Effective Date: June 9, 2016

This Customer Agreement (together with the Application Form, this (“Agreement”) is entered into by and between AssureHire, Inc. a California corporation with mailing address at 2206 Plaza Drive Suite 100, Rocklin, Ca 95747 (“Company”) and the entity identified in the Registration Form being submitted to the Company in connection with entry into this Agreement as “Customer” (such entity, the “Customer”).

By clicking on “Agree”, the individual doing so hereby represents and warrants that he/she is authorized by Customer to bind Customer to this Agreement. Please read this Agreement carefully and only click on “agree” if you agree that CUSTOMER shall be bound by all of its terms and conditions.


1.1 “API” means the Platform’s application programming interface through which Background Information can be submitted to the Platform directly through a mobile device software application which is configured in accordance with the API Documentation.

1.2 “API Documentation” means documentation (including any sample code) made available by Company relating to integration with and use of the API.

1.3 “App” means a mobile device software application owned and published by Customer.

1.4 “Applicant” means an individual who submits Background Information to the Platform in connection with an application for employment or engagement as an independent contractor by Customer, whether through an App or otherwise.

1.5 “Background Check” means the production of a Report.

1.6 “Background Information” means the personal information required to be submitted to the Platform in order for the Platform to conduct a Background Check on the applicable individual.

1.7 “Effective Date” means the start date set forth on the Registration Form.

1.8 “Customers” means Customer’s individual personnel that use the Platform.

1.9 “FCRA” means the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.

1.10 “Initial Term” shall mean the time period beginning on the date the Registration Form is received by Company and ending on the one (1) year anniversary thereof.

1.11 “Intellectual Property Rights” means all forms of proprietary rights, titles, interests, and ownership relating to patents, copyrights, trademarks, trade dresses, trade secrets, know-how, mask works,droit moral (moral rights), and all similar rights of every type that may exist now or in the future in any jurisdiction, including without limitation all applications and registrations therefore and rights to apply for any of the foregoing.

1.12 “Law” means laws, rules and regulations of any kind, whether federal, state or local.

1.13 “Platform” means the job applicant background checking platform hosted and made available by Company as a software-as-a-service called “AssureHire”. References to “Platform” herein shall include the API and shall (to the extent applicable) be deemed to refer to the specific version of the Platform selected by Customer in the Application Form.

1.14 “Platform Pricing Plan” means the Platform pricing plan selected by Customer on the Application Form.

1.15 “Application Form” means the online form being submitted in connection with entry into this Agreement which identifies Customer and the Platform Pricing Plan selected by Customer.

1.16 “Report” means a consumer report or investigative consumer report (in each case as defined under the FCRA) provided to Customer through the Platform.


2.1 Use of Platform. Subject to all terms and conditions of this Agreement, Customer shall have the right to access and use the Platform solely:(i) for Customer’s own use for permissible purposes under applicable law of conducting Background Checks for Applicants; (ii) in the manner enabled by Company and in accordance with all applicable Company documentation; and (iii) in accordance with all applicable laws, rules and regulations (including without limitation the FCRA), and any reasonable rules or guidelines that Company may provide. Company reserves the right to modify and update the features and functionality of the Platform from time to time in its sole discretion. Customer is solely responsible for purchasing and configuring all hardware, software and services that may be necessary or desirable for Customer’s use of the Platform. Customer agrees to comply with all applicable laws, rules and regulations in connection with Customer’s use of the Platform, including without limitation laws relating to non-discrimination in employment, wage and hour laws and all other employment and labor laws. Customer is permitted to request Reports for employment purposes via Company’s Platform on its website. In addition to all other obligations, Customer agrees to abide by such additional conditions that may be imposed to utilize the website, provide all required certifications electronically, to maintain complete and accurate files containing all required consent, authorization and disclosure forms with regard to each consumer for whom a report has been requested, and maintain strict security procedures and controls to assure that its personnel are not able to use Customer’s Internet access to obtain reports for improper, illegal or unauthorized purposes. Customer agrees to allow Company to audit its records at any time, upon reasonable notice given. Breaches of this Agreement and/or violations of applicable law discovered by Company may result in immediate suspension and/or termination of the account, legal action and/or referral to federal or state regulatory agencies.

2.2 Customer’s Certification of Fair Credit Reporting Act (FCRA) Permissible Purpose(s). Customer hereby certifies that all of its orders for Reports from COMPANY shall be made, and the resulting reports shall be used, for the following Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq., permissible purposes only:

2.3 API Documentation. Subject to all terms and conditions of this Agreement, Customer shall have the right to internally reproduce and use the API Documentation for purposes of integrating one or more Apps with the API in order to facilitate Customer’s authorized use of the Platform hereunder. Customer acknowledges that use of the API shall be subject to such limitations as are applicable to the Platform Pricing Plan and that Company may change such limitations from time to time upon reasonable prior written notice, provided that such changes are applied generally to other similarly situated Platform customers. Customer represents and warrants to Company that it has all right, title, and interest in and to the Apps in connection with which it uses the API that is necessary for such use.

