Privacy Policy

Sterling Talent Solutions

TalentWise Privacy Policy

TalentWise Terms and Conditions


Sterling Talent Solutions

Sterling Talent Solutions respects the privacy of its online visitors, employees, clients and client-employees. We treat all submitted personal data as private and confidential. We do not sell or otherwise transfer this information to any third party organization, except as provided below.

Please review this policy carefully. This policy is current as of February 14, 2013. Sterling Talent Solutions reserves the right to change its privacy policy at any time, in which event the Site will contain a notice of the change. Changes will be effective immediately upon posting to the Site. By accessing the Site, you are indicating your agreement to the Company's privacy policy. This policy applies to all users of this site. In addition, the personal information of certain users may be subject to additional protections required under the U.S.-EU and U.S.-Swiss Safe Harbor Principles. Click here for more information concerning our EU & Switzerland Data Privacy Policy.


As you are probably aware, in the course of our contact or relationship with you, we may collect information from a variety of sources. We collect this information in order to carry out our business functions and provide the highest quality of service to you. Most of our information comes directly from you, such as when you forward to us information, photographs, videos and other data, files and/or correspondence. You also may provide information about yourself in connection with an application for employment.

Through our service to Company clients to conduct background and criminal record checks, drug testing, and employment verification, Sterling Talent Solutions also collects and processes personal information of individuals who apply for employment at Sterling Talent Solutions' clients ("client-employees" and "client-employee personal information"). Sterling Talent Solutions will conduct client services in accordance with the notice given to and/or the consent obtained from client-employees. Sterling Talent Solutions will not sell or share client-employee personal information to third parties other than the client on whose behalf the personal information was collected, and as except as permitted by law and this privacy policy. Sterling Talent Solutions collects client-employee personal information for, among other things, legitimate business reasons such as client service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All personal information collected by Sterling Talent Solutions will be used for legitimate business purposes consistent with this Policy.

Sterling Talent Solutions may compile statistical information concerning the usage of the Site. This information allows Sterling Talent Solutions to monitor its utilization and continuously improve its quality. Examples of this information would include, but not be limited to, the number of visitors to the Site, or to sections or pages within the Site, patterns of traffic flowing through the Site, length of time spent on the Site, or in sections or pages of the Site, the other sites that refer visitors to the Site, the pages of the Site that visitors frequently use as entry and exit points, utilization of the browser and operating systems and versions used by visitors to the Site, etc. Because such non-personal information does not identify who you are, we do not limit the ways we may use or share non-personal information. For example, we may share non-personal information with our affiliates, suppliers, employees and agents, other businesses, and the government.

Sterling Talent Solutions may also collect anonymous information concerning website users through the use of "cookies" in order to provide better Client service. "Cookies" are small files that websites place on users' computers to identify the user and enhance the website experience. None of this information is reviewed at an individual level. Visitors may set their browsers to provide notice before they receive a cookie, giving the opportunity to decide whether to accept the cookie. Visitors can also set their browsers to turn off cookies. If visitors do so, however, some areas of Sterling Talent Solutions websites may not function properly.

None of Sterling Talent Solutions' websites are directed toward children. Nevertheless, Sterling Talent Solutions is committed to complying with applicable laws and requirements, such as the United States' Children's Online Privacy Protection Act ("COPPA").


In the course of our normal business activities, we may disclose collected information to both affiliates and non-affiliated entities, as we deem necessary and appropriate. Except as required or permitted by law or this Policy, we will not disclose your information for any purposes other than those in conjunction with our business activities. For example, if the company enters into bankruptcy, it may need to transfer personal information to another company as part of the resolution of the bankruptcy. We endeavor to choose non-affiliates with similar standards to ours regarding the protection of private information.

Sterling Talent Solutions generally does not require certain personal information to obtain access to any area of the Site, such as Social Security numbers. However, if you decide to provide personal information to Sterling Talent Solutions, in no case will the Sterling Talent Solutions sell, license or transmit that information to third parties, except as required by law or as permitted by law or by this Policy. Any information that you voluntarily share with Sterling Talent Solutions in a form is kept confidential and fully secure.

Sterling Talent Solutions website users have the option to request that Sterling Talent Solutions not use information previously provided, correct information previously provided, or remove information previously provided to Sterling Talent Solutions. Those that would like to correct or suppress information they have provided to Sterling Talent Solutions should use the contact information provided below. The inquiries should include the individual's name, address, and other relevant contact information (phone number, email address), as well as the nature of the request. Except as required by law, Sterling Talent Solutions is free to deny such requests. If Sterling Talent Solutions is decides to grant such a request, it will use all reasonable efforts to honor such requests as soon as practicable.


Online privacy is paramount for Sterling Talent Solutions. Owing to the sensitive nature of our public record searches, the management and distribution of such information is protected by the highest levels of security. We employ numerous practices to protect against the disclosure of information for purposes unrelated to the performance of our business functions or to individuals other than those who must use it in the course of their work activities. These practices include the use of password protection of computer files, e-mail and voice-mail, video surveillance, and other physical, electronic, and procedural safeguards. Additionally, all data received by Sterling Talent Solutions over its online network is delivered over a secure socket layer. We maintain redundant electronic and physical security measures, which exceed the provisions and policies mandated by the Privacy Act, to safeguard all personal and public record data.


United States or Overseas:

Personal Data and Client-Employee Personal Data collected by Sterling Talent Solutions are maintained at a secured data center located in the United States and may be transferred to 3rd parties outside of the United States.

Sterling Talent Solutions performs thorough background checks on all of its employees and onsite suppliers. These checks include criminal history searches, credit checks, motor vehicle searches, social security trace reports, employment verifications, education verifications, drug testing and skills assessment. Additionally, Sterling Talent Solutions' offices and offsite hosting facilities are secured by state of the art security systems. Of course, no set of safeguards is 100% secure. This means that, for example, despite our best efforts, an unauthorized access or acquisition of your information could occur. In that case, we will do our best to mitigate harm to you and, where appropriate notify you of the incident.

Sterling Talent Solutions websites may contain links to other "non-Sterling Talent Solutions" websites. Sterling Talent Solutions assumes no responsibility for the content or the privacy policies and practices on those websites. Sterling Talent Solutions encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of Sterling Talent Solutions.

This Privacy Policy is governed by the internal substantive laws of New York, without regard to its conflict of laws principles. Jurisdiction for any claims arising under or out of this Privacy Policy shall lie exclusively with the state and federal courts within New York. If any provision of this Privacy Policy is found to be invalid by a court having competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Privacy Policy, which shall remain in full force and effect.


If you have questions about our privacy and security policy, contact us at:

Sterling Talent Solutions
1 State Street, 24th Floor
New York, New York 10004
Tel: +1-(212)-736-5100
Attention: Vice President of Compliance



TalentWise Privacy Statement

This Privacy Statement describes how TalentWise, Inc. ("TalentWise" or "we") collects, uses, shares and protects personal information on the web pages associated with the domain and any online applications, pages, communications or groups that are operated by TalentWise, including (collectively, the "TalentWise Website") and our TalentWise platform service.

TalentWise Website

Personal Information Collected from Website Visitors

In general, a visitor to the TalentWise Website ("you" or "Website Visitor") can visit the TalentWise Website without providing any personal information about yourself. However, you may choose to give us personal information in a variety of situations, including when you submit an inquiry or create an account. Personal information that you choose to provide may include: name, address, e-mail address, telephone number, user id and password, company information, information supplied in connection with applying for an account including but not limited to credit card number, any responses you choose to provide to survey questions, or any inquires you may make through the TalentWise Website (collectively "Website Visitor Personal Information").

You may also provide personal information to us through web pages that we operate through third-party sites, such as social networking sites. For example, when you enter a promotion, respond to a survey, or subscribe to one of our newsletters or lists on our Facebook page, we may ask that you provide your e-mail address or other personal information. Please note that this Privacy Statement, as it relates to our collection of personal information via third party social networking sites, applies only to our direct collection of your personal information from you and not to your activities on the social networking site generally. Each social networking site's collection and use of your personal information when you use a particular social networking site is governed by that social networking site's Privacy Statement, which we ask that you also carefully review.

Like many websites, we and our third party partners also gather certain information automatically (including cookies and log files) when you visit the TalentWise Website. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and click stream data. We use this information, which does not identify individual users, to better market our products and services, to analyze trends, to track the effectiveness of our marketing efforts, to administer the TalentWise Website, to track users' movements around the TalentWise Website and to gather demographic information about our user base as a whole. For more information regarding our use of cookies, see below.

How We Use and Share Website Visitor Personal Information

We may use Website Visitor Personal Information for the following purposes:

Fulfilling Your Requests. If you request something from the TalentWise Website, for example, a product or service, a callback, or specific marketing materials, we will use the Website Visitor Personal Information you provide to fulfill your request. We may also use Website Visitor Personal Information to administer any promotions you enter with the official rules or other guidelines, information, restrictions, terms, or disclosures we publish related to the promotion.

Marketing. We may use Website Visitor Personal Information for marketing and promotional purposes. Sometimes this information will be shared with a TalentWise partner as part of a joint marketing effort, event, or promotion. In those cases you may also receive promotional materials for their products or services as part of our collaborative marketing effort. Otherwise, TalentWise does not share or trade Website Visitor Personal Information with third parties for their promotional purposes. Further, TalentWise does not sell or rent Website Visitor Personal Information to third parties for any purpose. If you would prefer not to receive marketing communications from TalentWise or its partners, please contact us at Email Preferences Center or by any of the methods listed below.

TalentWise Hiring. In connection with a job application or inquiry to work at TalentWise, you may provide us with information about yourself, such as a resume or curriculum vitae. We use this information throughout TalentWise and our affiliates for the purpose of employment consideration or otherwise responding to your inquiry. Unless you request that we don't, we may consider you for future opportunities or positions.

We may share Website Visitor Personal Information with third parties only in the ways that are described below:

Service Providers. We may share Website Visitor Personal Information with service providers to help us bring you the products and services we offer, such as financial institutions for credit card processing, email service providers, outsourced customer service providers, survey providers, or postal service providers. Some of these service providers may be located in the United States and in other jurisdictions that may not offer the same level of protection to your personal information as that provided by your home country. However, we require these third parties to use Website Visitor Personal Information only as instructed by us and for no other purpose. All Website Visitor Personal Information will be transmitted and stored in a secure manner in accordance with the terms of this Privacy Statement. To learn more about our policies and practices with respect to service providers, please contact us at or by any of the methods listed below.

Cookies and Other Web Technologies

Technologies such as cookies, beacons, tags and scripts are used by TalentWise and our marketing partners, affiliates, analytics or service providers. These technologies are used in analyzing trends, administering the site, tracking users' movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use cookies for our TalentWise Website, to remember users' settings, or for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

Third parties with whom we partner to provide certain features on our site or to display advertising based upon your Web browsing activity use Local Storage such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.

