Sterling Infosystems, Inc. respects the privacy of its online visitors, employees, clients and client-employees. We treat all submitted personal data as private and confidential. We do not sell or otherwise transfer this information to any third party organization, except as provided below.

Please review this policy carefully. This policy is current as of February 14, 2013.  Sterling reserves the right to change its privacy policy at any time, in which event the Site will contain a notice of the change. Changes will be effective immediately upon posting to the Site. By accessing the Site, you are indicating your agreement to the Company’s privacy policy. This policy applies to all users of this site. In addition, the personal information of certain users may be subject to additional protections required under the EU Safe Harbor Principles. Click here for more information concerning our EU & Switzerland Data Privacy Policy.

Information Collected.  As you are probably aware, in the course of our contact or relationship with you, we may collect information from a variety of sources. We collect this information in order to carry out our business functions and provide the highest quality of service to you. Most of our information comes directly from you, such as when you forward to us information, photographs, videos and other data, files and/or correspondence. You also may provide information about yourself in connection with an application for employment.

Through our service to Company clients to conduct background and criminal record checks, drug testing, and employment verification, Sterling also collects and processes personal information of individuals who apply for employment at Sterling’s clients (“client-employees” and “client-employee personal information”). Sterling will conduct client services in accordance with the notice given to and/or the consent obtained from client-employees. Sterling will not sell or share client-employee personal information to third parties other than the client on whose behalf the personal information was collected, and as except as permitted by law and this privacy policy. Sterling collects client-employee personal information for, among other things, legitimate business reasons such as client service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All personal information collected by Sterling will be used for legitimate business purposes consistent with this Policy.

Sterling may compile statistical information concerning the usage of the Site. This information allows Sterling to monitor its utilization and continuously improve its quality. Examples of this information would include, but not be limited to, the number of visitors to the Site, or to sections or pages within the Site, patterns of traffic flowing through the Site, length of time spent on the Site, or in sections or pages of the Site, the other sites that refer visitors to the Site, the pages of the Site that visitors frequently use as entry and exit points, utilization of the browser and operating systems and versions used by visitors to the Site, etc. Because such non-personal information does not identify who you are, we do not limit the ways we may use or share non-personal information. For example, we may share non-personal information with our affiliates, suppliers, employees and agents, other businesses, and the government.

Sterling may also collect anonymous information concerning website users through the use of "cookies" in order to provide better Client service. "Cookies" are small files that websites place on users' computers to identify the user and enhance the website experience. None of this information is reviewed at an individual level. Visitors may set their browsers to provide notice before they receive a cookie, giving the opportunity to decide whether to accept the cookie. Visitors can also set their browsers to turn off cookies. If visitors do so, however, some areas of Sterling websites may not function properly.

None of Sterling's websites are directed toward children. Nevertheless, Sterling is committed to complying with applicable laws and requirements, such as the United States' Children's Online Privacy Protection Act ("COPPA").

Disclosure of Information. In the course of our normal business activities, we may disclose collected information to both affiliates and non-affiliated entities, as we deem necessary and appropriate. Except as required or permitted by law or this Policy, we will not disclose your information for any purposes other than those in conjunction with our business activities. For example, if the company enters into bankruptcy, it may need to transfer personal information to another company as part of the resolution of the bankruptcy. We endeavor to choose non-affiliates with similar standards to ours regarding the protection of private information.

Sterling generally does not require certain personal information to obtain access to any area of the Site, such as Social Security numbers. However, if you decide to provide personal information to Sterling, in no case will the Sterling sell, license or transmit that information to third parties, except as required by law or as permitted by law or by this Policy. Any information that you voluntarily share with Sterling in a form is kept confidential and fully secure.

Sterling website users have the option to request that Sterling not use information previously provided, correct information previously provided, or remove information previously provided to Sterling. Those that would like to correct or suppress information they have provided to Sterling should use the contact information provided below. The inquiries should include the individual's name, address, and other relevant contact information (phone number, email address), as well as the nature of the request. Except as required by law, Sterling is free to deny such requests. If Sterling is decides to grant such a request, it will use all reasonable efforts to honor such requests as soon as practicable.

