Data Privacy Principles
The Berwyn Group is committed to the responsible use of information and protecting individual privacy rights. The Berwyn Group strives to provide services to businesses, nonprofit organizations and government agencies that help prevent and reduce fraud, mitigate risk, fulfill fiduciary responsibilities and make society safer in ways that protect individuals’ privacy. We aspire to protect individuals’ privacy through the design of our products, by credentialing, monitoring, and auditing our customers as appropriate, and through other information security safeguards. We also strive to promote transparency through privacy principles and policies.
Data Privacy Principles
The Berwyn Group Data Privacy Principles speak to personally identifiable information, including sensitive personally identifiable information, collected, maintained, used, disseminated, or processed in connection with services offered by The Berwyn Group. The Berwyn Group offers products and services only for use in the U.S. and applies these Principles to our domestic U.S. products and services where appropriate. In addition, other uses or disclosures may occur as required by applicable law, such as the Fair Credit Reporting Act and its state analogues ("FCRA"), the Driver’s Privacy Protection Act and its state analogues (“DPPA”), and the Gramm‐Leach‐Bliley Act (“GLBA”). If the law requires, upon the request of law enforcement, or, if necessary, to prevent fraud or to protect our company systems, these principles may not apply. The Berwyn Group, from time to time, may revise its Data Privacy Principles by posting changes on its Website.
Data security is a company imperative. The Berwyn Group strives to protect personally identifiable information that it maintains, processes, or disseminates, including through the use of appropriate administrative, physical, and technical safeguards.
2. DISTRIBUTION & PROTECTION OF PERSONALLY IDENTIFIABLE INFORMATION
The Berwyn Group strives to provide additional safeguards for sensitive personally identifiable information, such as Social Security numbers and driver’s license numbers. The Berwyn Group strives to limit the availability and access to full Social Security Numbers ("SSNs"), Driver's License Numbers and State Identification Numbers. The Berwyn Group strives to protect the confidentiality of SSNs by limiting access to SSNs to certain legitimate and authorized users, such as: state, local and federal government entities; financial institutions; insurers; employers; and other organizations with a regulatory or fiduciary obligation to prevent fraud. The Berwyn Group’s services are not available to individuals or for personal use of any kind. A limited number of public records may contain SSNs that are already available to the public and, if such public records are accessed through The Berwyn Group’s services, our services may provide access to such SSNs. The Berwyn Group prohibits the unlawful disclosure of SSNs. The Berwyn Group also takes steps to limit the availability of Driver's License Numbers ("DLNs") and state identification card numbers.
The Berwyn Group strives to accurately report information in its products and services and from the information it receives from its data sources and customers. However, data sources may be incomplete and reporting and data entry errors do occur. The Berwyn Group assists customers, where applicable, to dispute and correct information that is reported as discussed further in Principle 7 on Access and Correction.
The Berwyn Group strives to inform its employees and customers about appropriate use of The Berwyn Group’s products and services and the responsible use of personally identifiable information.
5. REPUTABLE SOURCES
The Berwyn Group strives to acquire personally identifiable information from established, reputable sources in the government and private sectors. In support of this Principle, The Berwyn Group takes reasonable steps to assess the reputation and reliability of its private sector data sources before incorporating personally identifiable information from the source into its products and services. The Berwyn Group also strives to obtain assurances from its data suppliers that they have the legal right to license or sell the data to The Berwyn Group.
The Berwyn Group makes its Data Privacy Principles publicly known. The Berwyn Group publicly posts these Data Privacy Principles.
For additional information about The Berwyn Group Data Privacy Principles, contact
The Berwyn Group at (216) 765-8818 or by mailing to:
Corporate Compliance Manager
The Berwyn Group
2 Summit Park Drive, Suite 610
Independence, OH 44131
7. ACCESS & CORRECTION
The Berwyn Group strives to provide customers with a central point of contact regarding their questions about The Berwyn Group and its commitment to the responsible use of personally identifiable information. The Berwyn Group strives to inform customers about the nature of the public records, nonpublic information, and publicly available information that The Berwyn Group makes available in its information, products, and services. The Berwyn Group also strives, as appropriate and practicable, to provide opportunities for individuals to dispute and correct information by assisting them in identifying the potential information sources at which corrections should be made. The Berwyn Group strives to direct individuals to the government and private entities that collect and maintain public records and publicly available information to correct any claimed inaccuracies found in that data, and to direct individuals to consumer reporting agencies where such agency is the source of the information about the individual and where the individual seeks to correct claimed inaccuracies found in that data.
The Berwyn Group supports accountability of information industry standards and practices, responsible and effective federal regulation of the data industry, and legislation governing the practices of all data providers. The Berwyn Group also supports industry oversight and active engagement with the privacy community. The Berwyn Group believes that strong privacy and information security protections are vital for an effective and trusted data industry.
9. ONLINE PRIVACY
The Berwyn Group strives to protect the privacy of personally identifiable information obtained over the Internet and strives to apply our Data Privacy Principles and evolving standards to the online environment.
10. IDENTITY THEFT
The Berwyn Group strives to prevent the acquisition of information from its products and services for improper purposes, such as identity theft. The Berwyn Group believes that it is important that individuals who may have had their sensitive personally identifiable information acquired by an unauthorized individual be notified as follows: Where a state law requires notice, The Berwyn Group complies with the law. In those states where notification laws do not exist, The Berwyn Group follows its Information Security Breach Response and Notification Policy, which provides that affected customers will be notified when sensitive personally identifiable information under the control of The Berwyn Group is acquired by an unauthorized individual and whenever The Berwyn Group has a reasonable basis to believe the breach has resulted in, or there is a significant risk that it will result in, identity theft to the consumer to whom the information relates.
