Privacy Policy

PDF Version

Employment Screening Services (ESS) is committed to protecting the privacy of our clients, of visitors to our website , and of the individuals ("consumers" or “data subjects”) on whom we conduct background screens at our clients' request. As a consumer reporting agency governed by the U.S. Federal Fair Credit Reporting Act ("FCRA") enforced by the investigatory and enforcement powers of the Federal Trade Commission, Consumer Financial Protection Bureau among other federal/state/local authorities, ESS strives to maintain a high level of confidentiality, integrity, and security of the personal information that it collects.

In additional to operating under U.S. data protection authorities, ESS is dedicated to operating in accordance with all host nation laws and directives regarding information privacy and personal data protection, including but not limited to: EU General Data Protection Regulation; the European Privacy Act, the Canadian Personal Information Protection & Electronics Documents Act, and substantially similar provincial laws from British Co lumbia, Alberta, and Quebec.

ESS does not sell, share, or disseminate personal information to any third party for a purpose other than is stated within this policy and that is not authorized in writing by the consumer to whom it relates. Personal information is protected from unauthorized or accidental disclosure and is only seen by those persons who need it to perform their job -- to provide our clients with the services authorized by the consumer to whom it relates. Personal information is retained only as long as required after which it is properly destroyed as to prevent unauthorized access to or use of the information.

Our employees are comprehensively and regularly screened and trained to ensure that information is handled responsibly and in accordance with this Privacy Policy. We maintain strict physical, electronic, and procedural safeguards that comply with state and federal regulations to guard a consumer’s nonpublic and public personal information.

To demonstrate our commitment to information security, ESS has implemented industry’s best practice security controls and assures the effectiveness of our controls through compliance with ISO 27001, the global standard for managing information security.

Upon proper identity verification, ESS acknowledges that consumers have the right to see all information about them held by Employment Screening Services. Additionally, ESS has a dispute resolution department that expeditiously addresses all inquiri es and complaints regarding information provided to our clients.

Our Commitment and Affirmation

In addition to the FCRA and other applicable federal, state, and local laws, Employment Screening Services complies with the principles of the EU General Data Protection Regulation (GDPR) and other data protection authorities regarding the safety and retention of personal information on data subjects (consumers). ESS certifies that it adheres to the privacy principles of No tice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement and Liability.

Further, ESS has implemented data security and personal data privacy protections as prescribed by the EU General Data Protection Regulation ((EU)2016/679)). gdpr-info.eu. EU Data subjects have the right to limit the purposes for which their personal data can be processed. Prior to any collection or processing of personal data, ESS (data processor) a nd the ESS Client (data controller), provide EU data subjects with a clear and conspicuous disclosure of the data subject’s right to: transparency, access, rectification, restrict processing, object to processing, data portability, and the right to not be evaluated on the basis of automated processing. Also prior to any collection or processing of personal data, the data subject must provide his/her written consent. The authorization document will include the specific purpose and limited scope for which personal data will be processed.

1. Notice

Before ESS receives personal information about consumers from its clients, all clients have certified to ESS that: (1) they have obtained the consumer’s informed written consent to share this information with ESS; (2) they have disclosed to the consumer they are requesting a background check for employment purposes; and, (3) they will use consumer information provided by ESS for legally permissible purposes (such as hire, promote, reassign, retention). Furthermore, before a client’s individual representative receives the consumer information needed to complete his/her job; he/she must provide an individual certification to the same effect. ESS and its clients will not use consumer information for an incompatible purpose, nor will consumer information become part of a proprietary database of consumer information.

Personal information collected by ESS will be done so for employment-related purposes only. The type of information collected may include, but is not be limited to full name, former name(s) if any, address history, personal identifiers or biometric data, criminal record history, employment history, educational history and driving records. Pursuant to the terms of its contract with its clients, ESS uses this information to prepare an employment background check report that meets its clients' employment screening needs. The nature and scope of the report is disclosed to the consumer at the time he/she au thorizes the consumer report. Also see “Access” for additional information.

ESS commits to applying the EU GDPR principles to all data collected, including public records and publicly available information , outside of the United States. ESS agrees to cooperate with the EU and other data protection authorities (DPAs) with respect to the protection of private/personal data, human resource or otherwise, collected in the context of the providing employment screening services. ESS will comply with any legal directive given by the DPA within 25 days of receipt. ESS understands that if its explanation or compliance measure is not satisfactory, the DPA may refer the matter to the U.S. Federal Trade Commission and/or the U.S. Consumer Financial Protection Bureau. Further, ESS cooperates with properly identified government authorities with jurisdictional standing and may disclose personal information in a response to lawful requests by such authorities, including meeting national security or law enforcement requirements.

2. Choice (opt-out of sensitive information)

ESS gives consumers a choice to opt out of the collection of personal information by virtue of the fact that personal informa tion is only collected with the consumer’s explicit written consent. Prior to the collection of any personal information, ESS pr ovides the individual a disclosure document that clearly imparts this fact. Therefore, to opt-out of the process prior to the collection of any personal information, the individual should not sign the authorization document permitting such collection of information. To reiterate, the information collected is only utilized for the purposes described above in the section on "Notice."

In the event the individual wishes to opt-out or amend his or her written authorization to collect personal information that was already given to ESS, the individual may withdrawal or amend his/her consent by notifying ESS through the contact information provided on this page, on its website, and on the disclosure document provided to the consumer at the time written authorization was given. This does not mean that information already collected by ESS will automatically be erased or deleted. Upon proper written request for a data purge, ESS will evaluate all requests and how it aligns with various compliance laws that may require ESS to maintain the data (at least in part) for a period of time. ESS will return a formal written response to all data purge requests.

Sensitive information (i.e., personal information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information concerning the sex life of the individual) will not be collected.

