Request a quote
Request a quote

Data Privacy Framework Program Privacy Policy

ScoutLogic, Inc. Data Privacy Framework Program Privacy Policy

Effective – 6/18/2025

INTRODUCTION

ScoutLogic, Inc. (“ScoutLogic,” “SL” “we,” or “us”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF)(s) under the Data Privacy Framework Program (DPF Program) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, the United Kingdom (UK), and Switzerland, as applicable to the United States in reliance on the DPF Program. ScoutLogic has certified to the Department of Commerce that it adheres to the DPF Program Principles with respect to such information. If there is any conflict between the terms in this privacy policy and the DPF Program Principles, the DPF Program Principles shall govern. To learn more about the DPF Program, and to view our certification, please visit https://www.dataprivacyframework.gov.

SCOPE

This DPF Program Privacy Statement applies to all personal data that ScoutLogic receives from EU member countries, United Kingdom, Switzerland, and European Economic Area countries in reliance on the DPF Program in accordance with our DPF Program commitments. This privacy statement applies only to personal data transferred pursuant to the DPF Program. To view ScoutLogic’s certification, please visit: https://www.dataprivacyframework.gov/s/participant-search.

DEFINITIONS

For the purposes of this Privacy Statement, the following definitions shall apply:

“ScoutLogic” means ScoutLogic, Inc. 111 | Barclay Blvd., Suite 212 | Lincolnshire, IL 60069 | Phone: 1-800-693-2709

“Personal Data” is data about an identified or identifiable individual that is within the scope of applicable law, including Regulation (EU) 2016/679, received by an organization in the United States from the European Union and recorded in any form.

“Taz” refers to TazCloud a SaaS‐based screening software designed for the background screening industry and used by ScoutLogic.

“Website” refers to the ScoutLogic web page; https://www.scoutlogicscreening.com/.

“Sensitive Personal Data” is Personal Data which includes information such as unique government identification credentials, race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information that concerns health, sexual orientation, or criminal allegations (convictions or otherwise), or is otherwise defined by the Principles as “sensitive information” (see, e.g., Commission Implementing Decision (EU) 2016/1250, Annex II § II.2.c).

SCOUTLOGIC PRIVACY STATEMENT

I. Notice:

At ScoutLogic, we notify individuals about the purposes for which we collect and use information about them, choices they have regarding certain uses and disclosures of their personal data, and how to contact us with inquiries or complaints. We provide this notice either directly, such as through this privacy statement, or through our customers.

ScoutLogic will only process Personal Data as required by law or as specified herein for the purposes of this Privacy Statement.

PURPOSE FOR COLLECTION, USE, AND DISCLOSURE OF PERSONAL DATA

ScoutLogic may collect, use, and disclose Personal Data in its normal course of business with respect to the Website and Taz for the following purposes:

  • To provide, maintain, improve, and enhance our Website, sales, and service operations (our “Services”);
  • To understand and analyze how you use our Services and develop new products, services, features, and functionality;
  • To communicate with you, provide you with updates and other information relating to our Services, provide information that you request, respond to comments and questions, and otherwise provide customer support;
  • To develop and provide you with promotional and advertising materials that we consider relevant, valuable, or otherwise of interest to you;
  • To evaluate and undertake certain business transactions which may result in the transfer of all or some of our assets, or the assets of another business;
  • To respond to trust and safety issues;
  • To protect our safety or property rights, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute those responsible for such activity;
  • For compliance purposes, including enforcing our Terms of Use or other legal rights, or as required by applicable laws and regulations or requested by any judicial process or governmental agency;
  • To de-identify and aggregate information to monitor and analyze the effectiveness of our Websites and third-party marketing activities and to monitor aggregate site usage metrics such as total number of visitors and pages viewed; and

For other purposes for which we provide specific notice at the time the information is collected.

WHAT DATA WE COLLECT

ScoutLogic collects personal data for the purpose of providing a variety of information products and services to employers and other ScoutLogic customers. For example, ScoutLogic may collect identification information and information such as information about an individual’s criminal history, credit history, employment history (current and previous employers, position, dates of employment), work eligibility (right to work), educational background (Previous Educational Institutions attended, dates of graduation or attendance, degree, major), civil litigation history, directorship, address history, or driving history, for the purpose of providing employment screening and other services to our customers.

While some of the personal data we collect will come from individuals themselves, we also collect data from third parties. This is usually in the context of a service we provide to our customers and may be subject to the Fair Credit Reporting Act (FCRA).

