Data Privacy Framework Program Privacy Policy

Last Updated November 29, 2023

Plexus Global LLC is committed to protecting the privacy of our clients, of visitors to our Web Site, and of the individuals (“consumers”) with respect to whom we conduct background screens at our clients’ request. As a consumer reporting agency governed by the U.S. federal Fair Credit Reporting Act (“FCRA”), among other applicable laws, Plexus Global LLC strives to maintain the confidentiality, integrity, and security of personal information that Plexus Global LLC obtains.

Plexus Global LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Plexus Global LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Plexus Global LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit

The Federal Trade Commission has jurisdiction with enforcement authority over Plexus Global’s compliance with the Data Privacy Frameworks.


Plexus Global receives personal information about consumers from its clients. Plexus Global’s clients certify to Plexus Global that (a) to the extent required by applicable law, they have obtained the individual’s consent to share this information with Plexus Global for the purposes of conducting a background screening on the individual, (b) they are requesting a background screening for employment or other purposes permitted under the FCRA or other applicable law, and (c) they will use the results of Plexus Global’s background screening only for legally permissible purposes, such as hiring, promotion, and discharge decisions.

Plexus Global notifies individuals from whom personally identifiable information is collected about how the information will be used. Personally identifiable information collected by Plexus Global is used within the narrow confines of employment-related screening.

Plexus Global collects personal data for the purposes of communicating with our clients and others who request that we communicate with them (e.g. through signing up for our services or newsletters, requesting information from us or seeking employment at Plexus Global) providing our clients with essential information required to make employment screening decisions. “Personally Identifiable Information” means all information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context, whether oral, written, computerized, digitized or otherwise. Personally Identifiable Information (PII) provided by an individual includes Social Security Number, Social Insurance Number, National Identification Number, Other country or state identification number, Passport, Driver’s License Number.” Confidential information such as name, address, telephone number, date of birth, Professional License information, employment history, education and other credentials may also be obtained. All data is collected, stored and delivered in compliance with applicable laws- including the Fair Credit Reporting Act and other local, state and federal laws. Plexus Global may also transfer your information to third parties for processing in order to provide our clients with the services requested. We require such third parties to keep the information confidential and not to use it for other purposes or process the information in a manner incompatible with the purposes for which it has been collected.”


Plexus Global collects information about consumers only if Plexus Global’s client has, to the extent required by applicable law, certified to Plexus Global that the consumer has affirmatively consented to such collection. Consumers who do not want Plexus Global to collect information about them can choose to prevent collection by refusing to sign the notice and authorization form presented by their prospective or current employer in accordance with the FCRA or, if required, by other applicable law. Consumers who wish to revoke their consent to Plexus Global ‘s collection of information about them can do so at any time by notifying Plexus Global either in person, by phone, fax, or email at the details listed below.

Accountability for Onward Transfer

Plexus Global generally will disclose the information obtained on a consumer only to (a) the Plexus Global client whom the consumer has authorized to receive the information (and its designated representatives), and (b) a third-party representative or subcontractor of Plexus Global authorized to receive such information (e.g., service providers that help host or support Plexus Global’s web site, or that otherwise provide technical assistance; court researchers; and other providers of professional services). Plexus Global shares information with these third parties only for the purposes described in the “Notice” section of this Policy. All such entities are contractually obligated to use and maintain the confidentiality of personal information in a manner consistent with this Privacy Policy, which includes not sharing any such information with any third party, other than Plexus Global and its customers. Except as described in this Privacy Policy, or required by law, Plexus Global will not use or otherwise disclose any of the personally identifiable information provided or collected from third parties or other sources.

Plexus Global has potential liability in the case of unlawful onward transfer of personal information to third parties.

Plexus Global also may in good faith disclose personal information and any other additional information available to Plexus Global, for any of the following purposes: (i) to investigate, prevent or take action regarding actual or suspected illegal activities or fraud; situations involving potential threats to the physical safety of any person; or violations of Plexus Global’s terms of use; (ii) to respond to subpoenas, court orders, or other legal process; (iii) to establish or exercise Plexus Global’s legal rights; or (iv) otherwise to comply with applicable law.

Plexus Global may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

As part of our contractual agreements, Plexus Global clients have agreed in writing to follow adequate data protection principles and may not forward personally identifiable information to unauthorized parties.


