Overseas Transfer of Information
RiskAware protects the privacy of consumer information at all times. In accordance with this policy, RiskAware fully discloses its legal purposes for collecting personal information from consumers, and only obtains personal information that is volunteered by the consumer. At times, and in conjunction with our purposes and authorization, personal information may be gathered and transferred into and out of the United States with overseas sources, so we can complete our services. When this occurs, there is deliberate attention to confidentiality and security.
RiskAware Overseas Sources
U.S /European Union & Swiss Privacy Shield
When required to complete our authorized services, RiskAware may transfer consumer personal information between European Union counties, Switzerland, and the U.S.
The EU-U.S. and Swiss-U.S. Privacy Shield Policies, have been developed respectively by the U.S. Department of Commerce and the European Commission and Swiss Administration, to provide framework for protecting personal data when it is transferred between the U.S, and European Union countries and/or Switzerland. The Privacy Shield program is administered by the International Trade Administration (ITA) within the U.S. Department of Commerce.
Notice on Overseas Transfer
If you have lived overseas, you may be asked to provide the following types of consumer personal information (but not limited to) and that may be transferred overseas:
Or when using our websites and applications, we may collect additional information that helps improve our services to you such as:
RiskAware informs the consumer on our purpose for requesting personal information at the time of collection, and in strict compliance with FCRA and other applicable U.S. and international laws that protect consumer’s information privacy rights.
RiskAware treats any and all information as sensitive when transferred overseas or to any third party.
If you had previously requested or authorized our communication, or you have provided us your contact information via the web or other applications, we may use your contact information to connect with you through our marketing that informs on products, services, or news. At any point, you may unsubscribe from our mailing lists and email communication by notifying us by any method (See ‘Contact Section’), by following “unsubscribe” instructions included in our emails, or by using your own account settings.
RiskAware recognizes that sometimes consumer personal information and preferences may change. If a consumer wishes to make changes, updates, or modifications to personal information they have submitted to us, including the closure of their Account(s), RiskAware will provide this opportunity when and where possible, including in some cases the use of your Account Settings to initiate changes at will. You may request changes by contacting us using information found in the ‘Contact’ section of this policy. RiskAware will acknowledge all requests for changes to overseas consumer personal data and responds within reasonable timeframes. In all instances, we will facilitate correction requests to the maximum extent, and in accordance with FCRA and other laws including Privacy Legislation.
Under no circumstance does RiskAware sell, share, sell, supply, or trade international country consumer personal information with US or overseas third parties for promotional purposes.
In the course of performing and completing our services, and in support of the permitted and legal purposes you have already authorized, RiskAware may share personal and overseas consumer information with an overseas third-party source. When doing so, RiskAware observes international requirements and laws that apply for the country with whom we are transacting with the third party. Whenever RiskAware shares information overseas, there is appropriate RiskAware process to obtain legal certifications, provide organizational due diligence, and qualify data security protections in place with the overseas third party. As referenced above, we afford that only vetted and authorized third parties gain access to RiskAware’s shared personal data, and protect that information is used only to gather the required information and for no other purpose.
Transferring Data to Third Parties
Once RiskAware has vetted it’s applicable source for onward transfer of consumer personal information, RiskAware takes additional steps to protect consumer personal information during the transfer process including but not limited to these steps:
When RiskAware transfers a consumer’s personal information to any third party, it is electronically transmitted and stored in a secure and confidential manner.
Whether you are an applicant, employee, volunteer, or other subject of a consumer report, or a client or prospective client of our organization; and regardless of your country of origin, our services provide you with rights and protections under The Fair Credit Reporting Act (FCRA) and other U.S. and international consumer privacy laws when applicable. At RiskAware, we honor these protections and view you as an important customer and priority of our process. As such, RiskAware is committed to delivering you exceptional and professional support and services that ensure the following:
Any individual for whom RiskAware has collected international personal information by any method including through our website(s), or as a result of our services (such as a final background check report) and who seeks a copy of our information has the right to request access to their personal information at any time, subject to providing proof of identity. This request may be sent to us by contacting our Applicant Services either by phone, email, website “contact us” forms, or by using any method described by the ‘Contact’ section of this policy. Once RiskAware has received your request, to the greatest extent possible and as is permitted by law, we will share full disclosure of our information openly, at no charge, and with respect for the individual.