Third Party Tracking. Service providers and other third parties such as advertisers may use information gathering technologies on the TalentWise Website (including cookies and beacons) to collect anonymous information in connection with their services. This information is controlled by the relevant affiliated company or third party and is not controlled by us; specifically, (i) such information is governed by the Privacy Statement and terms of use of the relevant other party and (ii) we are not responsible for the privacy practices of such third parties. You can generally opt-out of receiving personalized ads from third party advertisers and ad networks who are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising by visiting the opt-out pages on the NAI website ( and DAA website ( E.U. users can also visit Your Online Choices ( Opting out does not mean you will no longer receive online advertising. It does mean that the company or companies from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns. To opt out of Google Analytics, visit

TalentWise does not currently commit to responding to browsers' Do Not Track ("DNT") signals with respect to the TalentWise Website, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. However, you do have the ability to opt-out of some of the tracking features on the TalentWise Website by using the links set out above.

TalentWise Screening, Hiring, Onboarding and Other Services

Candidate Personal Information Collected

We collect personal information from and about individuals ("Candidates") for the purpose of performing screening, hiring, onboarding, and other services (the "Services") for TalentWise's clients ("Service Requester") in accordance with applicable law, including the U.S. Fair Credit Reporting Act.

Personal information necessary to perform the Services is collected from the Service Requester, their Applicant Tracking System ("ATS"), or from the Candidate directly. We also will collect personal information about Candidates through the process of fulfilling the requested service. The data collected may vary depending on the type of service that is requested and limits imposed by applicable law. Such information may include name, date of birth, contact information, IP address, Social Security Number, government identification number or other personally identifying number, wage, tax, withholding, benefit or payroll information, address, education, employment history, credit and financial information, driving records, drug testing information, entitlement or authorization to work, criminal information and litigation history, sanctions, media or public records information to the extent permitted by applicable law, and name and signature from third party verifiers for electronic signature verification ("Candidate Personal Information").

How We Use and Share Candidate Personal Information

We use Candidate Personal Information solely for the purpose of performing the requested service on behalf of the Service Requester, in accordance with applicable law. We do not use Candidate Personal Information for any other purpose. We have no direct relationship with the Candidates whose personal data we process. If you are a Candidate and would no longer like to be contacted by one of the Service Requesters that use our service, please contact the Service Requester that you interact with directly.

We may share Candidate Personal Information with the following and as described below. Transfers to subsequent third parties are covered by the service agreements with our Service Requesters.

Service Requesters. We will share Candidate Personal Information provided to us, and obtained through fulfillment of the requested service, with the Service Requester. In some cases, we may share Candidate Personal Information through integration with the Service Requester's software platform or ATS.

Service Providers. We may share Candidate Personal Information with service providers to help us perform the Services, such as to complete a particular search in the context of a screening investigation. All personal information will be transmitted and stored in a secure manner in accordance with the terms of this Privacy Policy.

International Transfers of Candidate Personal Information. In performing international searches, Candidate Personal Information will be shared as necessary with third party service providers outside the Candidate's home country. Some of these service providers may be located in the United States and in other jurisdictions that may not offer the same level of protection to personal information as that provided by the Candidate's home country. However, we require these third parties to use Candidate Personal Information only as instructed by us and for no other purpose. All Candidate Personal Information will be transmitted and stored in a secure manner consistent with the terms of this Privacy Statement. To learn more about our policies and practices with respect to service providers outside of your country of residence, please e-mail us at

California Personal Information Disclosure: United States or Overseas. Personal information submitted to TalentWise for a background screening investigation may at times be transferred outside of the United States and shared with 3rd party service providers in order to perform the background investigation. All personal information will be transmitted and stored in a secure manner in accordance with the terms of this Privacy Policy.

E.U./Swiss Candidate Personal Information

TalentWise recognizes that the European Union and Switzerland have implemented "omnibus" data protection regimes established pursuant to the European Data Protection Directive (95/46/EC) and the Swiss Federal Act on Data Protection, respectively. These laws require a legal basis for the transfer of certain individually identifiable data about individuals in European Union member countries and Switzerland to TalentWise in the United States. TalentWise maintains such a legal basis supporting transfers of personal data to the United States.

Additionally, TalentWise complies with the U.S.-E.U. Safe Harbor Principles and the U.S.-Swiss Safe Harbor Principles as developed by the U.S. Department of Commerce regarding the collection, use, and retention of Candidate Personal Information. TalentWise adheres to these Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. With respect to Candidate Personal Information collected from European Union member countries and Switzerland, the Service Requester acts as a data controller/owner and TalentWise acts a data processor of such information.

To learn more about the Safe Harbor Principles and to view TalentWise's certification under these Principles, please visit Individuals with questions about European or Swiss Candidate Personal Information may first contact the Service Requester, as this may be the most efficient means of addressing such questions. For general questions about TalentWise's processing of European and Swiss Candidate Personal Information, you may e-mail us at or contact us by any of the methods listed below.

E.U./Swiss Service Requester Personal Information

As noted above, the European Union and Switzerland have implemented "omnibus" data protection regimes established pursuant to the European Data Protection Directive (95/46/EC) and the Swiss Federal Act on Data Protection, even for Service Requesters. Similar to the legal basis for transfers of Candidate personal data, TalentWise maintains a legal basis supporting transfers of Service Requestor personal data to the United States.

Additionally, TalentWise complies with the U.S.-E.U. Safe Harbor Principles and the U.S.-Swiss Safe Harbor Principles as developed by the U.S. Department of Commerce regarding the collection, use, and retention of Service Requestor Personal Information. TalentWise adheres to these Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. With respect to Service Requestor Personal Information collected from European Union member countries and Switzerland, the Service Requester acts as a data controller/owner and TalentWise acts a data processor of such information.

To learn more about the Safe Harbor Principles and to view TalentWise's certification under these Principles, please visit Individuals with questions about European or Swiss Service Requester Personal Information may first contact their account administrator, as this may be the most efficient means of addressing such questions. For general questions about TalentWise's processing of European and Swiss Service Requester Personal Information, you may e-mail us at or contact us by any of the methods listed below.


TalentWise maintains reasonable and appropriate technical and administrative measures designed to avoid alteration, accidental or illegal destruction, loss, unauthorized processing or access of Website Visitor and Candidate Personal Information. TalentWise leverages industry leading commercial solutions for data encryption and tokenization. Our solutions are PCI DSS Level 1 & EI3PA certified and are hosted in Tier 1, Type 2 SOC II SSAE16 compliant data centers. We encrypt all communications containing sensitive information (such as credit card numbers and social security numbers) while in transit using secure socket layer technology (SSL) over TLS and AES-256 bit encryption for sensitive data at rest. Access to Website Visitor and Candidate Personal Information is tightly controlled by network and application-layer restrictions. The infrastructure that houses this information is audited as part of our PCI and EI3PA compliant data environment.

Data Retention

We will retain Website Visitor, Service Requester, and Candidate Personal Information for as long as needed to provide the requested services and as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and protect our legal rights.

Links to Non-TalentWise Websites

The TalentWise Website contains links to other third party websites. We are not responsible for the privacy practices or the content of those other websites. Please review the policies posted on those websites carefully.


We display personal testimonials of satisfied customers on our site or in marketing materials in addition to other endorsements. With the consent of you and your company we may post your testimonial along with some or all of the following: your name, title, company, or company logo. If you wish to update or delete your testimonial, you can contact us at or by any of the methods listed below.


If you choose to use our referral service to tell a friend about the TalentWise Website and Services, we will ask you for your friend's name and email address. We will automatically send your friend a one-time email inviting him or her to visit the TalentWise Website. TalentWise stores this information for the sole purpose of sending this one-time email and tracking the success of our referral program.

Your friend may contact us at or by any of the methods listed below to request that we remove this information from our database.

Social Media Features

The TalentWise Website also includes Social Media Features, such as the Facebook Like button, and Widgets, such as the Share This button and interactive mini-programs that run on our site (collectively “Features”). These Features may collect your IP address, the page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Features are either hosted by a third party or hosted directly on our site. Your interactions with these Features are governed by the privacy policy of the company providing it.

Additional Disclosures

We reserve the right to disclose Website Visitor and Candidate Personal Information as required by law such as to comply with a subpoena and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, legal obligation court order or legal process served on us or the TalentWise Website. We may also disclose Website Visitor Personal Information as necessary in the context of a corporate transaction (i.e., reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, brands, affiliates, subsidiaries or other assets), subject to the promises made in this Privacy Statement and applicable law. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Your Choices

Website Visitors and Referrals. If you are a Website Visitor or Referral and wish to opt out of receiving marketing notifications, you can unsubscribe by clicking on the link included in the email we send you, logging into your account and changing your preferences, visiting the Email Preferences Center, contact us at, or call 877.982.9888.

Testimonial Providers. If you are a Testimonial Provider and wish to update or delete your testimonial please contact us at or calling 877.982.9888.

Service Requesters. If you are a Service Requester and would like to update your personal information in your account such as your name, email or address, you can do so by logging into your account. If you wish to cancel your account or request that we no longer use your personal information for marketing purposes, contact us at or 877.982.9888.

Candidates. If you are a Candidate who seeks access, or who seeks to correct, amend, or delete inaccurate data you should direct your query to the Service Requester (the data controller) or contact us at or 877.982.9888.

We will respond to all requests to access information within 30 days.

Privacy Policy Contact Information

Please feel free to direct any questions or concerns regarding this Statement to us by sending an email to Privacy and Compliance attention Ele Macapia,, calling 425.974.8770, or by writing us at Privacy c/o TalentWise, Inc., 19910 N. Creek Parkway, Suite 200, Bothell, WA 98011, U.S.A. We will respond to your request promptly.

Changes to this Statement

We may update this Statement from time to time, so please review it frequently. We will post changes to this Statement on this page and other places we deem appropriate so that you can access the updated Statement. Should we make material changes to this policy (i.e., change the purpose for collecting personal information), we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on the TalentWise Website and obtain your consent as may be required by applicable law, prior to the changes taking effect.




The Parties agree TALENTWISE's provision of consumer reports and/or investigative consumer reports (collectively, "Screening Reports"), as those terms are defined by the Fair Credit Reporting Act, as amended ("FCRA"), and applicable state laws, is subject to the employer certification requirements and other requirements contained in Exhibit A to this Agreement (the "Background Screening Requirements"), the terms of which are incorporated by this reference as if fully set forth herein.



"Affiliate" means any entity Controlled by, Controlling, or under common Control with a Party to this Agreement.


"Agreement" means, collectively, this TalentWise Master Services Agreement, together with any exhibits, attachments, schedules, addenda, and appendices or documents attached hereto or incorporated herein, including any Order Forms, Statements of Work or amendments referencing this Agreement.


"Company Data" means any and all information, including all forms, attachments, media and files, provided, entered or uploaded to the Software Service by any User, including Company's (or its Affiliates') employees, agents, contractors, or third party employment candidates authorized to access the Software Services.


"Control" means either the direct or indirect control of more than 50% of the shares or other equity interests of the subject entity entitled to vote in the election of directors (or, in the case of an entity that is not a corporation, for the election or appointment of the corresponding managing authority).


