Last Updated: November 17, 2017
In an effort to comply with the law, and our commitment to protect your personal information, we provide the following, which discloses our policies.
What type of information do we collect?
Personal Information is defined as any information concerning the personal or material circumstances of an identified or identifiable individual. An identifiable person is one who can be identified, directly or indirectly, by reference to a Social Security Number and/or Identification Number (hereinafter “SSN/I.N”) or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
Personal Information shall include but is not limited to: name, home address, home telephone number, email address, Social Security Number and/or Identification Number, financial information and employment related information such as may be found on resumes, applications, background verification information, or in employment references.
ComplianceMetrix takes measures to maintain the confidentiality of your SSN/I.N to protect your SSN/I.N from unlawful disclosure, and to limit access to your SSN/I.N. ComplianceMetrix will not make your SSN/I.N available to the general public, require you to provide your SSN/I.N to access any products or services, transmit your SSN/I.N over the Internet unless the connection is secure or your SSN/I.N has been encrypted, or requires the transmittal of your SSN/I.N to access our Website without requiring additional authentication.
Non-personal information is information that is already a matter of public record or knowledge or information that does not otherwise identify you. Business contact information is considered non-personal information and not subjected to special protection and it can be routinely shared with anyone inside or outside of the business. Business contact information shall include but is not limited to: business name, business address, business telephone number, and is not considered personal information in certain jurisdictions.
If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, and any information that you submit to us, such as a resume. You may also provide other optional information. We may also collect or receive information about you from our third party service providers, advertising partners, marketing companies, or other third parties.
We will never collect sensitive Personal Information except to comply with Affirmative Action data requirements and as required for all Human Resources department procedures where this information is necessary. Sensitive Personal Information can include but is not limited to: information pertaining to gender, disabilities, and veteran status.
Technology – Internet Users
Children and Data Collection
ComplianceMetrix adheres to the federal privacy protection standards as stated in the Children’s Online Privacy Protection Act (“COPPA”). We care about the safety of children. You should not use our website or Service it you are under 13. We will not knowingly allow anyone under 13 to provide us any personally identifying information. Children under 13 years of age are required to obtain the express permission of a parent or guardian before submitting any Personal Information about themselves (such as their names, e-mail address, and phone number) over the Internet. If a child has provided us with personally-identifiable information without the consent of a parent or guardian, the parent or guardian of that child should contact the Privacy Officer immediately at email@example.com. We will promptly delete the child’s information from our servers.
Our Use of Your Personal Information
Collection and Use of Employee Personal Information
ComplianceMetrix also collects Personal Information from its employees and applicants (human resource data) in connection with administration of its Human Resources programs and functions. These programs and functions include, but are not limited to: job applications and hiring programs, compensation and benefit programs, performance appraisals, training, employee profiles, internal intranet employee directories, Human Resource recordkeeping, Affirmative Action data, and other employment related purposes.
It is the policy of ComplianceMetrix to keep all past and present employee information private from disclosure to third parties. There are certain business related exceptions and they are:
- To comply with county, state or federal agency requests;
- Inquiries from third parties with a signed authorization from the employee to release the information, except in situations where limited verbal verifications are acceptable (see below);
- Third parties with which ComplianceMetrix has contractual agreements to assist in administration of company sponsored benefits.
Verifications of Employment
Prospective employers, financial institutions, and residential property managers routinely contact ComplianceMetrix requesting information on a former or current employee’s work history and salary. All such requests of this type shall be referred to and completed on a confidential basis by the Human Resources Department.
For written verification of employment requests, information will be provided on the form only when it is accompanied by an employee’s signed authorization to release information. The form will be returned directly to the requesting party and filed as part of Human Resources confidential records.
ComplianceMetrix is compliant with federal HIPAA regulations and only utilizes information related to the company sponsored healthcare plan on a “need to know” basis for administration of the healthcare plan.
Collection and Use of Customer Information
ComplianceMetrix will not collect customer Personal Information, except for names as they are used in a strictly business context, unless the customer contacts ComplianceMetrix directly. In order to adequately address a customer’s concern, their Personal Information may be shared with our employees as far as necessary to enable the customer’s concerns to be addressed.
ComplianceMetrix will not collect Personal Information, unless you contact ComplianceMetrix directly. In the future, one of our employees or current or future affiliates may use this information to contact you regarding products or promotions, as well as other products and services, which may be of interest to you. If you do provide us with Personal Information we may use the information to contact you, via e-mail, regular mail, telephone or other means, to provide you with information that you requested about specific products or services, provide additional future information about products or services that may be of interest to you, and to learn about and develop products and services. If you do not want this information disclosed you may “opt out” of future contacts at any time by contacting the Privacy Officer, in writing, as described below in the section titled “Contact Information.”
Sharing of Personal Information
Personal Information may be provided to a courier or freight forwarder to fulfill an order, which may have been requested from us.
ComplianceMetrix collects information and data on how the website and services are used by visitors and customers (such as, but not limited to, demographic information, search terms used or how customer perform searches and information about the platform and workflow) (the “Usage Data”) and reserves the right to disclose to use, modify, and share such Usage Data in its discretion. CMX owns all Usage Data. In the event any personally identifiable information, data, or content is anonymized, ComplianceMetrix and its agents, subcontractors and licensors may use and share such anonymized information without restriction in accordance with local laws.
We endeavor to protect your Personal Information using physical, electronic or procedural security measures appropriate to the sensitivity of the information in our control. These measures include safeguards to protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use and modification.
Currently, our website utilizes a variety of different security measures designed to protect Personal Information by users both inside and outside ComplianceMetrix, including the use of encryption mechanisms (e.g., Secure Socket Layers or SSLs), password protection, or other security measures to help prevent unauthorized access to your personally identifiable information. This helps maintain the confidentiality, privacy, and integrity of your transactions, and helps to protect your confidential information – such as credit card numbers, online forms and financial data, from loss, misuse, interception and hacking.
Storage, Retention and Accuracy of Personal Information
ComplianceMetrix uses commercially reasonable efforts to insure that Personal Information is safeguarded against loss, access, use, modification, disclosure or other misuse. All reasonable steps are taken to prevent unauthorized use or disclosure of your Personal Information.
ComplianceMetrix will retain your Personal Information only for as long as necessary to fulfill the purpose(s) for which it was collected and to comply with applicable laws and your consent to such purpose remains valid after termination of our relationship with you.
You may contact the Privacy Officer to access, correct or delete your Personal Information. If necessary, the Privacy Officer will contact another individual to assist in completing your requested task
If you have any questions or complaints, please contact the Privacy Officer. The Privacy Officer can be reached by telephone at: 877-730-5554 by email at: firstname.lastname@example.org or by mail at ComplianceMetrix LLC., 4180 La Jolla Village Drive, Suite 570, San Diego CA 92037. We will address your concern and attempt to resolve any problem.
Links to Non-FWH Web Sites and Third Parties
By using the website and service, you will transfer data to the United States.