2.4 Restrictions. Customer acknowledges that use of the Platform is provided only for Customer’s own use in direct relation to Customer’s own hiring needs, and agrees not to use the Platform for the benefit of any third party. Customer agrees not to, not to attempt to, nor allow any third party to: (i) copy, distribute, rent, lease, lend, sublicense or transfer the Platform, make the Platform available to any third party or use the Platform on a service bureau or time sharing basis, (ii) decompile, reverse engineer, or disassemble the Platform or otherwise attempt to reconstruct or discover any source code, underlying ideas, algorithms, file formats or programming interfaces of the Platform, (iii) create derivative works based on the Platform; (iv) modify, remove, or obscure any copyright, trademark, patent or other notices or legends that appear on the Platform or during the use and operation thereof; (v) publicly disseminate performance information or analysis (including benchmarks) relating to the Platform; or (vi) use the Platform to develop a competitive product offering. Customer may not use any automated means, including agents, robots, scripts, or spiders, to access or manage the Platform, except solely to the extent as may be specifically enabled and authorized by the Company through the API and API Documentation.

2.5 Customer’s Certification of Legal Compliance.

2.6 Suspension/Termination. Without limiting the generality of Section 6.2, Company may suspend, limit or terminate Customer’s access to or use of the Platform and/or terminate this Agreement at any time if: (i) Customer does not timely pay all Fees due hereunder; (ii) in the sole discretion of Company, such action is necessary to prevent material errors or harm to any system or network, or to limit Company’s liability; or (iii) Customer attempts to access or use the Platform in an unauthorized manner, including without limitation any attempt to gain access to data or information relating to any other customers of the Platform or any use that violates any Law.

2.7 Accounts. Customer is responsible for the activities of any and all persons accessing the Platform using any username and password issued to Customer. Customer shall use, and shall instruct its Customers to use, all reasonable means to secure usernames and passwords, and shall promptly notify Company if it suspects that any username and password has been compromised.

2.8 Support. Provided that Customer timely pays all Fees due hereunder, Company shall provide during the Term reasonable technical support to Customer regarding the use of the Platform during Company’s normal business hours via e-mail sent to Company shall use commercially reasonable efforts to ensure the ongoing availability of the Platform, Company makes no representation, warranty or guarantee regarding the continuous availability or performance of the Platform. Customer acknowledges that the Platform may be unavailable for use from time to time without notice to Customer.


3.3 Applicant Data. Customer acknowledges and agrees that Company has no obligation to monitor or edit the Applicant Data, and that as between the parties Customer is solely responsible for the completeness and accuracy thereof. Company shall (itself and through its third party service providers) use Applicant Data provided to the Platform hereunder for purposes of conducting Background Checks and producing Reports for Customer. Customer acknowledges that: (i) the Platform uses the Internet for data transfer and Internet-connected servers to store Applicant Data; (ii) while Company uses commercially reasonable security measures with respect to such servers, no security measures are 100% effective, and (iii) that Internet communications have inherent insecurities. As such, Company cannot make any representation or warranty that the security of the Applicant Data will not be compromised.

3.4 Usage Data. As between the parties, Company shall own all right, title and interest in and to all data collected by Company in connection with the operation of the Platform and Customer’s use thereof (“Usage Data”). Usage Data may include, by way of example and not limitation, when and how often Customers use the Platform and which Platform features are used the most often. Usage Data does not include Applicant Data. Company will not disclose Usage Data to any third party in a manner that identifies Customer or any Customer without Customer’s consent other than (i) disclosure to the Company’s third party service providers who use it for the benefit of Company and subject to reasonable confidentiality terms; or (ii) as may be required by law or legal process.


4.3 Fees. Customer shall pay Company the Fees for Customer’s use of the Platform and procurement of Reports in accordance with the Platform Pricing Plan. 4.4 Payment Terms. Company shall invoice Customer for Fees on a calendar monthly basis, with each invoice provided on or after the end of each month and covering Fees accruing during such month. Customer agrees to pay each invoice within thirty (30) days of the invoice date. All payments will be made in U.S. dollars. Any amounts due to Company under this Agreement not received by the date due will be subject to a late fee of 1.5% per month, or the maximum charge permitted by law, whichever is less. Customer shall pay the amounts due under each invoice without deducting any taxes that may be applicable to such payments. Customer is responsible for paying any and all withholding, sales, value added or other taxes, duties or charges applicable to this Agreement, other than taxes based on Company’s income.