Safeguarding of Information. Online privacy is paramount for Sterling. Owing to the sensitive nature of our public record searches, the management and distribution of such information is protected by the highest levels of security. We employ numerous practices to protect against the disclosure of information for purposes unrelated to the performance of our business functions or to individuals other than those who must use it in the course of their work activities. These practices include the use of password protection of computer files, e-mail and voice-mail, video surveillance, and other physical, electronic, and procedural safeguards. Additionally, all data received by Sterling over its online network is delivered over a secure socket layer. We maintain redundant electronic and physical security measures, which exceed the provisions and policies mandated by the Privacy Act, to safeguard all personal and public record data.

Personal Information Disclosure: United States or Overseas: Personal Data and Client-Employee Personal Data collected by Sterling are maintained at a secured data center located in the United States and may be transferred to 3rd parties outside of the United States.

Sterling performs thorough background checks on all of its employees and onsite suppliers. These checks include criminal history searches, credit checks, motor vehicle searches, social security trace reports, employment verifications, education verifications, drug testing and skills assessment. Additionally, Sterling's offices and offsite hosting facilities are secured by state of the art security systems.  Of course, no set of safeguards is 100% secure. This means that, for example, despite our best efforts, an unauthorized access or acquisition of your information could occur. In that case, we will do our best to mitigate harm to you and, where appropriate notify you of the incident.

Sterling websites may contain links to other "non-Sterling" websites. Sterling assumes no responsibility for the content or the privacy policies and practices on those websites. Sterling encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of Sterling.

*  *  *

This Privacy Policy is governed by the internal substantive laws of New York, without regard to its conflict of laws principles. Jurisdiction for any claims arising under or out of this Privacy Policy shall lie exclusively with the state and federal courts within New York. If any provision of this Privacy Policy is found to be invalid by a court having competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Privacy Policy, which shall remain in full force and effect.

UNDER NO CIRCUMSTANCES SHALL STERLING HAVE ANY LIABILITY WHATSOEVER FOR ANY ERRORS OR OMISSIONS IN INFORMATION ON THE SITE, OR FOR ANY DAMAGES, LOSSES, OR EXPENSES THAT MAY OCCUR WHILE ACCESSING THE SITE, OR ANY LINKED SITE, OR THE INABILITY TO ACCESS THESE SITES; OR ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS OR LINE OR SYSTEM FAILURE; OR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT OR SPECIAL DAMAGES ARISING OUT OF THE BREACH OF THIS PRIVACY POLICY, HOWEVER OCCASIONED.

If you have questions about our privacy and security policy, contact us at:

Sterling Infosystems Inc.
1 State Street, 24th Floor
New York, New York 10004
Tel: +1(212) 736-5100
Attention: Vice President of Compliance

info@sterlinginfosystems.com

 

EU & SWITZERLAND DATA PRIVACY POLICY

Sterling Infosystems, Inc. is committed to protecting the privacy of certain data and respects individual privacy and values the confidence of its Clients, employees, vendors, consumers, business partners and others. Sterling strives to collect, use and disclose Personal Data in a manner consistent with the laws of the countries in which it does business, and has a tradition of upholding the highest ethical standards in its business practices. In addition to our general Website Privacy Policy, with respect to Personal Data of certain individuals, Sterling abides by the Safe Harbor Principles developed by the U.S. Department of Commerce and the European Commission and the Frequently Asked Questions (“FAQs”) issued by the Department of Commerce on July 21, 2000. This Safe Harbor Privacy Policy (the "Policy") sets forth the privacy principles that Sterling follows with respect to transfers of Personal Data anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-seven member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) or Switzerland to the United States.

I. DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

"Agent" means any third party that uses Personal Data provided by Sterling to perform tasks on behalf of or at the instruction of Sterling.

Client-employee” means a person who applied for employment at a potential employer and/or a person working for an employer which employer requested Sterling’s Consumer Services regarding such a person.

Client-employee Personal Data” means Personal Data of a Client-employee that Sterling collected and processed as part of its Client Services.

Client-Services” means employment screening services, which include back ground checks involving criminal records searches, credit checks, vehicle motor which search, social security trace reports, personal identification, number trace reports, employment verifications, education record verifications and/or drug testing, where such background checks are permissible by law, which services Sterling render at the request of a Client of the Company.

