MBD Consultants, LLC dba XG Consultants Group, Inc.

Privacy Policy

Updated as of December 1, 2021

 

MBD Consultants, LLC dba XG Consultants Group, Inc. (“Company,” “we,” “our,” or “us”) is committed to protecting the privacy of your personal information and keeping you informed of how we collect and safeguard your personal information. This Privacy Policy (“Policy”) governs how the Company collects, uses, discloses and secures personal information collected from or about you through this website(s) (collectively, the “Site”) and any online applications (“Applications”) owned and controlled by us, except as otherwise noted herein, as well as the personal information you submit or we collect when you:

  • Visit to our locations or attendance at one of our events
  • Engage in phone, email, or mail communications
  • Social media interactions on our websites and other third-party websites like Facebook, YouTube, Instagram, and Twitter
  • View our online advertisements.

The nature of our business involves the collection of personal information from individuals and entities to provide certain products and/or services (the “Services”) such as performing background checks. As a consumer reporting agency, we are subject to the Fair Credit Reporting Act (FCRA) and other applicable federal and state laws.

Depending on how you interact with us will determine the nature of the personal information we collect from you, the source of that information, how we use it, and how we may disclose or otherwise process it. For example, you might be an individual who provides personal information to us through the Site or an Application, directly or indirectly, through one of our Customers for the purpose of receiving a background check or other Services. In general, we would consider you a “Consumer.”  “Customers” are those entities, organizations, or individuals that purchase our Services which in most cases would involve the collection of personal information from Consumers. Consumers, Customers, or any individual accessing our Site or Applications are “Users” or also referred to as “you” or “your.”

Please review this Policy carefully. The Company reserves the right to change the Policy at any time, in which event the Site will contain a notice of the change. Changes will be effective immediately upon posting to the Site. By accessing the Site, an Application, or using the Services, you consent and agree to the terms of this Policy and to the Company collecting, using, disclosing, and storing such information consistent with this Policy. If you have any questions or concerns about the Policy, please contact us at 212-499-1480 or as provided below.

What Personal Information We Collect. In general, personal information is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. Examples include name, address, IP address, phone number, email address, demographic information such as gender, date of birth, geographic information and preferences for using the Services or communicating with you when such information as identified by you in communications with us. As described below, we may collect or have collected in the preceding 12 months the following categories of personal information. We may add to the categories of personal information we collect. In that case, we will inform you.

  • Examples include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, or other similar identifiers.
  • Other elements. Examples include signature, characteristics or description, address, telephone number, education, bank account number, credit card number.
  • Characteristics of protected classifications under state or federal law. Examples include race, religion, and age.
  • Commercial information. This includes services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. This could include information collected in connection with receipt of the Services, such as information or materials you provide and activities involved in the processing of information regulated by the Fair Credit Reporting Act.
  • Education information. This includes information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, Sec. 1232g; 34 C.F.R. Part 99).
  • Internet or other electronic network activity. Examples include browsing history, search history, a consumer’s interaction with an internet website, application, or advertisement.
  • Geolocation data. This might include location information while using one of our apps.
  • Audio, electronic, visual, thermal, olfactory, or similar information. Examples of this category including identifiable information obtained about you while speaking with our customer service representatives on the telephone.
  • Professional or employment-related information.
  • Consumer profile. This includes inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, and behaviors.
  • Sensitive personal information. This includes personal information that would reveal identifiers such as social security, driver’s license, state identification card, or passport numbers, as well as log-in, financial account, required security or access code and other information that would permit access to an account. It also would include precise geolocation and racial or ethnic origin, religious or philosophical beliefs, union membership or a consumer’s genetic or medical information.

The Site is not directed to children. The Company does not knowingly collect any personal information from children. If you are concerned about your child’s use of the Site, you may use web-filtering technology to supervise or limit access to the Site.

The Company may use web site “cookies” in the process of compiling the statistical information mentioned above and to tailor certain pages of the Site or Application for your browsing convenience. A cookie file can contain information such as the URL you came from, your computer’s IP address and domain type (e.g., .com or .org, etc.), your browser type, the country, state and telephone area code where your server is located, the pages that were viewed during a visit, and any search terms that you entered on our Site or Application. This information generally is used for internal purposes, and we do not link your URL or IP address to any personal information unless you have logged into our Site or Application with an established account login and password.  You have the option of setting your browser to reject cookies, but our Site may not function correctly if you do. Refer to the Help feature of your browser for information on disabling cookies.

Personal information excludes information that is not defined as personal information or excluded from the definition of personal information (or similar terms) under applicable federal or state law. For example, personal information as defined under the California Consumer Privacy Act (“CCPA”) would not include the following information:

  • Publicly available information.
  • De-identified or aggregated consumer information.
  • Certain personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), the California Confidential Medical Information Act, the Health Insurance Portability and Accountability Act, and the Driver’s Privacy Protection Act of 1994.

Purposes We Use Personal Information. In general, we will use the personal information we collect about you only for the purpose it was collected and as otherwise provided in this Policy.  In the case of our background check and related services, we will not use your personal information to perform the background check service, unless our Customer has certified to us that it has satisfied the requirements under FCRA and applicable state law. Set forth below are some examples of business or commercial purposes for which we may have collected your personal information.  We may change or add to the purposes we collect personal information. In that case, we will inform you and obtain your consent when required by law.

  • To communicate with you and provide you with information, products, or services, including the Services, that you request or receive from us.
  • To fulfill or meet the reason for which the information is provided. For example, in the case of background checks, we might provide access to reports or functionality relating to use of such reports.
  • To contact you and/or provide you with email alerts, event registrations and other notices concerning our products or services, or events or news, that may be of interest to you.
  • To communicate with you in social media concerning our products and services.
  • To carry out our obligations and enforce our rights including those arising from any contracts entered into between you and us, including for billing, payment, and collections.
  • To review, improve, and monitor our website, applications, online services, and overall Consumer and Customer experience, including to provide customization to meet the specific needs, ensure a consistent experience, and to assess trends, interests, and the demands of Users.
  • To provide customer service and engage in quality control activities concerning our products and services.
  • For testing, research, analysis and product and service development.
  • To respond to law enforcement requests and as required by applicable law, court order, governmental regulations, or other lawful processes.
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA or other applicable law.
  • To process applications for employment, as well as to evaluate and improve our recruiting efforts.
  • As necessary or appropriate to protect the rights, property, security, and safety of us, our employees, our Consumers, our Customers, our Users, our information systems, and the public.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.

In addition, the Company may compile statistical information concerning the usage of the Site or our Applications. This information allows the Company to monitor its utilization and continuously improve quality. Examples of this information with respect to the Site and our Applications would include, but not be limited to, the number of visitors, the patterns of traffic flowing through, the length of time spent on the Site or our Applications, or in particular sections or pages, the other sites that refer visitors, the pages Users frequently use as entry and exit points, utilization of the browser and operating systems and versions used by Users.

In order to compile this information, the Company may collect and store your IP address, your operating system version, your browser version, the pages you visit, the length of time you spend, the site from which you linked to ours, search terms you used in search engines which resulted in you linking to the Site, etc. While all of this information can be associated with the IP address your computer had while you visited the Site or Application, it will not be associated with you as an individual, or associated with any other information you may submit, or that Company may store about you for any other purposes.

Sources of the Personal Information We Collect. As you are probably aware, we may collect personal information from a variety of sources. The categories of sources of personal information are described below. The examples provided are for illustration purposes and are not exhaustive.

  • You. Examples of when we collect that information include:
    • During a Site visit, when you call us, or when you visit us at one of our locations or events.
    • If you upload or share a photo, submit a request for a background check, or post other digital content through one of our Sites, Applications or via social media interactions on third party websites like Facebook or Twitter
    • If you apply or inquire about employment.
    • In connection with your interactions with us as a registered user of our Sites.
    • We may use tracking tools like browser cookies, flash cookies, and web beacons.
  • Your employer. If your employer is a Customer, they may provide information to us to perform background check or other services we provide.
  • Social media and related services

 

  • Third party databases and information repositories

Disclosing Personal Information.  In general, we will not disclose your personal information for any purposes other than those in conjunction with the business activities requested of us unless otherwise permitted or required by law or by this Policy, or we have your authorization to do so. With respect to the personal information acquired from you in connection with providing background check and related services, we will not disclose such personal information to a third party without your permission, except in connection with performing those services or as otherwise described in this Policy. For example, as permitted under applicable law, we would disclose information to third parties necessary to perform the check, and disclose the results of the check to our customer that ordered it.  We may disclose, including during the past 12 months, the following categories of personal information to the following categories of third parties:

 

Categories of Personal Information Disclosed Categories of Third Parties to Whom Disclosed
Identifiers

 

Other elements

 

Characteristics of protected classifications under California or federal law.

 

Commercial information

 

Education information.

 

Internet or other electronic network activity.

Geolocation data.

 

Audio, electronic, visual, thermal, olfactory, or similar information.

Professional or employment-related information

 

Consumer profile.

Sensitive personal information

·         Third parties as directed by you. We will disclose your personal information with those third parties to whom you direct, such as our Customers.

 

·         Our business partners and affiliates. For example, we might disclose your personal information with our business partners and affiliates for purposes of collaborating on providing services to you. These business partners and affiliates should also have their own privacy statements that set out the manner in which they will collect, use, and disclose personal information. Where applicable, we encourage you to review each such business partner and affiliate’s privacy statement before signing on with them.

 

·         Third parties who perform services on our behalf. For example, we disclose information with certain service providers, professional service providers, debt collectors, information technology providers, and data storage companies. We might also authorize our service providers to collect personal information on our behalf.

 

·         Governmental entities, legal service providers. We may disclose your personal information in order to comply with the law and in the course of providing our products and services. We may also disclose information if a government agency or investigatory body submits a request.

 

·         Successors to all or portions of our business. If all or part of our business is sold, we may disclose personal information in preparation for or as part of that transaction.

In no case do we sell or license personal information to third parties, except as permitted by law, nor do we have actual knowledge that we have sold personal information of minors under age 16.

Do Not Track.  “Do Not Track” is a privacy preference that you can set in your Internet search browser that sends a signal to a website that you do not want the website operator to track certain browsing information about you.  However, because our Site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests.

 

Links to Other Websites. The Services may contain links to other websites. Any personal information you provide to linked pages is provided directly to that third party and is subject to the privacy policy of that third party. We are not responsible for personal information provided by you to a third party using a link from our website. Links are provided only as a convenience. 

 

Personal Information Disclosure: United States or Overseas. Personal information submitted to the Company for a background check or related services may at times be transferred outside of the United States in order to perform the background investigation. All personal information will be transmitted and stored in a secure manner in accordance with the terms of this Policy.

 

Safeguarding of Information. No system for safeguarding personal or other information is 100% secure. However, we take a number of steps to safeguard the security of personal information obtained through the Site.

Applicable law. This Policy is governed by the internal substantive laws of New York, without regard to its conflict of laws principles. Jurisdiction for any claims arising under or out of this Privacy Policy shall lie exclusively with the state and federal courts within New York. If any provision of this Policy is found to be invalid by a court having competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Policy, which shall remain in full force and effect.

CALIFORNIA PRIVACY RIGHTS: This section of the Policy (“CA Policy”) supplements and amends the information contained in our Policy with respect to California residents. This CA Policy applies solely to Users who are natural persons and residents of the State of California (“consumers” or “you”). THIS ADDENDUM TO THE PRIVACY POLICY DOES NOT APPLY TO USERS WHO ARE NOT NATURAL PERSONS AND NOT CALIFORNIA RESIDENTS.

The CA Policy describes our policies and practices regarding the personal information we collect, use, and disclose about you, including personal information you submit or we obtain when you access the Site and other sources.  This CA Policy is adopted in part to comply with the California Consumer Privacy Act (“CCPA”).

Any terms defined within the CCPA have the same meaning when utilized within this CA Policy. The other provisions of the Policy continue to apply except as modified in this CA Policy.

Consumer Rights. Pursuant to the CCPA, and as detailed below, consumers have various rights with respect to their personal information.

  • Request to Delete. You have the right to request that we delete your personal information from our records and direct any service providers or contractors to delete your personal information from their records, subject to certain exceptions. Upon receipt of a confirmed verifiable consumer request (see below), and as required by the CCPA, we will delete and direct any service providers or contractors to delete your personal information from our records.

We are not required to comply with your request to delete your personal information if it is necessary for us (or our service providers or contractors) to maintain your Personal Data in order to:

  • Complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between the us and you.
  • Help to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for those purposes.
  • Debug to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that confirms or adheres to all other applicable ethics and privacy laws, when the Company’s deletion of the information is likely to render impossible or seriously impair the ability to complete such research, if you have provided informed consent.
  • To enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the information.
  • Comply with a legal obligation.

Upon receipt of a confirmed verifiable consumer request (see below), and as required by the CCPA, we will provide a response to such requests.

If you are under the age of 18, and a registered user of any Service where this CA Policy is posted, California law permits you to request and obtain removal of content or information you have publicly posted. You may submit your request using the contact information in the Policy. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

  • Request to Know. You have the right to request that we disclose the following to you as it relates to the 12-month period preceding its receipt of your verifiable consumer request:
  • The categories of personal information we have collected about you.
  • The categories of sources from which the personal information was collected.
  • The business or commercial purpose for collecting personal information.
  • The categories of personal information we disclosed for a business purpose.
  • The categories of third parties with whom we disclose personal information.
  • The specific pieces of personal information we collected about you.

Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will provide a response to such requests.

  • Request to Correct Inaccurate Information. You have the right to request that we correct inaccurate personal information that we maintain. Upon receipt of a verifiable consumer request (see below), and as required by the CCPA, we will provide a response to such requests.
  • Direct the Company to Limit the Use of Sensitive Personal Information. You have the right to direct that we limit the use of sensitive personal information we collect about you to (i) uses that an average consumer would expect are reasonably necessary to provide the goods and or services you have requested, (ii) perform certain other activities permitted under the CCPA, and (iii) what is permitted by applicable law. Your right to direct the Company under this paragraph applies only to sensitive personal information that we collect or processed for the purpose of inferring characteristics about you.
  • We will not discriminate against you in violation of the CCPA for exercising any of your CCPA rights. For example, we generally will not provide you a different level or quality of goods or services if you exercise your rights under the CCPA.

Submitting Consumer Rights Requests. To submit any of the Consumer Rights requests as outlined above, please contact us at 212-499-1480 or info@xgconsultantsgroup.com. We reserve the right to only respond to verifiable consumer requests.  A verifiable consumer request is one made by any individual who is:

  • the consumer who is the subject of the request,
  • a consumer on behalf of the consumer’s minor child, or
  • by a natural person or person registered with the Secretary of State authorized to act on behalf of a consumer.

If we request, you must provide us with sufficient information to verify your identity and/or authority to act on behalf of the consumer. In general, we may ask you to provide identifying information that we already maintain about you or we may use a third-party verification service. In either event, we will try to avoid asking you for sensitive personal information to verify your identity. We may not be able to respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  However, making a verifiable consumer request does not require you to create an account with us.  Additionally, you will need to describe your request with sufficient detail to allow us to review, understand, assess, and respond. Personal information collected from an individual to determine whether a request is a verifiable consumer request may not be used or disclosed for any other purpose except as required by law. We will endeavor to respond to a verifiable consumer request within forty-five (45) calendar days of receipt, but we may require an extension of up to forty-five (45) additional calendar days to respond and we will notify you of the need for the extension.

If you have an account with us, we will deliver our written response to that account.  If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.  Any disclosures we provide will only cover the 12-month period preceding the receipt of your verifiable consumer request. With respect to personal information collected on and after January 1, 2022, and to the extent expressly permitted by applicable regulation, you may request that such disclosures cover a period beyond the 12 months referenced above, provided doing so would not require a disproportionate effort by the Company.

The response we provide will also explain the reasons we cannot comply with a request, if applicable. To the extent permitted by the CCPA, we will respond to no more than two requests during any 12-month period.

You may authorize a natural person or a business registered with the California Secretary of State to act on your behalf with respect to the right under this CA Policy. When you submit a Request to Know or a Request to Delete, unless you have provided the authorized agent with a qualifying power of attorney, you must provide your authorized agent written permission (signed by you) to act on your behalf and verify the authorized agent’s identity with us. We reserve the right to deny requests from persons or businesses claiming to be authorized agents that do not submit sufficient proof of their authorization.

Contact Us. If you have any questions regarding this Policy or our policies in the event of a compromise of your information, you may contact us at:

XG Consultants Group

110 East 42nd Street

Suite 1302

New York, NY 10017

info@xgconsultantsgroup.com

212-499-1480

4867-8698-1637, v. 2