Terms of Service
- The Terms constitute the entire agreement (the “Agreement”) between you (“you”, “your”), on one side, and Certn or its Affiliate and Subsidiary companies on the other side, regarding your use of our Website. As used herein, the term “Subsidiary” shall mean any corporation or other business entity controlled directly or indirectly by Certn, and the term “Affiliate” shall mean and include any corporation or other business entity directly or indirectly controlling, controlled by or under common control with Certn.
- The Website includes all web pages and associated sites linked to Certn.
- The Terms govern the relationship between Certn on the one hand and the users and visitors of our Website, including those that require registration of a username and login password (“Clients”), as well as those who browse without registration (Website Visitors) (together hereinafter referred to as “All Users”, “you”, “your”).
- WEBSITE CONTENT
- The information available through our Website, including, without limitation, any text, design, logos, graphics, icons, images, user interfaces, video and audio clips, downloads, trademarks, codes, and software, as well as the structure, operation, and arrangement thereof (collectively, “Content”), is owned by us and is subjected to the provisions of the applicable intellectual property rights and unfair competition laws.
- We reserve the right to amend the Content of the Website, and any of the Services we provide on the Website, in our sole discretion or when necessary for compliance purposes.
- All changes are effective immediately when we post them and apply to all access to and use of the Website thereafter.
- ACCESSING AND USING OUR WEBSITE
- All Users shall use the Website exclusively for authorized and legal purposes, consistent with all Applicable Laws, regulations, and the rights of others.
- You acknowledge that Certn shall be entitled to monitor, yet shall not have the obligation, nor the control to police the content of data transmitted from the use of our Website or our Services. You shall be responsible for the content, accuracy, and nature of any such communications or transmissions on our Website (Acceptable Use).
- You may browse the Website and view content without using our Services, but as a condition to using certain aspects of the Website and its Services ordering Platform, you may be required to register and select a password and username (such credentials shall hereinafter together be referred to as “User ID”). By registering on our Website, you understand and agree that we may require you to provide information that may be used to confirm your identity and help ensure the security of your User ID.
- Registered Clients agree and warrant to have the authority necessary to enter into this Agreement and to do all things necessary to procure the fulfillment of their obligations under these Terms. By registering or using our Services, Clients undertake:
- to maintain the confidentiality of their account, username, and password and for restricting access to their device/s. Your username and password are personal to you. You are solely responsible for any and all activities (including but not limited to purchases) that are conducted through your account;
- not to transfer or resell your use of or access to the Website to any third party. We are not liable for any harm caused or related to the theft or misappropriation of your User ID, disclosure of your User ID, or your authorization of anyone else to use your User ID. You agree to notify Certn immediately of any unauthorized use of your User ID, or any other breach of security at firstname.lastname@example.org;
- to use adequate systems and procedures to ensure that all Personal Information subject to the processed Transactions is kept confidential and secure, and is protected against unlawful intrusion, wrongful alteration, unauthorized disclosure, or access by any unauthorized parties.
- where applicable to provide for any necessary, required, or applicable licenses, consents, authorizations, disclosures, or other required documents or permissions for any transmitted data on our Website or associated with the utilization of our Services thereto;
- to use the Services exclusively for authorized and legal purposes, consistent with the Applicable Laws, regulations, and the rights of others and to ensure that by using the Services, you will not violate any contract or other arrangement between yourself and any third party, or any applicable law or regulation.
- PROHIBITED USE OF OUR WEBSITE
- All Users agree NOT to use our Website, nor the Services in order to:
- transmit data that is illegal, harmful, threatening, insulting, disturbing, injurious, obscene, defamatory, unacceptable from a racial or ethnic perspective;
- cause harm to children in any way;
- falsify or manipulate the means of identification in order to obscure the origin of data transmitted through the Services;
- publish or otherwise transmit any Malicious Software or other computer codes, files or programs designed to interrupt, disrupt or restrict the operation of our Website, our computer Software, hardware, telecommunications equipment or to disrupt the normal transactions of other Website Visitors or Clients;
- process to retrieve, data mine or in any way reproduce or circumvent the structure or presentation of the Website, its Contents or any processed data using any robot, spider, offline reader, site search, retrieval application or other manual or automatic device;
- make any speculative, false, or fraudulent background request orders. If we are reasonably of the opinion that such an order has been made, we shall be entitled to cancel such requests and inform the relevant Consumer and the competent authorities;
- modify, adapt, sub-license, “frame”, “mirror”, translate, sell, reverse engineer, decompile or disassemble any portion of the Website or otherwise attempt to derive any source code or underlying ideas or algorithms of any part of the Website or Services thereto;
- perform any actions which would target testing the security or the vulnerability of our Website, our computer Software, hardware, and telecommunications equipment.
- All Users agree NOT to use our Website, nor the Services in order to:
- PROVISION OF SERVICES AND SERVICES AVAILABILITY
- Certn provides the Clients with the Services as set out on the Website.
- Upon request and relying upon your representations that you have Permissible Purpose to order our Services, Certn will provide background checks, verifications, and other consumer reports to the Client when available.
- The Client understands and acknowledges that the ordering and delivery of consumer credit reports for the purposes of conducting background screening is subject to additional requirements, terms, and conditions, which shall be presented for acceptance only upon request.
- Client acknowledges receipt and understanding of all required notices required by the FCRA (as may be updated from time to time) for the USA verification Services:
- Summary of Consumer’s Rights (Appendix A),
- Notice to Users (Appendix B) and
- Remedying the Effects of ID Theft (Appendix C), all attached and incorporated by reference herein.
- Subject to the requirements applicable for the provision of USA verification Services, periodically and upon request, the Client will provide to Certn copies of certifications, consumer consents, notices, and summary of rights under the FCRA as well as other forms which Certn finds helpful in meeting its obligations under the FCRA and other Applicable Laws. Notwithstanding the Termination provisions stipulated in the Agreement, Certn shall be entitled to terminate the Agreement with immediate effect whereby the Client is unable to provide such certification at any point of time during the Term of the Agreement. The Client hereby also certifies and acknowledges that Certn will only deliver USA verification Services subject to the Client’s certification that those will be used only in compliance and subject to the permissibility provisions of the FCRA and any other applicable federal, state, or local regulations governing the use of the Services within USA.
- The Client hereby warrants not to use consumer information in violation of the Applicable Laws.
- Subject to the Applicable Laws and the specificity of each Service, additional terms and requirements may apply to you or some of the Services. Where such specific or additional terms and requirements may apply to the requested Services, such provisions shall be communicated prior to processing your request.
- Certn shall provide the information Services as requested and logged onto the Platform under the following conditions:
- When using the Services, you undertake to comply any Service specific terms, as well as all other conditions set by the international law, even if they are not explicitly mentioned in these Terms.
- By using the Services, you acknowledge that we collect data as well as consumer information from different sources, including, but without limitation, from databases maintained by public authorities and other consumer reporting agencies, governmental and non-governmental databases, and repositories. Such third-party agencies may include, but are not specifically limited to, credit bureaus, government agencies, police, news agencies, public court databases, social media, education institutions, previous employers. Such third-party agencies and information sourced from them, including any associated and applicable third-party terms thereto, are not maintained or controlled by us. As such, we cannot accept any liability or guarantee that the information provided from these sources is absolutely accurate, complete, up-to-date, error-free, or comprehensive in breadth or depth.
- When using the Services, you acknowledge that Certn has no control over the contents the terms and conditions for using data belonging to third-party institutions. Such terms and conditions may include, but shall not be limited to, credentialing requirements and procedures for granting access to consumer credit reports or other Services, as may be required by credit bureaus or other third-party data suppliers. Any changes to such license terms shall be communicated to the Client without undue delay. Where such changes impact the Services you use, your continued access may be subjected to compliance to such pass-over third-party license terms.