As between the parties, Company owns all right, title and interest (including all Intellectual Property Rights) in and to the Platform (including without limitation all underlying source code, algorithms and models) and any software, technology, materials and information owned by Company prior to the Effective Date or created, authored, developed, made, conceived or reduced to practice by Company after the Effective Date. Nothing herein shall be construed to transfer any rights, title or ownership of the Platform or any Company software, technology, materials, information or Intellectual Property Rights to Customer. Customer is not required to provide any ideas, feedback or suggestions regarding any of Company’s products or services (” Feedback”) to Company. To the extent Customer does provide any Feedback to Company, Customer agrees to assign and hereby does assign all right, title and interest in and to such Feedback to Company and acknowledges that Company may freely use, reproduce, modify, distribute, make, have made, sell, offer for sale, import and otherwise exploit in any manner such Feedback without payment of any royalties or other compensation to Customer.


6.1 Term. This Agreement shall be effective as of the Effective Date, and shall continue in full force and effect for the Initial Term. At the end of the Term, this Agreement shall automatically renew for successive periods of one year each unless either party gives the other party written notice of non-renewal at least thirty (30) days prior to the renewal date (such renewal periods and the Initial Term, collectively the “Term”). The Fees due hereunder shall automatically adjust for each renewal period in accordance with Company’s then-standard price list for the Platform at the time of the renewal.

6.2 Termination.

(a) Either party may terminate this Agreement effective immediately if the other party is in material breach of any obligation, representation or warranty hereunder and fails to cure such material breach (if capable of cure) within thirty (30) days (or ten (10) days in the event of breach of payment obligations) after receiving written notice of the breach from the non-breaching party.

(b) Either party may terminate this Agreement immediately upon written notice at any time if: (i) the other party files a petition for bankruptcy or is adjudicated as bankrupt; (ii) a petition in bankruptcy is filed against the other party and such petition is not removed or resolved within sixty (60) calendar days; (iii) the other party makes an assignment for the benefit of its creditors or an arrangement for its creditors pursuant to bankruptcy law; (iv) the other party discontinues its business; (v) a receiver is appointed over all or substantially all of the other party’s assets or business; or (vi) the other party is dissolved or liquidated.

6.3 Effect of Termination. All rights and obligations of the parties hereunder shall terminate upon expiration or termination of this Agreement, provided that Sections 1, 2.3, 2.4, 2.6, 3, 4 (with respect to accrued but unpaid amounts hereunder), 5, 6.3, 7, 8, 9, 10 and 11 shall survive expiration or termination of this Agreement.


7.1 Mutual. Each party represents and warrants to the other party that: (i) it has the full power and authority to enter into this Agreement; and (ii) this Agreement constitutes a legal, valid and binding obligation when executed and delivered.

7.2 Disclaimer. Customer understands that Company obtains the information reported in its Reports from various third party sources “AS IS”, and therefore is providing the information to Customer “AS IS”. Company makes no representation or warranty whatsoever, express or implied, including but not limited to, implied warranties of merchantability or fitness for particular purpose, or implied warranties arising from the course of dealing or a course of performance with respect to the accuracy, validity, or completeness of any Reports that the Reports will meet Customer’s needs, or will be provided on an uninterrupted basis; Company expressly disclaims any and all such representations and warranties. EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, COMPANY MAKES NO WARRANTIES, EXPRESS OR IMPLIED, WITH RESPECT TO THE SUBJECT MATTER OF THIS AGREEMENT, AND COMPANY EXPRESSLY DISCLAIMS THE IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR A PARTICULAR PURPOSE AND IMPLIED WARRANTIES ARISING FROM COURSE OF DEALING OR PERFORMANCE. Company and ITS SUPPLIERS, LICENSORS, PARTNERS AND SERVICE PROVIDERS DO NOT WARRANT THAT THE FUNCTIONALITY PROVIDED BY THE PLATFORM WILL BE CORRECT, UNINTERRUPTED OR ERROR-FREE OR THAT DEFECTS WILL BE CORRECTED. Company DOES NOT WARRANT THE RESULTS OF USE OF THE PLATFORM.


Customer agrees to, at its own expense, defend, indemnify and hold harmless Company and its directors, officers and employees from and against any liabilities, damages, losses, judgments, costs, expenses (including reasonable attorneys’ fees), claims, actions, demands and suits arising out of or relating to any actual or alleged: (i) breach by Customer of any covenant, representation or warranty of this Agreement; or (ii) violation of any Law.