"Deliverable" means the custom developed documents, designs, and other materials authored or prepared by TALENTWISE for and provided to Company as part of a Professional Services engagement pursuant to a Statement of Work. The term "Deliverable" does not include the Software Service (including all modifications and/or enhancements to the Software Service), the Documentation, TALENTWISE's proprietary education and training content, if any, or any pre-existing materials related to TALENTWISE's Professional Services processes and methodology, whether or not incorporated in a Deliverable.


"Documentation" means tutorials and/or user manuals, if any, and/or technical requirements documents, if any, that are generally provided by TALENTWISE to customers in connection with the Software Service.


"Order Form" means a mutually executed "Order Form and Pricing Schedule" that sets forth the Services to be provided under this Agreement.


"Professional Services" means implementation, configuration, or other professional services related to the Software Service that are ordered by Company pursuant to an Order Form and set forth in an applicable Statement of Work, as further described in Section 8.


"Services" means, collectively, the Software Service, Professional Services and Support Services and any other related services ordered by Company pursuant to an Order Form and/or any applicable Statement of Work.


"Software Service" means TALENTWISE's internet-delivered software applications that are ordered by Company and reflected on an Order Form.


"Support Services" means support and maintenance services for the Software Service provided in accordance with Section 2.1.1.


"Term" means the Initial Term and any Renewal Terms (as those terms are defined in Section 3 of this Agreement).


"Users" means individuals who are authorized by Company to access the Software Service and who have been supplied user identifications and passwords by Company (or by TALENTWISE at Company's request). Users may include but are not limited to Company's employees, consultants, contractors, agents, and candidates applying for employment whom Company has authorized to access the Software Service, provided in all cases that the use is solely for the benefit of Company.



TALENTWISE's Rights and Responsibilities.


Provision of Software Service; Support and Availability. Subject to the terms and conditions of this Agreement, TALENTWISE shall host and maintain the Software Service and make it available to Company throughout the Term. TALENTWISE will provide customer support, data back-up, and disaster recovery services for the Software Service in accordance with this Agreement and TALENTWISE's then-current policies and practices, which policies may be acquired from TALENTWISE upon written request. TALENTWISE reserves the right to make changes at any time to its policies, procedures and practices regarding Support Services and to make changes to its hosting and technical infrastructure, provided that such changes do not materially degrade the overall level of support provided to TALENTWISE customers. Notwithstanding the foregoing, TALENTWISE shall use commercially reasonable efforts to make the Software Service available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which TALENTWISE shall schedule to the extent practicable during the weekend hours from 6:00 p.m. Friday to 3:00 a.m. Monday Pacific Time), or (ii) any unavailability caused by Force Majeure Events (as defined in Section 21 below).


Protection of Company Data. TALENTWISE shall maintain reasonable administrative, physical, and technical safeguards for the Software Service designed to protect the security, confidentiality and integrity of Company Data. TALENTWISE shall not knowingly (i) modify Company Data, except as instructed by Company, (ii) disclose Company Data, except as compelled by law or as necessary to provide the Services hereunder, including disclosing it to (a) Users in connection with Company's use of the Software Service and in accordance with the license granted in Section 2.2.4 and (b) TALENTWISE's service providers who act on TALENTWISE's behalf in providing the Software Service, provided that TALENTWISE will remain responsible for compliance with this Agreement by any such service providers acting on its behalf, or (iii) access Company Data, except as reasonably necessary to prevent or address service or technical problems, to respond to Company's request in connection with customer support matters, for statistical reporting purposes, or as reasonably necessary to protect TALENTWISE, Company, Users or the data subject. TALENTWISE may aggregate, use, distribute, and publish anonymous statistical data regarding use and functioning of the Software Service by its customers. Such aggregated statistical data will be the sole property of TALENTWISE.


Company's Rights and Responsibilities.


License to Software Service. During the Term, TALENTWISE grants to Company a limited, non-transferable, non-exclusive right to access and use the Software Service and Documentation for Company's internal use in accordance with this Agreement. TALENTWISE will host and retain physical control over the Software Service and make any computer programs and code available for access, use and operation by Company only through a web-browser. No provision under this Agreement shall obligate TALENTWISE to deliver or otherwise make available any copies of computer programs or code from the Software Service to Company, whether in object code or source code form. Company may not remove or alter any of the logos, trademark, patent or copyright notices, confidentiality or proprietary legends or other notices or markings within the Software Service or Documentation.


Usage Limits. The license granted in Section 2.2.1 is subject to the "employee count" and other limitations set forth in an applicable Order Form. The Software Service may not be used by or for the benefit of Company employee populations (e.g., the employee populations to which the Software Service applies or benefits) in excess of the maximum employee count. For purposes of this Section 2.2.2, an employee is any distinct individual included in the payroll system of Company. Company agrees to submit to a reasonable audit of its compliance with any such usage limits upon reasonable notice by TALENTWISE, not more than once per calendar year.


Responsibility for Users. Company shall: (i) be responsible for its Users' compliance with the terms of this Agreement, and for all use of the Software Service that occurs under its Users' accounts (and accordingly, to safeguard login credentials for the Software Service), (ii) be solely responsible for the accuracy, quality, integrity, legality, reliability, appropriateness and copyright of all Company Data and provide TALENTWISE with all information and data that TALENTWISE requires in order to perform the Services, (iii) promptly notify TALENTWISE of any unauthorized access or use, and (iv) use the Software Service only in accordance with applicable laws and government regulations.


License to Company Data. Company represents and warrants that it has obtained all rights, permissions and consents necessary for it (or its Users) to submit Company Data to TALENTWISE, and for TALENTWISE to use and disclose that Company Data as set forth in this Agreement and TALENTWISE's Privacy Policy as such Privacy Policy may be updated and posted on the TALENTWISE Web site from time to time. Company hereby grants TALENTWISE a limited, worldwide, non- sublicenseable, non-transferable (except as expressly provided herein) license to store, display, distribute and reproduce the Company Data to the extent necessary to provide the Software Service and its features in accordance with this Agreement, including making it available for viewing, download and modification by other Users. Company acknowledges that it is responsible for the distribution of Company Data by its Users via the Software Service, and that TALENTWISE will have no liability in connection with any disclosure of Company Data that is authorized by Users via the Software Service.


Screening Reports. If ordering Screening Reports from TALENTWISE, Company shall comply with the requirements set forth in Exhibit A hereto (the Background Screening Requirements).


Restrictions. Company shall not, and shall ensure that its Users do not: (i) use the Software Service for any purpose other than Company's internal business purposes; (ii) allow any third party other than Users to access the Software Service, (iii) sell, resell, rent or lease the Software Service (or access to it) to any third party, (iv) use the Software Service to store or transmit infringing, libelous, or otherwise unlawful or tortious material, or to store or transmit material in violation of third party privacy rights, or otherwise use the Software Service in violation of applicable laws, (v) store or submit to the Software Service any viruses, worms, time bombs, Trojan horses and other harmful or malicious code, files, scripts, agents or programs (collectively, "Malicious Code"), (vi) interfere with or disrupt the integrity or performance of the Software Service or third party data contained therein, (vii) attempt to gain unauthorized access to the Software Service or their related systems or networks or (viii) make derivative works of, disassemble, or attempt to reverse compile or reverse engineer any part of the Software Service or Documentation, or access the Software Service or Documentation in order to build a similar or competitive product or service (or contract with a third party to do so).


Safeguards. Company shall maintain records as required by law and maintain reasonable and appropriate physical, technical and administrative measures designed to protect against unauthorized access to and/or misuse of the Software Service and Confidential Information (as defined in Section 12), including, without limitation, adhering to the minimum requirements contained in Exhibit B to this Agreement (the "Access Security Requirements").


Audits. Company agrees to cooperate with any reasonable audit or investigation by TalentWise and/or a vendor of TalentWise to assure compliance with the terms of this Agreement. Company understands that any failure to cooperate with reasonable requests regarding an audit or investigation constitutes grounds for immediate suspension of the Services and termination of this Agreement.

3. TERM AND TERMINATION. This Agreement shall begin on the Effective Date noted in the Order Form, and, unless earlier terminated as provided herein, shall continue for a period of 12 months (the "Initial Term"). After the Initial Term, this Agreement shall automatically renew for successive one-year periods (each a "Renewal Term") unless one Party provides the other Party with written notice of its intent to not renew the Agreement at least ninety (90) days prior to the expiration of the then-current Term. Anything in this Agreement to the contrary notwithstanding, including but not limited to this Section 3, if the term of any Statement of Work or any Services in an Order Form extend beyond the Term of this Agreement, then this Agreement shall automatically continue in full force and effect beyond the stated Term for so long as any Statement of Work or Order Forms remain in force.


Termination. Either Party may terminate this Agreement immediately for cause upon providing written notice if (a) the other Party materially breaches this Agreement and fails to cure its breach within thirty (30) days after receiving written notice of the breach, or (b) the other Party terminates or suspends its business as a result of bankruptcy, insolvency or any similar event.


Surviving Provisions. Section 3.2 (Surviving Provisions), 3.3 (Effect of Termination), Section 3.4 (Return of Company Data), Sections 4 (Fees) and Section 5 (Invoicing and Payment) (but only with respect to amounts accrued but unpaid as of termination), Section 7 (Intellectual Property Ownership), Section 9 (Warranties and Disclaimers), Section 10 (Indemnification), Section 11 (Limitation of Liability), Section 12 (Confidentiality), and Sections 13-25 shall survive any termination or expiration of this Agreement.


Effect of Termination. Upon termination or expiration of this Agreement for any reason: (a) Notwithstanding any provision of any surviving section, Company will have no further right to use the Software Service except to the extent set forth in Section 3.4 (Return of Company Data) below; (b) Company will not be entitled to any refund of fees paid, except that if Company terminates the Agreement for TALENTWISE's uncured breach pursuant to Section 3.1 (Termination), Company will be entitled to a pro rata refund of prepaid, unused platform license fees for the Software Service specified in an Order Form; and (c) Company will promptly pay to TALENTWISE all amounts that are accrued but unpaid under this Agreement as of the effective date of termination.


Return of Company Data. Upon written request by Company made within thirty (30) days after the effective date of termination of this Agreement, provided Company is not in default, TALENTWISE will make available to Company for download a file of requested Company Data in comma separated value (.csv) format along with Screening Reports and attachments uploaded by Company's Users in their native formats. After such thirty (30) day period, TALENTWISE shall have no further obligation to provide Company with access to any Company Data, Deliverables and/or Screening Reports. Any such download will be subject to TALENTWISE's then current Professional Services rate.

4. FEES. Company shall pay the fees set forth in any Order Form and any applicable Statement of Work, as well as any amounts otherwise agreed to by the Parties in writing. These fees may include set-up fees, annual platform license fees, transaction-based fees, and other amounts as set forth in an Order Form or Statement of Work.

5. INVOICING AND PAYMENT. TALENTWISE will invoice Company for all Services as indicated in the Order Form and any applicable Statement of Work. Payment is due thirty (30) days after an invoice is received. If Company is approved by TALENTWISE to pay invoices with a credit card, Company shall provide TALENTWISE with valid and updated credit card information. Company hereby authorizes TALENTWISE to charge such credit card for Services listed on the Order Form for the Initial Term and any Renewal Term(s).


