C3 Intelligence, Inc. (C3) is dedicated in providing a secure business environment. We take your concerns very seriously. We strive in securing every aspect of our website by having up-to-date security measures. Each visitor and/or client will be responsible and take reasonable efforts to securing their user IDs and Passwords. If at any time such information has been compromised or lost, you must advise C3 Intelligence, Inc. For Clients, please refer to your Client Agreement form for Passwords and User ID Policies.
In certain situations, C3 Intelligence Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
C3 Intelligence Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
Security Encryption of 128-bit SSL (Secured Socket Layer) secures our client directory, securing all information that you send from your browser to our company. You should see the picture of a padlock at the bottom right corner of your web browser. You should also notice a difference in the web address as "https" now encompasses the URL in your address bar.C3 Intelligence, Inc. does not store your credit card information online. For your security, sessions will timeout after a certain period of inactivity.
- What Are Cookies? Cookies are text files containing small amounts of information which are sent to your browser and stored on your computer, mobile phone or another device when you visit a website. Cookies can be permanent (â€śpersistentâ€ť) which remain on your computer until you delete them. Cookies can also be temporary (â€śsession cookiesâ€ť) which remain on your computer until you close your browser. Certain cookies are required to remember information and preferences that changes the way the website behaves or looks (â€śessential cookiesâ€ť). Cookies can be first-party cookies which are those set by C3 on this website, or third-party cookies which are set by third parties authorized by C3 to do so.
- Disabling Cookies: You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality features of this and many other websites that you visit. Therefore, it is generally recommended that you do not disable cookies.
Privacy Information C3 Intelligence Inc. (C3) is a Consumer Reporting Agency (CRA) that prepares Consumer Reports for its authorized End-User employer clients under the provisions of the federal Fair Credit Reporting Act (FCRA), state law equivalents, and international laws and regulations where applicable. For purposes of this Notice:
- â€śPersonal Dataâ€ť means any information concerning an identified or identifiable individual; and
- â€śConsumerâ€ť means an individual; and
- â€śConsumer Reportâ€ť means any written, oral, or other communication of any information by a consumer reporting agency bearing on a consumer's creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living which is used or expected to be used or collected in whole or in part for the purpose of serving as a factor in establishing the consumer's eligibility for employment; and
- â€śEnd-Userâ€ť means the client entity that requests and obtains a background check report from C3; and
- â€śProcessingâ€ť means any operation with respect to Personal Data, such as collection, retrieval, access, use, disclosure, storage or disposal of Personal Data.
C3 only collects Personal Data pursuant to written disclosure and authorization under the FCRA and other applicable domestic and international laws, and only disseminates consumer reports to End-Users as directed in the written authorization. In other words, Personal Data is only collected and distributed at your direction and with your written authorization. Your Personal Data is never shared with unauthorized third parties, it is never reused, and it is never resold. As part of their selection process, our End-User clients engage C3 to process background checks on both U.S. and Non-U.S. residents who apply for open positions located where they reside or for placement elsewhere. This Notice provides the following information about the background check process:
- What Personal Data End-Users may collect about you;
- How the End-User uses your Personal Data;
- To whom the End-User discloses your Personal Data;
- Any international transfers of your Personal Data;
- How the End-User and C3 safeguard your Personal Data;
- Whether End-Users engage in automated decision-making; and
- Your rights regarding your Personal Data.
Collection, Use, and Disclosure of Your Personal Data
Collection The background check will involve verifying Personal Data that you have provided during the application process and the collection of additional information about you. Each End-User applies their own background check criteria, and C3 only processes the services we are instructed to perform by the End-User. Depending on the scope of inquiries requested by the End-User the background check may in whole or in part include, obtain, and/or verify: information about your prior employment; personal interviews with your former employers concerning your job performance and compensation; professional and personal references; education history; professional licenses and credentials; national insurance number, social security number or similar number, as applicable; and motor vehicle records. Where it is relevant to the position that you are seeking and to the extent permitted by applicable law, the background check may also collect information about your criminal convictions and offenses, if any; your credit history; and listings on debarment, sanctions, and exclusion lists, if any. Where legally permitted or required below, the background check may include drug and/or occupational health screening.
