ComplianceMetrix Privacy Policy

Last Updated: May 30, 2018 (Phone number update and typo)

Your privacy is very important to us. This privacy policy discloses how ComplianceMetrix, LLC (“ComplianceMetrix” or “we” or “us”) collects, protects, uses and shares information gathered about you. This privacy policy also applies to RequirementsLive, LLC. ComplianceMetrix respects the privacy of our customers, our employees, job applicants, and other visitors to our websites who may choose to provide personal information. We recognize the need for appropriate protections and management of personal information that you provide to us. This Privacy Policy will assist you to understand what types of information we may collect, how that information may be used, and with whom the information may be shared.

This Privacy Policy explains ComplianceMetrix’s practices regarding the information collected online from users of the ComplianceMetrix website located at and any web site or service controlled by ComplianceMetrix.

In an effort to comply with the law, and our commitment to protect your personal information, we provide the following, which discloses our policies.

What type of information do we collect?

Personal Information is defined as any information concerning the personal or material circumstances of an identified or identifiable individual. An identifiable person is one who can be identified, directly or indirectly, by reference to a Social Security Number and/or Identification Number (hereinafter “SSN/I.N”) or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.

Personal Information shall include but is not limited to: name, home address, home telephone number, email address, Social Security Number and/or Identification Number, financial information and employment related information such as may be found on resumes, applications, background verification information, or in employment references.

ComplianceMetrix takes measures to maintain the confidentiality of your SSN/I.N to protect your SSN/I.N from unlawful disclosure, and to limit access to your SSN/I.N. ComplianceMetrix will not make your SSN/I.N available to the general public, require you to provide your SSN/I.N to access any products or services, transmit your SSN/I.N over the Internet unless the connection is secure or your SSN/I.N has been encrypted, or requires the transmittal of your SSN/I.N to access our Website without requiring additional authentication.

Non-personal information is information that is already a matter of public record or knowledge or information that does not otherwise identify you. Business contact information is considered non-personal information and not subjected to special protection and it can be routinely shared with anyone inside or outside of the business. Business contact information shall include but is not limited to: business name, business address, business telephone number, and is not considered personal information in certain jurisdictions.

If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, and any information that you submit to us, such as a resume. You may also provide other optional information. We may also collect or receive information about you from our third party service providers, advertising partners, marketing companies, or other third parties.

We will never collect sensitive Personal Information except to comply with Affirmative Action data requirements and as required for all Human Resources department procedures where this information is necessary. Sensitive Personal Information can include but is not limited to: information pertaining to gender, disabilities, and veteran status.

Technology – Internet Users

In addition to Personal Information, we use data collection devices such as “cookies” on certain web pages to help analyse our web page flow and measure promotional effectiveness. Cookies are pieces of information a website sends to an individual’s hard drive while they are viewing the website. Cookies allow the website to remember important information that will make your visit to the site more useful. We use cookies to help improve your future visits. If you do not wish to receive a cookie or if you wish to set your browser to warn you each time a cookie is being sent, or if you wish to turn off all cookies, use the options on your browser to assist you. The “Help” option on your browser may assist you in changing your cookie preferences. Please note that by turning cookies off, you will not have access to many features available on our website.

We do not respond to browser-based “do not track” signals. Currently we do not have any third party sites who push content to our site. We use Google Analytics on our site. Google Analytics is a web analytics service provided by Google. Google Analytics uses cookies to collect anonymous traffic data to help us analyze how users use the website. The information generated by a cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the site, compiling reports on site activity for us and providing other services relating to site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. By using the website, you consent to the processing of data about you by Google in the manner and for the purposes described in this policy. If you have concerns relating to the usage of Google Analytics, it is possible to block Google Analytics by installing a plug-in to your browser. A plug-in for the most common browsers can be found here:

Children and Data Collection

ComplianceMetrix adheres to the federal privacy protection standards as stated in the Children’s Online Privacy Protection Act (“COPPA”). We care about the safety of children. You should not use our website or Service it you are under 13. We will not knowingly allow anyone under 13 to provide us any personally identifying information. Children under 13 years of age are required to obtain the express permission of a parent or guardian before submitting any Personal Information about themselves (such as their names, e-mail address, and phone number) over the Internet. If a child has provided us with personally-identifiable information without the consent of a parent or guardian, the parent or guardian of that child should contact the Privacy Officer immediately at We will promptly delete the child’s information from our servers.