- We may, from time to time and in our sole discretion, or due to regulatory requirements, issue new releases for the Software including, but not limited to, upgrades, new features, patches, enhancements, or fixes (“Upgrades”) which will be included in the Fees for using the Services and will be automatically available as of the release date.
- You agree and acknowledge that our Services are not intended to be used as the sole basis for any business decision, nor to relieve you of any obligations you may have in complying with the Applicable Law.
- Except as otherwise announced on our Website or exclusively communicated to Clients, background screening requests (“Transaction”) can be logged 24 hours a day, 7 days a week, 365 days per year. Clients will use the Services through the availability of the exposed data access functions of the relative Service (i.e. our web Platform) and within the bounds of the Permissible Purpose, to log, view and examine results for their Transactions. The standard service level criterion for availability or our Platform in accessing the Services is set at 99% and the standard service level performance threshold for processing Transactions is set at 98%.
- Our Website and Platform may from time to time require upgrading, modification, maintenance or other work which may result in partial or complete non-availability of the Service. We will take all reasonable care to provide appropriate and timely notification to Clients for all scheduled maintenance.
- Our Services are targeted to deliver and meet the Client’s real-time business processes. While we make commercially reasonable efforts to ensure continuous undisrupted availability of the Services, the time it takes to compile, and present various reports (“Turnaround Time”) varies between products and geographies.
- Corporate Clients’ average Turnaround Times, support levels for committed Transactional volumes and associated service credit terms will be defined subject to a preliminary Service Level Agreement. Where no such commitment is made on behalf of the Client, the Services and support levels associated thereto shall be delivered on “as is” and “as available” basis and we shall not be held liable when failing to meet the service level performance threshold. As such, while we shall take all reasonable care to meet and exceed the standard service level performance threshold, we shall only grant any price adjustment or credit reflecting any potential value of any proven underperformance subject to our own evaluation and discretion.
- The general target of our service level criterion does not apply to any unavailability, suspension or termination caused by:
- VII.13.1.factors outside our reasonable control such as, but not limited to failure in local access facilities, electric power or environmental control systems or third-party downtime, as well as any Force Majeure event or Internet access or related problems beyond the demarcation point of the Platform gateway;
- VII.13.2.scheduled maintenance;
- VII.13.3.improper use by the Client(including use otherwise than in accordance with these Terms);
- VII.13.4.any voluntary actions or inactions which result in service interruption by the Client, including, but not limited to the malfunction or failure of your equipment, telecommunications systems, hardware or software;
- VII.13.5.detected Malicious Software;
- VII.13.6.reported or investigated Data Breach;
- VII.13.7.Services suspension subject to the conditions of these Terms.
- SERVICE SPECIFIC CLIENT CERTIFICATIONS for usA verificaitons SERVICES
- The Client understands that it must have a legitimate need and Permissible Purpose for ordering our Services and further agrees to comply with the applicable Permissible Purpose requirements and any associated disclosure and authorization requirements to the Consumer, as required by the FCRA or any Applicable Law.
- The Client hereby warrants and represents to keep up with and comply with the evolving federal, state and/or local regulatory requirements applicable to employment or tenancy screening as set out in, but not limited to, the Fair Credit Reporting Act (FCRA), individualized assessments, as instructed by the Equal Employment Opportunity Commission (EEOC), local Ban the Box laws, fair chance, and fair hiring laws.
- The Client agrees to submit all Consumer disputes over the accuracy or completeness of reported Personal Information provided as part of the Services (“Consumer Dispute”) to Certn according to a process reasonably required by Certn. The Client also agrees to immediately provide any re-investigated Consumer Dispute reports to the individual whose Personal Information is the subject to the dispute.
- The Client specifically represents that reports will only be obtained for its own use and it is the end user of the reports. It will not further distribute, sell, give, or trade such information with any third party.
- The Client acknowledges its legal responsibilities and hereby certifies and guarantees that for each Transaction requesting a consumer report, the Client shall comply with all applicable legal and regulatory requirements and hereby commits and agrees to consult a legal counsel if it is not in full understanding of such obligations required to ensure overall screening program compliance:
- Disclosure and authorization requirements: The Client understands that it is its sole responsibility to provide fully compliant FCRA disclosure and authorization forms as required by the FCRA under Section 604 of the FCRA and any other applicable state laws, to each applicant. Certn is not responsible for providing these forms or ensuring their compliance.
- Adverse action responsibility: The Client understands that there are legal requirements and responsibilities when taking adverse action based in whole or part on consumer reports. The Client understands and agrees to comply with adverse action procedures required by the FCRA (and any/all state/local Applicable Laws) including, where applicable, requirements to provide a preliminary adverse action notice to consumers, along with a copy of the consumer report and A Summary of Your Rights Under the Fair Credit Reporting Act, allowing the Consumer a designated period of time to contact us if the Consumer wishes to dispute any information in the consumer report, providing our contact information and providing a final adverse action notice to the consumer if a final adverse application decision is made. The Client acknowledges that additional requirements may also be imposed under state and local law.
- Sending copies of reports to consumers: Clients must review all forms and send copies as requested. If an applicant contacts Certn directly, Certn will send copies to applicants.
- Decisions: The Client has the sole responsibility for all decisions based on the delivered data verification Services. Certn shall not be part of, nor be held responsible for any decisions made by the Client including, but not limited to, lease of properties or the hiring or of applicants, contract termination, increase or rent, discipline or retention of any employee or former employee.
- Specific confidentiality provisions: Client and agents of Client understand the sensitive nature of consumer reports, the need to protect the information and the consumer report retention and destruction practices outlined by the FCRA and other Applicable Laws. The Client agrees to take the following steps are required by, and in accordance with, applicable law:
- limit dissemination of consumer information to only those with legitimate need, Permissible Purpose, and authorized by Consumer;
- Maintain copies of all written authorizations for a minimum of three (3) years from the date of inquiry.
- Retain Consumer data in a confidential manner;
- Destroy data in a secure manner rendering information inaccessible, unreadable, and/or unrecoverable per regulations of the FTC. The following methods of destruction are permitted: 1) burning, pulverizing, or shredding documents, 2) destroying or erasing or overwriting electronic files so they cannot be read or restored, and/or 3) after conducting due diligence, hiring a document destruction company. Further information about the requirements for proper disposal of Reports is available online at www.ftc.gov (http://www.ftc.gov).
- Misuse of information. The FCRA prohibits the obtaining of information from a consumer reporting agency for an impermissible purpose. Further, those involved in such improper requesting may be subject to criminal penalties of imprisonment up to one year and/or a fine of $5,000 for each offense. Clients are expressly prohibited from misusing information under the FCRA and other Applicable Law subject to the provision of our Services. If a Client or one of its employees misrepresents to Certn the reason for a report or requests a report for an impermissible purpose, Certn may terminate service without notice in addition to other remedies available to Certn. Client understands that its misuse of or improper request for information may have a direct impact upon Certn and may cause it to be unable to obtain information for any of its clients resulting in substantial damages for which Client would be liable.
- SERVICE SPECIFIC DISCLOSURES
- Subject to the variable requirements as set out in the applicable federal, state, or local regulations governing the use of the Services within USA, the Client hereby acknowledges and understands that the provision of Services may be subjected to compliance with any or all the below state law requirements (as may be updated from time to time):
- State of Washington applicants: If the Client requests an investigative consumer report (as defined by state law) from a consumer reporting agency, Consumers have the right to receive a complete and accurate disclosure of the nature and scope of the investigation requested by the Client. Consumers also have the right to request a written summary of their rights and remedies under the Washington Fair Credit Reporting Act.
- Maine: Consumers have the right to ask and know whether a Client ordered a background check on them.
- Massachusetts applicants: If the Client requests an investigative consumer report (as defined by state law) from a consumer reporting agency, Consumers have the right to have a copy of the report upon request.
- New Jersey applicants: If the Client requests an investigative consumer report (as defined by state law) from a consumer reporting agency, Consumers have the right to have a copy of the report upon request.
