Skip to main content Skip to main navigation Skip to footer

Privacy Shield

EU-U.S. Privacy Shield Policy / Swiss-U.S. Privacy Shield Policy

Effective: September 23, 2016 

Last Updated: October 10, 2017

IMPORTANT NOTE:  This update corresponds with our self-certification under the EU-U.S. Privacy Shield Program.


Scope of this Policy

This policy (hereinafter “Privacy Shield privacy policy”) describes Pinkerton Consulting and Investigations, Inc. (“Pinkerton”) use and treatment of personal information it receives from individuals in the European Union (“EU”) and European Economic Area (“EEA”) member countries as well as Switzerland in reliance on the EU-U.S. and Swiss-U.S. Privacy Shield programs.

To learn more about how Pinkerton collects, uses, and discloses personal information collected through our website, see Pinkerton’s privacy policy.


Changes to this Policy

Pinkerton may revise this Privacy Shield privacy policy from time to time.  If we make material changes, we will notify you by posting a notice on our website.


Privacy Shield Principles

Pinkerton complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EU and Switzerland to the United States, respectively. Pinkerton has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Shield privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certifications, please visit  https://www.privacyshield.gov/


Notice

Pinkerton strives to limit its collection of personal information to that necessary for the offering and administration of our services. Pinkerton’s services include background checks or screening for employment purposes; due diligence investigations for commercial purposes; and tenant screening (collectively, the “Services”).

When we receive personal information for purposes of initiating or conducting the Services, Pinkerton may receive or collect the following information or data: your name; date of birth; address; driver’s license information; Social Security number and national identification number; passport number or work visa information; job title; employer name and employment location; email address; and your mother’s maiden name as applicable to the Services requested.

If Pinkerton receives your personal information in order to conduct a background check in the context of an employment relationship, your personal information may be considered human resources data under Privacy Shield.

Depending on the Services requested, Pinkerton may receive or collect personal information directly from you, from an employing organization, a landlord or leasing agent, or from our third-party vendors in the EU who assist Pinkerton in fulfilling requests for our Services.  This information or data about you may include: employment and educational history and reference information; social media information; court records or certificates related to criminal history, bankruptcies or civil records; address verification; national identification card information; credit history; information related to your role in a directorship; motor vehicle records; and professional licenses and certificates.  This information is used to fulfill requests for our Services.


Choice

Pinkerton’s use of your personal information is limited to that for which you have given your consent, with the exception of due diligence investigations which are conducted for commercial purposes. Any disclosures of your personal information are for the purpose of fulfilling the Services requested.

You may request Pinkerton stop processing your personal information we have received in order to fulfill the Services requested. Any such request will be communicated to the requestor of the Services.


Accountability for Onward Transfer

Pinkerton enters into agreements with organizations that provide us with individual’s personal information in order for us to provide the Services in a manner consistent with, and limited to the purpose for which the data subject provided consent for the processing of their personal information.  Pinkerton initiates background checks and fulfills such requests for our Services from organizations based on their instructions and with the data subject’s consent.

Pinkerton has in place written agreements with organizations using the Services, as well as our third-party service providers assisting us in fulfilling requests for the Services, which require, among other things, that both parties safeguard personal information, abide by applicable laws, as well as have a permissible basis for the onward transfer of personal information from the EU, EEA or Switzerland to the United States. Pursuant to the Privacy Shield, Pinkerton may be liable for the onward transfer of personal data to third parties.


Security

Pinkerton strives to protect personal information that we collect, maintain and disclose through the use of reasonable administrative, physical and technical safeguards.  We have security protocols and measures in place to ensure confidentiality of personal information and to protect the personal information we maintain about you from unauthorized access or alteration as well as unlawful disclosure. These measures include internal and external firewalls, physical security and technological security measures, as well as encryption of certain information and password protection for account information. Our security program is designed to: (1) ensure the security and confidentiality of personal information; (2) protect against any anticipated threats or hazards to the security or integrity of the information; and (3) protect against loss, misuse and unauthorized access, disclosure, alteration and destruction of the personal information.


Data Integrity and Purpose Limitation

Pinkerton collects personal information for background checks related to our Services consistent with an organization’s request for such and with the consent of the data subject.   When conducting background checks to fulfill requests for our Services, Pinkerton may disclose your personal information in order to conduct the check to third parties such as our third party service providers and researchers; courthouses or police stations; public records repositories; educational institutions; credit bureaus; and organizations you have previously worked for, but only for the purpose of completing the Services you authorized.  Pinkerton does not use your personal information for any other purpose, including marketing.

When your information is transferred to the United States, Pinkerton may need to disclose personal information we receive from you in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Pinkerton retains personal information as required by contractual, statutory or other legal obligations. Statutory and legal obligations include, but are not limited to the U.S. Fair Credit Reporting Act (15 U.S.C. § 1681, et seq.) (“FCRA”), as may be amended from time to time.


Access and Correction

Pinkerton acknowledges the right of EU and Swiss individuals to access their personal data. You may use the Point of Contact listed in this Privacy Shield privacy policy to contact Pinkerton about any questions, complaints, access requests or other issues arising under Privacy Shield or our Privacy Shield privacy policy.  Please note that if you submit a complaint Pinkerton must respond to you within 45 days of receiving a complaint.

As a consumer reporting agency under the FCRA, you may also have rights under the FCRA with respect to any consumer report(s) Pinkerton provides to your employing organization, landlord or leasing agent.  Such rights include the ability to dispute the accuracy or completeness of any information contained in the consumer report(s). Pinkerton complies with its consumer dispute and reinvestigation obligations under the FCRA.


Point of Contact

If you have any questions, complaints, access requests or any other issues arising under Privacy Shield or this Privacy Shield privacy policy, please contact:

Pinkerton Consulting and Investigations, Inc.
Attn: Nancy Alt, Director of Global Compliance
1333 Butterfield Road
Suite 410
Downers Grove, IL 60515
Email: pes.disputes@pinkerton.com
Telephone: 1-800-635-1649


Independent Recourse Mechanisms

In compliance with the Privacy Shield Principles, Pinkerton commits to resolve complaints about our collection or use of your personal information.  European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield privacy policy should first contact Pinkerton using the Point of Contact information provided in this Privacy Shield privacy policy.

Consumer Data: Pinkerton has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus (“BBB”).  If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit BBB for more information or file a complaint at www.bbb.org/EU-privacy-shield/for-eu-consumers/.  The services of BBB are provided at no cost to you.

Human Resources Data Within the HR Relationship: Pinkerton also commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to human resources data transferred from the EU in the context of the employment relationship. When covering human resources data received from Switzerland for use in the context of the employment relationship, Pinkerton commits to cooperate with and comply with the advice of the Swiss Federal Data Protection and Information Commissioner.

Under certain conditions, if the above recourse mechanisms have not resolved your complaint, you may invoke binding arbitration before the Privacy Shield panel


Enforcement and Liability

Pinkerton is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).