Firstsource Group USA, Inc. Privacy Notice for California Residents

Firstsource Group USA, Inc. and its direct and indirect subsidiaries (including, without limitation, Firstsource Solutions USA, LLC, Firstsource Transaction Services, LLC, Firstsource Advantage, LLC, Sourcepoint, Inc., and One Advantage, LLC ) (“we,” “our,” or “Firstsource”) respect your privacy and are committed to providing a transparent notice of our Privacy Notice and Disclosure for California Residents. This Privacy Notice and Disclosure for California Residents applies solely to those who reside in the State of California (“consumers” or “you”).

This Privacy Notice for California Residents supplements the information contained in our privacy policy and applies solely to all visitors, users, and others who reside in the State of California (”consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.

Effective Date: January 01, 2020

Last Review Date: January 9, 2020

  • Your “Right to Know” about personal information collected, used, and disclosed including:
    • What categories of personal information we collect from you and the purpose for its collection
    • How we use those categories personal information
    • How we share the personal information you entrust to us
  • Transparency about or our commitment not to sell your data now or in the future
  • Your “Right to Delete” personal information
  • How to submit a verified consumer request for your Right to Know or Right to Delete
  • How to use an authorized agent to submit a verified consumer request
  • Your “Right to Non-Discrimination” for the exercise of a privacy right
  • Changes to our privacy notice
  • Our contact information

Your Right to Know:

You have the right to request that the Company disclose what personal information it collects, uses, discloses, and sells. You can do this through a verified consumer request. That process is described below.

We collect personal information, which means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). The following table includes disclosures of the personal information we collect from consumers and have used in the past 12 months, followed by an explanation of the purposes for which it is collected and used, the categories of sources from which it was collected and categories of third parties with whom we share the personal information.

CategoryExamplesCollectedUsed in the past 12 months
A.IdentifiersA real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.YesYes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).A name, signature, Social Security number, , address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.YesYes
C. Protected classification characteristics under California or federal law.Age (40 years or older), race, color, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), veteran or military status.YesYes
D. Commercial information.Records of personal property or considered.YesYes
E. Biometric information.Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.NoNo
F. Internet or other similar network activity.Cookies, browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.YesYes
G. Geolocation dataPhysical location or movements.NoNo
H. Sensory data.Audio, electronic, visual, thermal, olfactory, or similar information.NoNo
I. Professional or employment-related information.Current or past job history.YesYes
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.NoNo
K. Inferences drawn from other personal information.Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.YesYes

 

Use of Personal Information:

We may use or disclose the personal information we collect for one or more of the following business purposes:

  • For payment for hospital services, such as determining insurance coverage, billing, payment and collection, claims management, and medical data processing to fulfill or meet the reason for which the information is provided. For example, if you provide us with personal information for us to apply for a medical assistance program, we will use that information to apply for such program.
  • For mortgage processing, underwriting or servicing and/or title agency related services on behalf of our clients.
  • In connection with debt collection services provided to our clients.
  • To provide our client with information they request from us.
  • To carry out our contractual obligations for our mortgage industry, financial services, healthcare clients, and other clients.
  • As necessary or appropriate to protect the rights, property or safety of us, our clients or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • Conduct internal research and development or otherwise improve our operations.
  • As otherwise set forth in the CCPA.
  • If you are applying for a job, then in connection with your employment application.
  • Analyzing your engagement with our company (including our website and social media).
  • To perform various internal business functions, such as auditing and activities.
  • To share your information with the Health Insurance Exchange and Health Insurance Marketplace in order to provide options for preparing, completing and updating health coverage applications.
  • If another company acquires, or plans to acquire, our company, business, or our assets, we will share information with that company, including at the negotiation stage.

Please note that Personal Information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information excluded from the CCPA’s scope, like:
  • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (CalFIPA), and the Driver’s Privacy.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without your consent.

How We Obtain Information:

We obtain the categories of information listed above from the following categories of sources:

  • Directly from the individual, our clients, or their agents. For example, from electronic data file transfer that our clients provide to us related to the services for which they engage us.
  • Indirectly from our clients or their agents. For example, through information we collect from our clients in the course of providing services to them.
  • Directly and indirectly from activity on our websites. For example, from submissions through our website portal or website usage details collected automatically. If you fill out a contact us form or other information you provide to us on our website or mobile applications.
  • If you interact with us on social media.
  • From third-parties that interact with us in connection with the services we perform. For example, from government agencies when we are applying for or obtaining an update of medical assistance.
  • From third-parties that we have received information from as supporting documentation for a pending assistance application.
  • From unaffiliated service providers who provide functionality and analytics regarding website and social media usage.

Personal Information Disclosed for Business Purposes:

We may disclose consumers’ personal information to third-parties to perform the following activities

  • Auditing for legal and regulatory compliance
  • Security for detecting security breaches
    • Protecting against fraud and malicious activity
    • Taking action against wrongdoers (e.g. fraudsters and hackers)
  • Debugging
    • Identifying and fixing technical errors
  • Performing services
    • Account maintenance
    • Customer service
    • Processing transactions
  • Internal researchto develop or demonstrate technology
  • Testing or improvementof any service or device “owned, manufactured, manufactured for, or controlled by” Firstsource.
  • To service providers who provide functionality and analytics regarding website and social media usage.
  • Cloud hosting
  • Information technology support

Right to Access:

Consumers have the right to request access to personal information. We have two (2) methods for submitting requests.  Consumers can make this request for free, twice per year.  Requests shall be sent to compliance@na.firstsource.com or by calling 1-800-736-2107 ext 53107.

Upon receiving an access request, we will confirm receipt of the request from the consumer within ten (10) days of the request.  We will provide the necessary information in a portable and easily accessible format, as requested by the consumer in a format feasible to us, within 45 days of the request.  We will respond based on the personal information collected over the previous twelve (12) months.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

At the request of a consumer, we will include:

  • The categories of personal informationwe have collected about the consumer
  • The categories of sourcesof the consumer’s personal information
  • The business or commercial purposefor collecting the consumer’s personal information
  • The categories of any third partieswith whom we share the consumer’s personal information
  • The specific pieces of personal informationcollected about the consumer

Please note that, in responding to your request, we are not permitted to disclose or provide you with your Social Security Number, Driver’s License Number, or other government issued identification number, financial account number, any health insurance or medical identification number, an account password, or security questions and answers.

Right to Deletion:

The consumer has a right to request the deletion of personal information that we hold on the consumer.  This right does not apply where Firstsource or its service provider(s) needs to retain the personal information in order to do any of the following:

  • Provide goods or services to the consumer
  • Detect or resolve issues security or functionality-related issues
  • Comply with the law
  • Conduct research in the public interest
  • Safeguard the right to free speech
  • Carry out any actions for internal purposes that the consumer might reasonably expect

Non-Discrimination:

Firstsource will not discriminate against any consumer for having exercised their rights under the CCPA. In particular, Firstsource will not:

  • Deny the consumer goods or services
  • Denying benefits or impose penalties
  • Provide the consumer with a different level or quality of goods or services to the consumer
  • Threaten the consumer with any of the above

Selling Consumer Information: 

We do not sell consumer information and have not sold consumer information in the past twelve (12) months.

Changes to Our Privacy Notice:

We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact for More Information:

If you have any questions or comments about this notice, the ways in which we collect and use your information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 1-800-736-2107 ext 53107

Website: https://www.firstsource.com/contact/

Email: compliance@na.firstsource.com

Postal Address:

Firstsource
Attn: Privacy Officer
10400 Linn Station Rd, Suite 100
Louisville, KY 40223