Overdue Charges. If any charges are not received from Company by the due date, then at TALENTWISE's sole discretion, (i) such charges may accrue late interest at the rate of 1.5% of the outstanding balance per month, or the maximum rate permitted by law, whichever is lower, from the date such payment was due until the date paid, and/or (ii) TALENTWISE may condition future payment terms shorter than those specified in this Section 5.


Suspension of Services and Acceleration. If any amount owing by Company under this Agreement is thirty (30) or more days overdue, TALENTWISE may, without limiting other rights and remedies available to it, accelerate Company's unpaid fee obligations so that all such obligations become immediately due and payable, and/or suspend Services until such amounts are paid in full. TALENTWISE will give Company at least seven (7) business days prior notice that Company's account is overdue, in accordance with Section 20 (Notices), before suspending Services to Company.


Taxes. Unless otherwise stated, TALENTWISE's fees do not include any taxes, levies, duties or similar governmental assessments of any nature, including but not limited to value-added, sales, use or withholding taxes, assessable by any local, state, provincial, federal or foreign jurisdiction (collectively, "Taxes"). Company is responsible for paying all Taxes associated with its purchases hereunder. If TALENTWISE has the legal obligation to pay or collect Taxes for which Company is responsible under this paragraph, the appropriate amount shall be invoiced to and paid by Company, unless Company provides TALENTWISE with a valid tax exemption certificate authorized by the appropriate taxing authority. For clarity, TALENTWISE is solely responsible for taxes assessable against it based on TALENTWISE's income, property and employees.

6. SECURITY/LOAD TESTING AND USE OF ROBOTS. Company may not, without the prior written consent of TALENTWISE, (i) conduct security, integrity, penetration, vulnerability or similar testing on the Services, (ii) use any software tool designed to automatically emulate the actions of a human user (such tools are commonly referred to as robots) in conjunction with the Services, or (iii) attempt to access the data of another TALENTWISE customer (whether or not for test purposes).

7. INTELLECTUAL PROPERTY OWNERSHIP. As between the parties, Company shall retain all right, title and interest to all Company Data (except for the rights expressly granted to TALENTWISE in this Agreement). TALENTWISE shall retain all right, title and interest in and to (i) the Software Service and all technology and software used to provide it, the Documentation and all modifications and/or enhancements to the Software Service, regardless of the source of inspiration for any such enhancement or modification and regardless of whether Company has provided input regarding such modifications and/or enhancements, (ii) proprietary education or training content, (iii) proprietary materials related to TALENTWISE's Professional Services processes and methodology, (iv) all Deliverables, provided that no Company Confidential Information is shared or revealed by or included within the portion of any Deliverable later used by TALENTWISE, and (v) all intellectual property rights in the foregoing. Notwithstanding any other term of this Agreement, TALENTWISE may access and use, and shall retain all right, title and interest in transactional and anonymized data based upon Company Data, so long as such data does not reveal the identity or traits of any particular individual person or of Company. TALENTWISE reserves to itself all rights that are not expressly granted pursuant to this Agreement.

8. PROFESSIONAL SERVICES. Company shall have a non-exclusive, non-transferable, license during the Term to use the Deliverables resulting from TALENTWISE's Professional Services solely for Company's internal business purposes in connection with using the Software Service. Each Statement of Work during the Term is governed by the terms of this Agreement and in the event of any conflict or discrepancy between a Statement of Work and the terms of the Agreement, the Agreement shall govern except as to scope of work, fees, currency, expenses, and payment terms for the Professional Services, for which the Statement of Work will govern.






10. INDEMNIFICATION. Company shall defend, indemnify and hold harmless TALENTWISE and its corporate affiliates, and its and their directors, officers, agents and representatives, against any claim, demand, suit or proceeding (collectively, a "Claim") brought by a third party alleging (i) that the Company Data, or Company's use of the Services in breach of this Agreement, infringes or misappropriates the intellectual property rights of or has otherwise harmed a third party or violates applicable law, (ii) Company wrongfully used or obtained any Screening Report, including but not limited to Company having used any Screening Report for any purpose other than the stated permissible purpose, (iii) Company failed to comply with its obligations under the FCRA or other applicable federal, state or local laws, including but not limited to Company having failed to comply with its obligations set forth in Exhibit A-1 ("Notice to Users of Consumer Reports: Obligations of Users Under the FCRA") and/or (iv) Company acted with gross negligence or willful misconduct, and shall indemnify TALENTWISE for any damages (including reasonable attorney's fees and costs) finally awarded against TALENTWISE as a result of, or for any amounts paid by TALENTWISE under a settlement of, a Claim; provided that TALENTWISE (a) promptly gives Company written notice of the Claim; (b) gives Company sole control of the defense and settlement of the Claim (provided that Company may not settle any Claim unless the settlement unconditionally releases TALENTWISE of all liability); and (c) provides to Company all reasonable assistance, at Company's expense.


12. CONFIDENTIALITY. Each Party agrees: (i) that it will use (and will ensure that its employees, Affiliates, agents, contractors and any approved third parties use) reasonable efforts (which shall be no less than the efforts used to protect its own confidential information of a similar nature) to prevent the disclosure of the other Party's Confidential Information to any person or entity, unless authorized by the other Party; and (ii) it will not use Confidential Information of the other Party for any purpose other than as authorized by this Agreement or by the other Party. As to TALENTWISE, the term "Confidential Information" includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person, the features and functions of the Services that are not available to the general public via the public Internet (including screen shots of the same), future product plans, and any Documentation or specification provided to Company, the commercial terms (including pricing) of this Agreement and any Statement of Work (but not the mere existence of this Agreement), performance and security test results (whether conducted by TALENTWISE or Company), and any other proprietary, financial or business information supplied to Company by TALENTWISE. As to Company, the term "Confidential Information" includes information specifically designated as confidential or that would be understood to be confidential or proprietary by a reasonable person. Notwithstanding the foregoing, "Confidential Information" shall not include (i) information which is or becomes publicly known through no act of omission of the receiving Party, or (ii) information gained by the receiving Party independent of the disclosing Party. Notwithstanding the foregoing, it shall not be a breach of this Agreement to disclose Confidential Information required to be disclosed pursuant to administrative or court order, government or regulatory investigation or requirement, or arbitration or litigation arising out of this Agreement; provided, however, that to the extent permissible, each Party shall, in advance of any such disclosure promptly notify the other Party in order to enable the other Party reasonable time to seek a protective order with respect to the requested information or otherwise challenge or oppose the disclosure requirement. The Parties acknowledge that use or disclosure of any Confidential Information of the other Party in a manner inconsistent with this Agreement may give rise to irreparable injury to the disclosing Party or to third parties who have entrusted information to the disclosing Party, and such disclosure may be inadequately compensable in damages. Accordingly, in addition to any other legal remedies that may be available at law or in equity, the disclosing Party shall be entitled to seek equitable or injunctive relief against the unauthorized use or disclosure of Confidential Information. For avoidance of doubt, the Software Service is designed to facilitate sharing of Company Data by Company and its Users for permitted purposes. Accordingly, Company Data is not "Confidential Information" for purposes of this Section 12. TALENTWISE's obligations with respect to Company Data are as set forth in Section 2.1.2 (Protection of Company Data).

13. GOVERNING LAW AND VENUE. This Agreement shall be governed by, construed and enforced in accordance with the internal laws of the State of Washington, without giving effect to principles and provisions thereof relating to conflict or choice of laws irrespective of the fact any one of the Parties is now or may become a resident of a different state. Venue for any action under this Agreement shall lie only in the United States District Court — Western District of Washington. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods shall not apply to any of the transactions contemplated by this Agreement.

14. ASSIGNMENT. Neither Party shall assign this Agreement, or any of its rights or obligations hereunder, without the prior written consent of the other Party, which shall not be unreasonably withheld or delayed. Notwithstanding the foregoing, TALENTWISE may assign this Agreement in its entirety without prior written consent pursuant to any corporate reorganization or merger of its business, or pursuant to any sale of all or substantially all of its assets. TALENTWISE may delegate duties under this Agreement to third parties, provided that TALENTWISE is responsible for such parties' performance and compliance with the provisions of this Agreement.

  • WAIVER. All waivers must be in writing. Any waiver or failure to enforce any provision of this Agreement on one occasion will not be deemed a waiver of any other provision or of such provision on any other occasion.

16. AMENDMENT. This Agreement may only be modified by a writing executed by both Parties.

17. PREVAILING PARTY FEES. In any controversy, claim or dispute arising out of or relating to this Agreement or the method or manner of performance thereof or the breach thereof, the prevailing Party shall be entitled and awarded in addition to any other relief, its reasonable attorney's fees, expert witness fees and costs.

18. SEVERABILITY. If any term or provision of this Agreement or any application thereof to any person or circumstance shall to any extent be invalid or unenforceable, the remainder of this Agreement or the application of such terms or provisions to person or circumstances other than those to which it is held invalid or unenforceable shall not be affected thereby and each term and provision of the Agreement shall be valid and enforceable to the fullest extent permitted by law.

19. INDEPENDENT CONTRACTOR/USE OF SUBCONTRACTORS. Nothing contained in this Agreement shall be deemed or construed by the Parties hereto or by any third person to create the relationship of principal and agent or partnership or of any association between any of the Parties hereto other than independent contracting parties. TALENTWISE may, in the ordinary course of business, use subcontractors to perform the Services where it is customary to do so.

20. NOTICES. Any notice, payment, demand, or communication required or permitted to be given by any provision of this Agreement shall be in writing and sent by telephone facsimile transmission, certified or registered mail with return receipt requested, or express courier or delivery service and addressed to Company at the address then on record at TALENTWISE, or to such other address as Company may from time to time specify by notice to TALENTWISE in writing. Company may deliver notices to TALENTWISE at 19910 North Creek Parkway, Suite 200, Bothell, WA 98011 Attn: General Counsel, or to such other address as TALENTWISE may from time to time specify by notice to Company in writing or by means of an alert on Company's dashboard.

21. FORCE MAJEURE. Neither Party is responsible for any failure to perform under this Agreement when such failure arises from or relates to any acts of God, public enemies, acts of terrorism, inability to obtain materials (including necessary data) or reasonable substitutes for materials (including necessary data), inability to obtain power, internet service provider failures or delays, civil war, insurrection, riot or demonstration, fire, flood, explosion, earthquake, accident, strike labor difficulties, work interruption or any other cause beyond its reasonable control.

22. AUTHORITY OF SIGNATORY. Each Party represents that the person signing this Agreement is duly authorized to legally bind Company or TALENTWISE (as the case may be) to the Agreement.

23. NO CONSTRUCTION AGAINST DRAFTER. The Parties affirm and agree they have had an opportunity to consult with their respective counsel and with such other experts or advisors as they have deemed necessary in connection with this Agreement. This Agreement shall be construed without any presumption or rule requiring this Agreement to be construed against the Party causing this Agreement, or any part of it to be drafted.

24. AGREEMENT IN ENTIRETY. This Agreement (including Order Forms, exhibits, amendments and any addenda or Statement of Work(s) hereto which are incorporated herein by reference) sets forth the entire understanding of the Parties hereto with respect to the subject matter hereof and supersedes all prior and contemporaneous agreements, covenants, negotiations, arrangements, communications, representations, understandings or warranties, whether oral or written, by any officer, employee, or representative of either Party relating thereto. There are no other understandings, statements, promises or inducements, oral or otherwise, contrary to the terms of this Agreement. However, required federal and state certifications, affidavits, etc., if any, needed for compliance with applicable law, will be construed to be part of this Agreement. In the event there is any conflict between this Agreement and any other agreements between Company and TALENTWISE, the relevant terms and conditions of this Agreement shall control.

25. MEDIA RELEASES. Except for any announcement intended solely for internal distribution by Company or any disclosure required by legal, accounting, or regulatory requirements beyond the reasonable control of Company, all media releases, public announcements, or public disclosures (including, but not limited to, promotional or marketing material) by Company or its employees or agents relating to this Agreement or its subject matter, including the name, trade name, trade mark, or symbol of TALENTWISE or any affiliate of TALENTWISE, shall be coordinated with and approved in writing by TALENTWISE prior to the release thereof. Company shall permit TALENTWISE to use Company's name and logo for marketing purposes.

26. ELECTRONIC SIGNATURES. This Agreement and any amendments hereto may be executed via electronic signature pursuant to 15 U.S.C. Ch. 96 (and other relevant e-signature legislation). Any electronic signature will appear in the signature block at the end of this Agreement.

27. COUNTERPARTS. This Agreement may be executed in two or more counterparts (each of which need not be executed by each of the Parties), each of which shall be deemed an original, but all of which together shall constitute one and the same instrument.

28. THIRD PARTY SOURCES. Company understands that some information provided by TALENTWISE is provided to TALENTWISE by third party sources and that some or all of these third party sources may prohibit TALENTWISE from providing information from such sources to Company. Should a third party source advise TALENTWISE that it may not provide information from such source to a TALENTWISE customer, TALENTWISE will endeavor to provide such information from another source if practicable and efficient or TALENTWISE can advise Company as soon as possible that it will be unable to provide such information and fulfill that portion of Company's request. Company understands that if this occurs, TALENTWISE is acting within its rights under this Agreement and that TALENTWISE is not subject to any liability or damages for such action.



TALENTWISE will furnish Company with Screening Reports for the screening of applicants ("Applicant"), conditioned upon Company's compliance with this Exhibit and fulfillment of all of its obligations (including payment) under this Agreement. In utilizing TALENTWISE'S Services in regard to Screening Reports, Company is considered a user of consumer reports and/or investigative consumer reports under the FCRA and applicable state laws. 

Company hereby certifies that all of its orders for Screening Reports from TALENTWISE shall be made, and the resulting reports shall be used for employment purposes, as defined in the FCRA, including evaluating a consumer for employment, promotion, reassignment or retention as an employee, where the consumer has given prior written permission. 

1. Employer Certification.


Company shall be responsible for identifying and complying with all federal (including, without limitation, the FCRA), state and local laws and regulations applicable to Company in connection with its procurement and use of Screening Reports furnished by TALENTWISE. Company accepts full responsibility for any and all consequences of use or dissemination of those Screening Reports. Company further agrees that each Screening Report will only be used for a one-time use. Company certifies to TALENTWISE that Company will comply with all applicable provisions of the attached Exhibit A-1 ("Notice to Users of Consumer Reports: Obligations of Users Under the FCRA"), which explains Company's obligations under the FCRA as a user of consumer information and acknowledges receipt of such Notice. Without limitation Company agrees that (i) prior to procurement of a consumer report for employment purposes: (a) A clear and conspicuous disclosure has been made in writing to the consumer, in a document that consists of only the disclosure, that a consumer report will be obtained for employment purposes; and (b) The consumer has authorized in writing the procurement of the report by Company; (ii) prior to procurement of an investigative consumer report for employment purposes: (a) A clear and conspicuous disclosure has been made in writing to the consumer in a document that consists of only the disclosure that an investigative consumer report including information as to the consumer's character, general reputation, personal characteristics and/or mode of living will be obtained for employment purposes; and (b) Such disclosure contains a statement advising the consumer of his/her right to request a complete and accurate statement regarding the nature and scope of the requested investigative consumer report and his/her right to request a copy of the rights of the consumer under the FCRA, a copy of which is attached hereto as Exhibit A-2 ("A Summary of Your Rights Under the Fair Credit Reporting Act"); and (iii) in using a Screening Report for employment purposes, before taking any adverse action based in whole or in part on the Screening Report, the Company shall provide to the consumer to whom the Screening Report relates: (a) A copy of the Screening Report; (b) A copy of the notice titled "A Summary of Your Rights Under the Fair Credit Reporting Act" attached hereto as Exhibit A-2, and any applicable state summary of rights; and (c) A reasonable opportunity of time to correct any erroneous information contained in the Screening Report. Company further certifies that information from any consumer report or Screening Report will not be used in violation of any applicable federal or state equal opportunity law or regulation.

2. California Certification.


Company hereby certifies that, under the Investigative Consumer Reporting Agencies Act ("ICRA"), California Civil Code Sections 1786 et seq., and the Consumer Credit Reporting Agencies Act ("CCRAA"), California Civil Code Sections 1785.1 et seq., if Company is located in the State of California, and/or Company's request for and/or use of Screening Reports pertains to a California resident or worker, Company will do the following:


Request and use Screening Reports solely for permissible purpose(s) identified under California Civil Code Sections 1785.11 and 1786.12.


When, at any time, a Screening Report is sought for employment purposes other than suspicion of wrongdoing or misconduct by the consumer who is the subject of the investigation, provide a clear and conspicuous disclosure in writing to the consumer, which solely discloses: (i) that an investigative Screening Report may be obtained; (ii) the permissible purpose of the investigative Screening Report; (iii) that information on the consumer's character, general reputation, personal characteristics and mode of living may be disclosed; and (iv) the name, address, and telephone number of TALENTWISE; and (v) the nature and scope of the investigation requested, including a summary of the provisions of California Civil Code Section 1786.22.


When, at any time, a Screening Report is sought for employment purposes other than suspicion of wrongdoing or misconduct by the consumer who is the subject of the investigation, only request a Screening Report if the applicable consumer has authorized in writing the procurement of the Screening Report.


When a Screening Report is sought in connection with the hiring of a dwelling unit, notify the consumer in writing that a Screening Report will be made regarding the consumer's character, general reputation, personal characteristics, and mode of living. The notification shall include the name and address of TALENTWISE as well as a summary of the provisions of California Civil Code Section 1786.22. The consumer shall be notified not later than three days after the date on which the Screening Report was first requested.


When a Screening Report is sought in connection with the underwriting of insurance, clearly and accurately disclose in writing at the time the application form, medical form, binder, or similar document is signed by the consumer that a Screening Report regarding the consumer's character, general reputation, personal characteristics, and mode of living may be made, or, if no signed application form, medical form, binder, or similar document is involved in the underwriting transaction, the disclosure shall be made to the consumer in writing and mailed or otherwise delivered to the consumer not later than three days after the Screening Report was first requested. The disclosure shall include the name and address of TALENTWISE, the nature and scope of the investigation requested, and a summary of the provisions of California Civil Code Section 1786.22.


Provide the consumer a means by which he/she may indicate on a written form, by means of a box to check, that the consumer wishes to receive a copy of any Screening Report that is prepared.


If the consumer wishes to receive a copy of the Screening Report, send (or contract with another entity to send) a copy of the Screening Report to the consumer within three business days of the date that the Screening Report is provided to Company. The copy of the Screening Report shall contain the name, address, and telephone number of the person who issued the report and how to contact him/her.


Under all applicable circumstances, comply with California Civil Code Sections 1785.20 and 1786.40 if the taking of adverse action is a consideration, which shall include, but may not be limited to, advising the consumer against whom an adverse action has been taken that the adverse action was based in whole or in part upon information contained in the Screening Report, informing the consumer in writing of TALENTWISE's name, address, and telephone number, and provide the consumer with a written notice of his/her rights under the ICRA and the CCRAA.


Comply with all other requirements under applicable California law, including, but not limited to any statutes, regulations and rules governing the procurement, use and/or disclosure of any Screening Reports, including, but not limited to, the ICRA and the CCRAA.

3. Consumer Requests for Additional Disclosures. In addition to the disclosure requirements identified above, if the consumer makes a written request within a reasonable amount of time, Company will provide: (1) information about whether an investigative consumer report has been requested; (2) written disclosure of the nature and scope of the investigation requested, if an investigative consumer report has been requested; and (3) TALENTWISE's contact information, including complete address and toll-free telephone number. This information will be provided to the consumer no later than five (5) days after the request for such disclosure was received from the consumer or such report was first requested, whichever is the latter.

4. In addition to the requirements above, Company:


Shall comply with, without limitation, the Americans with Disabilities Act, the Drivers Privacy Protection Act ("DPPA") and any applicable state laws if Company is obtaining Motor Vehicle Reports ("MVRs"), the Gramm-Leach-Bliley Act and federal and state employment laws.


If Screening Reports include MVRs:


Shall be responsible for understanding and for staying current with all specific state forms, certificates of use or other documents or agreements including any changes, supplements or amendments thereto imposed by the states (collectively referred to as "Specific State Forms") from which it will order MVRs. Company certifies that it will file all applicable Specific State Forms required by individual states.


Certifies that no MVRs shall be ordered without first obtaining the written consent of the consumer to obtain "driving records," evidence of which shall be transmitted to TALENTWISE in the form of the consumer's signed release authorization form. Company also certifies that it will use this information only in the normal course of business to obtain lawful information relating to the holder of a commercial driver's license or to verify information provided by an applicant or employee. Company shall not transmit any data contained in the resulting MVR via the public internet, electronic mail or any other unsecured means.


Shall execute and deliver to TALENTWISE upon execution of this Agreement and annually thereafter for as long as Company receives MVRs, an Affidavit of Intended Use, attached hereto as Attachment A.


If requesting verification of current employment status or a reference check with respect to any Applicant, certifies that it will not request verification of current employment status from Applicant's current employer without first obtaining permission from the Applicant to contact Applicant's current employer.


Shall base all of its hiring decisions and related actions on its policies and procedures and not rely on TALENTWISE for (nor shall TALENTWISE render) legal advice regarding employment decisions.


Shall keep strictly confidential any information and identification numbers and passwords it receives from or gains access to through TALENTWISE, bear responsibility for all account activity within Company's scope of use, use Company's account only for the purposes authorized under this Agreement, and not sublicense, license, rent, sell, loan, give or perform marketing activities to make available all or any part of Company's account to a third party.


Shall provide access to Screening Reports provided by TALENTWISE only to Company employees, agents and representatives of Company who fully review and understand Company's obligations under the FCRA and this Agreement and who agree to comply with those obligations.


Shall ensure that Users do not request and/or obtain Screening Reports on themselves, coworkers, employees, family members or friends unless it is in connection with a legitimate business transaction or for a valid FCRA permissible purpose.


Shall provide TALENTWISE with accurate employee identification, address, or other information, and when available, e- mail contact information.