"Personal Data" means any information or set of information that identifies or could be used by or on behalf of Sterling to identify an individual subject to the EU Data Privacy Directive 95/46/EC, as modified, supplemented and/or replaced. Personal Data does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal Data.

"Sensitive Personal Data" means Personal Data that reveals race, ethnic origin, trade union membership, or that concerns health. In addition, Sterling will treat as sensitive Personal Data any information received from a third party where that third party treats and identifies the information as sensitive.

"Sterling" means Sterling Infosystems Inc., its predecessors, affiliates, successors, subsidiaries, divisions and groups.

II. SAFE HARBOR

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles ("Safe Harbor Principles") and frequently asked questions (the "U.S.-EU Safe Harbor Framework") to enables U.S. companies to satisfy the requirement under European Union law that an adequate level of protection is given to Personal Data transferred from the EUto the United States. The EEA also has recognized the U.S. Safe Harbor as providing an adequate level of data protection (OJ L 45, 15.2.2001, p.47). The United States Department of Commerce and the Federal Data Protection and Information Commissioner of Switzerland have agreed on a similar set of data protection principles and frequently asked questions (the "U.S.-Swiss Safe Harbor Framework") to enable U.S. companies to satisfy the requirement under Swiss law that an adequate level of data protection is given to Personal Data transferred from Switzerland to the United States. Consistent with its commitment to protect Personal Data privacy, Sterling adheres to the U.S.-EU and U.S.-Swiss Safe Harbor Frameworks. Sterling has a Vice President of Compliance who assists in ensuring compliance with this Policy and data security issues. Sterling educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. Sterling's Vice President of Compliance and Sterling’s external legal advisors are available to any of its valued employees, Clients, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.

III. SCOPE

This Policy applies to all Personal Data received by Sterling in any format including electronic, paper or verbal.  Sterling collects and processes Personal Data concerning current and former employees of Sterling and their respective family members, as well as applicants for employment at Sterling through its Internet websites, its intranet site, electronic mail and manually. Sterling is the sole owner of information it collects from current and former employees, applicants for employment, Clients, vendors and others. Sterling will not sell or share this information with third parties in ways different than what is disclosed in this Privacy Policy except as required or permitted by law. For example, if the company enters into bankruptcy, it may need to transfer personal information to another company as part of the resolution of the bankruptcy. 

On a global basis, Sterling will, and will cause its affiliates to, establish and maintain business procedures that are consistent with this Policy. Sterling collects Personal Data of its employees and/or job applicants for, among other things, legitimate human resource business reasons such as payroll administration; filling employment positions; administration and operations of its benefit programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; and authentication. Sterling does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent Sterling maintains information on an individual's medical health or ethnicity (as legally required), Sterling will protect, secure and use that information in a manner consistent with this Policy and applicable law.  Through its service to Company Clients to conduct background and criminal record checks, drug testing, and employment verification, Sterling also collects and processes Personal Data of individuals who apply for employment at Sterling’s Clients (“Client-employees” and “Client-employee Personal Data”). Sterling will conduct Client-services in accordance with the notice given to and/or the consent obtained from Client-employees. Sterling will not sell or share Client-employee Personal Data to third parties other than the Client on whose behalf the Personal Data was collected.  Personal Data collected by Sterling from prospective Clients, consumers, vendors, business partners and others. Sterling collects Personal Data for, among other things, legitimate business reasons such as Client service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal Data collected by Sterling will be used for legitimate business purposes consistent with this Policy.

IV. PRIVACY PRINCIPLES

The privacy principles in this Policy are based on the seven Safe Harbor Principles.

