Privacy Policy

Promesa Enterprises, Inc. dba Integrated Screening Partners

Privacy policy

About this policy

Integrated Screening Partners (“ISP”) is concerned about the protection of personal information. It is our policy to maintain the confidentiality and privacy of any personal data submitted to us in writing, electronically through our online order/delivery system or while visiting our website.

This Privacy Policy covers the information practices of ISP and describes the principles ISP follows with regard to information submitted by our clients and their applicants and employees, and to other data that we collect from third parties and other sources in connection with the services we provide. These information privacy principles have been implemented by all ISP personnel regardless of their location. All data shall be collected, stored and used in compliance with applicable law, which may include the Federal Fair Credit Reporting Act (”FCRA”), individual state background screening and privacy laws.

Integrated Screening Partners, Data Protection Policy / Privacy

This is a statement of Data Protection policy adopted by ISP.

ISP is a Consumer Reporting Agency as defined by the federal Fair Credit Reporting Act and collects sensitive and personal information about individuals.

This information may include, but is not limited to, full name, previous names used, Social Security Number or other overseas country national identity numbers, dates of birth, phone numbers, residential address, credit information, employment history, academic history, medical information and criminal record history. We provide background screening services only to businesses with a permissible purpose and only after they undergo a vetting process. Our clients provide us with personal information in conjunction with the collection and preparation of the report. Personal identifying information is only collected with the consent of the subject of the report. ISP may disclose personal information on consumers to third parties in connection with the business transaction and purpose for which it was collected. Third party disclosure of the personal information may include the requesting client, affiliate companies, third party agents, in-country sources, educational institutions, employers, courts, law enforcement agencies and other persons, businesses, or government agencies as necessary for ISP to complete the requested services. Information you provide may also be disclosed in response to legal requirements. ISP does not sell or rent the personal information you provide.

Consumers have the right to see the information about them held by ISP. Additionally, ISP has a dispute resolution department that expeditiously addresses all inquiries and complaints regarding information provided to our clients

We regard the lawful and correct treatment of personal information by ISP as very important to successful operations, and to maintaining confidence between those with whom we deal with and ourselves. We ensure that our organization treats personal information lawfully and correctly.

Personal Information Disclosure: United States or Overseas

Personal information submitted to ISP for a background screening investigation may at times be transferred outside of the United States in order to perform the background investigation.

Policy Changes

This policy may be amended from time to time. Any changes that are made to the existing privacy policy of ISP will be posted on this website.

Contact Information
For additional information contact:

Customer Service
Integrated Screening Partners
5316 Hwy 290 West - Suite 500
Austin, TX 78735
(800) 474-4420 ext: 1
customerservice@integratedscreening.com

In accordance with California Civil Code § 1786.20, the representative named above will be able to assist you with additional information regarding our privacy practices and policies in the event of a compromise of your information.

EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) Provisions of Our Privacy Policy

Promesa Enterprises, Inc. dba Integrated Screening Partners (“ISP”) complies with the EU-U.S. Data Privacy Framework, UK Extension to the EU-U.S. Data Privacy Framework Principals and the Swiss-U.S. Data Privacy Framework Principals as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, United Kingdom and/or Switzerland to the United States in reliance on Data Privacy Framework. ISP commits to subject all personal data received from the EU/UK/Swiss in reliance on the Data Privacy Framework to the Data Privacy Framework Principles. ISP has certified to the Department of Commerce that it adheres to the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Principles, the EU-U.S. DPF and the UK Extension to the EU-U.S.

DPF and the Swiss-U.S. DPF Principles shall govern. To learn more about the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

We fulfill our obligation under the seven Data Privacy Framework Principles in the following manner:

Notice

Our clients provide us with your personal information in connection with our preparing a report for such clients. (These reports are referred to by several different names including: Background Check, Consumer Report, Investigative Consumer Report, Background Screening Report, Background Report, and others.) In all cases, our clients have certified to ISP that they have provided disclosure to their applicants that a background investigation will be performed and that personal data may be gathered for the purpose of completing the Background Investigation Report. Our clients further certify to us that they have received consent from an applicant before a Background Report is requested.

The services we provide frequently require us to find or validate personal information with third party sources. To do so, we need to provide your personal information to allow the third party to find records about you. These companies are authorized to use your personal information only as necessary to provide these services to us.

Personal information gathered may include your history of employment and other credentials related to your prospective employment, tenancy, license or membership. ISP will use such information only for the purposes of performing background screening and credential verification services, including to verify the accuracy of the personal information and to check on references. In addition to the data that is submitted to ISP by our clients, ISP may collect data from third parties as needed to process certain academic, residential, achievement, job performance, attendance, litigation, personal history, credit reports, driving records, criminal history records and other lawful checks. Our clients determine the extent of the background check they are ordering. A Background Report may be prepared summarizing this information. Prior employers and/or references may be contacted, and the report may include information obtained through personal interviews regarding the applicant’s character, general reputation, personal characteristics and/or mode of living. We may provide all such information to our client in one or more reports.