The Berwyn Group will obtain assessments from a qualified, objective, independent third‐party, who uses procedures and standards generally accepted in the profession to assess The Berwyn Group' administrative, technical, and physical safeguards, as appropriate.
Last updated: March 2021
The Berwyn Group is committed to protecting the privacy, security and confidentiality of personal information. The Berwyn Group believes that protecting privacy is an integral part of the customer service it provides, and The Berwyn Group does not share user information with outside parties seeking to market their products to customers.
The Collection of Information
The Berwyn Group collects information about individuals, companies and organizations from its customers, third‐party sources and through automated technologies.
Data Provided by Individuals
The Berwyn Group does not provide services to individuals and data is not collected directly from individuals. Our services are not available to the public or for personal use of any kind.
Individual’s Data from a Company or Organization
The Berwyn Group may obtain information about individuals from the company or organization with which those individuals are/were employed or are/were otherwise affiliated. This information may include personally identifiable information such as an individual’s social security number or date of birth.
Information and Data Pertaining to a Customer
The Berwyn Group may collect information regarding a customer (business or organization). This depends on how the customer interacts with The Berwyn Group and the contracted services or products and may include:
- Contact details, such as a user’s name and work email address, postal address and phone number;
- Account login credentials, such as usernames and passwords, password hints and similar Security information;
- Other account registration information, such as job title;
Other information provided to The Berwyn Group, including search query data and questions or information you send to customer support;
- Data files provided to The Berwyn Group for the purpose of performing contracted services;
- Payment information;
- Comments, feedback and other information submitted to The Berwyn Group;
- Computer, device and connection information, such as IP address, browser type and version, operating system and other technical identifiers, error reports and performance data; and/or,
- Usage data, such as the features you used, the settings you selected, your URL click stream data, including date and time stamp and referring and exit pages, and pages visited.
Data from Other Sources
The Berwyn Group collects personal information about individuals from our affiliates and from other third parties which includes public, private, and government sources and data suppliers from which we obtain data to provide, validate or supplement our services and products.
How We Use Information
The Berwyn Group uses protected personal information the following ways:
The Berwyn Group uses information only to fulfill its contractual obligations to provide fraud prevention and location services to its customers;
Any providers, suppliers, agents and representatives who assist The Berwyn Group in processes or storing information are required to do so based on The Berwyn Group’s instructions and in compliance with The Berwyn Group’s Privacy Policies and all other appropriate confidentiality and security measures.
The Berwyn Group does not use any personal information for telemarketing, direct mail marketing or marketing via electronic mail.
The Berwyn Group does not sell customer’s information to third parties and shares customer’s information only as necessary to perform contracted services.The Berwyn Group does not store customer’s information beyond what is required to perform its contractual obligations.
The Berwyn Group safeguards customer’s user information carefully. All data is encrypted during transmission and while stored on The Berwyn Group’s servers.
The Berwyn Group protects its information databases and business transactions against anticipated threats or hazards to the availability, integrity or security of such records.
The Berwyn Group requires a current signed privacy agreement with any customer that clarifies the permissible use and permissible purposes of non-public personal information before The Berwyn Group commences any job involving non-public personal information.
The Berwyn Group abides by the provisions of the Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.), the federal Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.)”), the Driver’s Privacy Protect Act (18 U.S.C. §2721 et seq.), and Section 203 of the Bipartisan Budget Act of 2013 (H.J. Res 59), as well as similar state statutes and best practices as they relate to the use, privacy and security of non-public personal information.
Depending on how a customer interacts with The Berwyn Group and the products and services used, The Berwyn Group may use customer information to:
- Provide, activate and manage your access to and use of the products and services;
- Process and fulfill a request, order, download, subscription or other transaction;
- Provide technical, product and other support and to help keep the products and services working, safe and secure;
- Enhance and improve the products and services and to develop new products, services and benefits;
- Respond to your requests, inquiries, comments and concerns;
- Notify you about changes, updates and other announcements related to the Service and our other products and services;
- Deliver targeted advertisements, promotional messages, notices and other information related to the Service and your interests;
- Invite you to participate in user testing and surveys;
- Identify usage trends and develop data analysis, including for purposes of research, audit, reporting and other business operations, including evaluating our business performance, or in other ways pursuant to a customer agreement; and/or
- Comply with our legal obligations, resolve disputes, and enforce our agreements.
Disclosure for Legal Reasons
The Berwyn Group will disclose your participants’ personal information if The Berwyn Group has good faith belief that such disclosure is necessary to meet any applicable law, regulation, legal process or other legal obligation.
The Berwyn Group is not a system of record for customer data. The Berwyn Group will retain your participants’ personal information only for as long as necessary to provide services and fulfill its contractual obligations. The Berwyn Group may retain information for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, and enforcing our agreements.
The Berwyn Group is committed to protecting the security and integrity of customer information through established security procedures and technology designed for safeguarding information. For example:
- The Berwyn Group limits employee access to customer information to those who have a specific business reason to know such information.
- All information submitted via The Berwyn Group website or other electronic/nonelectronic media is protected. All data is encrypted during transmission and while stored on The Berwyn Group’s systems.
- The Berwyn Group maintains policies and procedures covering the proper physical security of any workplaces and records.
- The Berwyn Group uses technological means (such as backup files, virus detection and eradication software, firewalls, data encryption, and other computer software and hardware) to protect against unauthorized access or alterations to customer data.
- Physical access to areas where data is processed or stored (electronic and hard copy) is highly secured.
Web Links. Our websites may contain links to other sites. Berwyn Group is not responsible for the security, privacy practices or the content of such websites.
Locations of Processing
Your participants’ personal information is processed and stored in the United States.
The Berwyn Group, Inc.
2 Summit Park Drive, Suite 610
Independence, OH 44131
Last updated: March 2021