3. Accountability for Onward Transfer (to third parties)

The information obtained by ESS is only transferred to an end user entity that has been specifically authorized by the consumer to receive the data, or to a designated/authorized agent acting on behalf of the end-user, and only for the purpose described in the section under “Notice” and “Choice.” ESS takes proactive steps to insure that an individual who receives information on the behalf of the end user entity will personally maintain privacy and confidentiality (see “individual certification” described in the section under “Notice.”) Each transfer of information to the end user includes a notification reiterating the privacy, data protection, and confidentiality certifications made regarding the use of the consumer information.

ESS takes precautionary steps to safeguard personal information disclosed to its representatives and subcontractors. ESS will disclose consumer information to these trusted partners only after they certify they will maintain commercially reasonable security measures to protect the confidentiality, integrity and security of personal information. ESS discloses only the minimum personal information to its reps and subcontractors that is necessary to deliver to ESS (for the benefit of ESS’s client) the requested product or service. ESS obtains their written agreement to abide by relevant principles of EU GDPR and other data protection authorities. Prior to such disclosures, ESS thoroughly screens the trusted partner as to their data protection policies and procedures.

4. Security

ESS takes all reasonable and appropriate measures to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. For example, ESS utilizes a 128 -bit encryption on a secured server for all internet communications. Furthermore, only ESS employees who need the information to perform a specific job are granted access to personally identifiable information. Strong password protection protocols are used on all computers. All employees are kept upto-date on our security and privacy policies. Finally, the servers that are used to store personally identifiable information are kept in a secure environment, with appropriate security measures. Destruction of consumer information follows the Federal Trade Commission’s requirements that the information be unreadable upon disposal.

Further, ESS employs and enforces strict procedures to insure information security. We developed and maintain security policies and procedures that include the designation of one or more individuals specifically responsible for the implementation, management, and enforcement of the policy. This is an over-arching information security policy that broadly addresses information security measures including but not limited to system and router configuration, anti -virus and firewall management, data encryption, access control, electronic and paper data retention, storage and disposal, incident response, and physical security.

We continuously enhance our policies and practices that protect the integrity personal data. For example, we are ISO 27001 Compliant. ISO (International Organization for Standardization) is the gold standard of data security. ISO 27001 is designed to help establish and maintain an effective information security management system, using a continual improvement approach. It requires rigorous repeated external assessment and demands applicants meet high standards of risk management and security control on an on-going basis. This compliance also guarantees that all relevant networks are protected against any systemic vulnerabilities, keeping all information protected 24/7.

5. Data Integrity and Purpose Limitation
ESS only collects data that is strictly necessary for the purposes listed under the section on “Notice.” The data includes information that is necessary to verify the identity of the consumer. ESS makes every reasonable effort to assure maximum possible accuracy in the information collected. Regarding public record information that is likely to have an adverse effect on the consumer, ESS maintains strict procedures to insure the information is accurate, complete , and up-to-date (per FCRA rules 613 (a)(1)(2). ESS will adhere to the EU GDPR and other data protection directives for as long as it retains such information. ESS cannot be responsible for errors within court records and within the records of other consumer reporting agencies, such as cr edit bureaus. Therefore, ESS cannot act as a guarantor of information.

6. Access

In accordance with EU GDPR and other data protection authorities and applicable laws including the FCRA, upon proper identification of the consumer, ESS will disclose to consumers who inquire, without requiring any justification for their inquiry, the right to: (i) obtain a confirmation of whether or not ESS possesses personal information about them; (ii) full access to (inspect and/obtain copies) all information ESS may have about them; (iii) obtain names of end users of the their information and know when it was collected, and for what specific purpose; and (iv), request ESS to correct, amend, or delete information where it is inaccurate or has been processed in violation of any data protection laws. ESS will respond to access requests in a timely manner and in a manner that is readily intelligible to the individual.

7. Recourse, Enforcement, and Liability

In compliance with the U.S. FCRA, EU GDPR and other data protection directives, ESS commits to resolve consumer complaints about the privacy, collection, and use of personal information by means of in-house verification by the management of this company. Questions, complaints, and inquiries regarding this privacy policy should contact ESS by any of the following means:

Phone: +1 509-624-3851 / 1-800-473-7778
Fax: +1 509-624-2905 / 1-800-321-2905
Email: info@employscreen.com
Website: www.employscreen.com
Post: ATTN: Privacy Officer, Employment Screening Services, 627 E. Sprague Ave, Spokane, WA USA

ESS attests that it will provide the consumer free and easy access to its information protection policies and procedures as w ell as to the consumer’s data itself. ESS will respond to each and every consumer complaint within 30 days of re ceiving a complaint. Should a complaint not be resolved to the consumer’s satisfaction, ESS will again provide full disclosure of the consumer’s r ights including contact information for the applicable national, state, and/or local regulators and data prote ction authorities that are charged with enforcement of technical violations and other consumer complaints and grievances. ESS will full cooperate with a ll government agency investigations, enforcement actions and other rulings/orders by a court of law.

ESS is governed by FCRA regulations as enforced by the U.S. Federal Trade Commission and the Consumer Financial Protection Bureau. As a Washington State (USA) corporation and a licensed private investigative agency, we are also governed by the rules and regulations of the state. ESS is a founding member of and accredited by the Professional Background Screening Association (thepbsa.org) and strictly adheres to its professional standards, code of conduct, ethical business practices, and its promotion of compliance with the Fair Credit Reporting Act.

Any questions regarding this Privacy Policy may be directed to:

Chief Privacy Officer
Employment Screening Services
627 E. Sprague Ave
Spokane, WA 99202
USA PH: 1-509-624-3851 / 1-800-473-7778
FX: 1-509-624-2229 / 1-800-321-2905
ess@employscreen.com