Data Retention Policy

Last Modified: Jun 8, 2022

As a consumer reporting agency governed by the Fair Credit Reporting Act (“FCRA”) and other applicable state and federal laws, Ferretly is committed to protecting the information it receives and stores.

This policy summarizes the manner in which Ferretly stores and disposes of “Personally Identifiable Information,” including but not limited to background screening reports.

All “Personally Identifiable Information” collected by Ferretly will be stored and disposed of in full compliance with applicable laws.

Personally Identifiable Information Collected

Ferretly may collect “Personally Identifiable Information” about an individual in connection with a background check authorized by him or her. “Personally Identifiable Information” that Ferretly may collect may include, but is not limited to: name, address, email address, phone number, date of birth, birthplace, driver’s license number, social security number, employer, employment details, and social media postings and history.

With Whom Ferretly Shares Personally Identifiable Information

Ferretly does not disclose “Personally Identifiable Information” to third parties, except in accordance with applicable laws. Typically, Ferretly only discloses “Personally Identifiable Information” regarding the subject of a background check to a third-party in the following situations:

  • To a consumer reporting agency that has certified its compliance with applicable law and satisfied all requirements for receiving such information.
  • To an employer or prospective employer which has been authorized in writing by the consumer to receive information about him or her for employment purposes.
  • To a volunteer organization which has been authorized in writing by the consumer to receive information about him or her for purposes of determining whether he/she will be eligible for certain volunteer opportunities.
  • As otherwise required by law.​​

End-users (e.g., employers and prospective employers) may only obtain information from Ferretly after they have certified a legal permissible purpose for receiving such information.

Ferretly does not resell any data provided to it in connection with a background check for marketing purposes under any circumstances.

Security Of Information

Ferretly abides by all applicable state and federal laws pertaining to the security of data supplied to it or collected by it. Ferretly will use industry-standard physical, technical, and administrative security measures and safeguards to protect the confidentiality and security of “Personally Identifiable Information.” For example, Ferretly will employ mechanisms to help maintain a secure network, encrypt back-up data, and establish limits on employee access to information.

Disposal of Information

As a general rule, Ferretly will only retain background screening reports (and any related “Personally Identifiable Information”, investigative notes, or other materials) for a two-year period following the report’s creation.

Once a report is destroyed, all known related information will simultaneously be destroyed by Ferretly. When data is ready to be destroyed or disposed of, Ferretly will follow all applicable laws and regulations and take measures to ensure that all such records and data are fully destroyed and unrecoverable.

Changes To Data Retention Policy

Ferretly’s Data Retention Policy may change from time to time. Ferretly will make available a copy of its then-applicable data retention policy to a client or consumer upon request. Ferretly will also keep prior versions of this policy in an archive for review.

Contact Us

If you have any questions or suggestions about our Data Retention Policy, do not hesitate to contact us at