Each party shall keep confidential all information and materials provided or made available by the other party that is marked as confidential or proprietary or (for orally disclosed information) is identified as confidential or proprietary at the time of disclosure and confirmed in writing (including e-mail) as such within fifteen (15) days of the disclosure (“Confidential Information”). The features, functionality and content of the Platform, the API Documentation and any other Platform documentation, and any information regarding planned modifications or updates to the Platform or other Company products and services constitutes Confidential Information of Company. Each party shall keep and instruct its employees and agents to keep Confidential Information confidential by using at least the same care and discretion as used with that party’s own confidential information, but in no case less than a prudent and reasonable standard of care. Neither party shall disclose Confidential Information to any third party except as expressly authorized by the disclosing party. Neither party shall use Confidential Information other than for purposes of performing its obligations hereunder or as expressly authorized by the disclosing party. Information or materials shall not constitute Confidential Information if it is: (i) in the public domain through no fault of the receiving party, (ii) known to the receiving party prior to the time of disclosure by the disclosing party, (iii) lawfully and rightfully disclosed to the receiving party by a third party on a non-confidential basis, (iv) developed by the receiving party without reference to Confidential Information or (v) required to be disclosed by law or legal process, provided that the receiving party promptly provide notice to the disclosing party of such request or requirement so the disclosing party may seek appropriate protective orders. If any party, its employees or agents breaches or threatens to breach the obligations of this Section 9, the affected party may seek injunctive relief from a court of competent jurisdiction, in addition to its other remedies, as the inadequacy of monetary damages and irreparable harm are acknowledged.




11.1 Relationship of the Parties. The parties are independent contractors with respect to each other. This Agreement does not constitute and shall not be construed as constituting a partnership or joint venture among the parties hereto, or an employee-employer relationship. Neither party shall represent to third parties that it is the employer, employee, principal, agent, joint venturer or partner with, or representative of the other party and no party shall have any right to obligate or bind any other party in any manner whatsoever.

11.2 Third Party Beneficiaries. Nothing herein shall give, or is intended to give, any rights of any kind to any third parties.

11.3 Assignment. Customer may not assign any of its rights or obligations under this Agreement without the prior written consent of Company. Any merger (by operation of law or otherwise), consolidation, reorganization, change in control or sale of all or substantially all of the assets of Customer or similar transaction shall be deemed to constitute an attempted assignment of this Agreement. Company may freely assign this Agreement. Subject to the foregoing, this Agreement inures to the benefit of and shall be binding on the parties’ permitted assignees, transferees and successors.

11.4 Force Majeure. Company will not be responsible for any failure or delay in its performance under this Agreement due to causes beyond its reasonable control, including, but not limited to, labor disputes, strikes, lockouts, internet or telecommunications failures, shortages of or inability to obtain labor, energy, or supplies, war, terrorism, riot, acts of God or governmental action, acts by hackers or other malicious third parties and problems with the Internet generally, and such performance shall be excused to the extent that it is prevented or delayed by reason of any of the foregoing.

11.5 Notices. All notices under the terms of this Agreement shall be given in writing and sent by registered or certified mail, with postage prepaid and return receipt requested, to (with respect to Company) the Company address noted in the preamble of this Agreement and (with respect to Customer) to Customer’s address set forth in the Registration Form. Notices shall be sent to the attention of the “Legal Department” of each party. All notices shall be presumed to have been given three business days following deposit in the mail as set forth in the foregoing.

11.6 Amendments. An amendment of this Agreement shall be binding upon the parties so long as it is in writing and executed by both parties or is presented by Company electronically through the Platform and accepted in “click-to-agree” form by Customer. No regular practice or method of dealing between the parties shall modify, interpret, supplement or alter in any manner the express terms of this Agreement.

11.7 Construction. Section headings are for reference purposes only, and should not be used in the interpretation hereof.

11.8 Severability; Wavier; Counterparts. If any provision, or portion thereof, of this Agreement is determined by a court of competent jurisdiction to be invalid, illegal or unenforceable, such determination will not impair or affect the validity, legality, or enforceability of the remaining provisions of this Agreement, and each provision, or portion thereof, is hereby declared to be separate, severable, and distinct. A waiver of any provision of this Agreement will only be valid if provided in writing and will only be applicable to the specific incident and occurrence so waived. The failure by either party to insist upon the strict performance of this Agreement, or to exercise any term hereof, will not act as a waiver of any right, promise or term, which will continue in full force and effect.

11.9 Governing Law; Jurisdiction. This Agreement shall be governed by, and construed in accordance with, the laws of the State of California, without reference to conflicts of laws principles. The parties agree that the state and federal courts in Sacramento, California will have exclusive jurisdiction and venue under this Agreement, and the parties hereby agree to submit to such jurisdiction exclusively.

11.10 Entire Agreement. This Agreement, inclusive of the Registration Form, constitutes the complete, final and exclusive agreement between the parties with respect to the subject matter hereof, and supersedes any and all prior or contemporaneous oral or written representations, understandings, agreements or communications between them concerning the subject matter hereof. Neither party is relying upon any warranties, representations, assurances or inducements not expressly set forth herein.