- New York applicants: Consumers have the right, upon written request, to be informed of whether or not an investigative consumer report (as defined by state law) was requested from a consumer reporting agency. If a report was requested, Consumers will be provided with the name and address of the consumer reporting agency to whom the request was made.
- Minnesota applicants: Consumers have the right, upon written request, to receive a complete and accurate disclosure of the nature and scope of any consumer report ordered about them. A consumer reporting agency must make this disclosure within five (5) days of receipt of such request or of the Client’s request for the report, whichever is later.
- Oklahoma applicants: Consumers are entitled to receive a free copy of any consumer report obtained by the Client about them.
- California applicants: Consumers have the right, upon written request made within reasonable time after receipt of a notice, to know whether the Client requested an investigative consumer report about them and to receive a copy of any such report at no charge. Any Consumer may view their file maintained on them by the investigative consumer reporting agency during normal business hours. By providing proper identification, a Consumer may obtain a copy of this information in person at the consumer reporting agency’s regular business hours and after providing reasonable notice for their request. Consumers may also receive a summary of the file by telephone, upon submitting proper identification and written request. The investigative consumer reporting agency can assist Consumers in understanding their file, including coded information. Consumers are allowed to have one additional person accompany them so long as they provide proper identification.
- Vermont: Client certifies that it will order employment screening Services relating to Vermont Consumers only after it has received prior consumer consent in accordance with VFCRA § 2480e and applicable Vermont Rules.
- Subject to the variable requirements as set out in the applicable federal, state, or local regulations governing the use of the Services within USA, the Client hereby acknowledges and understands that the provision of Services may be subjected to compliance with any or all the below state law requirements (as may be updated from time to time):
- REFUSAL OF TRANSACTION
- REGULATORY COMPLIANCE. NO LEGAL OR OTHER PROFESSIONAL ADVICE GIVEN
- Each Party (Certn, its Affiliate and Subsidiary companies on one side and All Users on the other side) certifies that it shall at times remain responsible for its compliance with any Applicable Laws and that it shall perform its obligations under these Terms in accordance with all Applicable Laws.
- Each Party will cooperate and share information with the other as reasonably necessary from time to time to ensure that both parties discharge their regulatory obligations, and in order to help achieve positive consumer outcomes.
- Where the delivery of the Services incurs the processing and transfer of Personal Information outside of Canada, the Parties hereby agree and commit to comply with the applicable national and international regulatory requirements (“Data Protection Legislation”). The Parties also agree to take account of any guidance issued by the Privacy Commissioner of Canada and/or any other relevant central governmental body. Subject to any statutory changes, Certn will be entitled to amend the Agreement for the purposes of ensuring regulatory compliance on national or international level, whereby this applies to the provided Services.
- The Client certifies that it is legally permitted to request, obtain, use, or distribute the Personal Information subject to the delivery of our Services, and that it shall not use such data in any manner that violates the Applicable Laws.
- By using our Website and its Services thereto, you agree and acknowledge that we do not act in a capacity of a legal counsel and does not provide legal advice. As such, any provided information, template consent forms, notices, or other similar documents, delivered through information bulletins or communicated as examples, are not created as, nor are they intended to be used as employment or other application form. Such template documents or communicated information for industry practices is made available for information purposes only. Certn makes no assurances regarding the accuracy, completeness, or utility of such information, templates, and forms. It is your own obligation to keep up with and comply with the evolving local and international requirements related to the use of our Services and the processing of the Personal Information of in the submitted Transactions. You shall take all reasonable care to understand how the Applicable Laws pertain to the specific purpose and the relative data processing terms associated with it. The final form and content of any such forms used by yourself, or any Consumer you represent, is your sole responsibility and Certn cannot be held responsible or liable for the used forms or their content. You should consult your own legal counsel regarding your legal obligations, rights and the sufficiency of any form used when utilizing our Services.
- PRICING, PAYMENT AND CURRENCY
- Clients commit to pay all Transaction Fees without deduction of any nature.
- As part of submitting your billing information, your agree to provide us with updated, accurate and complete billing information and hereby agree and authorize Certn (either directly or through our Affiliates and Subsidiaries) to charge and request payment (or otherwise charge, refund or take any other billing actions) from your designated banking account, and to make any inquiries that we may consider necessary to validate your account or financial information, in order to ensure prompt payment, including for the purpose of receiving updated payment details from your credit card company or banking account (such as updated expiry date or card number as may be provided to use by your credit card company).
- The due Fees do not include bank fees, transfer fees, turnover tax (if applicable), nor any other applicable taxes, duties, or similar fees. Such taxes shall be payable on the same payment terms as applied to the Fees to which the taxes relate.
- Except as otherwise agreed or provided on our Platform, all monetary amounts referred to the provision of our Services are in CAD (Canadian Dollars).
- By placing your Transaction request, you authorize us to transmit information or to obtain information about you from third parties from time to time and this may include verification checks involving your debit or credit card number or credit reports in order to authenticate your identity; to validate your credit card; to obtain an initial credit card authorization; to protect you and us from fraud.
- If you choose to pay for your Transaction request using a payment card with a currency denominated account that is different from the currency you are paying in, your payment card will be charged in the payment currency at the foreign exchange rate applied by your relevant payment card provider or bank at the time of processing your request. Your international payment card provider or bank will determine the foreign exchange rate and may add an additional processing or administration charge which you will be liable to pay.
- Where the Services are provided on a subscription basis, payments shall be made into our nominated bank account as specified on the invoices within 30 calendar days after the date of the relevant invoice.
- Unless otherwise agreed, corporate Clients with subscriptions will be invoiced monthly in arrears based on usage.
- Certn reserves the right to change the Transactional Fees and to institute new charges subject to any changes in regulatory charges, or periodically thereafter upon reasonable prior notice to the Client.
- The Client acknowledges and agrees that there may be additional charges associated with certain Services. These charges are subject to change without notice as they are changed by the data sources. Such additional charges include but are not limited to: county criminal court fees, statewide repository fees, data access fees for online portal jurisdictions which are passed on at cost with no markup to our Client and they differ by jurisdiction.
- Any late payments will trigger a fee of 2.00% per month on the amount still owing or the maximum permitted by law, whichever is lower, plus all expenses of collection, including reasonable attorneys’ fees.
- We shall be entitled, at own discretion, to suspend the provision of the Services in the event of late payments.
- TERM AND TERMINATION
- This Agreement will remain in full force and effect as long as you are a Client and in the event of termination, you will still be bound by your obligations under its provisions thereto, including any indemnifications, warranties and limitations of liability.
- Termination of this Agreement will not relieve either Party from due performance of all obligations which matured prior to the date of such termination.
- Where the Services are provided on a subscription basis:
- either Party shall be entitled to terminate this Agreement by giving at least a 30-days’ notice to the other Party;
- either Party may terminate the Agreement, upon written notice, in case that (a) the other party is in material breach of these Terms and to the extent, curable, fails to cure such breach, within a reasonable cure period, which shall not be less than 10 days following a written notice from by the non-breaching party; or (b) ceases its business operations or becomes subject to insolvency proceedings and the proceedings are not dismissed within 45 days.
- The Client may terminate the usage of our Service by cancelling the Services and/or deleting the User ID, whereby such termination shall not derogate from Client’s obligation to pay applicable Transactional Fees.
- Upon termination:
- Certn’s obligation to provide the Services will end on the date of the expiry in the notice;
- termination of this Agreement will not relieve Client from any obligation to pay Certn any amount contracted prior to the termination date;
- unless otherwise stipulated, the termination of this Agreement shall effect in immediate termination of any granted License;
- the Parties shall each promptly return the Confidential Information of the other Party to its owner;
- the Client shall cease using the Services, return any provided materials, destroy, and remove from all computers, hard drives, networks, devices and other storage media, all copies of any materials licensed pursuant to this Agreement and any Confidential Information in Client’s possession, and shall certify to the Supplier that such actions have occurred;
- the termination of using our Services shall not impact the survival of the provisions related to our Fees, the Limits of Liability, IPRs, Data Protection, Confidentiality, Security, Disclaimer of Warranty, Indemnification terms and Governing Law.
