Regulatory DataCorp Inc
RDC collects personal information about individuals from three different sources:
Internet Information: When you visit the RDC web site, the web site automatically logs certain technical information, including: your IP address, the date and time of your visit to the RDC site, and information about the browser you use. Unless you specifically provide personal information about yourself (e.g. by giving us your name and address as part of a request for information) RDC does not use this information to identify you.
Subscriber Data: Financial institutions and other entities with related compliance requirements that have entered into Subscription Agreements with RDC (“Subscribers”) send RDC the names of their customers. Some of the customers identified by Subscribers are companies or other legal entities and some are individual consumers.
Public Records and Publicly Available Data: In response to a Subscriber’s request, RDC collects information from public records databases (“Public Records”) and from reputable publicly available sources (“Publicly Available Data”) and makes that information available to the requesting Subscriber. RDC does not commingle Public Records and Publicly Available Data with any non-public information, and does not make any findings or other qualitative judgments with respect to this data. Nor does RDC use this information to rank or score identifiable individuals.
Information Use and Disclosure
RDC uses personal data provided by you in order to respond to your questions and/or requests for information. Otherwise, RDC uses Internet Information (described above) collected at our website, in order to understand how people use the RDC website and how we can enhance our products and services. This information is not disclosed to third parties except as required by law.
RDC uses Subscriber Data to maintain a Subscriber’s account and respond to a Subscriber’s request for information. Subscribers may use this information to comply with legal and regulatory obligations related to preventing and detecting money laundering, terrorism, and other criminal activity. RDC may disclose Subscriber Data to third party service providers under terms and conditions designed to safeguard Subscriber Data and ensure that it is used in accordance with this policy. RDC does not otherwise disclose Subscriber Data except as required by law or as needed to respond to valid legal process and to establish, assert or defend our legal rights.
RDC provides Public Records and Publicly Available Data to its Subscribers so that they are better able to comply with legal and regulatory obligations related to preventing and detecting money laundering, terrorism, fraud and other criminal activity. RDC maintains a record of the Public Records and Publicly Available Data that it provides to Subscribers for these purposes, but does not compile reports or maintain profiles about individuals that are the subject of a Subscriber request.
RDC may disclose personal information in response to a lawful request by public authorities including to meet national security or law enforcement requirements.
Under its agreement with Subscribers, RDC must protect Subscriber Data from unauthorized use and disclosure. RDC uses proven security methods and procedures designed to safeguard Subscriber Data during transmission and storage.
Privacy Shield and Data Transfer
RDC is a global business. As a result, the data that we may collect from you may be transferred to, and stored at, any of our locations which may be inside or outside the European Economic Area (“EEA”) and Switzerland. Data may also be processed by people around the world who work for RDC or for one of our suppliers/vendors. These people may be engaged in, among other things, the fulfillment of your information requests, answering enquiries about our services and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
RDC has put in place a number of measures designed to protect data which is transferred from Europe (including Switzerland) to the US. RDC maintains a network of specific agreements to require contracting parties to observe data protection legislation. RDC has additionally signed up to the EU-U.S. Privacy Shield Framework and the Swiss U.S. Privacy Shield Framework. You can find out more about Privacy Shield here https://www.privacyshield.gov/Program-Overview. RDC adheres to the Privacy Shield Framework and Principles regarding the collection, use, and retention of personal information from the EEA and Switzerland. RDC has certified that it adheres to the Principles of notice, choice, onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. We are committed to following the Privacy Shield Principles. We are also committed to supervising third parties where we have transferred data to them after a Privacy Shield data transfer to us and we accept our liability in cases of onward transfer of data to third parties.
If you believe RDC maintains your personal data within the scope of the Privacy Shield Framework, you may direct any of your enquiries or concerns concerning our Privacy Shield compliance to email@example.com. RDC commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union (EU) with inquiries or complaints regarding our Privacy Shield policy should first contact firstname.lastname@example.org. RDC will respond within 30 days. In the unlikely event that we fail to respond within 30 days, or if our response does not address your concern, RDC will undertake to refer the concern to our Chief Privacy Officer who will investigate the matter and communicate with you within 14 days.
RDC has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit_https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you. You can also follow that link for a description of the range of potential remedies. There are more details on the arbitration requirements of the Privacy Shield Frameworks at https://www.privacyshield.gov/.
RDC is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-U.S. Privacy Shield Framework or Swiss -U.S. Privacy Shield Framework, RDC is potentially liable. RDC will continue to adhere to the Privacy Shield Principles for as long as it retains your personal information.
Under certain conditions, more fully described on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint), you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
RDC takes commercially reasonable steps to ensure that data is reliable, accurate, complete, and current for its intended purpose, primarily by accessing Public Records and Publicly Available Data from reputable sources only. RDC does not evaluate or rank search results, nor does it make qualitative judgments with respect to those findings.
The information provided by RDC to its Subscribers consists exclusively of “public record information” within the meaning of the Privacy Shield Frameworks. You may obtain a copy of this information from its public source. RDC acts only as a processor of Subscriber Data. For information about your financial institution’s use of your name for legal and regulatory compliance purposes, please contact your financial institution.
Last updated April 2017