Para información en español, visite o escribe al Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.

A Summary of Your Rights Under the Fair Credit Reporting Act

The federal Fair Credit Reporting Act (FCRA) promotes the accuracy, fairness, and privacy of information in the files of consumer reporting agencies. There are many types of consumer reporting agencies, including credit bureaus and specialty agencies (such as agencies that sell information about check writing histories, medical records, and rental history records). Here is a summary of your major rights under the FCRA. For more information, including information about additional rights, go to or write to: Consumer Financial Protection Bureau, 1700 G Street N.W., Washington, DC 20552.

Type of Business Contact
1.a. Banks, savings associations, and credit unions with total assets of over $10 billion and their affiliates b. Such affiliates that are not banks, savings associations, or credit unions also should list, in addition to the CFPB: a. Consumer Financial Protection Bureau 1700 G. Street N.W.Washington, DC 20552b. Federal Trade Commission: Consumer Response Center - FCRA
2. To the extent not included in item 1 above: a. National banks, federal savings associations, and federal branches and federal agencies of foreign banks b. State member banks, branches and agencies of foreign banks (other than federal branches, federal agencies, and Insured State Branches of Foreign Banks), commercial lending companies owned or controlled by foreign banks, and organizations operating under section 25 or 25A of the Federal Reserve Act c. Nonmember Insured Banks, Insured State Branches of Foreign Banks, and insured state savings associations d. Federal Credit Unions a. Office of the Comptroller of the Currency Customer Assistance Group 1301 McKinney Street, Suite 3450 Houston, TX 77010-9050b. Federal Reserve Consumer Help Center P.O. Box. 1200 Minneapolis, MN 55480c. FDIC Consumer Response Center 1100 Walnut Street, Box #11 Kansas City, MO 64106d. National Credit Union Administration Office of Consumer Protection (OCP) Division of Consumer Compliance and Outreach (DCCO)1775 Duke Street Alexandria, VA 22314
3. Air Carriers Asst. General Counsel for Aviation Enforcement & Proceedings Aviation Consumer Protection Division Department of Transportation1200 New Jersey Avenue, S.E. Washington, DC 20423
4. Creditors Subject to the Surface Transportation Board Office of Proceedings, Surface Transportation Board Department of Transportation 395 E Street, S.W.Washington, DC 20423
5. Creditors Subject to the Packers and Stockyards Act, 1921 Nearest Packers and Stockyards Administration area supervisor
6. Small Business Investment Companies Associate Deputy Administrator for Capital Access United States Small Business Administration 409 Third Street, S.W., 8th Floor Washington, DC 20549
7. Brokers and Dealers Securities and Exchange Commission 100 F Street, N.E. Washington, DC 20549
8. Federal Land Banks, Federal Land Bank Associations, Federal Intermediate Credit Banks, and Production Credit Associations Farm Credit Administration 1501 Farm Credit Drive McLean, VA 22102-5090
9. Retailers, Finance Companies, and All Other Creditors Not Listed Above FTC Regional Office for region in which the creditor operates or Federal Trade Commission: Consumer Response Center - FCRA Washington, DC 20580 (877) 382-4357



Para informacion en espanol, visite o escribe a la FTC, Consumer Response Center, Room 130-B, 600 Pennsylvania Avenue, N.W. Washington, D.C., 20580.


You are receiving this information because you have notified a consumer reporting agency that you believe that you are a victim of identity theft. Identity theft occurs when someone uses your name, Social Security number, date of birth, or other identifying information, without authority, to commit fraud. For example, someone may have committed identity theft by using your personal information to open a credit card account or get a loan in your name. For more information, or write to: FTC, Consumer Response Center, Room 130-B, 600 Pennsylvania Avenue, N.W. Washington, D.C., 20580.

The Fair Credit Reporting Act (FCRA) gives you specific rights when you are, or believe that you are, the victim of identity theft. Here is a brief summary of the rights designed to help you recover from identity theft.

You have the right to ask that nationwide consumer reporting agencies place “fraud alerts” in your file to let potential creditors and others know that you may be a victim of identity theft. A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. It also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide consumer reporting agencies. As soon as that agency processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file.

Equifax: 1-800-525-6285;

Experian: 1-888-EXPERIAN (397-3742);

TransUnion: 1-800-680-7289;

An initial fraud alert stays in your file for at least 90 days. An extended alert stays in your file for seven years. To place either of these alerts, a consumer reporting agency will require you to provide appropriate proof of your identity, which may include your Social Security number. If you ask for an extended alert, you will have to provide an identity theft report. An identity theft report includes a copy of a report you have filed with a federal, state, or local law enforcement agency, and additional information a consumer reporting agency may require you to submit. For more detailed information about the identity theft report, visit

You have the right to free copies of the information in your file (your “file disclosure”). An initial fraud alert entitles you to a copy of all the information in your file at each of the three nationwide agencies, and an extended alert entitles you to two free file disclosures in a 12-month period following the placing of the alert. These additional disclosures may help you detect signs of fraud, for example, whether fraudulent accounts have been opened in your name or whether someone has reported a change in your address. Once a year, you also have the right to a free copy of the information in your file at any consumer reporting agency, if you believe it has inaccurate information due to fraud, such as identity theft. You also have the ability to obtain additional free file disclosures under other provisions of the FCRA. See

3.You have the right to obtain documents relating to fraudulent transactions made or accounts opened using your personal information.

A creditor or other business must give you copies of applications and other business records relating to transactions and accounts that resulted from the theft of your identity, if you ask for them in writing. A business may ask you for proof of your identity, a police report, and an affidavit before giving you the documents. It also may specify an address for you to send your request. Under certain circumstances, a business can refuse to provide you with these documents. See

4.You have the right to obtain information from a debt collector.

If you ask, a debt collector must provide you with certain information about the debt you believe was incurred in your name by an identity thief - like the name of the creditor and the amount of the debt.

If you believe information in your file results from identity theft, you have the right to ask that a consumer reporting agency block that information from your file. An identity thief may run up bills in your name and not pay them. Information about the unpaid bills may appear on your consumer report. Should you decide to ask a consumer reporting agency to block the reporting of this information, you must identify the information to block, and provide the consumer reporting agency with proof of your identity and a copy of your identity theft report. The consumer reporting agency can refuse or cancel your request for a block if, for example, you don’t provide the necessary documentation, or where the block results from an error or a material misrepresentation of fact made by you. If the agency declines or rescinds the block, it must notify you. Once a debt resulting from identity theft has been blocked, a person or business with notice of the block may not sell, transfer, or place the debt for collection.

You also may prevent businesses from reporting information about you to consumer reporting agencies if you believe the information is a result of identity theft. To do so, you must send your request to the address specified by the business that reports the information to the consumer reporting agency. The business will expect you to identify what information you do not want reported and to provide an identity theft report. To learn more about identity theft and how to deal with its consequences, visit, or write to the FTC. You may have additional rights under state law. For more information, contact your local consumer protection agency or your state attorney general.

In addition to the new rights and procedures to help consumers deal with the effects of identity theft, the FCRA has many other important consumer protections. They are described in more detail at




The Fair Credit Reporting Act (FCRA), 15 U.S.C. §1681-1681y, requires that this notice be provided to inform users of consumer reports of their legal obligations. State law may impose additional requirements. The text of the FCRA is set forth in full at the Bureau of Consumer Financial Protection’s website at At the end of this document is a list of United States Code citations for the FCRA. Other information about user duties is also available at the Bureau’s website. Users must consult the relevant provisions of the FCRA for details about their obligations under the FCRA.

The first section of this summary sets forth the responsibilities imposed by the FCRA on all users of consumer reports. The subsequent sections discuss the duties of users of reports that contain specific types of information, or that are used for certain purposes, and the legal consequences of violations. If you are a furnisher of information to a consumer reporting agency (CRA), you have additional obligations and will receive a separate notice from the CRA describing your duties as a furnisher.



Congress has limited the use of consumer reports to protect consumers’ privacy. All users must have a permissible purpose under the FCRA to obtain a consumer report. Section 604 contains a list of the permissible purposes under the law. These are:

In addition, creditors and insurers may obtain certain consumer report information for the purpose of making “prescreened” unsolicited offers of credit or insurance. Section 604(c). The particular obligations of users of “prescreened” information are described in Section VII below.


Section 604(f) prohibits any person from obtaining a consumer report from a consumer reporting agency (CRA) unless the person has certified to the CRA the permissible purpose(s) for which the report is being obtained and certifies that the report will not be used for any other purpose.


The term “adverse action” is defined very broadly by Section 603. “Adverse actions” include all business, credit, and employment actions affecting consumers that can be considered to have a negative impact as defined by Section 603(k) of the FCRA - such as denying or canceling credit or insurance, or denying employment or promotion. No adverse action occurs in a credit transaction where the creditor makes a counteroffer that is accepted by the consumer.

  1. Adverse Actions Based on Information Obtained From a CRA

    If a user takes any type of adverse action as defined by the FCRA that is based at least in part on information contained in a consumer report, Section 615(a) requires the user to notify the consumer. The notification may be done in writing, orally, or by electronic means. It must include the following:

  1. Adverse Actions Based on Information Obtained From Third Parties Who Are Not Consumer Reporting Agencies If a person denies (or increases the charge for) credit for personal, family, or household purposes based either wholly or partly upon information from a person other than a CRA, and the information is the type of consumer information covered by the FCRA, Section 615(b)(1) requires that the user clearly and accurately disclose to the consumer his or her right to be told the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification. The user must provide the disclosure within a reasonable period of time following the consumer’s written request.