- The Client shall not assign or delegate any right, interest, or obligation under this Agreement without first obtaining Certn’s written consent. No assignment, delegation or subcontract by the Client shall relieve the Client from its obligations and liabilities under this Agreement. Any attempted assignment or delegation in contravention of this prohibition shall be void and shall constitute a default under these Terms.
- Certn may assign its rights hereunder if the assignee acknowledges in writing the Client’s rights hereunder and agrees to assume and honor all our obligations hereunder.
- Each Party commits to use all reasonable endeavors and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimize the impact of Malicious Software.
- Certn shall be entitled to set and require the Client to always maintain a particular level of security when utilizing the Services. At a minimum, the Client’s safeguards for the protection of processed Personal Information shall include: (i) limiting access to processed Personal Information; (ii) securing business facilities, paper files, servers, back-up systems and computing equipment, including, but not limited to, all mobile devices and other equipment with information storage capability; (iii) implementing network, device application, database and platform security; (iv) securing information transmission, storage and disposal; (v) implementing authentication and access controls within media, applications, operating systems and equipment; (vi) encrypting Personal Information processed or stored on any mobile media; (vii) providing appropriate privacy and information security training to its employees.
- In the event of any breach or attempted breach of security, either Party shall take reasonable steps to prevent a recurrence thereof and to mitigate the effects of such breach.
- Certn shall be entitled to fully investigate such breach and the Client shall give Certn its full cooperation with such investigation or audit.
- The Client shall be liable for Transactional Fees and other incurred costs arising out of the use by any person of the Services including the use of the Services arising from a security breach.
- Neither party (“Receiving Party”) shall, during the existence of this Agreement or at any time after this Agreement is terminated, use, divulge, disclose, exploit, permit the use of, or in any manner whatsoever use the other party’s (“Disclosing Party”) Confidential Information or disclose the existence or contents of this Agreement to any person or third-party other than as provided or contemplated in this Agreement. Confidential Information means information of a confidential or proprietary nature, including but without limitation, trade secrets, information of commercial value, preferential pricing, software, source code and underlying technical or business information which relates to the Disclosing Party pursuant to this Agreement.
- Confidential Information shall not include information that:
- XVI.2.1.was previously known to the Receiving Party free of any obligation to keep it confidential;
- XVI.2.2.is or becomes publicly available by any means or medium other than unauthorized disclosure;
- XVI.2.3.is independently developed by the Receiving Party; or
- XVI.2.4.is disclosed to third parties by the Disclosing Party without restriction;
- XVI.2.5.is received from a third party whose disclosure would not violate any confidentiality obligation;
- XVI.2.6.is required to be disclosed by applicable law or by a subpoena or other order of a court of competent jurisdiction; or
- XVI.2.7.is input into the our Website’s Software by the Client.
- Confidential Information shall not include information that:
- DATA PROTECTION
- By registering on our website to use the Platform, you agree to the processing of such information and details you have provided us with when completing the registration form and acknowledge that such information shall be maintained accurate and complete throughout the duration of this Agreement.
- INTELLECTUAL PROPERTY
- Certn or its third-party licensors (where applicable) own all Intellectual Property Rights (IPRs) embodied on the Website and subject to the provision of the Services.
- No user will acquire any right, title, or interest in or to Certn’s IPRs or licensors.
- Where subject to the provision of the Services, Certn shall grant the Client a limited non-exclusive, royalty-free license (the “License)” to use the specific IPRs in compliance with the Permissible Purpose and Acceptable Use of utilizing Certn’s Services for the duration of this Agreement. The Client shall not be entitled to create any derivative works from Certn’s IPRs.
- All other IPRs owned by either party shall remain sole and exclusive property of that Party. Any IPRs developed by any Client during the course and within the scope of this Agreement shall vest in and be owned by Certn and the Client shall acquire no rights in to such IPRs.
- If we believe that you have violated or attempted to violate any condition or the spirit of this Agreement, related to the use of the afforded License, usage may be temporarily or permanently revoked, with immediate effect and following a notice.
- DISCLAIMER OF WARRANTY
- YOUR USE OF THE WEBSITE, ITS CONTENTS, OR ITS SERVICES ACCESSIBLE THROUGH THE PLATFORM IS AT YOUR SOLE RISK. YOU ASSUME TOTAL RESPONSIBILITY FOR YOUR USE OF THE WEBSITE AND ANY LINKED SITES THERETO. ALL INFORMATION PROVIDED ON THE WEBSITE AND ON THE PLATFORM IS SUBJECT TO CHANGE WITHOUT NOTICE. CERTN AND OUR AFFILIATES AND SUBSIDIARY COMPANIES DO NOT PROMISE THAT THE WEBSITE OR ANY CONTENT, SERVICE OR FEATURE OF THE WEBSITE WILL BE ERROR-FREE OR UNINTERRUPTED, OR THAT YOUR USE OF THE WEBSITE WILL PROVIDE SPECIFIC RESULTS. THE WEBSITE AND ITS CONTENT ARE DELIVERED ON AN “AS-IS” AND “AS-AVAILABLE” BASIS. CERTN DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CERTN DISCLAIMS ANY AND ALL LIABILITY FOR THE ACTS, OMISSIONS AND CONDUCT OF ANY THIRD PARTIES IN CONNECTION WITH OR RELATED TO YOUR USE OF THE WEBSITE AND/OR ANY OF CERTN’S SERVICES.
- LIMITS OF LIABIITY
- TO THE MAXIMUM EXTENT PERMITTED BY THE APPLICABLE LAWS, CERTN ITS AFFILIATES AND SUBSIDIARY COMPANIES WILL NOT BE RESPONSIBLE OR LIABLE FOR ANY LOSS, LIABILITY, DAMAGE OR EXPENSE OF WHATSOEVER NATURE SUFFERED BY THE CLIENT AS A RESULT OF OR WHICH MAY BE ATTRIBUTABLE TO: (I) ANY BREACH BY THE CLIENT OR THE CONSUMER OF ITS OBLIGATIONS AS SET OUT IN THIS AGREEMENT OR OTHER APPLICABLE LAWS, (II) THE INTENTIONAL OR NEGLIGENT ACTS OR OMISSIONS OF THE CLIENT, ITS EMPLOYEES, AGENTS, CONTRACTORS AND REPRESENTATIVES; (III) THE DOWNTIME OF ANY TELECOMMUNICATIONS LINE AND/OR INFRASTRUCTURE AND/OR FACILITIES OF PUBLIC AND/OR PRIVATE INSTITUTIONS WHICH ARE DIRECTLY RELATED TO THE UNINTERRUPTED SOURCING OF CERTN’S REPORTS AND THE PROVISION OF SERVICES, (IV) ANY INACCURACIES, ERRORS OR OMISSIONS OF THE WEBSITE CONTENT OR (V) EVENTS BEYOND OUR REASONABLE CONTROL.
- YOUR SOLE AND EXCLUSIVE REMEDY FOR DISSATISFACTION WITH THE WEBSITE OR CONTENT OR ANY LINKED WEBSITE IS TO STOP USING THE WEBSITE, CONTENT, OR LINKED WEBSITE, AS APPLICABLE. IN NO EVENT SHALL WE OR OUR OFFICERS, SHAREHOLDERS, DIRECTORS, EMPLOYEES, AFFILIATES, SUBSIDIARIES, AGENTS, LICENSORS, SUPPLIERS, SPONSORS, OR CONTENT PROVIDERS BE LIABLE FOR ANY DAMAGES, INCLUDING, WITHOUT LIMITATION, INDIRECT, CONSEQUENTIAL, SPECIAL, INCIDENTAL, OR PUNITIVE DAMAGES RESULTING FROM THE USE OR INABILITY TO USE THE WEBSITE, THE CONTENT, THE USER CONTENT OR THE PRODUCTS OR SERVICES ACCESSIBLE OR AVAILABLE THROUGH THE WEBSITE, WHETHER BASED ON WARRANTY, CONTRACT, TORT, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT WE ARE ADVISED OF THE POSSIBLITY OF SUCH DAMAGES.
- NOTHING IN THIS AGREEMENT SHALL LIMIT OR EXCLUDE EITHER PARTY’S LIABILITY FOR ANY LIABILITY THAT CANNOT BE EXCLUDED OR LIMITED BY THE APPLICABLE LAW. CERTN’S LIABILITY FOR DAMAGES INCURRED IN CONNECTION WITH THE SERVICES UNDER THIS AGREEMENT, INCLUDING AS A RESULT OF NEGLIGENCE ON THE PART OF CERTN, SHALL NOT EXCEED THE AMOUNT PAID BY THE CLIENT TO CERTN FOR THE PARTICULAR SERVICE GIVING RISE TO SUCH DAMAGES.
- WRITTEN COMMUNICATIONS AND NOTICES
- When using our Website, you accept that communication with us will be mainly electronic. We will contact you by e-mail or provide you with information by posting notices on our website. For contractual purposes, you agree to this electronic means of communication and you acknowledge that all contracts, notices, information, and other communications that we provide to you electronically comply with any legal requirement that such communications be in writing.
- All notices, requests or other communication required or permitted under this Agreement, shall be sufficiently given if delivered in person or sent by facsimile, via registered mail, or via evidenced delivery of email and addressed to the recipient party using the contact details as set out in the Oder Form or in the registration form.
- Any feedback you provide at this Website shall be deemed to be non-confidential. We shall be free to use such information on an unrestricted basis.
- GOVERNING LAW AND JURISDICTION
- The use of our Website, its Platform and our Services shall be governed by and construed in accordance with the laws of the the Province of British Columbia, Canada, without regard to its provisions relating to conflicts of law.
- You agree that any legal action or proceeding between you and us for any purpose concerning these Terms or the obligations hereunder shall be brought exclusively in a court of competent jurisdiction sitting in British Columbia, Canada.
- GENERAL PROVISIONS AND INTERPRETATIONS
- The Parties acknowledge that they have required this Agreement and all related documents to be prepared in English only. Les parties reconnaissent avoir demandé que le présent contrat ainsi que tous les documents qui s’y rattachent soient rédigés uniquement en langue anglaise.
- In the event that any of the provisions of these Terms are held to be invalid or unenforceable in whole or in part, all other provisions will nevertheless continue to be valid and enforceable with the invalid or unenforceable parts severed from the remainder of this Agreement.
- This Agreement does not create any relationship of association, partnership, joint venture or agency between the Parties. Neither Party will have any right or authority to assume, create or incur any liability or obligation of any kind against or in the name of the other Party.
- If the context allows, any words in the singular also include the plural meaning and the other way round. Words in the masculine mean and include the feminine and vice versa.
- Headings are included in these Terms for ease of reference only and will not affect the interpretation or construction of this Agreement.
- Definitions. Capitalized terms herein used but not defined herein shall have the meanings set forth in the Agreement:
All legislation, regulations, and other rules which relate and are applicable to the provision or use of the Services under this Agreement
an incident where information is stolen or taken from a system without the knowledge or authorization of the system’s owner
Data Protection Legislation
All legislation relating to data protection and privacy relevant and applicable to the procurement of our Services
Subject to the provision of the Services, a Consumer shall be any individual person who can be identified, directly or indirectly, via an identifier such as a name and or an ID number, and whose Personal Information is collected by the Client for the purposes of verifying their background or credentials. Where applicable, the term “Consumer” shall mean and replace the term “Consumer”, as defined by the provisions of the US Fair Credit Reporting Act, the California Consumer Privacy Act or other Applicable Laws subject to the provision of the Services.
the monetary value for each individual Transaction when the Client pays for the Services on the go, or the total monetary value for all the Transactions based on usage
means an event or circumstance entirely beyond our control, including a natural disaster, systems breakdown, or other event which impacts the ability of the Certn to provide Services hereunder in compliance with Applicable Laws and this Agreement.
Intellectual Property Rights are:
Any software program or code intended to destroy, interfere with, corrupt, or cause undesired effects on program files, data or other information, executable code or application software macros, whether or not its operation is immediate or delayed, and whether the malicious software is introduced willfully, negligently or without knowledge of its existence.
The committed and agreed order on behalf of the Client for using our Services. Such Order Form will list, at the least, the Service ordered, the associated volumes and the Fees.
the use of the Supplier’s Services, as regulated under the Applicable Laws, for the Client’s business and data verification purposes as defined and set out in the Consumer’s consent and within the scope of this Agreement. Such Permissible Purpose for the use of the Services shall include:
The Personal Information supplied directly by the Consumer indirectly through the Client, subject to the definition of the applicable Data Protection Legislation
the cloud platform hosted by Certn, its Affiliate or Subsidiary companies and made available to the registered Client for accessing and using our Services
The cloud services provided via our website Platform or as specified in the Order Form and all other services supplied by Certn to the Client under or in connection with this Agreement
Software owned by Certn which is or will be used by the Client for the delivery of the Services.
a logged request for a Service onto our Platform
Appendix A: Summary of Consumer’s Rights
Para información en español, visite www.consumerfinance.gov/learnmore o escribe a la Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.
A Summary of Your Rights Under the Fair Credit Reporting Act
The federal Fair Credit Reporting Act (FCRA) promotes the accuracy, fairness, and privacy of information in the files of consumer reporting agencies. There are many types of consumer reporting agencies, including credit bureaus and specialty agencies (such as agencies that sell information about check writing histories, medical records, and rental history records). Here is a summary of your major rights under FCRA. For more information, including information about additional rights, go to www.consumerfinance.gov/learnmore or write to: Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.
- You must be told if information in your file has been used against you. Anyone who uses a credit report or another type of consumer report to deny your application for credit, insurance, or employment – or to take another adverse action against you – must tell you, and must give you the name, address, and phone number of the agency that provided the information.
- You have the right to know what is in your file. You may request and obtain all the information about you in the files of a consumer reporting agency (your “file disclosure”). You will be required to provide proper identification, which may include your Social Security number. In many cases, the disclosure will be free. You are entitled to a free file disclosure if:
- a person has taken adverse action against you because of information in your credit report;
- you are the victim of identity theft and place a fraud alert in your file;
- your file contains inaccurate information as a result of fraud;
- you are on public assistance;
- you are unemployed but expect to apply for employment within 60 days.
In addition, all consumers are entitled to one free disclosure every 12 months upon request from each nationwide credit bureau and from nationwide specialty consumer reporting agencies. See www.consumerfinance.gov/learnmore for additional information.
- You have the right to ask for a credit score. Credit scores are numerical summaries of your credit-worthiness based on information from credit bureaus. You may request a credit score from consumer reporting agencies that create scores or distribute scores used in residential real property loans, but you will have to pay for it. In some mortgage transactions, you will receive credit score information for free from the mortgage lender.
- You have the right to dispute incomplete or inaccurate information. If you identify information in your file that is incomplete or inaccurate, and report it to the consumer reporting agency, the agency must investigate unless your dispute is frivolous. See www.consumerfinance.gov/learnmore for an explanation of dispute procedures.
- Consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information. Inaccurate, incomplete, or unverifiable information must be removed or corrected, usually within 30 days. However, a consumer reporting agency may continue to report information it has verified as accurate.
- Consumer reporting agencies may not report outdated negative information. In most cases, a consumer reporting agency may not report negative information that is more than seven years old, or bankruptcies that are more than 10 years old.