Understands and acknowledges that, in the course of completing background checks, TALENTWISE may uncover active arrest warrants which are outstanding against the Applicant. In these cases, TALENTWISE may be contacted by the law enforcement agency seeking the Applicant. Company understands that TALENTWISE will furnish to law enforcement any information contained within the subject's file to assist in the apprehension of the Applicant. Additionally, TALENTWISE may contact Company, and Company agrees to release to TALENTWISE, any and all information Company may have which will further the apprehension of the wanted individual.



5. TALENTWISE shall:


Take reasonable procedures to comply with all applicable federal, state and local laws in the preparation and transmission of Screening Reports including, without limitation, responding appropriately to any assertions by an Applicant that a Screening Report contains inaccurate information.


Maintain reports and other records as required by applicable law.


Comply with all credentialing requirements imposed by any third parties or TALENTWISE's internal protocols so TALENTWISE can confirm that Screening Reports are only provided to legitimate business entities. Such credentialing may include an on-site visit by TALENTWISE.

6. Disclaimer of Warranties (Screening Reports).


Screening Reports and other information in the TALENTWISE databases have been compiled from public records and other proprietary sources for the specific purposes of providing background information and therefore such information is obtained by TALENTWISE, and reported to Company, "AS IS". Neither TALENTWISE nor any of its suppliers represents or warrants that the information from such records is complete or accurate; however, TALENTWISE warrants and represents that it will have reasonable procedures in place to report the information as provided by such sources. Except for the limited warranty above, TALENTWISE HEREBY DISCLAIMS ALL OTHER REPRESENTATIONS AND WARRANTIES REGARDING THE PERFORMANCE OF THE SERVICE AND THE ACCURACY, CURRENCY, OR COMPLETENESS OF ANY DATA, INFORMATION OR SCREENING REPORT, INCLUDING (WITHOUT LIMITATION) ALL WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE OR NON-INFRINGEMENT, AND ANY IMPLIED INDEMNITIES.


Company understands that searches of international background screening will be conducted through the services of a third-party independent contractor. Because of differences in foreign laws, language, and the manner in which foreign records are maintained and reported, TALENTWISE cannot be either an insurer or a guarantor of the accuracy of the information reported. Company therefore releases TALENTWISE and its affiliated companies, officers, agents, employees, and independent contractors from any liability whatsoever in connection with erroneous information received as a result of an international background screening report.


TALENTWISE recommends that Company screen its applicants or employees at the county court-house or online system, federal, and multi-state/nationwide database levels. Company understands that if it chooses not to conduct searches at these levels, TALENTWISE cannot be held responsible for any records that exist that are not included in the coverage requested by Company. Company further understands that the multi-state/nationwide database report will only be offered in conjunction with a county-level verification of any records found and that Company will bear any additional costs associated with this verification.

7. Note on Credit Reports and Credit Bureaus.


Credit bureaus require specific documents and certifications, which may be in the form of addendums to this Agreement, in connection with providing credit reports. Executing this Agreement is only one of the steps necessary to complete an application process with a credit bureau. TALENTWISE retains the right to request additional documentation and certifications from Company, as well as a physical inspection of Company's business location, from time to time in order to comply with credit bureau requirements, and Company understands that it shall not be entitled to receive credit reports unless and until it honors all requests for information and delivers such certifications.


Company certifies, if receiving credit reports through TALENTWISE, that it will promptly notify TALENTWISE of any change in Company location, structure, ownership or control, including but not limited to the addition of any branch(es) that will be requesting and/or accessing credit reports. Company understands that any such change may require Company to re-submit to TALENTWISE certain documentation and certifications described in section 7.1 above, as well as submit to a new physical inspection.


Credit reports are only accessible through pre-authorized static Internet Protocol (IP) addresses that have been registered with TALENTWISE. To access credit reports, Company will be required to provide TALENTWISE with all static IP addresses. Company will not be able to access credit reports through Dynamic Host Configuration Protocol (DHCP) or IP ranges.


Credit bureaus may prohibit the following persons, entities and/or businesses from obtaining credit reports: bail bond enforcement or bounty hunters, internet people locator services, diet centers, adoption search firms, credit repair companies or credit clinics, for profit credit counseling, loan modification companies, attorneys, law firms, investigative companies (including private investigators and detective agencies except those licensed for and exclusively practicing, investigative work for employment purposes), media agencies, news agencies, journalists, non-governmental agencies or businesses associated with the collected of child support, dating services, asset location services (does not include collection agencies), condominium/homeowners associations, future services including but not limited to continuity and health clubs (except health club/spas human resources departments), timeshare, companies involved and/or associated with inappropriate adult content web sites and/or adult-type telephone services, businesses that operate out of an apartment, companies or individuals who are known to have been involved in credit fraud or other unethical business practices, any person or entity known or suspected to be engaged in fraudulent or illegal activity such as identity theft, harassment or stalking, any company or individual listed as a Specially Designated National on the Office of Foreign Asset Control (OFAC) website, or persons or entities that are not an end-user or decision maker.


All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau's website,


The Fair Credit Reporting Act (FCRA), 15 U.S.C. §1681-1681y, requires that this notice be provided to inform users of consumer reports of their legal obligations. State law may impose additional requirements. The text of the FCRA is set forth in full at the Consumer Financial Protection Bureau's (CFPB) website At the end of this document is a list of United States Code citations for the FCRA. Other information about user duties is also available at CFPB's website. Users must consult the relevant provisions of the FCRA for details about their obligations under the FCRA.

The first section of this summary sets forth the responsibilities imposed by the FCRA on all users of consumer reports. The subsequent sections discuss the duties of users of reports that contain specific types of information, or that are used for certain purposes, and the legal consequences of violations. If you are a furnisher of information to a consumer reporting agency (CRA), you have additional obligations and will receive a separate notice from the CRA describing your duties as a furnisher.


A. Users Must Have a Permissible Purpose

Congress has limited the use of consumer reports to protect consumers' privacy. All users must have a permissible purpose under the FCRA to obtain a consumer report. Section 604 contains a list of the permissible purposes under the law. These are:

  • As ordered by a court or a federal grand jury subpoena. Section 604(a)(1)
  • As instructed by the consumer in writing. Section 604(a)(2)
  • For the extension of credit as a result of an application from a consumer, or the review or collection of a consumer's account. Section 604(a)(3)(A)
  • For employment purposes, including hiring and promotion decisions, where the consumer has given written permission. Sections 604(a)(3)(B) and 604(b)
  • For the underwriting of insurance as a result of an application from a consumer. Section 604(a)(3)(C)
  • When there is a legitimate business need, in connection with a business transaction that is initiated by the consumer. Section 604(a)(3)(F)(i)
  • To review a consumer's account to determine whether the consumer continues to meet the terms of the account. Section 604(a) (3)(F)(ii)
  • To determine a consumer's eligibility for a license or other benefit granted by a governmental instrumentality required by law to consider an applicant's financial responsibility or status. Section 604(a)(3)(D)
  • For use by a potential investor or servicer, or current insurer, in a valuation or assessment of the credit or prepayment risks associated with an existing credit obligation. Section 604(a)(3)(E)
  • For use by state and local officials in connection with the determination of child support payments, or modifications and enforcement thereof. Sections 604(a)(4) and 604(a)(5)

In addition, creditors and insurers may obtain certain consumer report information for the purpose of making "prescreened" unsolicited offers of credit or insurance. Section 604(c). The particular obligations of users of "prescreened" information are described in Section VII below.

B. Users Must Provide Certifications


Section 604(f) prohibits any person from obtaining a consumer report from a consumer reporting agency (CRA) unless the person has certified to the CRA the permissible purpose(s) for which the report is being obtained and certifies that the report will not be used for any other purpose.

C. Users Must Notify Consumers When Adverse Actions Are Taken


The term "adverse action" is defined very broadly by Section 603. "Adverse actions" include all business, credit, and employment actions affecting consumers that can be considered to have a negative impact as defined by Section 603(k) of the FCRA — such as denying or canceling credit or insurance, or denying employment or promotion. No adverse action occurs in a credit transaction where the creditor makes a counteroffer that is accepted by the consumer.


1. Adverse Actions Based on Information Obtained From a CRA


If a user takes any type of adverse action as defined by the FCRA that is based at least in part on information contained in a consumer report, Section 615(a) requires the user to notify the consumer. The notification may be done in writing, orally, or by electronic means. It must include the following:

  • The name, address, and telephone number of the CRA (including a toll-free telephone number, if it is a nationwide CRA) that provided the report.
  • A statement that the CRA did not make the adverse decision and is not able to explain why the decision was made.
  • A statement setting forth the consumer's right to obtain a free disclosure of the consumer's file from the CRA if the consumer makes a request within 60 days.
  • A statement setting forth the consumer's right to dispute directly with the CRA the accuracy or completeness of any information provided by the CRA.

2. Adverse Actions Based on Information Obtained From Third Parties Who Are Not Consumer Reporting Agencies
If a person denies (or increases the charge for) credit for personal, family, or household purposes based either wholly or partly upon information from a person other than a CRA, and the information is the type of consumer information covered by the FCRA, Section 615(b)(1) requires that the user clearly and accurately disclose to the consumer his or her right to be told the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification. The user must provide the disclosure within a reasonable period of time following the consumer's written request.

3. Adverse Actions Based on Information Obtained From Affiliates


If a person takes an adverse action involving insurance, employment, or a credit transaction initiated by the consumer, based on information of the type covered by the FCRA, and this information was obtained from an entity affiliated with the user of the information by common ownership or control, Section 615(b)(2) requires the user to notify the consumer of the adverse action. The notice must inform the consumer that he or she may obtain a disclosure of the nature of the information relied upon by making a written request within 60 days of receiving the adverse action notice. If the consumer makes such a request, the user must disclose the nature of the information not later than 30 days after receiving the request. If consumer report information is shared among affiliates and then used for an adverse action, the user must make an adverse action disclosure as set forth in I.C.1 above.



D. Users Have Obligations When Fraud and Active Duty Military Alerts are in Files
When a consumer has placed a fraud alert, including one relating to identify theft, or an active duty military alert with a nationwide consumer reporting agency as defined in Section 603(p) and resellers, Section 605A(h) imposes limitations on users of reports obtained from the consumer reporting agency in certain circumstances, including the establishment of a new credit plan and the issuance of additional credit cards. For initial fraud alerts and active duty alerts, the user must have reasonable policies and procedures in place to form a belief that the user knows the identity of the applicant or contact the consumer at a telephone number specified by the consumer; in the case of extended fraud alerts, the user must contact the consumer in accordance with the contact information provided in the consumer's alert.

E. Users Have Obligations When Notified of an Address Discrepancy
Section 605(h) requires nationwide CRAs, as defined in Section 603(p), to notify users that request reports when the address for a consumer provided by the user in requesting the report is substantially different from the addresses in the consumer's file. When this occurs, users must comply with regulations specifying the procedures to be followed. Federal regulations are available


F. Users Have Obligations When Disposing of Records


Section 628 requires that all users of consumer report information have in place procedures to properly dispose of records containing this information. Federal regulations have been issued that cover disposal.




