Global Data Fusion, LLC (“Global Data Fusion,” “GDF,” “we,” “our,” or “us”) is a background screening, employment screening, drug testing support, and related compliance services provider. We are committed to protecting the privacy, confidentiality, integrity, and security of personal information, consumer information, client information, applicant information, and other sensitive data entrusted to us.

This Privacy Policy explains how we collect, use, disclose, protect, retain, and dispose of information in connection with our website, client services, applicant/consumer screening services, drug testing support services, vendor/source relationships, and business operations.

This Privacy Policy is intended to support GDF’s privacy and information-security practices, including requirements applicable to consumer reporting agencies, employment screening providers, clients, consumers, vendors, and service providers. GDF also maintains internal policies, procedures, agreements, access controls, training records, and compliance records that further govern the handling of consumer information and client data.

1. Scope of This Policy

This Privacy Policy applies to information collected or processed by GDF through:

  • our website;
  • client inquiries and onboarding;
  • background screening and employment screening services;
  • drug testing support services;
  • consumer/applicant communications;
  • client portals, vendor portals, and screening platforms;
  • email, telephone, fax, mail, electronic forms, secure file transfer, and other business communications;
  • vendor/source relationships;
  • internal business and compliance operations.

This Privacy Policy applies to personal information collected online and offline.

Certain information may also be governed by specific laws, agreements, authorizations, disclosures, notices, or client certifications, including the Fair Credit Reporting Act (“FCRA”), Driver’s Privacy Protection Act (“DPPA”), Gramm-Leach-Bliley Act (“GLBA”), applicable state privacy and consumer reporting laws, drug testing requirements, healthcare-related exclusion-screening requirements, and other federal, state, or local requirements.

2. Types of Information We May Collect

Depending on the purpose, service, and relationship involved, GDF may collect, receive, use, or process the following categories of information.

A. Website and Inquiry Information

When you visit our website or contact us, we may collect:

  • name;
  • company name;
  • job title;
  • mailing address;
  • email address;
  • telephone number;
  • message or inquiry content;
  • service interests;
  • IP address;
  • browser and device information;
  • website usage information;
  • cookies or similar website data.

B. Client and Business Contact Information

For client onboarding, authentication, billing, service delivery, and account management, we may collect:

  • company name;
  • business address;
  • mailing address;
  • federal tax identification number or other business identifier;
  • business license or credential information, where applicable;
  • primary contacts;
  • billing contacts;
  • authorized users;
  • email addresses;
  • phone numbers;
  • account credentials or user-access records;
  • signed agreements, certifications, authorizations, and acknowledgments;
  • service preferences and billing information.

C. Consumer, Applicant, Employee, or Candidate Information

When GDF provides background screening, employment screening, drug testing support, verification, or related services, we may collect information about consumers, applicants, employees, contractors, volunteers, or other individuals, including:

  • full name;
  • aliases, maiden names, or other names used;
  • date of birth;
  • Social Security number or partial Social Security number;
  • driver’s license or state identification information;
  • address history;
  • contact information;
  • employment history;
  • education history;
  • professional license or certification information;
  • criminal record information;
  • motor vehicle record information;
  • sanctions, exclusions, or watchlist information;
  • drug testing order, collection, status, or result-related information, where applicable;
  • verification information;
  • dispute, reinvestigation, or correction information;
  • authorization and disclosure records;
  • consumer communications;
  • other information necessary to perform requested services lawfully.

D. Vendor, Source, and Service Provider Information

GDF may collect and retain information related to vendors, public record researchers, data providers, verification providers, drug testing vendors, technology platforms, and other service providers, including:

  • vendor agreements;
  • service descriptions;
  • vendor contacts;
  • insurance evidence;
  • security certifications or audit evidence;
  • access credentials or account ownership records;
  • vendor review or approval records;
  • audit, quality, or performance records;
  • confidentiality, security, and compliance certifications.

