WE ARE COMMITTED TO SAFEGUARDING CUSTOMER INFORMATION
This Policy may change from time to time, and those changes will be posted on this page. Please check back periodically for the most current information.
TYPES OF PERSONAL DATA WE COLLECT
Personal Data You Provide to Us
Contact Information: When you visit a XPEDITE® web site, we collect general data including your domain name, the name of the web page from which you entered our site, which pages you visit on our site and how much time you spend on each page. This general information does not include specific identifying information about you. We use this information only to monitor and improve our sites and, ultimately, our service to you. We do not store any of this data nor do we provide this information to outside parties.
During the establishment of an account with XPEDITE®, certain information about your organization is requested. This information is necessary to document need, legitimate volumes and legal purpose. XPEDITE® must satisfy certain responsibilities to various overseeing bodies in the overall effort to prevent fraud and misuse. We do not share or provide any of this information to anyone other than legitimate governmental bodies during audits of our services or to comply with the law.
Financial Information: We may also require you to provide us with your financial information and billing information such as credit or debit card number, or bank account information if you make purchases whit us.
User Submissions: We may display your Submissions on any of our websites, platforms, or any web-based online community that we host if you post any personal or other information for public consumption which information may include your comments, tips, feedback, updates, or any other information that you voluntarily provide (your “Submissions”)
Personal Data Provided by A Customer, Governmental, or other Third-Party Organization
We operate as the processor of your Personal Data if your data has been submitted to us by an XPEDITE® customer, governmental, or other third-party organization (collectively, “Third Party Organization”). Such Third-Party Organization(s) may include governmental or public service entities with which you interact, public source information such as government watch and sanction lists, the public or private organization with which you are employed, as well as data providers, biographical sources, which may be aggregated.
The Personal Data we collect about you from Third Party Organizations may include, but is not limited to, the following:
- Contact details, such as your name and email address, postal address, and phone number;
- Criminal background or history;
- Date of Birth;
- Government identification numbers such as social security;
- Country of Residence;
- Reported allegations of theft, bribery and corruption, money laundering and other criminal activities.
USING YOUR PERSONAL DATA
When we are the controller of your Personal Data, we collect and process your Personal Data for one or more of the following purposes:
- Providing, activating and managing your access to and use of XPEDITE® Services;
- Processing and fulfilling a request, order, download, or other transaction related to XPEDITE® Services;
- Providing technical, product and other support and to help keep all XPEDITE® Services working, safe and secure;
- Enhancing and improving XPEDITE® Services and any of our other products, and services, and to develop new products, services and benefits;
- Responding to your requests, inquiries, comments and concerns;
- Notifying you about changes, updates and other announcements related to XPEDITE® Services;
- Complying with our legal obligations, resolving disputes, and enforcing our agreements.
When you fail to provide that required Personal Data where we need to collect and process Personal Data under an agreement, we have entered into with you, or by law, we may not be able to complete the agreement.
We may process your Personal Data (When we are the processor) to enable our clients and customers to achieve any one or more of the following purposes:
- Providing information that may impact the client’s organization, clients base, or brand;
- Complying with regulatory and legal obligations to conduct due diligence and other screening activities;
- Enabling informed business and commercial risk decisions.
- Conducting risk management activities for which there is a substantial public interest;
Your Personal Data may include personal information which is a matter of official court, public, and/or criminal record, in which circumstance such Personal Data has been supplied to XPEDITE® for publication to our customer organizations by the public entities concerned in the interests of upholding and protecting the rule of law, and promoting the safety interests of the public.
XPEDITE® has no power over what is reported in official criminal records, public, or court. It is for the applicable law enforcement entities and courts to decide what Personal Data is to remain within the records that they disclose, and to safeguard at the same time the public interests in disclosure and the privacy rights of individuals.
We implement a variety of security measures to maintain the safety of your personal information when you access your personal information. We offer the use of a secure server and all supplied sensitive information is transmitted via Transport Layer Security (TLS) technology. The information is then stored in our Database, on servers behind multiple levels of physical security, to be accessed only by those authorized with special access rights to our systems. All such persons are required to keep the information confidential.
YOUR RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT:
You have the right to request that we disclose the categories and specific pieces of personal information that we have collected about you, and where the data collected is not otherwise exempt.
You have the right to request that we delete any personal information about you that we have collected, and where the data collected is not otherwise exempt. Please note that the right to delete under the CCPA is subject to a number of exceptions including where retention of the information is necessary to do the following:
Complete your transaction;
Provide a good or service to you;
Perform a contract between us and you;
Protect user security;
Fix technical issues;
Protect free speech rights;
Comply with applicable law or legal obligation; or
Use the information for internal purposes compatible with the context in which it was provided.
You have the right to request that we disclose the following:
(1) The categories of personal information we have collected about you.
(2) The categories of sources from which the personal information is collected.
(3) The business or commercial purpose for collecting personal information.
(4) The categories of third parties with whom we share personal information.
(5) The specific pieces of personal information we have collected about you.
(6) The categories of personal information that we have disclosed about you for a business purpose.
(7) The categories of personal information that we have sold about you and the categories of third parties to whom the personal information was sold. While you may nonetheless request this information, please note that XPEDITE® does NOT “sell” personal information as this term is defined by the CCPA.
XPEDITE® will not discriminate against you because of your decision to exercise your rights under the CCPA. XPEDITE® will not deny you services, charge you different prices, provide a different level or quality of services, or suggest that you will receive a different price, level, or quality of services as a result of your decision to exercise your rights.
USE OF INFORMATION
Under no circumstances will we provide or disclose any information regarding you to anyone other than an established, authorized contact of one of our accounts. We do not share, disclose or sell any information.
CHILDREN’S ONLINE PRIVACY PROTECTION ACT COMPLIANCE
We are in compliance with the requirements of the Children’s Online Privacy Protection Act (COPPA), and pursuant to COPPA we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are over the age of 13.
CONFIDENTIALITY AND SECURITY
XPEDITE® Wholesale Criminal Research
155 Tri-County Parkway
Cincinnati, OH 45246