- Access to your file is limited. A consumer reporting agency may provide information about you only to people with a valid need – usually to consider an application with a creditor, insurer, employer, landlord, or other business. The FCRA specifies those with a valid need for access.
- You must give your consent for reports to be provided to employers. A consumer reporting agency may not give out information about you to your employer, or a potential employer, without your written consent given to the employer. Written consent generally is not required in the trucking industry. For more information, go to www.consumerfinance.gov/learnmore.
- You may limit “prescreened” offers of credit and insurance you get based on information in your credit report. Unsolicited “prescreened” offers for credit and insurance must include a toll-free phone number you can call if you choose to remove your name and address form the lists these offers are based on. You may opt out with the nationwide credit bureaus at 1-888-5-OPTOUT (1-888-567-8688).
- The following FCRA right applies with respect to nationwide consumer reporting agencies:
CONSUMERS HAVE THE RIGHT TO OBTAIN A SECURITY FREEZE
You have a right to place a “security freeze” on your credit report, which will prohibit a consumer reporting agency from releasing information in your credit report without your express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit.
As an alternative to a security freeze, you have the right to place an initial or extended fraud alert on your credit file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting 7 years.
A security freeze does not apply to a person or entity, or its affiliates, or collection agencies acting on behalf of the person or entity, with which you have an existing account that requests information in your credit report for the purposes of reviewing or collecting the account. Reviewing the account includes activities related to account maintenance, monitoring, credit line increases, and account upgrades and enhancements.
- You may seek damages from violators. If a consumer reporting agency, or, in some cases, a user of consumer reports or a furnisher of information to a consumer reporting agency violates the FCRA, you may be able to sue in state or federal court.
- Identity theft victims and active duty military personnel have additional rights. For more information, visit www.consumerfinance.gov/learnmore.
States may enforce the FCRA, and many states have their own consumer reporting laws. In some cases, you may have more rights under state law. For more information, contact
your state or local consumer protection agency or your state Attorney General. For information about your federal rights, contact:
TYPE OF BUSINESS:
1.a. Banks, savings associations, and credit unions with total assets of over $10 billion and their affiliates
b. Such affiliates that are not banks, savings associations, or credit unions also should list, in addition to the CFPB:
Washington, DC 20552
600 Pennsylvania Avenue, N.W.
Washington, DC 20580
2. To the extent not included in item 1 above:
a. Office of the Comptroller of the Currency
Customer Assistance Group
1301 McKinney Street, Suite 3450
Houston, TX 77010-9050
P.O. Box 1200
Minneapolis, MN 55480
1100 Walnut Street, Box #11
Kansas City, MO 64106
d. National Credit Union Administration
Office of Consumer Financial Protection (OCFP)
Division of Consumer Compliance Policy and Outreach
1775 Duke Street
Alexandria, VA 22314
3. Air carriers
Asst. General Counsel for Aviation Enforcement & Proceedings
Aviation Consumer Protection Division Department of Transportation
1200 New Jersey Avenue, S.E.
Washington, DC 20590
4. Creditors Subject to the Surface Transportation Board
Office of Proceedings, Surface Transportation Board Department of Transportation 395 E Street, S.W.
Washington, DC 20423
5. Creditors Subject to the Packers and Stockyards Act, 1921
Nearest Packers and Stockyards Administration area supervisor
6. Small Business Investment Companies
Associate Deputy Administrator for Capital Access
United States Small Business Administration
409 Third Street, S.W., Suite 8200
Washington, DC 20416
7. Brokers and Dealers
Securities and Exchange Commission 100 F Street, N.E.
Washington, DC 20549
8. Federal Land Banks, Federal Land Bank Associations,
Federal Intermediate Credit Banks, and Production Credit
Farm Credit Administration
1501 Farm Credit Drive
McLean, VA 22102-5090
9. Retailers, Finance Companies, and All Other Creditors Not Listed Above
Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue, N.W.
Washington, DC 20580
Appendix B: Notice to Users
All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau’s website, www.consumerfinance.gov/learnmore.
NOTICE TO USERS OF CONSUMER REPORTS:
OBLIGATIONS OF USERS UNDER THE FCRA
The Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681-1681y, requires that this notice be provided to inform users of consumer reports of their legal obligations. State law may impose additional requirements. The text of the FCRA is set forth in full at the Consumer Financial Protection Bureau’s (CFPB) website at www.consumerfinance.gov/learnmore. At the end of this document is a list of United States Code citations for the FCRA. Other information about user duties is also available at the CFPB’s website. Users must consult the relevant provisions of the FCRA for details about their obligations under the FCRA.
The first section of this summary sets forth the responsibilities imposed by the FCRA on all users of consumer reports. The subsequent sections discuss the duties of users of reports that contain specific types of information, or that are used for certain purposes, and the legal consequences of violations. If you are a furnisher of information to a consumer reporting agency (CRA), you have additional obligations and will receive a separate notice from the CRA describing your duties as a furnisher.
I. OBLIGATIONS OF ALL USERS OF CONSUMER REPORTS
A. Users Must Have a Permissible Purpose
Congress has limited the use of consumer reports to protect consumers’ privacy. All users must have a permissible purpose under the FCRA to obtain a consumer report. Section 604 contains a list of the permissible purposes under the law. These are:
- As ordered by a court or a federal grand jury subpoena. Section 604(a)(1)
- As instructed by the consumer in writing. Section 604(a)(2)
- For the extension of credit as a result of an application from a consumer, or the review or collection of a consumer’s account. Section 604(a)(3)(A)
- For employment purposes, including hiring and promotion decisions, where the consumer has given written permission. Sections 604(a)(3)(B) and 604(b)
- For the underwriting of insurance as a result of an application from a consumer. Section 604(a)(3)(C) • When there is a legitimate business need, in connection with a business transaction that is initiated by the consumer. Section 604(a)(3)(F)(i)
- To review a consumer’s account to determine whether the consumer continues to meet the terms of the account. Section 604(a)(3)(F)(ii)
- To determine a consumer’s eligibility for a license or other benefit granted by a governmental instrumentality required by law to consider an applicant’s financial responsibility or status. Section 604(a)(3)(D)
- For use by a potential investor or servicer, or current insurer, in a valuation or assessment of the credit or prepayment risks associated with an existing credit obligation. Section 604(a)(3)(E)
- For use by state and local officials in connection with the determination of child support payments, or modifications and enforcement thereof. Sections 604(a)(4) and 604(a)(5)
In addition, creditors and insurers may obtain certain consumer report information for the purpose of making “prescreened” unsolicited offers of credit or insurance. Section 604(c). The particular obligations of users of “prescreened” information are described in Section VII below.
B. Users Must Provide Certifications
Section 604(f) prohibits any person from obtaining a consumer report from a consumer reporting agency (CRA) unless the person has certified to the CRA the permissible purpose(s) for which the report is being obtained and certifies that the report will not be used for any other purpose.
C. Users Must Notify Consumers When Adverse Actions Are Taken
The term “adverse action” is defined very broadly by Section 603. “Adverse actions” include all business, credit, and employment actions affecting consumers that can be considered to have a negative impact as defined by Section 603(k) of the FCRA – such as denying or canceling credit or insurance, or denying employment or promotion. No adverse action occurs in a credit transaction where the creditor makes a counteroffer that is accepted by the consumer.
1. Adverse Actions Based on Information Obtained From a CRA
If a user takes any type of adverse action as defined by the FCRA that is based at least in part on information contained in a consumer report, Section 615(a) requires the user to notify the consumer. The notification may be done in writing, orally, or by electronic means. It must include the following:
- The name, address, and telephone number of the CRA (including a toll-free telephone number, if it is a nationwide CRA) that provided the report.
- A statement that the CRA did not make the adverse decision and is not able to explain why the decision was made.
- A statement setting forth the consumer’s right to obtain a free disclosure of the consumer’s file from the CRA if the consumer makes a request within 60 days.