E. Internal Worker and Compliance Records

GDF may collect information from workers, contractors, owners, principals, or authorized personnel for compliance and security purposes, including:

  • worker certifications;
  • confidentiality acknowledgments;
  • training records;
  • background and sanctions review records;
  • system access records;
  • role and permission information;
  • policy acknowledgments;
  • incident, ethics, complaint, or corrective-action records.

3. How We Use Information

GDF uses information only for legitimate business, compliance, legal, operational, and service-related purposes. These purposes may include:

  • responding to inquiries;
  • onboarding clients;
  • authenticating clients and authorized users;
  • providing background screening and employment screening services;
  • supporting drug testing services;
  • verifying identity or applicant information;
  • obtaining, reviewing, or reporting public record information;
  • obtaining employment, education, license, or other verifications;
  • processing consumer disputes or reinvestigations;
  • supporting adverse-action processes as requested by clients;
  • providing client education and compliance support;
  • communicating with clients, consumers, vendors, and authorized parties;
  • complying with applicable laws and regulations;
  • maintaining records required by law, contract, or accreditation standards;
  • protecting consumer information, client information, and GDF systems;
  • detecting, investigating, responding to, or preventing unauthorized access, misuse, fraud, or security incidents;
  • administering accounts, billing, and services;
  • managing vendor/source relationships;
  • conducting training, quality control, and internal compliance reviews;
  • maintaining PBSA/BSOAP accreditation evidence and compliance records.

GDF does not use consumer information for purposes unrelated to the services requested, permitted by law, and authorized by applicable agreements, certifications, disclosures, or authorizations.

4. Legal and Compliance Basis for Use

GDF handles information in accordance with applicable legal and contractual requirements, including where applicable:

  • the Fair Credit Reporting Act;
  • the Driver’s Privacy Protection Act;
  • Gramm-Leach-Bliley Act safeguards and privacy obligations;
  • applicable state consumer reporting laws;
  • applicable employment screening laws;
  • drug testing and occupational health service requirements;
  • healthcare-related exclusion or sanctions screening requirements;
  • client certifications and permissible purpose requirements;
  • consumer disclosures and authorizations;
  • vendor/source agreements;
  • information-security and confidentiality obligations.

Clients are responsible for obtaining legally required consumer disclosures, authorizations, certifications, and adverse-action notices where applicable. GDF provides support, notices, guidance, and services, but GDF does not provide legal advice.

5. FCRA and Consumer Report Information

When GDF acts as a consumer reporting agency or provides information that may be used in a consumer report, GDF follows applicable FCRA requirements.

Consumer report information may be used only for a permissible purpose. Clients must certify their permissible purpose and must not request, use, disclose, retain, or dispose of consumer report information in violation of applicable law.

Consumers may have rights under the FCRA, including rights to request a copy of their file, dispute inaccurate or incomplete information, receive required notices, and obtain information about adverse action. GDF maintains procedures for responding to consumer inquiries and disputes as required by law.

6. Disclosure and Authorization

For employment-related consumer reports, clients are responsible for providing required disclosures and obtaining written consumer authorization before requesting a report unless a specific legal exception applies.

GDF may require clients to certify that required disclosures and authorizations have been obtained before reports are requested or provided.

GDF may retain evidence of client certifications, consumer authorizations, notices, and related documentation as required by law, contract, or internal compliance procedures.

7. Adverse Action Support

When consumer reports are used for employment purposes, clients are responsible for complying with applicable pre-adverse and final adverse action requirements.

GDF may provide support materials, report copies, notices, or other information to help clients understand their obligations, but clients remain responsible for making employment decisions and for complying with applicable adverse-action procedures.

GDF does not make hiring decisions for clients.

8. Drug Testing Information

When GDF supports drug testing services, GDF may process applicant, employee, client, order, collection, status, result, and vendor-portal information related to the requested drug testing service.

Drug testing information is treated as confidential and is accessed only by authorized personnel with a business need. GDF uses secure systems, vendor portals, and internal procedures to help protect drug testing records from unauthorized access, disclosure, alteration, or misuse.