Use The information collected will be compiled in a Consumer Report (â€śBackground Reportâ€ť) that will contain your Personal Data. The requesting End-User will use the Background Report to evaluate your application for the open position. This evaluation is necessary for the requesting End-User to determine whether to enter into an employment or contracted work agreement with you and for the requesting End-User to pursue its legitimate interests of ensuring the fidelity of its workforce. If you do not provide the Personal Data necessary for the requesting End-User to conduct the background check, they may determine that you are not eligible for the position for which you applied.
Disclosure The requesting End-User will not disclose the Background Report to any third party outside its corporate group except in exceptional circumstances, such as to seek advice from its professional advisors or to defend legal claims. If you apply for employment with another member of the End-Userâ€™s corporate group, the End-User may disclose the Background Report to that entity.
California Consumer Privacy Act Statement Under the California Consumer Privacy Act (â€śCCPAâ€ť), California residents have certain rights, effective January 1, 2020, regarding their personal information. However, the CCPA, including these CCPA rights, does not apply to activities conducted by a consumer reporting agency subject to the federal Fair Credit Reporting Act (â€śFCRAâ€ť). (See Cal. Civ. Code Â§1798.145(d)(1).) Importantly, C3 is a consumer reporting agency that handles the personal information of California residents only subject to the FCRA. Consequently, CCPA rights do not apply to the personal information of California residents that C3 collects and maintains for purposes of providing its services as a consumer reporting agency. C3 will handle the personal information of California residents only as authorized by the Fair Credit Reporting Act. California residents may exercise their rights under the FCRA by contacting C3 at email@example.com .
Personal Information Disclosure: United States or Overseas C3 opposes the "offshoring" of Personally Identifiable Information (PII) of consumers - such as names, dates of birth, and Social Security numbers (SSNs) - sent overseas outside of the United States and its territories and beyond the protection of U.S. Privacy laws. C3 INTELLIGENCE's mission is to protect the PII of consumers, which is best done by keeping all such information in the United States.
C3 belongs to Concerned CRA's (https://www.concernedcras.com/) a group of Consumer Reporting Agencies (CRAs) dedicated to protecting consumer privacy by not offshoring PII. C3 has adopted the policy of Concerned CRA's and operates in as follows:
- Domestic Background Screening: Where a CRA (background screening firm) is providing background screening services for consumers in the United States based upon information available in the U.S., a firm displaying the Concerned CRAâ€™s seal certifies that it does not send data outside the U. S. or its territories for processing or preparation of a background check report or for any other reason. All work is done in the U.S.
- International Screening: Where there is an international background check for verification of employment, education, or a professional degree, or for a criminal record check, some information may have to go offshore by necessity since the information being sought is offshore. However, firms displaying the Concerned CRAâ€™s seal have taken measures to protect personal and confidential data: a.) Documentation or information such as passport numbers, or unique identification numbers and date of birth, are not sent to anyone overseas other than the actual verification provider (e.g. employer or school registrar) whenever possible. b.) Where it is necessary to utilize a local firm, the local firm will first be asked to provide local contact information so that the CRA can contact the foreign verifying party directly. c.) If, due to infrastructure or other issues in a foreign country, a foreign research firm must perform the verification, then the CRA or its agent has properly vetted the local firm and will redact any unnecessary information.
- Where a CRA utilizes a third-party service to perform domestic or international services in connection with providing background reports, firms that adopted this standard have made reasonable inquires to ensure that any provider is also following the Concerned CRAâ€™s standard.
International Transfers of DataAll C3 facilities and employees are in the United States which is where all Background Reports are prepared.
C3 is compliant with the EU General Data Protection Regulation (â€śGDPRâ€ť) regarding the use and transfer of information on residents of the European Union.
C3 is an approved participant in both the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks to ensure an adequate level of protection for your Personal Data that may be transferred or obtained offshore. C3â€™s participation in Privacy Shield can be viewed at this link: https://www.privacyshield.gov/participant?id=a2zt00000008P7eAAE&status=Active.