Our Use of Your Personal Information

We use your Personal Information to facilitate the services you request. We have tailored our Privacy Policy to adequately advise of the use of your Personal Information.

Collection and Use of Employee Personal Information

ComplianceMetrix also collects Personal Information from its employees and applicants (human resource data) in connection with administration of its Human Resources programs and functions. These programs and functions include, but are not limited to: job applications and hiring programs, compensation and benefit programs, performance appraisals, training, employee profiles, internal intranet employee directories, Human Resource recordkeeping, Affirmative Action data, and other employment related purposes.

It is the policy of ComplianceMetrix to keep all past and present employee information private from disclosure to third parties. There are certain business related exceptions and they are:

  1. To comply with county, state or federal agency requests;
  2. Inquiries from third parties with a signed authorization from the employee to release the information, except in situations where limited verbal verifications are acceptable (see below);
  3. Third parties with which ComplianceMetrix has contractual agreements to assist in administration of company sponsored benefits.

Verifications of Employment

Prospective employers, financial institutions, and residential property managers routinely contact ComplianceMetrix requesting information on a former or current employee’s work history and salary. All such requests of this type shall be referred to and completed on a confidential basis by the Human Resources Department.

For written verification of employment requests, information will be provided on the form only when it is accompanied by an employee’s signed authorization to release information. The form will be returned directly to the requesting party and filed as part of Human Resources confidential records.

Medical Information

ComplianceMetrix is compliant with federal HIPAA regulations and only utilizes information related to the company sponsored healthcare plan on a “need to know” basis for administration of the healthcare plan.

Collection and Use of Customer Information

ComplianceMetrix will not collect customer Personal Information, except for names as they are used in a strictly business context, unless the customer contacts ComplianceMetrix directly. In order to adequately address a customer’s concern, their Personal Information may be shared with our employees as far as necessary to enable the customer’s concerns to be addressed.

ComplianceMetrix will not collect Personal Information, unless you contact ComplianceMetrix directly. In the future, one of our employees or current or future affiliates may use this information to contact you regarding products or promotions, as well as other products and services, which may be of interest to you. If you do provide us with Personal Information we may use the information to contact you, via e-mail, regular mail, telephone or other means, to provide you with information that you requested about specific products or services, provide additional future information about products or services that may be of interest to you, and to learn about and develop products and services. If you do not want this information disclosed you may “opt out” of future contacts at any time by contacting the Privacy Officer, in writing, as described below in the section titled “Contact Information.”

Sharing of Personal Information

We may share Personal Information with our service providers, consultants and current or future affiliates for our internal business purposes and in order to provide you the services. Except as described in this Privacy Policy, ComplianceMetrix will not share Personal Information with a third party, unless a customer requests, consents to such disclosure, or disclosure is required or authorized by law. ComplianceMetrix reserves the right to disclose Personal Information to a third party if a law, regulation, search warrant, subpoena, or court order legally requires or authorizes us to do so. ComplianceMetrix also reserves the right to disclose and/or transfer Personal Information to a third party in the event of a proposed or actual purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal, or financing of all or any portion of ComplianceMetrix or of any of the business or assets or shares of ComplianceMetrix or a division thereof in order for a customer to continue to receive the same products and services from the third party.

Personal Information may be provided to a courier or freight forwarder to fulfill an order, which may have been requested from us.

ComplianceMetrix collects information and data on how the website and services are used by visitors and customers (such as, but not limited to, demographic information,  search terms used or how customer perform searches and information about the platform and workflow) (the “Usage Data”) and reserves the right to disclose to use, modify, and share such Usage Data in its discretion. CMX owns all Usage Data.  In the event any personally identifiable information, data, or content is anonymized, ComplianceMetrix and its agents, subcontractors and licensors may use and share such anonymized information without restriction in accordance with local laws.


We endeavor to protect your Personal Information using physical, electronic or procedural security measures appropriate to the sensitivity of the information in our control. These measures include safeguards to protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use and modification.