  2. Adverse Actions Based on Information Obtained From Affiliates

    If a person takes an adverse action involving insurance, employment, or a credit transaction initiated by the consumer, based on information of the type covered by the FCRA, and this information was obtained from an entity affiliated with the user of the information by common ownership or control, Section 615(b)(2) requires the user to notify the consumer of the adverse action. The notice must inform the consumer that he or she may obtain a disclosure of the nature of the information relied upon by making a written request within 60 days of receiving the adverse action notice. If the consumer makes such a request, the user must disclose the nature of the information not later than 30 days after receiving the request. If consumer report information is shared among affiliates and then used for an adverse action, the user must make an adverse action disclosure as set forth in I.C.1 above.


When a consumer has placed a fraud alert, including one relating to identify theft, or an active duty military alert with a nationwide consumer reporting agency as defined in Section 603(p) and resellers, Section 605A(h) imposes limitations on users of reports obtained from the consumer reporting agency in certain circumstances, including the establishment of a new credit plan and the issuance of additional credit cards. For initial fraud alerts and active duty alerts, the user must have reasonable policies and procedures in place to form a belief that the user knows the identity of the applicant or contact the consumer at a telephone number specified by the consumer; in the case of extended fraud alerts, the user must contact the consumer in accordance with the contact information provided in the consumer’s alert.


Section 605(h) requires nationwide CRAs, as defined in Section 603(p), to notify users that request reports when the address for a consumer provided by the user in requesting the report is substantially different from the addresses in the consumer’s file. When this occurs, users must comply with regulations specifying the procedures to be followed, which will be issued by the Consumer Financial Protection Bureau and the banking and credit union regulators. The Consumer Financial Protection Bureau regulations will be available at


Section 628 requires that all users of consumer report information have in place procedures to properly dispose of records containing this information. The Consumer Financial Protection Bureau, the Securities and Exchange Commission, and the banking and credit union regulators have issued regulations covering disposal. The Consumer Financial Protection Bureau regulations may be found at

II. CREDITORS MUST MAKE ADDITIONAL DISCLOSURES If a person uses a consumer report in connection with an application for, or a grant, extension, or provision of, credit to a consumer on material terms that are materially less favorable than the most favorable terms available to a substantial proportion of consumers from or through that person, based in whole or in part on a consumer report, the person must provide a risk-based pricing notice to the consumer in accordance with regulations prescribed by the Consumer Financial Protection Bureau.

Section 609(g) requires a disclosure by all persons that make or arrange loans secured by residential real property (one to four units) and that use credit scores. These persons must provide credit scores and other information about credit scores to applicants, including the disclosure set forth in Section 609(g)(1)(D) (“Notice to the Home Loan Applicant”).



If the information from a CRA is used for employment purposes, the user has specific duties, which are set forth in Section 604(b) of the FCRA. The user must:

An adverse action notice also is required in employment situations if credit information (other than transactions and experience data) obtained from an affiliate is used to deny employment. Section 615(b)(2). The procedures for investigative consumer reports and employee misconduct investigations are set forth below.


Special rules apply for truck drivers where the only interaction between the consumer and the potential employer is by mail, telephone, or computer. In this case, the consumer may provide consent orally or electronically, and an adverse action may be made orally, in writing, or electronically. The consumer may obtain a copy of any report relied upon by the trucking company by contacting the company.


Investigative consumer reports are a special type of consumer report in which information about a consumer’s character, general reputation, personal characteristics, and mode of living is obtained through personal interviews by an entity or person that is a consumer reporting agency. Consumers who are the subjects of such reports are given special rights under the FCRA. If a user intends to obtain an investigative consumer report, Section 606 requires the following:


Section 603(y) provides special procedures for investigations of suspected misconduct by an employee or for compliance with Federal, state or local laws and regulations or the rules of a self-regulatory organization, and compliance with written policies of the employer. These investigations are not treated as consumer reports so long as the employer or its agent complies with the procedures set forth in Section 603(y), and a summary describing the nature and scope of the inquiry is made to the employee if an adverse action is taken based on the investigation.


Section 604(g) limits the use of medical information obtained from consumer reporting agencies (other than payment information that appears in a coded form that does not identify the medical provider). If the information is to be used for an insurance transaction, the consumer must give consent to the user of the report or the information must be coded. If the report is to be used for employment purposes - or in connection with a credit transaction (except as provided in regulations issued by the banking and credit union regulators) - the consumer must provide specific written consent and the medical information must be relevant. Any user who receives medical information shall not disclose the information to any other person (except where necessary to carry out the purpose for which the information was disclosed, or a permitted by statute, regulation, or order).