Any information collected is done so in adherence to the FCRA, and other National, State, and local regulations. Additional information on the categories of information collected may also be presented in the Disclosure and Authorization documents signed by the individual. We also may collect employment application information on behalf of our customers, such as through an online applicant portal.

We, and our partners, affiliates, or analytics and service providers, may employ tracking technologies such as cookies, beacons, scripts, and tags to analyze trends, for any of the purposes noted above. Usually, this is to administer the Website or Taz, to track users’ movements around the Website or Taz, and to gather demographic information about our user base as a whole.

When you visit the Website or Taz, we may collect general Internet data, including your domain name, the web page from which you entered our Website or Taz, which of our web pages you visited, and how long you spend on each page. To collect this information, when you visit our Website or Taz, a “cookie” may be set on your computer. Cookies contain information that allows our web servers to recognize you whenever you visit. We utilize cookies to record session information, passwords, and the profile of subscribed clients at a site in order to provide better service when visitors return to our Website or Taz. We use the information we collect for any of the purposes described in this Privacy Policy. We also use persistent cookies. A persistent cookie remains on your computer after you close your browser or turn off your computer.

If you reject cookies, you may still use our Website, although it is possible that some areas of our Website will not function properly if you do so. In particular, you may be required to accept cookies in order to complete certain actions on ScoutLogic’s Website.

WHO WE DISCLOSE DATA TO

We do not disclose Personal Data to third parties except as stated in this Privacy Policy, as otherwise permitted by law, or as authorized by you.

Third parties to whom we generally disclose information are required by law or a contract with us, to keep your Personal Dat confidential and secure, to use such Personal Data for purposes that a reasonable person would consider appropriate in the circumstances, and generally for purposes specified in this Policy.

Affiliate Sharing
In the normal course of performing services for our clients, Personal Data may be shared among ScoutLogic affiliated companies for research and statistical purposes, corporate record keeping and administration, system administration, joint marketing, providing you products or services, and crime prevention or detection.

Service Providers
Because a number of the service providers we use are located in the United States, your Personal Data may be processed and stored inside the United States, and the U.S. government, courts, or law enforcement or regulatory agencies may be able to obtain disclosure of your Personal Data under US laws.

In addition, generally, we will only provide your Personal Data to our lawyers, accountants, tax consultants and employees for the purpose of conducting our business and providing you with products or services. Our service providers adhere to the same protections regarding the collection, use, and retention of data as we do.

Business Transactions
As we continue to develop our business, we might sell or buy assets. In such transactions, user information, including Personal Data, generally is one of the transferred business assets. Also, if ScoutLogic itself or substantially all of ScoutLogic’s assets were acquired, your Personal Data may be one of the transferred assets. Therefore, we may disclose and/or transfer your Personal Data to a third party purchaser in these circumstances.

Other Legally Required Disclosures
ScoutLogic reserves the right to disclose, without your prior permission, any Personal Data about you or your use of the Site if ScoutLogic has a good faith belief that such action is necessary to: (a) protect and defend the rights, property or safety of ScoutLogic, ScoutLogic employees, other users of the Site, or the public; (b) enforce the terms and conditions that apply to use of the Site; (c) as required by a legally valid request from a competent governmental authority; or (d) respond to claims that any content violates the rights of third-parties. We may also disclose Personal Data as we deem necessary to satisfy any applicable law, regulation, legal process, or governmental request.

Third Party Links
In some instances, ScoutLogic may provide links to non-ScoutLogic controlled services. However, ScoutLogic does not control such third-party services, and cannot be responsible for the content or the privacy practices employed by other services or websites.

II. Choice

In many cases, the reports that we prepare are prepared with the express consent of the individual. In these cases consent is typically obtained by our customer before ScoutLogic furnishes the report. In other cases, ScoutLogic will provide an individual with opt-out or opt-in choice before we share their data with third parties (other than our service providers performing tasks on ScoutLogic’s behalf pursuant to a contract or a customer on whose behalf we are processing it) or before we use it for a purpose other than which it was originally collected or subsequently authorized.

For sensitive information (i.e., personal data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, information specifying the sex life of the individual or information designated by the transferring organization as sensitive), ScoutLogic obtains (directly or through a third party, such as our customer) affirmative express consent (opt-in) from individuals, with certain exceptions permitted by the DPF Program, if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice.