We safeguard your Personal Information on the Internet by using industry-standard practices. Although “guaranteed security” does not exist either on or off the Internet, we make commercially reasonable efforts to make the collection and security of such information consistent with our Privacy Policy and all applicable laws and regulations. We maintain physical, electronic and procedural safeguards as appropriate to safeguard your Personal Information.

Currently, our website utilizes a variety of different security measures designed to protect Personal Information by users both inside and outside ComplianceMetrix, including the use of encryption mechanisms (e.g., Secure Socket Layers or SSLs), password protection, or other security measures to help prevent unauthorized access to your personally identifiable information. This helps maintain the confidentiality, privacy, and integrity of your transactions, and helps to protect your confidential information – such as credit card numbers, online forms and financial data, from loss, misuse, interception and hacking.

Storage, Retention and Accuracy of Personal Information

ComplianceMetrix uses commercially reasonable efforts to insure that Personal Information is safeguarded against loss, access, use, modification, disclosure or other misuse. All reasonable steps are taken to prevent unauthorized use or disclosure of your Personal Information.

ComplianceMetrix will retain your Personal Information only for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws and your consent to such purpose remains valid after termination of our relationship with you.

Contact Information

You may contact the Privacy Officer to access, correct or delete your Personal Information. If necessary, the Privacy Officer will contact another individual to assist in completing your requested task

If you have any questions or complaints, please contact the Privacy Officer. The Privacy Officer can be reached by telephone at: 888-866-8888 by email at: or by mail at ComplianceMetrix LLC., 4180 La Jolla Village Drive, Suite 570, San Diego CA 92037. We will address your concern and attempt to resolve any problem.

Links to Non-FWH Web Sites and Third Parties

Please note that websites may contain links to other websites for your convenience and information. ComplianceMetrix does not control those sites or their privacy practices, which may differ from ComplianceMetrix’s privacy policy cannot and does not apply to external websites. We do not endorse or make any representations about third party websites. The personal data you choose to give to unrelated third parties is not covered by the ComplianceMetrix privacy policy. We encourage you to review the privacy policy of any company or website before submitting your Personal Information. Some third parties may choose to share their personal data with ComplianceMetrix; that sharing is governed by that third party company’s privacy policy.

International Users

By using the website and service, you will transfer data to the United States.

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this Privacy Policy.

Changes to Our Privacy Policy

ComplianceMetrix will update this Privacy Policy occasionally. When ComplianceMetrix posts changes to this Privacy Policy, we will also revise the “Last Updated” date on ComplianceMetrix’s Privacy Policy. If there are material changes to this Privacy Policy, ComplianceMetrix will notify you by email, or by means of a notice on our home page. ComplianceMetrix encourages you to review this Privacy Policy periodically to be informed of how ComplianceMetrix is protecting your information and to be aware of any changes to the Privacy Policy. Your continued use of the site after the posting of any amended Privacy Policy shall constitute your agreement to be bound by any such changes. This Privacy Policy is incorporated into any Terms and Conditions governing the various websites and any programs or services operated or managed on or behalf of ComplianceMetrix. Any changes to this Privacy Policy are effective immediately after being posted by ComplianceMetrix.

Privacy Shield

ComplianceMetrix complies with the US-EU Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from individual customers in the European Union member countries. ComplianceMetrix’s participation in the Privacy Shield applies to all personal data that is subject to this policy and is received from the European Union, European Economic Area, and Switzerland. ComplianceMetrix is responsible for the processing of such personal data it receives under the Privacy Shield Framework and subsequent transfers to a third party acting as an agent on its behalf.  In particular, ComplianceMetrix remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless ComplianceMetrix proves that it is not responsible for the event giving rise to the damage. ComplianceMetrix has certified that it adheres to the Privacy Shield Principles of notice, choice, and accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit  The Federal Trade Commission (FTC) has jurisdiction over ComplianceMetrix’s compliance with the Privacy Shield.  In compliance with the US-EU Privacy Shield Principles, ComplianceMetrix commits to resolve complaints about your privacy and our collection or use of your personal information. EU individuals with questions or concerns about the use of their Personal Data should contact us at  For any complaints that cannot be resolved with ComplianceMetrix directly, ComplianceMetrix has chosen to cooperate with EU data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. ComplianceMetrix commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities.