EU PRIVACY POLICY

SWITZERLAND PRIVACY POLICY

G4S Compliance & Investigations (G4S) complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.  G4S has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.  To learn more about the Safe Harbor program, and to view G4S’ certification, please visit http://www.export.gov/safeharbor/

General                                                                                                                                       

G4S respects your concerns about maintaining the privacy of your personal data that is submitted to us by our clients in connection with the investigations, hotline services, and employment background and credential verification services that G4S provides to such clients. These clients are the current and prospective employers of individuals who have submitted personal data in connection with their current or prospective employment. This Privacy Policy covers all the information practices of G4S and describes the principles G4S will follow with regard to information submitted by our clients via the G4S web site and to other data that we collect from third parties and other sources in connection with the services we provide. All G4S personnel, regardless of their location, will implement these principles. All data shall be collected, stored and used in compliance with applicable law, which may include the Fair Credit Reporting Act (“FCRA”), the European Union Data Protection Directive, the Swiss Federal Act on Data Protection (“FADP”) and other national laws. This Privacy Policy applies only to G4S.

G4S also respects the privacy of the personal data it processes on behalf of clients who may employ residents of the Member States of the European Union, Switzerland, and in other countries, and to data they collect in those jurisdictions. This data is submitted or collected in connection with the employment background and credential verification services, ethics and compliance reporting services, or investigative or consulting services that G4S provides to its clients. G4S’s clients are the current and prospective employers of individuals who either submit data through the G4S web site or who download forms from the G4S web site for the purpose of submitting personally identifying information in connection with those services.

G4S Is Committed to Privacy and Data Protection Around the World
G4S acknowledges both the duty of trust and care that we have to maintain the privacy of personal data we collect and store and our legal obligations as a consumer reporting agency and as certifying that G4S complies with the “Safe Harbor” principles of the Department of Commerce, which apply to personal data collected in the European Union and Switzerland.

As a global company which does a considerable amount of business in the electronic marketplace, we believe that it is our responsibility to set industry-leading standards in our approach to the protection of personal data. We comply with federal, state and country-specific legal requirements applicable to the protection and dissemination of personal data.

Aggregated Information
Through this web site, G4S collects and stores non-personal information in aggregate form. The data are collected and stored for internal statistical purposes.

G4S also collects and stores individual data to maintain and issue a unique session ID for individuals while they are at this site.
Non-personal information includes:

- the browser type with which you access the Internet;
- the date and time you accessed the G4S site;
- the Internet address of the web site from which you linked directly to the G4S site; and
- information you view while visiting the G4S web site

Personal Information
Whenever data is entered into or retrieved from the G4S website and with regard to data we collect from third parties and other sources for purposes of performing pre-employment screening and credential verification services, or ethic and compliance reporting services, we apply the following principles:

o Use and Transfer of Information:

Our clients may provide us with your personal information through our web site in connection with our preparing a report for such clients. Such personal information may include your history of employment and other credentials related to your prospective employment. If for pre-employment and credential verification services, G4S will use such information only for the purposes of performing pre-employment screening and credential verification services, including to verify the accuracy of the personal information and to check on references. In addition to the data that is submitted to G4S by our clients, G4S may collect data from third parties, such as contact information, public records, biographical information, credit and other lawful checks. G4S may prepare interview notes, comments from references and a record of our contact with individuals. We may provide all such information to our client (your current or prospective employer) in one or more reports. G4S may also collect email correspondence from visitors to this site who send email to G4S. If for ethics and compliance services, we will only collect that information that you knowingly enter by filling out the information form.

In connection with these services, G4S complies with the European Union Data Protection Directive, FADP, and other applicable national laws. In connection with these services, we may, in some instances, employ other companies and individuals, as our subcontractors, to perform functions on our behalf. All such contractors are contractually obligated to use and maintain the confidentiality of personal information in a manner consistent with this Privacy Policy. These companies may not share any such information with any third party, other than G4S’s subcontractors or clients. Except as described in this Privacy Policy, we will not use or otherwise disclose any of the personal data that you provide or that we collect from third parties or other sources.


o Confidentiality.

We will never sell or provide personal data to a third party, except as provided in this Privacy Policy, without your express consent. Although we may hold or process your personal data that our client submits or that we collect from third parties or other sources. We may, however, disclose personal data in response to a court order or other legal obligation.

In the highly unlikely event that a liquidator, administrator or receiver is appointed over G4S or all or any part of our assets, we may transfer your information to a third-party purchaser of the business if that purchaser undertakes to only use your personal data as set out in this Privacy Policy.

o Retention:

Pursuant to the FCRA, we must maintain any reports that we generate for a minimum period of two years. Reports generated using data collected in or originating from a European Union Member State shall not be kept longer than necessary for the purpose of meeting our obligations to our client and the law.

G4S stores data electronically for a minimum of 5 years, or as otherwise required by our client.

o Choice

If you are a U.S. resident and you do not wish to have your personal data made available to our client (your current or prospective employer), please do not submit any such information to us through our client. By submitting information through you are agreeing to G4S’s disclosure of information that is submitted about you to our client and to our sharing that information with G4S for the purpose of data processing, as described above, and to our subcontractors.

If you are an EU resident or reside in other countries where G4S has registered with data protection authorities, and to data they collect in those jurisdictions, you may choose not to submit personal information to G4S through its web site, phone lines or through forms downloaded from its web site for that purpose. If for background and credential verification services, you have been provided a consent form either by G4S or by G4S’s client. By filling out and submitting the consent form you expressly agree to provide personally-identifying information, and you consent to our use of that information in accordance with G4S’s privacy policy. For ethics and compliance reporting, there is no consent form, but by voluntarily telephoning or filling out and submitting any forms, and if you volunteer any personally-identifying information, you consent to our use of that information in accordance with G4S’s privacy policy.

o Accuracy:

Although we make every effort to ensure that the data we collect and store about you is as accurate as possible, G4S does not vouch for, and is not responsible for, the accuracy of data about you that may be supplied by our clients or any other third-party sources of information.

As provided in this Privacy Policy, you may have access (as described below) to personal data about you, including for the purpose of correcting any inaccuracies, pursuant to the FCRA and/or the European Union Data Protection Directive.

o Access:

If you are submitting an ethics and compliance report, we may also collect other information such as details about the specific workplace issue that you are reporting. All information submitted as part of an ethics and compliance report will only be shared with G4S Communication Specialists and the company being reported. This will be done in a manner that protects your anonymity, should you choose to remain anonymous. You have the right to access that information only when you provide the secure file ID that is provided to you when you end a call.

All subjects of consumer reports have the right of access to any reports G4S produces and maintains on them. You may contact G4S, as set out at the end of this Privacy Policy, at any time to determine whether we hold any personal information about you and to obtain access to that information. We will only afford you access to your data upon proof of identity, including proper verification and confirmation that you are the individual who is entitled to request access. If, for good reason, we are unable to provide you with access to your data or to correct data, we will let you know. Otherwise, we will mail to you if you are a U.S. resident a copy of the report about you within 7 days, as it has been provided to your current or prospective employer, at no charge (as mandated by the Fair Credit Reporting Act.). G4S stores all personal information in electronic form.

If you are an EU resident or a resident of any other country where G4S conducts business and is registered with data protection authorities, you may contact us to determine whether we hold personal data about you, at any time for purposes of reviewing your personal information. If you wish to have access to that information or to correct information that you have already received from us, please communicate with the G4S contact listed below. If for good reason, we are unable to provide you with access to your data or to correct your data, we will let you know. If you request access to your data, we will mail you within 48 days a copy of the report about you, as it has been provided to your current or prospective employer.


o Security:

G4S will take all appropriate measures to assure the security of personal data. G4S’s pre-employment and credential services web site and any data transmitted to or from it are protected by a secure socket layer (SSL) key that encrypts the data. All data is stored on our servers in a secure, encrypted manner. Access to those servers is strictly limited to network administrators and other authorized personnel of G4S, who have been trained to protect against loss, misuse, unauthorized access, disclosure, alteration or destruction of personal data under G4S’s control. We take pride in our technology and our security policies.

o Other Inquiries or Questions:

If you have a concern or complaint about our handling of your personally identifiable information, or if you believe our response to an inquiry has not been satisfactory, please contact our privacy officer at the address below. Our privacy officer will investigate and try to resolve in a timely manner any concern or complaint about our use or disclosure of your personally identifiable information in accordance with the principles contained in this Policy. For any concern or complaint that cannot be resolved in this way, we have agreed to cooperate with Judicial Arbitration and Mediation Services, Inc. (JAMS) to resolve any disputes relating to this Policy. JAMS can be contacted at www.jamsadr.com or 1-800-352-5267.

For concerns about our handling of human resources data, you also have the right to contact European Union Data Protection authorities. A listing of the Data Protection Commissioners is appended at the end of this notice.

o Policy Changes:

G4S reserves the right to amend this Privacy Policy at any time without notice. If we decide to change this Privacy Policy, we will post those changes here so that you will always know how we will use the information that is collected about you. Regardless of any amendments to this Privacy Policy, we will never use your information in a material new way (a way not stated in the current privacy policy) without first providing you a direct and meaningful opportunity to opt-out or otherwise prevent that new use.

Should you have any questions regarding this Privacy Policy, please contact:

G4S Compliance & Investigations
Commercial Services
3950 RCA Blvd., Suite 5003
Palm Beach Gardens, FL 33410
800.275.8318
(Revised 03/2012)


Appendix

NATIONAL OFFICES OF THE DATA PROTECTION COMMISSIONERS

European Union

Austria:
Ö sterreichische Datenschutzkommission
Hohenstaufengasse 3
1010 Wien
Tel. +43 1 531 15 25 25
Fax +43 1 531 15 26 90
e-mail: dsk@dsk.gv.at
Web: http://www.dsk.gv.at

Belgium:
Commission de la protection de la vie privée
Rue Haute, 139
B - 1000 BRUXELLES
Tel. +32 2 213 8540
Fax +32 2 213 8545
e-mail: commission@privacy.fgov.be
Web: http://www.privacy.fgov.be

Bulgaria:
Commission for Personal Data Protection
15 Acad. Ivan Evstratiev Geshov Blvd.
Sofia 1431
Bulgaria
Tel. +3592 915 3531
Fax +3592 915 3525
e-mail: kzld@government.bg or kzld@cpdp.bg
Web: http://www.cpdp.bg

Cyprus:
Commissioner for Personal Data Protection
40, Th. Dervis Street
CY - 1066 Nicosia
Tel. +357 22 818 456
Fax +357 22 304 565
e-mail: commissioner@dataprotection.gov.cy
Web: http://www.dataprotection.gov.cy

Denmark:
Datatilsynet
Borgergade 28, 5
DK - 1300 Copenhagen K
Tel. +45 33 19.32.00
Fax +45 33 19.32.18
e-mail: dt@datatilsynet.dk
Web: http://www.datatilsynet.dk

Estonia:
Estonian Data Protection Inspectorate
(Andmekaitse Inspektsioon)
Director General
Väike-Ameerika 19
10129 Tallinn
Estonia
Tel. +372 6274 135
Fax +372 6274 137
e-mail: viljar.peep@dp.gov.ee
Web: http://www.aki.ee

Finland:
Office of the Data Protection
Ombudsman
P.O. Box 315
FIN-00181 Helsinki
Tel. +358 10 3666 700
Fax +358 10 3666 735
e-mail: tietosuoja@om.fi
Web: http://www.tietosuoja.fi

France:
Commission Nationale de l'Informatique et des Libertés
8, rue Vivienne, CS 30223
F-75002 Paris, CEDEX 02
Tel. +33 (0) 1 53 73 22 22
Fax +33 (0) 1 53 73 22 00
Web: http://www.cnil.fr

Germany:
Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Husarenstraße 30
53117 Bonn
Tel. +49 (0) 228 997799 0 or +49 (0) 228 81995 0
Fax +49 (0) 228 997799 550 or +49 (0) 228 81995 550
e-mail: poststelle@bfdi.bund.de
Web: http://www.bfd.bund.de

Greece:
Hellenic Data Protection Authority
Kifisias Av. 1-3, PC 11523
Ampelokipi Athens, Greece
Tel. +30 210 6475 600
Fax +30 210 6475 628
e-mail: contact@dpa.gr
Web: http://www.dpa.gr

Hungary:
Data Protection Commissioner of Hungary
Parliamentary Commissioner for Data Protection and Freedom of Information
Nádor u. 22.
H - 1051 Budapest
Tel. +36 1 475 7186
Fax +36 1 269 3541
e-mail: adatved@obh.hu
Web: http://abiweb.obh.hu/abi

Ireland:
Data Protection Commissioner
Canal House
Station Road
Portarlington
Co. Laois
Ireland
Lo-Call: 1890 25 22 31
Tel. +353 57 868 4800
Fax +353 57 868 4757
e-mail: info@dataprotection.ie
Web: http://www.dataprotection.ie

Italy:
Garante per la protezione dei dati personali
Piazza di Monte Citorio, 121
I - 00186 Roma
Tel. +39 06 69677 1
Fax +39 06 69677 785
e-mail: garante@garanteprivacy.it
Web: http://www.garanteprivacy.it

Latvia :
Data State Inspectorate
Blaumana str. 11/13-15
LV - 1011 Riga
Tel. +371 6722 3131
Fax +371 6722 3556
e-mail: info@dvi.gov.lv
Web: http://www.dvi.gov.lv

Lithuania:
State Data Protection
Inspectorate Director
Ž ygimantu str. 11-6a
LT - 011042 Vilnius
Tel. + 370 5 279 14 45
Fax +370 5 261 94 94
e-mail: ada@ada.lt
Web : http://www.ada.lt

Luxembourg:
Commission nationale pour la protection des données
41, avenue de la Gare
L-1611 Luxembourg
Tel. +352 2610 60 1
Fax +352 2610 60 29
e-mail: info@cnpd.lu
Web: http://www.cnpd.lu

Malta:
Office of the Data Protection Commissioner
2, Airways House
High Street, Sliema SLM 1549, Malta
Tel. +356 2328 7100
Fax +356 2328 7198
e-mail: commissioner.dataprotection@gov.mt
Web: http://www.dataprotection.gov.mt/

Netherlands:
College bescherming persoonsgegevens (CBP)
Juliana van Stolberglaan 4-10
P.O.Box 93374
NL - 2509 AJ Den Haag
The Netherlands
Tel. +31 70 888 8500
Fax +31 70 888 8501
e-mail: info@cbpweb.nl
Web: http://www.cbpweb.nl/

Poland:
The Bureau of the Inspector General for the Protection of Personal Data
ul. Stawki 2
00-193 Warsaw
Tel. +48 22 860 70 81
Fax +48 22 860 70 90
e-mail: sekretariat@giodo.gov.pl
Web: http://www.giodo.gov.pl

Portugal:
Comissão Nacional de Protecção de Dados
R. de São. Bento, 148-3°
P - 1200-821 LISBOA
Tel. +351 21 392 84 00
Fax +351 21 397 68 32
e-mail: geral@cnpd.pt
Web: http://www.cnpd.pt

Romania:
The National Supervisory Authority for Personal Data Processing
Str. Olari nr. 32
Sector 2, BUCURESTI
Cod postal 024057
Romania
Tel. +40 21 252 5599
Fax +40 21 252 5757
e-mail: anspdcp@dataprotection.ro
Web: http://www.dataprotection.ro

Slovakia:
Office for Personal Data Protection of the SR
Odborárske námestie c. 3
817 60, Bratislava
Slovak Republic
Tel. + 421 2 5023 9418
Fax + 421 2 5023 9441
e-mail: statny.dozor@pdp.gov.sk or gyula.veszelei@pdp.gov.sk
Web: http://www.dataprotection.gov.sk