9. How We Share Information

GDF may share information only as permitted or required for lawful business, operational, service, compliance, or legal purposes. This may include sharing information with:

  • clients or authorized client users;
  • consumers/applicants, where required or permitted;
  • public record researchers;
  • courts, law enforcement agencies, government agencies, or public sources;
  • employment, education, license, or reference verification sources;
  • drug testing vendors, collection sites, laboratories, medical review officers, or related service providers;
  • background screening platforms and technology providers;
  • data providers and authorized vendors;
  • legal, accounting, insurance, compliance, audit, or professional advisors;
  • regulators, auditors, accreditation bodies, or authorities where required or appropriate;
  • parties authorized by the consumer, client, or applicable law.

GDF does not sell consumer report information.

GDF does not disclose consumer information to unauthorized parties.

10. Vendor and Service Provider Controls

GDF may use vendors, technology platforms, public record researchers, data providers, verification providers, drug testing vendors, and other service providers to support its services.

GDF requires appropriate vendors and service providers to protect confidential information, personal information, and consumer information. Vendor controls may include:

  • written agreements;
  • confidentiality obligations;
  • information-security requirements;
  • secure transmission requirements;
  • secure storage and disposal requirements;
  • access restrictions;
  • insurance requirements where applicable;
  • vendor review, approval, or audit procedures;
  • requirements related to subcontractors or downstream providers.

GDF retains vendor/source records and evidence as part of its compliance and accreditation program.

11. Confidentiality and Access Controls

GDF restricts access to consumer information, client information, vendor/source information, and other confidential information to authorized personnel who have a legitimate business need.

GDF’s access-control practices may include:

  • individual user accounts;
  • role-based access;
  • password requirements;
  • multi-factor authentication where available or required;
  • limited access to systems, portals, and SharePoint folders;
  • removal or modification of access when roles change or access is no longer needed;
  • periodic access reviews;
  • restrictions against shared credentials, unauthorized browsing, and use of information for personal purposes.

Workers are required to certify and follow GDF confidentiality, security, and legal compliance practices.

12. Information Security

GDF maintains administrative, technical, and physical safeguards designed to protect personal information, consumer information, client information, and confidential business information.

These safeguards may include:

  • written information-security policies;
  • confidentiality and worker training;
  • access controls;
  • secure transmission practices;
  • secure storage practices;
  • encryption where appropriate or available;
  • vendor/platform security review;
  • secure destruction practices;
  • incident response procedures;
  • physical security controls;
  • remote-workforce expectations;
  • periodic review of systems and access.

GDF also relies on qualified technology platforms and vendors that maintain their own security controls, certifications, or independent audit reports, where applicable.

No method of transmission, storage, or electronic processing is completely secure. However, GDF takes reasonable measures to protect information from unauthorized access, disclosure, alteration, misuse, or destruction.

13. Remote Work and Electronic Communications

When GDF personnel work remotely or communicate electronically, they are required to protect confidential information and consumer information through appropriate safeguards, including secure devices, approved systems, password protection, secure transmission, private workspaces, and protection against unauthorized viewing, access, printing, downloading, or disclosure.

GDF workers must not store, transmit, or discuss consumer information using unauthorized systems or personal accounts.

14. Retention of Information

GDF retains information for as long as reasonably necessary to fulfill the purpose for which it was collected, provide services, comply with legal requirements, support audits, respond to disputes, enforce agreements, maintain compliance evidence, or satisfy operational and accreditation requirements.

Retention periods may vary based on:

  • legal requirements;
  • FCRA and state law requirements;
  • client agreements;
  • consumer dispute obligations;
  • vendor/source requirements;
  • insurance or audit requirements;
  • PBSA/BSOAP accreditation evidence requirements;
  • internal business needs.

GDF maintains controlled records and evidence in designated systems and repositories, including secure electronic folders and approved business platforms.

15. Disposal and Destruction

When information is no longer needed and destruction is permitted by law, contract, and internal retention requirements, GDF disposes of information in a secure manner.

Secure disposal may include:

  • shredding or destroying paper records;
  • deleting, erasing, or securely disposing of electronic records;
  • using approved disposal vendors where appropriate;
  • following applicable laws and procedures for consumer report information;
  • preventing unauthorized reconstruction, access, or recovery where feasible.