Choice

ISP gives consumers a choice to opt out of the collection of personal information by virtue of the fact that personal information is only collected with the consumer’s written consent. If you do not wish to have your personal information made available to our client (your current or prospective employer, landlord, licensor or association), please do not authorize our client to procure a Background Report. By consenting to the procurement of a Background Report, and submitting information to our client, you are agreeing to allow ISP to disclose information about you to our client and to our sharing that information with third-party representatives to complete the business transaction. The collected information is then only utilized for the purpose as described above in the section on “Notice”.

Accountability for Onward Transfer

ISP discloses personal data that it collects to third parties in connection with the business transaction for which it was collected. Third party disclosure of the information may include the ISP client whom the consumer has authorized to receive such information and the third party representatives of ISP authorized to receive such information including affiliate companies, service providers, agents, in-country sources, educational institutions, employers, courts, law enforcement agencies and other persons, businesses or government agencies as necessary for ISP to complete the requested services including vendors such as Owens Online LLC and its representative Owens Europe GmbH. Owens’ privacy policy is available at https://www.owens.com/legal/privacy-policies. ISP may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. In instances of onward transfer to third parties of data of EU, UK and Swiss individuals received pursuant to the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF ISP is potentially liable.

ISP stores personal information in the United States. Remote access to internal systems is permissible through encrypted VPN or TLS/SSL HTTPS connections to our employees and contractors in El Salvador, Guatemala, India and the Philippines. We also use service providers in various other countries, usually to collect or translate information from that service provider’s country or region that we require to provide services.

In connection with our providing services, we may in some instances, employ third party service providers to perform functions on our behalf. All such third party representatives are contractually obligated to use and maintain the confidentiality of personal information in a manner consistent with this Privacy Policy. Except as described in this Privacy Policy, or required by law, we will not use or otherwise disclose any of the personally-identifying information that you provide or that we collect from third parties or other sources. ISP takes reasonable steps to safeguard personal information by entering agreements with third parties to comply with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF programs.

Security

ISP has taken and will continue to take appropriate measures to assure the security of personal data. Any personal data transmitted to or from ISP’s web site is protected by a secure socket layer (SSL) key which encrypts the data transmitted over the Internet. Personal data on our servers is stored in a secure manner. Access to those servers and data is strictly limited to authorized personnel of ISP, who have been trained to protect against loss, misuse, unauthorized access, disclosure, alteration, or destruction of personal data under ISP control. When records containing consumer information are destroyed or disposed of, they will be disposed of securely to render information inaccessible, unreadable, and unrecoverable.

Data Integrity and Purpose Limitation

In accordance with applicable law, ISP takes reasonable steps to ensure that the information ISP collects is accurate, complete, current, and reliable for its intended use. ISP only collects data that is necessary for the purposes listed under the section on “Notice”. The data includes information that is necessary to identify the consumer for purposes of collecting background screening information.

ISP makes every effort to ensure that the data it collects and stores is as accurate as possible. ISP cannot guarantee, however, that third parties are accurate in their information. Therefore, ISP denies any responsibility for the accuracy of the data supplied by any third-party sources of information or by ISP’s clients.

ISP will adhere to the Principles for as long as ISP retains personal data transferred in reliance upon the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

Access

All subjects of consumer reports have the right of access to any reports ISP produces and maintains on them. You may contact ISP, as set out at the end of this Privacy Policy, at any time to determine whether we hold any personal information about you and to obtain access to that information. For your protection, we will require proof of identity, including proper verification and confirmation that you are the individual who is entitled to request access, before providing information to you. ISP affords the consumer a reasonable opportunity to correct, amend or delete information that is inaccurate or incomplete, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy or where the rights of persons other than the individual would be violated. Individuals who wish to exercise these rights may contact ISP using the contact details listed below. Please contact us if you have any questions about your consumer report or believe that any of the reported information is inaccurate or incomplete. ISP will reinvestigate any disputed information. Should additional research provide clearance, disputed items will be corrected, amended, or deleted.

Recourse, Enforcement and Liability

The Federal Trade Commission has jurisdiction over ISP’s compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF and is subject to its investigatory and enforcement powers.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, ISP commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact ISP at:

Edwin Medearis
Chief Operating Officer
Integrated Screening Partners
5316 Hwy 290 West - Suite 500
Austin, TX 78735(800) 474-4420 ext: 1
customerservice@integratedscreening.com

Integrated Screening Partners has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection Information Commissioner and UK Information Commissioner with regard to unresolved EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF complaints concerning human resources and non-human resources data transferred from the EU, UK and/or Switzerland in the context of the employment relationship.

EU, UK and Swiss Consumers Only:

Data Privacy Framework organizations must respond within 45 days of receiving a complaint.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, ISP commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. If you have not received a timely or satisfactory response from ISP to your question or complaint, please contact the independent recourse mechanism that is available to provide appropriate recourse free of charge listed below:

EU data protection authorities (DPAs)UK Information Commissioner’s Office (ICO)Swiss Federal Data Protection and Information Commissioner (FDPIC)

Please note that if your complaint is not resolved through the above channels, under limited circumstances, where permitted by the Data Privacy Framework program, a binding arbitration option may be available before a Data Privacy Framework Panel. For additional information see: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction