OmniTrace Privacy Notice
Effective Date: August 16, 2018
OmniTrace Corp. has always been committed to maintaining the accuracy, confidentiality, and security of your personal and corporate information.
We have established this Privacy Notice to govern our use of client information, and it is also intended to comply with the European Union’s (EU) General Data Protection Regulation (GDPR). This Privacy Notice applies to personal data that OmniTrace collects or processes about an individual (Data Subject) while the Data Subject is located in the EU, regardless of whether the Data Subject is a citizen or permanent resident of an EU country. “Personal Data” means any information relating to an identified or identifiable Data Subject. A “Data Controller” controls the procedures and purpose of data usage.
We encourage you to read this Privacy Notice carefully when using our website or services or transacting business with us. By using our websites or any of our applications, you are accepting the practices described in this Privacy Notice. We encourage you to contact us at firstname.lastname@example.org, if you have any questions.
This Privacy Notice applies to all services provided by OmniTrace including but not limited to global and domestic people search services, adoption reunion searches, clinical trial support services, background investigations, genealogical research, probate research and missing heir identification.
This Privacy Notice covers the following websites:
Who we are?
6231 PGA Boulevard
Palm Beach Gardens, FL 33418
Data Protection Representative: David Betz
What information do we collect and how do we use it?
OmniTrace does not market or promote services online in the EU. If you complete our online form, or send us an email to request information about our services then we may collect and use personal data about you but only that information that you willingly supply such as:
This information will only be utilized for standard business related purposes and will not otherwise be utilized, transferred or disclosed to third parties.
Relating to OmniTrace’s clinical trial support services, any information regarding EU Data Subjects participating in clinical trials received by OmniTrace is obtained via the Data Controller and only when the EU Data Subject has consented through an Informed Consent Document (ICD). Information on Data Subjects is not stored in any databases and is not used for any purpose other than that stated in the ICD. No information is stored on local systems and all data transfer is done via secure third party transfer in accordance with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. Physical information is only maintained for the specified amount of time and is destroyed upon completion of services and/or as requested by the Data Controller.
Information that may be received via the Data Controller includes, but may not be limited to, the following:
Date of Birth
Emergency Contact Information
No sensitive Personal Data is collected regarding any EU Data Subject. Sensitive data includes race or ethnic origin, political opinions, religious beliefs, trade union memberships, mental health, physical health, sexual life, commission of any offense, commission of any alleged offense and genetic information.
If you complete an online form, or send us an email to request information about our services (e.g. global and domestic people search services, adoption reunion searches, clinical trial support services, background investigations, genealogical research, probate research and missing heir identification), then we may collect and use Personal Data about you but only that information that you willingly supply such as:
Such information is willingly provided by you and is used by us for our legitimate business interests, registering you for any services you have requested and responding to any queries or requests.
What legal basis do we have for processing your Personal Data?
If you contact OmniTrace by completing our online form on our website or request OmniTrace’s assistance via other means, OmniTrace will process your Personal Data to the extent it is necessary for the purpose of our legitimate interests to fulfil your request and communicate with you.
If we received your EU Personal Data via a Data Controller, OmniTrace will process your Personal Data solely for the purpose as described in the Informed Consent Documents and only as you have consented.
When do we share Personal Data?
OmniTrace may share Personal Data with our contracted vendors and service providers necessary to carry out services provided. Such vendors and service providers comprise companies located in the countries in which we provide services. Personal Data shared is done via OmniTrace standard operating procedures utilizing industry accepted processes including secure portal transfer and storage.
Where do we store, secure and process Personal Data?
As related to global and domestic people search services, adoption reunion searches, background investigations, genealogical research, probate research and missing heir identification services, Personal Data received directly from you via our websites or other acceptable means is stored electronically on OmniTrace devices utilizing industry standard security including anti-viral and firewall protection and as required by OmniTrace data security policies.
As related to clinical trial services, Personal Data received via a Data Controller is not stored electronically. Clinical trial related Personal Data is securely maintained in hard copy format. To the extent OmniTrace utilizes third party vendors and service providers to process Personal Data, third party vendors and service providers are contractually obligated to maintain Personal Data as directed by OmniTrace and in compliance with local data privacy legislation. OmniTrace receives Personal Data from the European Economic Area but does not transfer data outside the European Economic Area.
OmniTrace maintains a Privacy and Data Security Policy, Acceptable Use Policy, Risk-Assessment Programs, Clean Desk Clear Screen Policy, Business Continuity Plans, Issue Escalation Policies, Vendor Review programs and other related policies and procedures that address and assure the adequate security of your Personal Data.
How long do we keep your Personal Data for?
Personal Data collected directly from you for services related to global and domestic people search services, adoption reunion searches, background investigations, genealogical research, probate research and missing heir identification services is maintained for a period of two years as required by local law.
Personal Data collected for clinical trial support services via Data Controller is maintained for a period of time as required by contract and/or as agreed to with the Data Controller.
Personal Data is destroyed utilizing accredited third party document destruction services.
What are your rights in relation to Personal Data?
You have rights regarding your Personal Data, subject to local data protection laws. You have the right to:
- access Personal Data we maintain
- ensure its accuracy
- erase or delete your Personal Data as legally permitted (right to be forgotten)
- withdrawal of consent (if processing data on condition of consent)
- restrict processing of your Personal Data
If the processing of Personal Data is done under EU Law/GDPR you may lodge a complaint with the Information Commissioner’s Office.
When will changes to this Privacy Notice occur?
We may update this Privacy Notice from time to time to reflect changes in our policies, practices and procedures. If changes are made we will reflect this by updating the effective date of this Privacy Notice.
How to contact us?
If you have any questions about this Privacy Notice or our policies and procedures you may contact us in writing at:
6231 PGA Boulevard
Palm Beach Gardens, FL 33418
Attention: Data Privacy Representative
Back to OmniTrace Lost To Follow-Up