If a person uses a consumer report in connection with an application for, or a grant, extension, or provision of, credit to a consumer on material terms that are materially less favorable than the most favorable terms available to a substantial proportion of consumers from or through that person, based in whole or in part on a consumer report, the person must provide a risk-based pricing notice to the consumer in accordance with regulations prescribed by the CFPB.

Section 609(g) requires a disclosure by all persons that make or arrange loans secured by residential real property (one to four units) and that use credit scores. These persons must provide credit scores and other information about credit scores to applicants, including the disclosure set forth in Section 609(g)(1)(D) ("Notice to the Home Loan Applicant").




A. Employment Other Than in the Trucking Industry


If the information from a CRA is used for employment purposes, the user has specific duties, which are set forth in Section 604(b) of the FCRA. The user must:

  • Make a clear and conspicuous written disclosure to the consumer before the report is obtained, in a document that consists solely of the disclosure, that a consumer report may be obtained.
  • Obtain from the consumer prior written authorization. Authorization to access reports during the term of employment may be obtained at the time of employment.
  • Certify to the CRA that the above steps have been followed, that the information being obtained will not be used in violation of any federal or state equal opportunity law or regulation, and that, if any adverse action is to be taken based on the consumer report, a copy of the report and a summary of the consumer's rights will be provided to the consumer.
  • Before taking an adverse action, the user must provide a copy of the report to the consumer as well as the summary of consumer's rights (The user should receive this summary from the CRA.) A Section 615(a) adverse action notice should be sent after the adverse action is taken.

An adverse action notice also is required in employment situations if credit information (other than transactions and experience data) obtained from an affiliate is used to deny employment. Section 615(b)(2).

The procedures for investigative consumer reports and employee misconduct investigations are set forth below.


B. Employment in the Trucking Industry

Special rules apply for truck drivers where the only interaction between the consumer and the potential employer is by mail, telephone, or computer. In this case, the consumer may provide consent orally or electronically, and an adverse action may be made orally, in writing, or electronically. The consumer may obtain a copy of any report relied upon by the trucking company by contacting the company.



Investigative consumer reports are a special type of consumer report in which information about a consumer's character, general reputation, personal characteristics, and mode of living is obtained through personal interviews by an entity or person that is a consumer reporting agency. Consumers who are the subjects of such reports are given special rights under the FCRA. If a user intends to obtain an investigative consumer report, Section 606 requires the following:

  • The user must disclose to the consumer that an investigative consumer report may be obtained. This must be done in a written disclosure that is mailed, or otherwise delivered, to the consumer at some time before or not later than three days after the date on which the report was first requested. The disclosure must include a statement informing the consumer of his or her right to request additional disclosures of the nature and scope of the investigation as described below, and the summary of consumer rights required by Section 609 of the FCRA. (The summary of consumer rights will be provided by the CRA that conducts the investigation.)
  • The user must certify to the CRA that the disclosures set forth above have been made and that the user will make the disclosure described below.
  • Upon the written request of a consumer made within a reasonable period of time after the disclosures required above, the user must make a complete disclosure of the nature and scope of the investigation. This must be made in a written statement that is mailed or otherwise delivered, to the consumer no later than five days after the date on which the request was received from the consumer or the report was first requested, whichever is later in time.




Section 603(x) provides special procedures for investigations of suspected misconduct by an employee or for compliance with Federal, state or local laws and regulations or the rules of a self-regulatory organization, and compliance with written policies of the employer. These investigations are not treated as consumer reports so long as the employer or its agent complies with the procedures set forth in Section 603(x), and a summary describing the nature and scope of the inquiry is made to the employee if an adverse action is taken based on the investigation.


Section 604(g) limits the use of medical information obtained from consumer reporting agencies (other than payment information that appears in a coded form that does not identify the medical provider). If the information is to be used for an insurance transaction, the consumer must give consent to the user of the report or the information must be coded. If the report is to be used for employment purposes — or in connection with a credit transaction (except as provided in federal regulations) — the consumer must provide specific written consent and the medical information must be relevant. Any user who receives medical information shall not disclose the information to any other person (except where necessary to carry out the purpose for which the information was disclosed, or a permitted by statute, regulation, or order).


The FCRA permits creditors and insurers to obtain limited consumer report information for use in connection with unsolicited offers of credit or insurance under certain circumstances. Sections 603(1), 604(c), 604(e), and 615(d). This practice is known as "prescreening" and typically involves obtaining from a CRA a list of consumers who meet certain preestablished criteria. If any person intends to use prescreened lists, that person must (1) before the offer is made, establish the criteria that will be relied upon to make the offer and grant credit or insurance, and (2) maintain such criteria on file for a three-year period beginning on the date on which the offer is made to each consumer. In addition, any user must provide with each written solicitation a clear and conspicuous statement that:

  • Information contained in a consumer's CRA file was used in connection with the transaction.
  • The consumer received the offer because he or she satisfied the criteria for credit worthiness or insurability used to screen for the offer.
  • Credit or insurance may not be extended if, after the consumer responds, it is determined that the consumer does not meet the criteria used for screening or any applicable criteria bearing on credit worthiness or insurability, or the consumer does not furnish required collateral.
  • The consumer may prohibit the use of information in his or her file in connection with future prescreened offers of credit or insurance by contacting the notification system established by the CRA that provided the report. The statement must include the address and toll-free telephone number of the appropriate notification system.

In addition, the CFPB has established the format, type size, and manner of the disclosure required by Section 615(d), with which users must comply. The relevant regulation is 12 CFR 1022.54.



A. Disclosure and Certification Requirements


Section 607(e) requires any person who obtains a consumer report for resale to take the following steps:

  • Disclose the identity of the end-user to the source CRA.
  • Identify to the source CRA each permissible purpose for which the report will be furnished to the end-user.
  • Establish and follow reasonable procedures to ensure that reports are resold only for permissible purposes, including procedures to obtain:

(1) the identify of all end-users;

(2) certifications from all users of each purpose for which reports will be used; and

(3) certifications that reports will not be used for any purpose other than the purpose(s) specified to the reseller. Resellers must make reasonable efforts to verify this information before selling the report.


B. Reinvestigations by Resellers


Under Section 611(f), if a consumer disputes the accuracy or completeness of information in a report prepared by a reseller, the reseller must determine whether this is a result of an action or omission on its part and, if so, correct or delete the information. If not, the reseller must send the dispute to the source CRA for reinvestigation. When any CRA notifies the reseller of the results of an investigation, the reseller must immediately convey the information to the consumer.

C. Fraud Alerts and Resellers


Section 605A(f) requires resellers who receive fraud alerts or active duty alerts from another consumer reporting agency to include these in their reports.



Failure to comply with the FCRA can result in state government or federal government enforcement actions, as well as private lawsuits. Sections 616, 617, and 621. In addition, any person who knowingly and willfully obtains a consumer report under false pretenses may face criminal prosecution. Section 619.

The CFPB's website,, has more information about the FCRA, including publications for businesses and the full text of the FCRA.

Citations for FCRA sections in the U.S. Code, 15 U.S.C. § 1618 et seq.:

Section 602


15 U.S.C. 1681

Section 603


15 U.S.C. 1681a

Section 604


15 U.S.C. 1681b

Section 605


15 U.S.C. 1681c

Section 605A


15 U.S.C. 1681cA

Section 605B


15 U.S.C. 1681cB

Section 606


15 U.S.C. 1681d

Section 607


15 U.S.C. 1681e

Section 608


15 U.S.C. 1681f

Section 609


15 U.S.C. 1681g

Section 610


15 U.S.C. 1681h

Section 611


15 U.S.C. 1681i

Section 612


15 U.S.C. 1681j

Section 613


15 U.S.C. 1681k

Section 614


15 U.S.C. 1681l

Section 615


15 U.S.C. 1681m

Section 616


15 U.S.C. 1681n

Section 617


15 U.S.C. 1681o

Section 618


15 U.S.C. 1681p

Section 619


15 U.S.C. 1681q

Section 620


15 U.S.C. 1681r

Section 621


15 U.S.C. 1681s

Section 622


15 U.S.C. 1681s-1

Section 623


15 U.S.C. 1681s-2

Section 624


15 U.S.C. 1681t

Section 625


15 U.S.C. 1681u

Section 626


15 U.S.C. 1681v

Section 627


15 U.S.C. 1681w

Section 628


15 U.S.C. 1681x

Section 629


15 U.S.C. 1681y



Para informacion en espanol, visite o escribe a la Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.

A Summary of Your Rights Under the Fair Credit Reporting Act


The federal Fair Credit Reporting Act (FCRA) promotes the accuracy, fairness, and privacy of information in the files of consumer reporting agencies. There are many types of consumer reporting agencies, including credit bureaus and specialty agencies (such as agencies that sell information about check writing histories, medical records, and rental history records). Here is a summary of your major rights under the FCRA. For more information, including information about additional rights, go or write to: Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.

  • You must be told if information in your file has been used against you. Anyone who uses a credit report or another type of consumer report to deny your application for credit, insurance, or employment — or to take another adverse action against you — must tell you, and must give you the name, address, and phone number of the agency that provided the information.
  • You have the right to know what is in your file.You may request and obtain all the information about you in the files of a consumer reporting agency (your "file disclosure"). You will be required to provide proper identification, which may include your Social Security number. In many cases, the disclosure will be free. You are entitled to a free file disclosure if:
    • a person has taken adverse action against you because of information in your credit report;
    • you are the victim of identity theft and place a fraud alert in your file;
    • your file contains inaccurate information as a result of fraud;
    • you are on public assistance;
    • you are unemployed but expect to apply for employment within 60 days.

In addition, all consumers are entitled to one free disclosure every 12 months upon request from each nationwide credit bureau and from nationwide specialty consumer reporting agencies. See for additional information.