Slovenia:
Information Commissioner
Vošnjakova 1
SI - 1000 LJUBLJANA
Tel. +386 (0) 1 230 9730
Fax +386 (0) 1 230 9778
e-mail: gp.ip@ip-rs.si
Web: http://www.ip-rs.si

Spain:
Agencia de Protección de Datos
C/Jorge Juan, 6
E - 28001 MADRID
Tel. +34 91399 6200
Fax +34 91455 5699
e-mail: internacional@agpd.es
Web: http://www.agpd.es

Sweden:
Datainspektionen
Fleminggatan, 14
9th Floor
Box 8114
S - 104 20 STOCKHOLM
Tel. +46 8 657 6100
Fax +46 8 652 8652
e-mail: datainspektionen@datainspektionen.se
Web: http://www.datainspektionen.se

United Kingdom:
The Office of the Information Commissioner Executive Department
Water Lane, Wycliffe House
UK - WILMSLOW - CHESHIRE SK9 5AF
Tel. +44 1 625 54 57 00 (switchboard)
Web: http://www.dataprotection.gov.uk

EFTA Countries

Iceland:
Icelandic Data Protection Agency
(Persónuvernd)
Rauðarárstíg 10
105 Reykjavík, Ísland
Tel. +354 510 9600
Fax +354 510 9606
e-mail: postur@personuvernd.is
Web: http://www.personuvernd.is

Liechtenstein:
Data Protection Office
Kirchstrasse 8, P.O. Box 684
FL-9490 Vaduz
Principality of Liechtenstein
Tel. +423 236 6090
Fax +423 236 6099
e-mail: info@dss.llv.li
Web: http://www.dss.llv.li

Norway:
Datatilsynet
The Data Inspectorate
P.B. 8177 Dep
N – 0034 OSLO
Tel: +47/22/42.19.10
Web: http://www.datatilsynet.no

Switzerland:
Data Protection Commissioner of Switzerland
Eidgenössischer Datenbeauftragter
Hanspeter THÜR
Feldeggweg 1
CH - 3003 Bern
Tel. +41 (0) 31 322 4395
Fax +41 (0) 31 325 9996
e-mail: info@edsb.ch
Web: http://www.edoeb.admin.ch

Candidate Countries

Croatia:
Croatian Personal Data Protection Agency
Republike Austrije 25
10000 Zagreb
Croatia
Tel. +385 1 4609 000
Fax +385 1 4609 099
e-mail: azop@azop.hr or info@azop.hr
Web: http://www.azop.hr

Former Yugoslav Republic of Macedonia:
Directorate for Personal Data Protection
Samoilova 10
1000 Skopje
Former Yugoslav Republic of Macedonia
Tel. +389 (0) 2 3244 760
Fax +389 (0) 2 3244 766
e-mail: info@dzlp.gov.mk
Web: http://www.dzlp.gov.mk

Guernsey / Jersey / Isle of Man

Guernsey:
Data Protection Commissioner
P.O. Box 642
Frances House
Sir William Place
St. Peter Port
Guernsey GY1 3JE
Tel. +44 1481 742074
Fax +44 1481 742077
e-mail: dataprotection@gov.gg
Web: http://www.gov.gg/ccm/navigation/home-department/data-protection-commissioner

Jersey:
The Office of the Data Protection Commissioner
Morier House
Halkett Place
St. Helier Jersey JE1 1DD
Tel. +44 (0) 1534 441064
Fax +44 (0) 1534 441065
e-mail: dataproteciton@gov.je
Web: http://www.dataprotection.gov.je

Isle of Man:
Office of Data Protection Supervisor
P.O. Box 69
Douglas
Isle of Man IM99 1EQ
British Isles
Tel. +44 (0) 1624 693260
Fax +44 (0) 1624 6610
e-mail: enquiries@odps.gov.im
Web: http://www.gov.im/odps