- A statement setting forth the consumer’s right to dispute directly with the CRA the accuracy or completeness of any information provided by the CRA.
2. Adverse Actions Based on Information Obtained From Third Parties Who Are Not Consumer Reporting Agencies
If a person denies (or increases the charge for) credit for personal, family, or household purposes based either wholly or partly upon information from a person other than a CRA, and the information is the type of consumer information covered by the FCRA, Section 615(b)(1) requires that the user clearly and accurately disclose to the consumer his or her right to be told the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification. The user must provide the disclosure within a reasonable period of time following the consumer’s written request.
3. Adverse Actions Based on Information Obtained From Affiliates
If a person takes an adverse action involving insurance, employment, or a credit transaction initiated by the consumer, based on information of the type covered by the FCRA, and this information was obtained from an entity affiliated with the user of the information by common ownership or control, Section 615(b)(2) requires the user to notify the consumer of the adverse action. The notice must inform the consumer that he or she may obtain a
disclosure of the nature of the information relied upon by making a written request within 60 days of receiving the adverse action notice. If the consumer makes such a request, the user must disclose the nature of the information not later than 30 days after receiving the request. If consumer report information is shared among affiliates and then used for an adverse action, the user must make an adverse action disclosure as set forth in I.C.1 above.
D. Users Have Obligations When Fraud and Active Duty Military Alerts are in Files
When a consumer has placed a fraud alert, including one relating to identify theft, or an active duty military alert with a nationwide consumer reporting agency as defined in Section 603(p) and resellers, Section 605A(h) imposes limitations on users of reports obtained from the consumer reporting agency in certain circumstances, including the establishment of a new credit plan and the issuance of additional credit cards. For initial fraud alerts and active duty alerts, the user must have reasonable policies and procedures in place to form a belief that the user knows the identity of the applicant or contact the consumer at a telephone number specified by the consumer; in the case of extended fraud alerts, the user must contact the consumer in accordance with the contact information provided in the consumer’s alert.
E. Users Have Obligations When Notified of an Address Discrepancy
Section 605(h) requires nationwide CRAs, as defined in Section 603(p), to notify users that request reports when the address for a consumer provided by the user in requesting the report is substantially different from the addresses in the consumer’s file. When this occurs, users must comply with regulations specifying the procedures to be followed.
Federal regulations are available at www.consumerfinance.gov/learnmore.
F. Users Have Obligations When Disposing of Records
Section 628 requires that all users of consumer report information have in place procedures to properly dispose of records containing this information. Federal regulations are available at www.consumerfinance.gov/learnmore.
II. CREDITORS MUST MAKE ADDITIONAL DISCLOSURES
If a person uses a consumer report in connection with an application for, or a grant, extension, or provision of, credit to a consumer on material terms that are materially less favorable than the most favorable terms available to a substantial proportion of consumers from or through that person, based in whole or in part on a consumer report, the person must provide a risk-based pricing notice to the consumer in accordance with regulations prescribed by the CFPB.
Section 609(g) requires a disclosure by all persons that make or arrange loans secured by residential real property (one to four units) and that use credit scores. These persons must provide credit scores and other information about credit scores to applicants, including the disclosure set forth in Section 609(g)(1)(D) (“Notice to the Home Loan Applicant”).
III. OBLIGATIONS OF USERS WHEN CONSUMER REPORTS ARE OBTAINED FOR EMPLOYMENT PURPOSES
A. Employment Other Than in the Trucking Industry
If the information from a CRA is used for employment purposes, the user has specific duties, which are set forth in Section 604(b) of the FCRA. The user must:
- Make a clear and conspicuous written disclosure to the consumer before the report is obtained, in a document that consists solely of the disclosure, that a consumer report may be obtained.
- Obtain from the consumer prior written authorization. Authorization to access reports during the term of employment may be obtained at the time of employment.
- Certify to the CRA that the above steps have been followed, that the information being obtained will not be used in violation of any federal or state equal opportunity law or regulation, and that, if any adverse action is to be taken based on the consumer report, a copy of the report and a summary of the consumer’s rights will be provided to the consumer.
· Before taking an adverse action, the user must provide a copy of the report to the consumer as well as the summary of consumer’s rights (The user should receive this summary from the CRA.) A Section 615(a) adverse action notice should be sent after the adverse action is taken.
An adverse action notice also is required in employment situations if credit information (other than transactions and experience data) obtained from an affiliate is used to deny employment. Section 615(b)(2).
The procedures for investigative consumer reports and employee misconduct investigations are set forth below.
B. Employment in the Trucking Industry
Special rules apply for truck drivers where the only interaction between the consumer and the potential employer is by mail, telephone, or computer. In this case, the consumer may provide consent orally or electronically, and an adverse action may be made orally, in writing, or electronically. The consumer may obtain a copy of any report relied upon by the trucking company by contacting the company.
IV. OBLIGATIONS WHEN INVESTIGATIVE CONSUMER REPORTS ARE USED
Investigative consumer reports are a special type of consumer report in which information about a consumer’s character, general reputation, personal characteristics, and mode of living is obtained through personal interviews by an entity or person that is a consumer reporting agency. Consumers who are the subjects of such reports are given special rights under the FCRA. If a user intends to obtain an investigative consumer report, Section 606 requires the following:
- The user must disclose to the consumer that an investigative consumer report may be obtained. This must be done in a written disclosure that is mailed, or otherwise delivered, to the consumer at some time before or not later than three days after the date on which the report was first requested. The disclosure must include a statement informing the consumer of his or her right to request additional disclosures of the nature and scope of the investigation as described below, and the summary of consumer rights required by Section 609 of the FCRA. (The summary of consumer rights will be provided by the CRA that conducts the investigation.)
- The user must certify to the CRA that the disclosures set forth above have been made and that the user will make the disclosure described below.
- Upon the written request of a consumer made within a reasonable period of time after the disclosures required above, the user must make a complete disclosure of the nature and scope of the investigation. This must be made in a written statement that is mailed or otherwise delivered, to the consumer no later than five days after the date on which the request was received from the consumer or the report was first requested, whichever is later in time.
V. SPECIAL PROCEDURES FOR EMPLOYMEE INVESTIGATIONS
Section 603(x) provides special procedures for investigations of suspected misconduct by an employee or for compliance with Federal, state or local laws and regulations or the rules of a self-regulatory organization, and compliance with written policies of the employer. These investigations are not treated as consumer reports so long as the employer or its agent complies with the procedures set forth in Section 603(x), and a summary describing the nature and scope of the inquiry is made to the employee if an adverse action is taken based on the investigation.
VI. OBLIGATIONS OF USERS OF MEDICAL INFORMATION
Section 604(g) limits the use of medical information obtained from consumer reporting agencies (other than payment information that appears in a coded form that does not identify the medical provider). If the information is to be used for an insurance transaction, the consumer must give consent to the user of the report or the information must be coded. If the report is to be used for employment purposes – or in connection with a credit transaction (except as provided in regulations) the consumer must provide specific written consent and the medical information must be relevant. Any user who receives medical information shall not disclose the information to any other person (except where necessary to carry out the purpose for which the information was disclosed, or a permitted by statute, regulation, or order).
VII. OBLIGATIONS OF USERS OF “PRESCREENED” LISTS
The FCRA permits creditors and insurers to obtain limited consumer report information for use in connection with unsolicited offers of credit or insurance under certain circumstances. Sections 603(1), 604(c), 604(e), and 615(d). This practice is known as “prescreening” and typically involves obtaining from a CRA a list of consumers who meet certain preestablished criteria. If any person intends to use prescreened lists, that person must (1) before the offer is made, establish the criteria that will be relied upon to make the offer and to grant credit or insurance, and (2) maintain such criteria on file for a three-year period beginning on the date on which the offer is made to each consumer. In addition, any user must provide with each written solicitation a clear and conspicuous statement that:
- Information contained in a consumer’s CRA file was used in connection with the transaction.