While RiskAware utilizes an intensive 7-point quality process that deepens investigation and data research to ensure quality and accuracy, if upon your inspection of your information, you find that our information is inaccurate or incomplete, or if you wish to make changes, RiskAware affords you a reasonable opportunity to dispute our information as false. This is done by contacting us to correct, update, or delete our records. Our research team will reinvestigate your claim, and correct any found inaccurate information, then altering and updating the inaccuracy in our records, statements or reports. We will notify any consumer if we are unable to correct or access overseas personal consumer information to direct a change.
RiskAware Personnel Security Measures:
Before RiskAware employees are permitted access to overseas consumer personal information, they undergo comprehensive background check screening, are trained on RiskAware’s Information Security Policies, and certify confidentiality and ethics statements that require compliance to our internal Policies. Only RiskAware employees who require access to consumer personal information are permitted logins and passwords to view client and consumer data.
RiskAware Network Security:
RiskAware’s technology and wired infrastructure protects overseas information against data loss, mishandling, unintended access, or threat to security. Important network security attributes are (but not limited to):
Access Security features:
Intrusion Security Features:
Protocols for Change Management
Fully Redundant Network
Physical Building Security and Environmental Controls
Managed and Secure Data Storage – Back Up and Retention systems
Overseas consumer personal information we receive in hard copy is stored in locked file cabinets accessible only to authorized RiskAware team members. Data stored in electronic databases or formats are protected by multi-tiered security and role based access.
Protection of Social Security Numbers
RiskAware’s system takes added precaution when safe-handling consumer’s sensitive personal identifier information, such as social security number and date of birth. When possible and under our control, RiskAware’s systems promote the automatic and electronic de-identification and/or redaction of this information when transferred within overseas countries. This occurs in both hard copy printed and online view. Only authorized viewers who perform operations that require access to this information are permitted to view this data.
RiskAware follows FCRA and Federal Trade Commission guidelines when disposing of personal consumer information which include:
In addition to all Data Security methods referenced above, RiskAware performs security audits and penetration testing. While no method of transmission or storage can be guaranteed 100% secure, RiskAware follows acceptable industry-standard Data Security practices to ensure overseas consumer personal information entrusted with us remains protected and confidential.
RiskAware clients and consumers depend on the quality of our processes and services to ensure the accuracy of information gathered or transferred to and from U.S and overseas countries. We utilize an intensive 7-point quality process to provide thorough investigation and data research so that overseas consumer personal information is accurate, complete, and up to date. While RiskAware makes every effort to provide fully accurate data, we cannot ever guarantee that information we receive from our U.S. or overseas sources may not contain errors. If upon your inspection of your information, you find that our information is inaccurate or incomplete, of if you wish to make changes, you may utilize RiskAware’s Dispute Process to update our records or report our information as false by contacting us using any method listed by our ‘Contact’ section below. Subject to confirming your identity, our research team will acknowledge your request, will reinvestigate, and correct any found wrong information, updating our statements or reports with the corrected data. If we are unable to correct overseas data, or are otherwise prevented from access, RiskAware will inform the consumer of such. RiskAware will acknowledge all requests for changes to overseas consumer personal data, and responds within reasonable timeframes. In all instances, we will facilitate correction requests to the maximum extent, and in accordance with FCRA and other laws including Privacy Legislation.
RiskAware retains overseas consumer personal data we have been authorized to collect for the tenure of our services to our Client. This is as required per our contracts, applicable laws or legal requirements, and to help resolve disputes.
Enforcement / Complaints
1776 Mentor Ave, 315
We will promptly investigate and make best efforts to resolve any complaint.
We take all complaints seriously and will respond with urgency to all matters per our commitment to Privacy Shield Principles. RiskAware may have liability in cases of onward transfer to third parties.
Overseas Transferred Consumer Personal Information: To request information relating to your EU, Swiss, or overseas transferred Consumer Personal Information, please contact: RiskAwarePrivacy@riskaware.com
1776 Mentor Ave, 315