  1. NOTICE: Where Sterling collects Personal Data directly from individuals applying for employment at Sterling, it will inform them about the purposes for which it collects and uses Personal Data about them, the types of non-agent third parties to which Sterling discloses that information, if any, and the choices and means, if any, Sterling offers individuals for limiting the use and disclosure of their Personal Data.  Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to Sterling, or as soon as practicable thereafter, and in any event before Sterling uses the information for a purpose other than that for which it was originally collected. Sterling may disclose Personal Data if required to do so by law or to protect and defend the rights or property of Sterling. Sterling will collect Client-employee Personal Data only in accordance with the notice to and consent given by the Client-employee.  Should you have any complaints or inquiries regarding this Policy or the provisions contained herein, please contact Sterling’s Vice-President of Compliance.
  2. CHOICE: Sterling will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.  For Sensitive Personal Data, Sterling will give individuals who apply for employment at Sterling the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Sterling collects sensitive Personal Data on Client-employees only pursuant the person’s express consent.  Sterling will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise. 
  3. DATA INTEGRITY: Sterling will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Sterling will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete and current.
  4. TRANSFERS TO AGENTS: Sterling will obtain assurances from its Agents that they will safeguard Personal Data consistently with this Policy. Examples of appropriate assurances that may be provided by Agents include: a contract obligating the Agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the Agent, or being subject to another European Commission adequacy finding (e.g., companies located in Switzerland).  Where Sterling has knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this Policy, Sterling will take reasonable steps to prevent or stop the use or disclosure. Sterling holds it Agents accountable for maintaining the trust our employees and Clients place in the company.
  5. ACCESS AND CORRECTION: Upon request, Sterling will grant individuals reasonable access to Personal Data that it holds about them. In addition, Sterling will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees of Sterling who desire to review or update their Personal Data can do so by contacting their local Human Resources Representative. Client-employees must contact their employer and/or the company to whom they gave consent to conduct the Client Services. 
  6. SECURITY: Sterling will take reasonable precautions to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Sterling protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal Data. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. Sterling limits access to Personal Data and data to those persons in Sterling's organization, or as agents of Sterling, that have a specific business purpose for maintaining and processing such Personal Data. Individuals who have been granted access to Personal Data are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so. Sterling will disclose Client employee Personal Data only to the Client who requested the Client Services and in accordance with the Notice provided by the Client to the Client employee and/or the consent given by the Client-employee. Of course, no set of safeguards is 100% secure. This means that, for example, despite our best efforts, an unauthorized access or acquisition of your information could occur. In that case, we will do our best to mitigate harm to you and, where appropriate notify you of the incident.
  7. ENFORCEMENT: Sterling will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy and the U.S. Department of Commerce Safe Harbor Principles. Any employee that Sterling determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

V. DISPUTE RESOLUTION

Any questions or concerns regarding the use or disclosure of Personal Data should be directed to the Sterling Privacy Office at the address given below. Sterling will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Sterling and the complainant, Sterling has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles, and to cooperate and comply with the Federal Data Protection and Information Commissioner of Switzerland.

VI. INTERNET PRIVACY

Sterling views the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. Sterling recognizes the importance of maintaining the privacy of Personal Data collected through websites that it operates. Sterling's sole purpose for operating its websites is to provide information concerning products and services to the public.  This privacy policy does not apply to information collected through other means such as by telephone or in person, although that information may be protected by other privacy policies.  Further, if you access this site from outside the U.S., you acknowledge and agree that you are responsible for compliance with any applicable local or national laws, rules or regulations applicable to such use.  In general, visitors can reach Sterling on the Web without revealing any Personal Data. Visitors on the Web may elect to voluntarily provide Personal Data via Sterling websites but are not required to do so. Sterling collects information from visitors to the websites who voluntarily provide Personal Data by filling out and submitting online questionnaires concerning feedback on the website, requesting information on products or services, or seeking employment. The Personal Data voluntarily provided by website users is contact information limited to the user's name, home and/or business address, phone numbers and email address. Sterling collects this information so it may answer questions and forward requested information. Sterling does not sell or share this information with non-agent third parties.

VII. CHANGES TO THIS SAFE HARBOR PRIVACY POLICY

The practices described in this Policy are current Personal Data protection policies as of March 12, 2012. Sterling reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments. 

If you have questions about our privacy and security policy, contact us at:

Sterling Infosystems Inc.
1 State Street, 24th Floor
New York, New York 10004
Tel: +1(212) 736-5100
Attention: Vice President of Compliance

info@sterlinginfosystems.com