  • You have the right to ask for a credit score. Credit scores are numerical summaries of your credit-worthiness based on information from credit bureaus. You may request a credit score from consumer reporting agencies that create scores or distribute scores used in residential real property loans, but you will have to pay for it. In some mortgage transactions, you will receive credit score information for free from the mortgage lender.
  • You have the right to dispute incomplete or inaccurate information. If you identify information in your file that is incomplete or inaccurate, and report it to the consumer reporting agency, the agency must investigate unless your dispute is frivolous. See for an explanation of dispute procedures.
  • Consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information. Inaccurate, incomplete or unverifiable information must be removed or corrected, usually within 30 days. However, a consumer reporting agency may continue to report information it has verified as accurate.
  • Consumer reporting agencies may not report outdated negative information. In most cases, a consumer reporting agency may not report negative information that is more than seven years old, or bankruptcies that are more than 10 years old.
  • Access to your file is limited. A consumer reporting agency may provide information about you only to people with a valid need — usually to consider an application with a creditor, insurer, employer, landlord, or other business. The FCRA specifies those with a valid need for access.
  • You must give your consent for reports to be provided to employers. A consumer reporting agency may not give out information about you to your employer, or a potential employer, without your written consent given to the employer. Written consent generally is not required in the trucking industry. For more information, go to
  • You may limit "prescreened" offers of credit and insurance you get based on information in your credit report. Unsolicited "prescreened" offers for credit and insurance must include a toll-free phone number you can call if you choose to remove your name and address from the lists these offers are based on. You may opt-out with the nationwide credit bureaus at 1-888-567-8688.
  • You may seek damages from violators. If a consumer reporting agency, or, in some cases, a user of consumer reports or a furnisher of information to a consumer reporting agency violates the FCRA, you may be able to sue in state or federal court.
  • Identity theft victims and active duty military personnel have additional rights. For more information, visit


States may enforce the FCRA, and many states have their own consumer reporting laws. In some cases, you may have more rights under state law. For more information, contact your state or local consumer protection agency or your state Attorney General. For information about your federal rights, contact:




1.a. Banks, savings associations, and credit unions with total assets of over $10 billion and their affiliates.

b. Such affiliates that are not banks, savings associations, or credit unions also should list, in addition to the CFPB:

a. Consumer Financial Protection Bureau
1700 G Street NW
Washington, DC 20552

b. Federal Trade Commission: Consumer Response Center-FCRA
Washington, DC 20580
(877) 382-4357

2. To the extent not included in item 1 above:

a. National banks, federal savings associations, and federal branches and federal agencies of foreign banks

b. State member banks, branches and agencies of foreign banks (other than federal branches, federal agencies, and Insured State Branches of Foreign Banks), commercial lending companies owned or controlled by foreign banks, and organizations operating under section 25 or 25A of the Federal Reserve Act

c. Nonmember Insured Banks, Insured State Branches of Foreign Banks, and insured state savings associations

d. Federal Credit Unions

a. Office of the Comptroller of the Currency
Customer Assistance Group
1301 McKinney Street, Suite 3450
Houston, TX 77010-9050

b. Federal Reserve Consumer Help Center
P.O. Box 1200
Minneapolis, MN 55480

c. FDIC Consumer Response Center
1100 Walnut Street, Box #11
Kansas City, MO 64106

d. National Credit Union Administration
Office of Consumer Protection (OCP)
Division of Consumer Compliance and Outreach (DCCO)
1775 Duke Street
Alexandria, VA 22314

3. Air Carriers

Asst. General Counsel for Aviation Enforcement & Proceedings
1200 New Jersey Avenue, SE
Washington, DC 20590

4. Creditors Subject to Surface Transportation Board Office of Proceedings, Surface Transportation Board

Department of Transportation
395 E Street S.W.
Washington, DC 20423

5. Creditors Subject to Packers and Stockyards Act, 1921

Nearest Packers and Stockyards Administration area supervisor

6. Small Business Investment Companies

Associate Deputy Administrator for Capital Access
United States Small Business Administration
409 Third Street, SW, 8th Floor
Washington, DC 20416

7. Brokers and Dealers

Securities and Exchange Commission
100 F St NE
Washington, DC 20549

8. Federal Land Banks, Federal Land Bank Associations, Federal Intermediate Credit Banks, and Production Credit Associations

Farm Credit Administration
1501 Farm Credit Drive
McLean, VA 22102-5090

9. Retailers, Finance Companies, and All Other Creditors Not Listed Above

FTC Regional Office for region in which the creditor operates
or Federal Trade Commission: Consumer Response Center- FCRA
Washington, DC 20580
(877) 382-4357




The following information security measures are designed to reduce unauthorized access to consumer information. It is Company's responsibility to implement these controls. If Company does not understand these requirements or needs assistance, it is Company's responsibility to employ an outside service provider to assist it. Capitalized terms used herein have the meaning given in the Glossary attached hereto. These Access Security Requirements may change without notification. The information provided herewith provides minimum baselines for information security.

In accessing TALENTWISE's Software Service and/or Experian's credit reporting services, where applicable, Company agrees to follow these security requirements:

1. Implement Strong Access Control Measures



Each user shall maintain a unique user ID and password to enable individual authentication and accountability for access to credit information.


User ID(s) and passwords are to be kept Confidential and not shared or given to others. Account numbers and passwords should be known only by supervisory personnel. System access software which utilizes user ID(s) or passwords must have these components hidden or embedded.


Develop strong passwords that are:

  • Not easily guessable (i.e. your name or company name, repeating numbers and letters or consecutive numbers and letters)
  • Contain a minimum of seven (7) alphanumeric characters for standard user accounts


Restrict the number of key personnel who have access to credit information. Ensure that personnel who are authorized access to credit information have a business need to access such information and understand the requirements to access such information are only for the permissible purpose for which you have been granted access to credit reports by TalentWise. Ensure that employees do not access credit reports on themselves or any family member(s) or friend(s) unless it is in connection with a legitimate business transaction or for another permissible purpose.


Implement password protected screensavers with a maximum fifteen (15) minute timeout to protect unattended workstations.


Implement a process to terminate access rights immediately for users who are terminated or when they have a change in their job tasks and no longer require access to credit information.


After normal business hours, turn off and lock all devices or systems used to obtain credit information.


Implement physical security controls to prevent unauthorized entry to your facility and access to systems used to obtain credit information.

2. Maintain a Vulnerability Management Program


Keep operating system(s), Firewalls, Routers, servers, personal computers (laptop and desktop) and all other systems current with appropriate system patches and updates.


Configure infrastructure such as Firewalls, Routers, personal computers, and similar components to industry best security practices, including disabling unnecessary services or features, removing or changing default passwords, IDs and sample files/programs, and enabling the most secure configuration features to avoid unnecessary risks.


Implement and follow current best security practices for Computer Virus detection scanning services and procedures:

  • Use, implement and maintain a current, commercially available Computer Virus detection/scanning product on all computers, systems and networks.
  • If an actual or potential virus is suspected, immediately cease accessing the system and do not resume the inquiry process until the virus has been eliminated.
  • On a weekly basis at a minimum, keep anti-virus software up-to-date by vigilantly checking or configuring auto updates and installing new virus definition files.


Implement and follow current best security practices for computer anti-Spyware scanning services and procedures:

  • Use, implement and maintain a current, commercially available computer anti-Spyware scanning product on all computers, systems and networks.
  • If actual or potential Spyware is suspected, immediately cease accessing the system and do not resume the inquiry process until the problem has been resolved and eliminated. Run a secondary anti-Spyware scan upon completion of the first scan to ensure all Spyware has been removed from your computers.
  • Keep anti-Spyware software up-to-date by vigilantly checking or configuring auto updates and installing new anti-Spyware definition files weekly, at a minimum. If company's computers have unfiltered or unblocked access to the Internet (which prevents access to some known problematic sites), it is recommended that anti-Spyware scans be completed more frequently than weekly.

3. Protect Data


Develop and follow procedures to ensure that data is protected throughout its entire information lifecycle (from creation, transformation, use, storage and secure destruction) regardless of the media used to store the data (i.e., tape, disk, paper, etc).


All credit information is classified as Confidential and must be secured to this requirement at a minimum.


Encrypt all credit reporting agency data and information when stored on any company laptop computer and in company's database using AES or 3DES with 128-bit key encryption at a minimum.


Only open email attachments and links from trusted sources and after verifying legitimacy.

4. Maintain an Information Security Policy


Develop and follow a security plan to protect the Confidentiality and integrity of personal consumer information as required under the GLB Safeguard Rule.


Establish processes and procedures for responding to security violations, unusual or suspicious events and similar incidents to limit damage or unauthorized access to information assets and to permit identification and prosecution of violators.


Per the FACTA Disposal Rules, implement appropriate measures to dispose of any sensitive information related to consumer credit reports and records that will protect against unauthorized access or use of that information.


Implement and maintain ongoing mandatory security training and awareness sessions for all staff to underscore the importance of security within your organization.

5. Build and Maintain a Secure Network


Protect Internet connections with dedicated, industry- recognized Firewalls that are configured and managed using industry best security practices.


Internal private Internet Protocol (IP) addresses must not be publicly accessible or natively routed to the Internet. Network address translation (NAT) technology should be used.


Administrative access to Firewalls and servers must be performed through a secure internal wired connection only.


Any stand-alone computers that directly access the Internet must have a desktop Firewall deployed that is installed and configured to block unnecessary/unused ports, services and network traffic.


Encrypt Wireless access points with a minimum of WEP 128 bit encryption, WPA encryption where available.


Disable vendor default passwords, SSIDs and IP Addresses on Wireless access points and restrict authentication on the configuration of the access point.

6. Regularly Monitor and Test Networks


Perform regular tests on information systems (port scanning, virus scanning, vulnerability scanning).


Use current best practices to protect your telecommunications systems and any computer system or network device(s) you use to provide Services hereunder to access credit information systems and networks. These controls should be selected and implemented to reduce the risk of infiltration, hacking, access penetration or exposure to an unauthorized third party by:

  • protecting against intrusions;
  • securing the computer systems and network devices;
  • and protecting against intrusions of operating systems or software.

"Under Section 621 (a) (2) (A) of the FCRA, any person that violates any of the provisions of the FCRA may be liable for a civil penalty of not more than $2,500 per violation."

Glossary to Access Security Requirements



Computer Virus

A Computer Virus is a self-replicating computer program that alters the way a computer operates, without the knowledge of the user. A true virus replicates and executes itself. While viruses can be destructive by destroying data, for example, some viruses are benign or merely annoying.


Very sensitive information. Disclosure could adversely impact your company.


Encryption is the process of obscuring information to make it unreadable without special knowledge.


In computer science, a Firewall is a piece of hardware and/or software which functions in a networked environment to prevent unauthorized external access and some communications forbidden by the security policy, analogous to the function of Firewalls in building construction. The ultimate goal is to provide controlled connectivity between zones of differing trust levels through the enforcement of a security policy and connectivity model based on the least privilege principle.

Information Lifecycle or Data Lifecycle

Management program that considers the value of the information being stored over a period of time, the cost of its storage, its need for availability for use by authorized users, and the period of time for which it must be retained.

IP Address

A unique number that devices use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP). Any All participating network devices - including routers, computers, time-servers, printers, Internet fax machines, and some telephones - must have its own unique IP address. Just as each street address and phone number uniquely identifies a building or telephone, an IP address can uniquely identify a specific computer or other network device on a network. It is important to keep your IP address secure as hackers can gain control of your devices and possibly launch an attack on other devices.


A Router is a computer networking device that forwards data packets across a network via routing. A Router acts as a junction between two or more networks transferring data packets.


Spyware refers to a broad category of malicious software designed to intercept or take partial control of a computer's operation without the consent of that machine's owner or user. In simpler terms, spyware is a type of program that watches what users do with their computer and then sends that information over the internet.


Part of the Wi-Fi Wireless LAN, a service set identifier (SSID) is a code that identifies each packet as part of that network. Wireless devices that communicate with each other share the same SSID.

WEP Encryption

(Wired Equivalent Privacy) A part of the wireless networking standard intended to provide secure communication. The longer the key used, the stronger the encryption will be. Older technology reaching its end of life.


(Wi-Fi Protected Access) A part of the wireless networking standard that provides stronger authentication and more secure communications. Replaces WEP. Uses dynamic key encryption verses static as in WEP (key is constantly changing and thus more difficult to break than WEP).