We are committed to providing individuals with clear, conspicuous, and readily available mechanisms to exercise choice. Therefore, in addition to any other mechanisms that may be provided in particular cases, individuals may opt-out by contacting us using the points of contact in the “Contact Us” section below.

III. Accountability For Onward Transfer

ScoutLogic discloses personal data that it collects to its customers for employment screening and other services that we may provide to them. ScoutLogic also discloses personal data to our service providers. We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

When transferring personal data to our customers or other third-party controllers (i.e., entities that will control how personal data is processed), we comply with the Notice and Choice Principles, as described above. Consistent with DPF Program timing requirements for onward transfer compliance, ScoutLogic will enter into a contract with the third-party controller for safeguards consistent with DPF Program requirements. As noted above, ScoutLogic also may transfer personal data to service providers acting on its behalf. In such cases, consistent with DPF Program timing requirements for onward transfer compliance, ScoutLogic will enter into contracts and exercise oversight over our service providers consistent with the DPF Program’s requirements. In cases of onward transfer to third parties of data of individuals from EU member countries, United Kingdom, Switzerland, and European Economic Area countries received pursuant to the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles, ScoutLogic is potentially liable.

IV. Security

ScoutLogic takes reasonable and appropriate measures to protect personal data from loss, misuse, and unauthorized access, disclosure, alternation, and destruction, taking into account the risks involved in the processing and nature of the personal data.

V. Data Integrity And Purpose Limitation

ScoutLogic limits the personal data it collects to information that is relevant for the purposes of processing. ScoutLogic does not process personal data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, ScoutLogic takes reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. In the case of “consumer reports” regulated by the Fair Credit Reporting Act, 15 U.S.C. § 1681 et. seq. (FCRA), we comply with the FCRA’s accuracy requirements.

ScoutLogic takes reasonable and appropriate measures to retain personal data only for as long as ScoutLogic has a legitimate legal or business need to do so, such as customer service, compliance with legal or contractual retention obligations, retention for audit purposes, security and fraud prevention, preservation of legal rights or other reasonable purposes consistent with the purpose of the collection of the information. ScoutLogic will adhere to the Principles for as long as it retains personal data transferred in reliance upon the DPF Program.

VI. Access

ScoutLogic acknowledges that individuals from EU member countries, United Kingdom, Switzerland, and European Economic Area countries have the right to access the personal information/data that we maintain about them. An individual who seeks to access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to ScoutLogic at [email protected] or (800) 693-2709. We provide means for the individual to request the correction, amendment, or deletion of that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. In cases where we are acting as a processor for data from our customers, it may be necessary for us to direct an individual to our customer to provide the requested access.

Many ScoutLogic products are governed by the FCRA. Where applicable, ScoutLogic provides access and correction rights in accordance with FCRA requirements. The FCRA gives individuals the right to obtain a disclosure of the contents of the consumer reporting file that ScoutLogic maintains about them, if any. The FCRA also provides individuals the right to dispute the accuracy and completeness of information in their consumer reporting file and, if warranted, to have the contents corrected or deleted.

ScoutLogic requires that an individual provide reasonable verification of their identity before we provide access to personal data.

VII. Recourse, Enforcement And Liability

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles, ScoutLogic commits to resolve complaints about your privacy and our collection or use of your personal information. Individuals from EU member countries, United Kingdom, Switzerland, and European Economic Area countries with inquiries or complaints regarding this privacy policy should first contact ScoutLogic at: [email protected] or (800) 693-2709.

ScoutLogic has further committed to referring unresolved privacy complaints under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information and to file a complaint.

Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a DPF Program Panel.

ScoutLogic is required by the DPF Program to respond promptly to inquiries and requests for information from the Department of Commerce. ScoutLogic is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”).

VIII. Public Record And Publicly Available Information

In accordance with DPF Program, in cases where ScoutLogic discloses public records or publicly available information from the EU, United Kingdom, or Switzerland, without combining that information with non-public information, our general policies on Notice, Choice, and Accountability for Onward Transfer may not apply.

IX. Compliance With Law

ScoutLogic complies, where applicable, with U.S. laws, particularly the FCRA and its state counterparts, which provide privacy protections for consumer personal data contained in “consumer reports.” In the event of a conflict between this DPF Program Privacy Statement and the FCRA or other applicable laws, we will comply with our obligations under the FCRA or other applicable U.S. law.

X. Contact Us

If you have any inquiries or complaints regarding this policy or our privacy practices, contact us at [email protected] or (800) 693-2709.

2025 Copyright. All rights reserved by ScoutLogic