties or representations as to the accuracy or timeliness of any information on any third-party sites that are linked to this site.

Limitation of Liability

RISKAWARE IS NOT LIABLE UNDER ANY CIRCUMSTANCES FOR DAMAGES THAT OCCUR AS A RESULT OF CLIENT OR CONSUMER’S USE OF OUR WEBSITE; INCLUDING THOSE RESULTING FROM ACCESS, OR INABILITY TO ACCESS RISKAWARE WEBSITE OR ITS WEBSITE INFORMATION OR FAILURE OR BREACH OF TRANSMISSIONS.  THIS INCLUDES WITHOUT LIMIT, ANY LOST PROFITS OR DAMAGES FOR BUSINESS INTERRUPTION, LOSS OF INFORMATION, PROGRAMS OR OTHER DATA.

Compliance with Laws

RiskAware is subject to enforcement actions of the US Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB).  RiskAware’s intent is to fully comply with applicable U.S.  and international laws and regulations, to our fullest extent, including but not limited to:

For a more comprehensive listing on Website Links, as well as additional Laws and Regulations that require RiskAware compliance please visit our website Resources page at : http://riskaware.com/resources/understanding-the-laws/additional-federal-regulations/

 

Right to Change our Policy

This policy applies to all consumer information received by RiskAware no matter the method of data entry, whether in electronic, paper or verbal form, received via our website (riskaware.com), or using our applications and software.  Any change to our policy will be updated to our website, which at all times contains our most current version of this policy.  We encourage your periodic review this Consumer Personal Information Privacy Policy to check for any changes that may be applicable to your current use of our website(s) and systems.  When Consumer Personal Information Privacy Policy updates are made the date the new policy takes affect is posted at the bottom of our policy document.

Additional Information

Overseas Transfer of Information

Legal Policy

 

Contact

 

By Phone: 877-552-8907

Website “Contact Us” Form:  www.riskaware.com

By email:   customerservice@riskaware.com

Applicant Services:  Report Requests and Disputes:

If you would like a copy of your RiskAware background check report(s); or access to your active RiskAware database files; or to dispute the accuracy of the information in your background report or database file, please email RiskAware Applicant Services at applicantservices@riskaware.com or by calling 877-552-8907 and selecting option 3.

Privacy Policy questions:

If you have any questions specifically regarding our privacy policy, you may contact us at:

RiskAware

Attn: Privacy Policy Coordinator

1776 Mentor Ave, 315

(877) 552-8907

RiskAwarePrivacy@riskaware.com

 

Overseas Transferred Consumer Personal Information:  To request information relating to your EU or overseas transferred Consumer Personal Information, please contact: RiskAwarePrivacy@riskaware.com

If you have questions regarding this European Union Privacy Shield Privacy Policy, contact:

RiskAware

Attn: Privacy Policy Coordinator

1776 Mentor Ave, 315

(877) 552-8907

RiskAwarePrivacy@riskaware.com

 

Consumer Information Privacy Policy Effective Date:

Original Policy Effective Date: June 1, 2017

Last Revision: September 5, 2017

 

Close