FCRA Basic & Global Sanctions, PEPs and Adverse Media Checks (Item Check 0307A – 0308 & 0332) | ID NUMBER 100404-100408
The Datasets have been replaced with 0307 International Sanctions (FCRA), 0308 International PEP (FCRA) and International Adverse Media Datasets (ID numbers 201604, 201605 & 201606) since 8 December 2022. 0307 International Sanctions (FCRA), 0308 International PEP (FCRA) and International Adverse Media Datasets are subject to the Additional Terms available here: https://www.gbgplc.com/en/legal-and-regulatory/additional-terms/id3global/
• Supplier hosts the Supplier Data
• Supplier is a Sub-processor of Client Information
• Client Information includes Personal Data
• The Sub-processor is based in the United States
• The Sub-processor is located outside of the EEA
• The Supplier is subject to the Privacy Shield Framework so is deemed to offer an adequate level of data protection by the European Commission
The Supplier Data that GBG uses to provide FCRA Basic & Global Sanctions, PEPs and Adverse Media Checks is supplied by GBG’s Data Supplier. GBG is obliged under the terms of its agreement with its Data Supplier to ensure that all End Users agree to comply with the provisions set out below. These terms apply to all FCRA Basic & Global Sanctions, PEPs and Adverse Media Checks. Individual FCRA Basic & Global Sanctions, PEPs and Adverse Media Checks are identified by an ID Number on the End User’s Order Form.
1. DEFINITIONS
1.1. In these Additional Terms, the following definitions shall apply, in addition to the definitions set out in the General Terms:
“Permitted Purpose” means use of the Supplier Data solely for the purpose of identity verification and/or fraud prevention.
2. USE OF THE SUPPLIER DATA
2.1. The Supplier Data may only be used for the Permitted Purpose in accordance with these terms.
2.2. The End User warrants that it will not use the Supplier Data for any reason outside of the Permitted Purpose, and shall not forward, send or disseminate the Supplier Data or information contained within to any other party.
2.3. The Supplier Data is provided by various third party sources on an “as is” basis. The End User acknowledges and agrees that the Data Supplier makes no representation or warranty whatsoever, either express or implied (including, but not limited to, implied warranties arising from the course of dealing or a course or performance) with respect to the accuracy, validity, completeness, or suitability of the Supplier Data and the Data Supplier hereby disclaims all such representations and warranties.
2.4. The End User acknowledges that provision of the Supplier Data by the Data Supplier does not constitute in any way legal advice.
2.5. The End User understands and agrees that although the Data Supplier complies with all applicable international laws regarding the access to and search against various data sources applicable to the Supplier Data, the End User must also comply with all applicable international laws regarding the use and distribution of the search results and that the End User's compliance effort is the sole responsibility of the End User.
3. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS
3.1. The Supplier Data used to provide this element of the Service is hosted by the Data Supplier. In order to perform the Services, the Data Supplier shall act as Sub-processor of Client Information (including any Personal Data supplied) for the sole purpose of delivering this element of the Service. The End User authorises GBG to appoint the Data Supplier as Sub-Processor for the purposes specified in this clause 3.1.
3.2. The Data Supplier is based in the United States which is located outside of the EEA. The Data Supplier is subject to the Privacy Shield Framework so is deemed to offer an adequate level of data protection for Personal Data by the European Commission, therefore the Parties acknowledge that Personal Data can be safely transferred to the Data Supplier for sub-processing without further data export safeguards.
4. AUTHORISATION TO PROVIDE AND TRANSFER INFORMATION
4.1. If the Data Subject resides within the United States of America or its territories, the End User hereby certifies it or its customer will use commercially reasonable efforts to comply with all applicable requirements of the Fair Credit Reporting Act, 15 U.S.C.1681 et seq. ("FCRA") for those searches which relate to FCRA regulated services, including, without limitation, the following requirements:
(a) Prior to completing a search, establish reasonable procedures to ensure that it or its customers have a permissible purpose for requesting the Supplier Data, and that it or those customers will use any customer data for single one-time use, including but not limited to requiring a certification of the same from its customers;
(b) Prior to using the Supplier Data, the End User will maintain reasonable procedures to assure maximum possible accuracy of information it provides to its customers; provided, however, that such obligation shall not apply to accuracy issues in the Supplier Data.
(c) Provide its customers with the Consumer Financial Protection Bureau's prescribed notices including, notice to users of consumer reports, which are available on the Consumer Financial Protection Bureau's website at www.consumerfinance.gov/learnmore.
(d) Require its customers to comply with the requirements of the FCRA when applicable, including but not limited to, section 604(b) (conditions for furnishing and using reports for employment purposes) and section 615 (requirements for users of reports), and specify that any adverse action notifications contain the name and contact information of both the End User as well as the Data Supplier.
(e) Comply with FCRA §611 procedures in case of disputed accuracy. Upon receipt of a dispute either from a consumer or a customer relating in any way to the Supplier Data provided by the Data Supplier, the End User will immediately or within five (5) business days of receiving the notice, notify SIC of the dispute along with any and all information provided by the consumer.
(f) Not request Supplier Data about themselves, their families or friends other than as permitted by the Data Supplier, this Agreement, or applicable law.
(g) Will not use the Supplier Data to discriminate unlawfully against a consumer or otherwise misuse the information, as provided by any applicable federal or state equal opportunity laws or regulations.