GDF workers and vendors are expected to follow applicable secure-destruction requirements.

16. Consumer Rights and Requests

Depending on applicable law and the type of information involved, individuals may have rights to:

  • request a copy of certain information maintained by GDF;
  • dispute inaccurate or incomplete consumer report information;
  • request correction or reinvestigation;
  • receive required notices;
  • ask questions about the source or use of information;
  • exercise rights available under applicable federal or state law.

Consumers seeking information about a background report, file disclosure, reinvestigation, or dispute may contact GDF using the contact information below.

GDF may need to verify the identity of the person making the request before releasing information.

17. Client Responsibilities

Clients using GDF services are responsible for complying with applicable laws and client agreement requirements, including:

  • using reports only for a permissible purpose;
  • providing required disclosures;
  • obtaining required consumer authorizations;
  • making required certifications;
  • complying with adverse-action requirements;
  • protecting consumer information;
  • limiting access to authorized users;
  • using individual credentials;
  • securing and properly destroying reports and related information;
  • notifying GDF of unauthorized access, misuse, or suspected security incidents;
  • consulting legal counsel regarding employment decisions and compliance obligations.

GDF may suspend or terminate access if a client fails to meet required compliance or security obligations.

18. Cookies and Website Technologies

GDF’s website may use cookies, analytics tools, or similar technologies to improve website functionality, understand usage, maintain security, and support communications.

Users may adjust browser settings to block or delete cookies. Some website features may not function properly if cookies are disabled.

19. Payment Information

If payment information is collected, GDF uses reasonable safeguards and approved payment processors or financial service providers to process payments. GDF does not intend to store complete payment card information unless necessary and permitted through approved systems.

20. Children’s Privacy

GDF’s website and services are not directed to children under 13. GDF does not knowingly collect personal information from children under 13 through its website.

21. Links to Other Websites

GDF’s website may contain links to third-party websites. GDF is not responsible for the privacy practices, security, or content of third-party websites. Users should review the privacy policies of any third-party websites they visit.

22. International Users

GDF primarily provides services from the United States. If information is provided to GDF from outside the United States, the information may be processed and stored in the United States or in systems used by GDF or its service providers. By providing information to GDF, users acknowledge that information may be processed in accordance with U.S. laws and this Privacy Policy.

23. Security Incidents

GDF maintains procedures for identifying, escalating, investigating, responding to, and documenting suspected privacy or security incidents.

If GDF determines that notification is required by applicable law, contract, or other obligation, GDF will provide notice as required.

Workers, clients, and vendors are expected to promptly report suspected unauthorized access, misuse, loss, disclosure, or compromise of GDF information, consumer information, client information, credentials, systems, or records.

24. Policy Updates

GDF may update this Privacy Policy from time to time to reflect changes in law, services, operations, security practices, or accreditation requirements.

The effective date and last-reviewed date will be updated when appropriate. Continued use of GDF’s website or services after an update means the updated policy applies going forward.

25. Contact Information

Questions, requests, disputes, or concerns regarding this Privacy Policy or GDF’s privacy practices may be directed to:

Global Data Fusion, LLC
P.O. Box 53889
Lafayette, LA 70505

Email: support@globaldatafusion.com
Website: globaldatafusion.com

For consumer report disputes, file disclosures, or privacy/security concerns, please include enough information for GDF to verify identity and locate the relevant record. Do not send Social Security numbers, driver’s license numbers, dates of birth, drug testing results, or other sensitive information by unsecured email unless specifically instructed through an approved secure process.

26. PBSA / BSOAP Compliance Statement

GDF maintains privacy, confidentiality, information-security, access-control, training, vendor, client agreement, retention, destruction, and incident-response practices to support its background screening operations and PBSA/BSOAP accreditation readiness.

This public Privacy Policy is one component of GDF’s overall privacy and information-security program. GDF also maintains internal controlled documents, evidence records, worker certifications, vendor agreements, client certifications, platform security evidence, access reviews, incident records, and audit-support materials to demonstrate conformity with applicable PBSA/BSOAP standards.