Plexus Global maintains a secure network that is protected from computer malicious software and monitored for unauthorized access. All records both electronic and paper-based holding personal information are properly stored in card-access controlled facilities protected by video security and alarm systems. Digitally stored information transmitted using Secure Socket Layer (SSL) encryption. Employees and clients sign binding non-disclosure agreements prior to engaging with Plexus Global.

Plexus Global collects only minimal personal information that is necessary to the requested search and takes reasonable steps to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction regardless of how it is collected, recorded and used- whether on paper, computer, or recorded on other material. Plexus Global’s safeguards exceed the ethical expectations and lawful regulation worldwide.

Plexus Global will release information via telephone, facsimile, mail, and secure electronic methods only to the individual(s) or business(s) who originally requested the service. Under no circumstances will personal information collected and maintained in our databases ever be sold or provided to an outside entity for any purpose.

Data Integrity and Purpose Limitation

Data collected by Plexus Global is collected for the purpose of employment screening. Our sources of information are those deemed most accurate by a consensus of the established background screening industry and through our 30 years of experience. The information we collect must be relevant to the purposes of determining an applicant’s suitability for employment. Plexus Global has an effective and swift dispute resolution procedure in place to allow individuals a chance to correct or delete inaccurate information. Individuals may contact us through the methods outlined later in this document to dispute any such information.

Plexus Global restricts the use of personally identifying information to only those purposes for which the data was collected and authorized by the individual. Plexus Global will take reasonable steps to ensure that personally identifying information is relevant to its intended use, accurate, current, and complete.


Under the Data Privacy Frameworks EU, UK and Swiss individuals have a right to access, correct or delete information collected about them. Plexus Global permits all search subjects to inspect, and/or to receive a copy of, the information that Plexus Global has collected about them in accordance with the FCRA or other applicable law. Search subjects also may request that Plexus Global correct, amend or delete inaccurate information about them. Plexus Global will notify the individual if, for good reason, we are unable to gain access to data or to correct data. EU or Swiss individuals who wish to exercise these rights may contact Plexus Global Customer Service by calling (844) 516-1008 (inside the US and Canada) or (951) 335-4900, or by e-mailing Plexus Global at For security purposes, Plexus Global will require verification of the individual’s identity.

Recourse, Enforcement, and Liability

Plexus Global’s Data Security Committee, captained by the company President, is responsible for enforcing these rules and ensuring Data Privacy Framework principles are adhered to. All reported breaches or potential breaches are subject to investigation which will include documentation of the incident from discovery through resolve. Violations of this policy by employees are subject to disciplinary action including and up to termination; all serious criminal activity regardless of internal or external will be reported to the appropriate legal body.

Dispute Resolution

In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Plexus Global LLC commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Plexus Global LLC via the following method:

Step One:

The disputing party should contact Plexus Global via one of the following contact options:

  1. By Phone: 844-516-1008 Toll Free or 951-335-4900
  2. Via Email Notification:
  3. By Certified Mail:

Plexus Global
Attn: Dispute Resolution
19340 Jesse Lane, Suite 208
Riverside, CA 92508

+1 844-516-1008 Toll Free
+1 951-905-1183 Fax

A. If contact option “#1” is utilized, the subject should advise the Plexus Global answering party they are calling regarding a “Dispute” and be ready to provide the details listed in “B” below.

B. The following details should be included in written communication:

  1. The subject’s legal name
  2. The subject’s DOB
  3. The date that the background screening was authorized by subject.
  4. The type of screening performed.
  5. The details the subject is disputing and why it is disputed.
  6. How the screening results negatively impacted the subject.
  7. Contact details for the subject.

Step Two:

The information obtained from the subject surrounding their dispute will be documented, researched and the subject will receive a formal letter describing all action taken and the results by certified mail (copied to subject’s email, if applicable). The FCRA permits up to 30 days to complete the reinvestigation and allows for a 15 day extension, if required. Plexus Global understands the importance of completing the reinvestigation promptly so we typically take 3-5 days to complete. If not satisfied, this letter will also provide details on how the subject can file formally with the FTC or applicable government authority applicable to the country and screening provided.

Independent Recourse for Unresolved EU and Swiss Privacy Complaints (Non-Human Resources)


Plexus Global LLC has further committed to refer unresolved Data Privacy Framework Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. This service is provided free of charge to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See

Changes To Our Privacy Policy

We reserve the right to revise this privacy policy at any time. Any changes we make to our privacy policy in the future will be posted on this page.

Ready To Explore New Possibilities?

Please contact Plexus Global at your convenience for an initial consultation. We’ll work with you one on one to determine a roadmap to success. We look forward to working with you soon.