- The consumer received the offer because he or she satisfied the criteria for credit worthiness or insurability used to screen for the offer.
- Credit or insurance may not be extended if, after the consumer responds, it is determined that the consumer does not meet the criteria used for screening or any applicable criteria bearing on credit worthiness or insurability, or the consumer does not furnish required collateral.
·The consumer may prohibit the use of information in his or her file in connection with future prescreened offers of credit or insurance by contacting the notification system established by the CRA that provided the report. The statement must include the address and toll-free telephone number of the appropriate notification system.
In addition, the CFPB has established the format, type size, and manner of the disclosure required by Section 615(d), with which users must comply. The relevant regulation is 12 CFR 1022.54.
VIII. OBLIGATIONS OF RESELLERS
A. Disclosure and Certification Requirements
Section 607(e) requires any person who obtains a consumer report for resale to take the following steps:
- Disclose the identity of the end-user to the source CRA.
- Identify to the source CRA each permissible purpose for which the report will be furnished to the end-user.
- Establish and follow reasonable procedures to ensure that reports are resold only for permissible purposes, including procedures to obtain:
- the identify of all end-users;
- certifications from all users of each purpose for which reports will be used; and
- certifications that reports will not be used for any purpose other than the purpose(s) specified to the reseller. Resellers must make reasonable efforts to verify this information before selling the report.
B. Reinvestigations by Resellers
Under Section 611(f), if a consumer disputes the accuracy or completeness of information in a report prepared by a reseller, the reseller must determine whether this is a result of an action or omission on its part and, if so, correct or delete the information. If not, the reseller must send the dispute to the source CRA for reinvestigation. When any CRA notifies the reseller of the results of an investigation, the reseller must immediately convey the information to the consumer.
C. Fraud Alerts and Resellers
Section 605A(f) requires resellers who receive fraud alerts or active duty alerts from another consumer reporting agency to include these in their reports.
IX. LIABILITY FOR VIOLATIONS OF THE FCRA
Failure to comply with the FCRA can result in state government or federal government enforcement actions, as well as private lawsuits. Sections 616, 617, and 621. In addition, any person who knowingly and willfully obtains a consumer report under false pretenses may face criminal prosecution. Section 619.
The CFPB’s website, www.consumerfinance.gov/learnmore, has more information about the FCRA, including publications for businesses and the full text of the FCRA.
Citations for FCRA sections in the U.S. Code, 15 U.S.C. § 1681 et seq.:
Section 602 15 U.S.C. 1681
Section 603 15 U.S.C. 1681a
Section 604 15 U.S.C. 1681b
Section 605 15 U.S.C. 1681c
Section 605A 15 U.S.C. 1681c-A
Section 605B 15 U.S.C. 1681c-B
Section 606 15 U.S.C. 1681d
Section 607 15 U.S.C. 1681e
Section 608 15 U.S.C. 1681f
Section 609 15 U.S.C. 1681g
Section 610 15 U.S.C. 1681h
Section 611 15 U.S.C. 1681i
Section 612 15 U.S.C. 1681j
Section 613 15 U.S.C. 1681k
Section 614 15 U.S.C. 1681l
Section 615 15 U.S.C. 1681m
Section 616 15 U.S.C. 1681n
Section 617 15 U.S.C. 1681o
Section 618 15 U.S.C. 1681p
Section 619 15 U.S.C. 1681q
Section 620 15 U.S.C. 1681r
Section 621 15 U.S.C. 1681s
Section 622 15 U.S.C. 1681s-1
Section 623 15 U.S.C. 1681s-2
Section 624 15 U.S.C. 1681t
Section 625 15 U.S.C. 1681u
Section 626 15 U.S.C. 1681v
Section 627 15 U.S.C. 1681w
Section 628 15 U.S.C. 1681x
Section 629 15 U.S.C. 1681y
Appendix C: Remedying the Effects of ID Theft
Para información en español, visite www.consumerfinance.gov/learnmore o escribe al Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.
Remedying the Effects of Identity Theft
You are receiving this information because you have been notified a consumer reporting company that you believe that you are a victim of identity theft. Identity theft occurs when someone uses your name, Social Security number, date of birth, or other identifying information, without authority, to commit fraud. For example, someone may have committed identity theft by using your personal information to open a credit card account or to get a loan in your name. For more information, visit www.consumerfinance.gov/learnmore or write to: Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.
The Fair Credit Reporting Act (FCRA) gives you specific rights when you are, or believe that you are, the victim of identity theft. Here is a brief summary of the rights designed to help you recover from identity theft.
- You have the right to ask that nationwide consumer reporting companies place “fraud alerts” in your file to let potential creditors and others know that you may be a victim of identity theft. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. It also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide consumer reporting agencies. As soon as the agency processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file.
An initial fraud alert stays in you file for at least 90 days. An extended alert stays in your file for seven years. To place either of these alerts, a consumer reporting agency will require you to provide appropriate proof of your identity, which may include your Social Security number. If you ask for an extended alert, you will also have to provide an identity theft report. An identity theft report includes a copy of a report you have files with a federal, state, or local law enforcement agency, and additional information a consumer reporting agency may require you to submit. For more detailed information about the identity theft report, visit www.consumerfinance.gov/learnmore.
- You have the right to free copies of the information in your file (your “file disclosure”). An initial fraud alert entitles you to a copy of all the information in your file at each of the three nationwide agencies, and an extended alert entitles you to two free file disclosures in a 12-month period following the placing of the alert. These additional disclosures may help you detect signs of fraud, for example, whether fraudulent accounts have been opened in your name or whether someone has reported a change in your address. Once a year, you also have the right to a free copy of the information in your file at any consumer reporting agency, if you believe it has inaccurate information due to fraud, such as identity theft. You also have
the ability to obtain additional free file disclosures under other provisions of the FCRA. See www.consumerfinance.gov/learnmore.
- You have the right to obtain documents relating to fraudulent transactions made or accounts opened using your personal information. A creditor or other business must give you copies of applications and other business records relating to transactions and accounts that resulted from the theft of your identity, if you ask for them in writing. A business may ask you for proof of your identity, a police report, and an affidavit before giving you the documents. It also may specify an address for you to send your request. Under certain circumstances, a business can refuse to provide you with these documents. See www.consumerfinance.gov/learnmore.
- You have the right to obtain information from a debt collector. If you ask, a debt collector must provide you with certain information about the debt you believe was incurred in you name by an identity thief – like the name of the credit and the amount of the debt.
- If you believe information in your file results from identity theft, you have the right to ask that a consumer reporting agency block that information from your file. An identity thief may run up bills in your name and not pay them. Information about the unpaid bills may appear on your consumer report. Should you decide to ask a consumer reporting agency to block the reporting of this information, you must identity the information to block, and provide the consumer reporting agency with proof of your identity and a copy of your identity theft report. The consumer reporting agency can refuse or cancel your request for a block if, for example, you don’t provide the necessary documentation, or where the block results from an error or a material misrepresentation of fact made by you. If the agency declines or rescinds the block, it must notify you. Once a debt resulting from identity theft has been blocked, a person or business with notice of the block may not sell, transfer, or place the debt for collection.
- You also may prevent businesses from reporting information about you to consumer reporting agencies if you believe the information is a result of identity theft. To do so, you must send your request to the address specified by the business that reports the information to the consumer reporting agency. The business will expect you to identify what information you do not want reported and to provide an identity theft report.
To learn more about identity theft and how to deal with its consequences, visit www.consumerfinance.gov/learnmore, or write to the Consumer Financial Protection Bureau. You may have additional rights under state law. For more information, contact your local consumer protection agency or your state Attorney General.
In addition to the new rights and procedures to help consumers deal with the effects of identity theft, the FCRA has many other important consumer protections. They are described in more detail at www.consumerfinance.gov/learnmore.