If you apply for a position with other members of the End-Userâ€™s corporate group, the Personal Data in the Background Report may be accessed by employees of those entities directly involved in the hiring process. These other entities may be in countries that provide different data protection standards from those in your country. You have the right to object to such transfers of your Personal Data to affiliated companies unless the recipient has entered into an appropriate data transfer agreement with the End-User.
Security Measures for Personal Data Whether in possession of the End-User or C3, your Personal Data will be protected by reasonable and appropriate administrative, physical, and technical measures. For example, C3 requires a unique username and password to access Background Reports, and the End-User provides such log-in credentials only to employees with a need to know; all personal data located in C3â€™s database is fully encrypted in transit and at rest; and C3 undergoes annual third-party SSAE 18 SOC2 Type 2 audits confirming its security, privacy, and confidentiality policies and procedures.
The Privacy and Integrity of all Personal Data are fully protected. All employees who have access to any Personal Data have undergone initial and ongoing background checks, signed privacy agreements, and they are regularly trained in privacy practices and procedures. C3 maintains a Written Information Security Policy (WISP) in conformity with Massachusetts requirements under 201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH. In the event of a data breach, C3 acts in conformity with appropriate domestic and international data breach laws.
Retention of Personal Data Personal Data is retained by C3 on U.S. residents for six (6) years, in accordance with the FCRA statute of limitations, unless otherwise restricted by national and/or international laws and regulations. Non-U.S. residents Personal Data is retained as allowed by the GDPR and/or other international laws and regulations.
The primary method for a consumer to opt-out of C3 obtaining your Personal Data is to not consent to C3 preparing a Background Check for one of its End-User clients. Consent may be subsequently withdrawn by you after which C3 will stop processing and/or reporting your Personal Data. To withdraw consent, you may contact C3 by email at firstname.lastname@example.org or by calling 866-946-8359 and asking to speak with a Privacy Specialist.
In the event, that C3 by either policy or request destroys any information provided by clients, applicants, or third parties during the course of its work the destruction is accomplished in accordance with the approved document disposal rules formulated by the Federal Trade Commission (FTC). For more information, read the FTC Guidance 'Disposing of Consumer Report Information? Rule Tells How.' and/or the provisions of GDPR Article 17, Right to Erasure.
The End-User will retain the Background Report until the conclusion of the job application process, and if you are not hired, for one additional year unless applicable law or internal policy requires a longer or shorter retention period. If you are hired, the End-User will retain the Background Report throughout the course of the employment relationship and for one additional year unless applicable law requires a longer or shorter retention period.
No Automated Decision Making End-Users do not make any decisions concerning your employment only by automated means.
Your Rights with Respect to Your Personal Data
- Right to Inspect: Any Consumer may exercise their right to inspect any data held about them and to object to any data pursuant to the FCRA, state law equivalents, and international laws and regulations where applicable. See "A Summary of Your Rights Under the Fair Credit Reporting Act" (En espaĂ±ol) prepared by the Consumer Financial Protection Bureau (CFPB). Also, learn about your right to request a copy of your data on the FACT Act Compliance page. Residents of the EU will find the rights of the data subject under the GDPR by clicking here.
- Right to Correction: You have the right to access your Personal Data and to request that the requesting End-User and C3 update, correct or delete your Personal Data as provided by applicable U.S. and international laws.
- Right to Object: You also have the right to restrict, and to object to, the requesting End-Userâ€™s processing of your Personal Data and to data portability as provided by applicable law. Subject to certain limitations, the right to data portability allows you to obtain from the requesting End-User, or to ask them to send to a third party in electronic form, a copy of your Personal Data that you provided to the requesting End-User in connection with the background check process or as otherwise obtained with your other consent.
- Right to Access: Your right to access your Personal Data includes your right to receive a copy of all, or a portion, of your Personal Data in the End-Userâ€™s or C3â€™s possession as long as their providing your Personal Data would not adversely affect the rights and freedoms of others.
- Right to Dispute: If you are the subject of a consumer report prepared by Employment Screening Resources (C3) and find incorrect or incomplete information, you have the right under federal and international laws to dispute it. Consumers may contact C3 by calling 888-999-4474 and asking to speak with a Dispute Resolution Specialist, or by sending an email with your contact information to email@example.com. For more information, visit the C3 website at www.c3intelligence.com.
Information from Children C3 is not directed to children under the age of 18 and we do not knowingly collect personally identifiable information from children under the age of 18. If we learn that we have collected personally identifiable information of a child under the age 18, we will take reasonable steps to delete such information from our files as soon as is practicable. Please contact us at firstname.lastname@example.org if you believe we have any information from or about a child under the age of 18.
GDPR Right to Object You have the right to restrict, and object to the processing of your Personal Data and to data portability as provided by applicable law. If you do object to the processing of your Personal Data, the processing of your Personal Data will be stopped unless there is an overriding, compelling reason to continue the processing or the processing is necessary to establish, pursue or defend legal claims. Subject to certain limitations, the right to data portability allows you to obtain from the requesting End-User, or to ask them to send to a third party, a copy of your Personal Data in electronic form that you provided to the requesting End-User in connection with the background check process or with your consent.
GDPR Right to Erasure: You have the right to have your Personal Data erased if:
- The Personal Data is no longer necessary for the purpose for which it was originally collected or processed it for;
- You withdraw your consent;
- You object to the processing of your data, and there is no overriding legitimate interest to continue this processing; and
- Your Personal Data was processed unlawfully (i.e., in breach of the lawfulness requirement of the 1st principle of the GDPR).
How to Exercise Your GDPR Rights: You can exercise these rights by contacting the requesting End-User for further information and assistance. The requesting End-User will respond to such requests in accordance with applicable data protection law. If you reside in the European Economic Area, you have the right to lodge a complaint with the applicable data protection authority if you believe that your Personal Data has been processed in violation of applicable data protection law. You may also contact C3 directly by email at email@example.com or by calling 866-946-8359 and asking to speak with an Investigative Specialist.
EU-U.S. Privacy Shield Framework
In February 2016, the European Union (EU) and the United States (U.S.) agreed on a new framework for data transfers called the EU-U.S. Privacy Shield Framework designed by the U.S. Department of Commerce and European Commission to provide companies on both sides of the Atlantic that transfer personal data from the EU to the U.S. with a mechanism to comply with EU data protection requirements in support of transatlantic commerce. The EU-U.S. Privacy Shield Framework website is available online at www.privacyshield.gov.
C3 complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce and European Commission regarding the collection, use, and retention of Personal Data from EU. C3 has certified that it adheres to the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
C3 EU-U.S. and Swiss-U.S. Privacy Shield Policy (Updated 2020)
EU-U.S. PRIVACY SHIELD FRAMEWORK: ACTIVE
Original Certification Date: 03/31/2017
Next Certification Due Date: 12/11/2021
Data Collected: HR
C3â€™s participation in EU-U.S. Privacy Shield Framework and our current status can be viewed at: https://www.privacyshield.gov/participant?id=a2zt00000008P7eAAE&status=Active.
Swiss-U.S. Privacy Shield Framework
C3 complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce and Swiss Administration regarding the collection, use, and retention of Personal Data from Switzerland. C3 has certified that it adheres to the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
C3 EU-U.S. and Swiss-U.S. Privacy Shield Policy (Updated 2020)
SWISS-U.S. PRIVACY SHIELD FRAMEWORK: ACTIVE
Original Certification Date: 01/11/2019
Next Certification Due Date: 12/11/2021
Data Collected: HR
C3â€™s participation in Swiss-U.S. Privacy Shield Framework and our current status can be viewed at: https://www.privacyshield.gov/participant?id=a2zt00000008P7eAAE&status=Active.
Contact C3 for Privacy Questions or Concerns
Any questions or concerns about Privacy should be directed to firstname.lastname@example.org. C3 will make all reasonable efforts to address a consumer's concerns. If the matter cannot be resolved by C3, then a consumer has additional rights. See "A Summary of Your Rights Under the Fair Credit Reporting Act" (En espaĂ±ol). Residents of the EU will find the rights of the data subject under the GDPR by clicking here.
Right to Modify
Don Stephenson - Chief Executive Officer
C3 Intelligence Inc.
31355 Oak Crest Drive, Suite 210
Westlake Village, CA 91361