The FCRA permits creditors and insurers to obtain limited consumer report information for use in connection with unsolicited offers of credit or insurance under certain circumstances. Sections 603(1), 604(c), 604(e), and 614(d). This practice is known as “prescreening” and typically involves obtaining a list of consumers from a CRA who meet certain pre-established criteria. If any person intends to use prescreened lists, that person must (1) before the offer is made, establish the criteria that will be relied upon to make the offer and grant credit or insurance, and (2) maintain such criteria on file for a three-year period beginning on the date on which the offer is made to each consumer. In addition, any user must provide with each written solicitation a clear and conspicuous statement that:

In addition, the Consumer Financial Protection Bureau has established the format, type size, and manner of the disclosure required by Section 615(d), with which users must comply. The regulation is 12 CFR 1022.54.



Section 607(e) requires any person who obtains a consumer report for resale to take the following steps:


Under Section 611(f), if a consumer disputes the accuracy or completeness of information in a report prepared by a reseller, the reseller must determine whether this is a result of an action or omission on its part and, if so, correct or delete the information. If not, the reseller must send the dispute to the source CRA for reinvestigation. When any CRA notifies the reseller of the results of an investigation, the reseller must immediately convey the information to the consumer.


Section 605A(f) requires resellers who receive fraud alerts or active duty alerts from another consumer reporting agency to include these in their reports.


Failure to comply with the FCRA can result in state government or federal government enforcement actions, as well as private lawsuits. Sections 616, 617, and 621. In addition, any person who knowingly and willfully obtains a consumer report under false pretenses may face criminal prosecution. Section 619.

The Consumer Financial Protection Bureau website,, has more information about the FCRA.

Citations for FCRA sections in the U.S. Code, 15 U.S.C. § 1618 et seq.: Section | Code ——- | —- Section 603 | 15 U.S.C. 1681 Section 604 | 15 U.S.C. 1681a Section 605 | 15 U.S.C. 1681b Section 605A | 15 U.S.C. 1681c Section 605B | 15 U.S.C. 1681c-1 Section 606 | 15 U.S.C. 1681c-2 Section 607 | 15 U.S.C. 1681d Section 608 | 15 U.S.C. 1681e Section 609 | 15 U.S.C. 1681f Section 610 | 15 U.S.C. 1681g Section 611 | 15 U.S.C. 1681h Section 612 | 15 U.S.C. 1681i Section 613 | 15 U.S.C. 1681j Section 614 | 15 U.S.C. 1681k Section 615 | 15 U.S.C. 1681l Section 616 | 15 U.S.C. 1681m Section 617 | 15 U.S.C. 1681n Section 618 | 15 U.S.C. 1681o Section 619 | 15 U.S.C. 1681p Section 620 | 15 U.S.C. 1681q Section 621 | 15 U.S.C. 1681r Section 622 | 15 U.S.C. 1681s Section 623 | 15 U.S.C. 1681s-1 Section 624 | 15 U.S.C. 1681s-2 Section 625 | 15 U.S.C. 1681t Section 626 | 15 U.S.C. 1681u Section 627 | 15 U.S.C. 1681v Section 628 | 15 U.S.C. 1681w Section 629 | 15 U.S.C. 1681x Section 629 | 15 U.S.C. 1681y


Access Security Requirements

The parties acknowledge they must work together to protect the privacy of consumers. The following measures are designed to reduce unauthorized access of consumer reports. In accessing consumer information, Customer agrees to the following:

  1. Customer and all of its personnel will take reasonable procedures to protect its account number and password so that only key personnel employed by your company know this sensitive information, including not posting this information anywhere in the facility. Customer agrees to change account passwords immediately if a person who knows the password leaves its company or no longer needs to have access due to a change in duties.

  2. Customer agrees it will not discuss its account number or password by telephone with any unknown caller, even if the caller claims to be an employee of Company

  3. Customer will restrict the ability to obtain consumer information to a few key personnel.

  4. Customer agrees to place all terminal devices used to obtain consumer information in a secure location within its facility so that unauthorized persons cannot easily access them.

  5. Customer agrees it will turn off and lock all devices or systems used to obtain consumer information.

  6. Customer will secure hard copies and electronic files of consumer reports within its facility so that unauthorized persons cannot easily access them.

  7. Customer agrees to shred and/or destroy all hard copy consumer reports when they are no longer needed and erase and overwrite or scramble electronic files containing consumer information when no longer needed and when applicable regulation(s) permit destruction.


Documents Required Before Requesting Credit Report Information