Our Commitment to Privacy.

Last updated Jan 20th, 2022

The Kreller Group Family of Companies includes Kreller Business Information Group, Inc. (dba Kreller Group), Kreller Solutions, Inc. (dba Kreller Credit), The Kreller Consulting Group, Inc. and Kreller Smith Brandon, Inc. (dba Smith Brandon International). As a global company which conducts business in the electronic marketplace, we believe that it is our responsibility to set industry‐leading standards in our approach to the protection of Personal Information. Not only do we strive to collect, use and disclose Personal Information in a manner consistent with the laws of the countries in which we do business, but we also aim to uphold the highest ethical standards in our business practices.

We comply with the Fair Credit Reporting Act (FCRA) and all federal, state and country specific legal requirements. As part of our commitment to privacy, Kreller complies with the EU General Protection Regulation (‘GDPR’) in respect of any personal data we process on behalf of our clients who are subject to the GDPR as data controllers. See our GDPR policy below for details.

Privacy Shield Policy

While the legal value of Privacy Shield participation has been invalidated from a GDPR perspective, Kreller continues its participation and maintains our obligations with respect to transfers made under the Privacy Shield Framework. We feel it is an important framework which demonstrates our commitment to protect personal information in accordance with a set of privacy principles that offer meaningful privacy protections and recourse for EU individuals. Kreller also utilizes Standard Contractual Clauses with Data Controllers by request.

Kreller complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, UK and Switzerland to the United States, respectively. Kreller has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. The “Notice, Choice & Accountability for Onward Transfer” section of this Privacy Shield Policy will also apply to California residents who visit our website (See CalOPPA Section below).

Definitions of Terms Used

“Personal Information” means information that is transferred from the EU, UK or Switzerland to the U.S.; is recorded in any form; and pertains to a specific individual or can be used to identify an individual, either directly or indirectly.

“Sensitive Personal Information” means Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions or philosophical beliefs, trade union memberships or information concerning the sex life of the individual.

“Agent” means any third party that uses Personal Information provided by Kreller to perform tasks on behalf of or at the instruction of Kreller and who is bound by a Confidentiality Agreement.

“Processing” of Personal Information means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.

Notice, Choice & Accountability for Onward Transfer

Kreller does not collect Personal Information about individuals through its websites except when such individuals specifically provide such information on a voluntary basis such as through our subscription registration for news or blog updates, a request for samples or Whitepapers, employment submissions via the website or via an email sent to us through our website.

Kreller uses cookies on its websites. A “Cookie” is a small text file created by a website you visit that is stored on your computer either temporarily or permanently. Cookies do not store Personal Information about you, unless you knowingly provide it. Cookies provide a way for the website to recognize you and keep track of your preferences. For example, cookies allow our websites to recognize your browser as a previous visitor, and thus save and remember any preferences that may have been set while you were previously browsing our websites. You have control over the use of cookies. Most Web browsers are set to accept cookies by default. If you prefer, you can choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect your Internet experience, disabling certain functions. You can also erase cookies that are already on your computer. Currently, various browsers offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to websites visited by the user about the user’s browser DNT preference setting. At this time, Kreller does not respond to DNT signals, whether that signal is received on a computer or on a mobile device. It should be noted that if you click on a link to a third party website or service provided on our website, a third party may transmit cookies to you. This Privacy Policy does not cover the use of cookies by any third parties, and we aren’t responsible for their privacy policies and practices. Please be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services, and those third parties may not honor “Do Not Track” requests you have set using your browser or device.

Kreller enters into agreements with client organizations that provide us with individuals’ Personal Information in order for us to provide investigative or business credit services in a manner consistent with and limited to the purpose for which the data subject provided their Personal Information. Kreller is committed to safeguarding our client confidences, including any Personal Information received from or about our clients or from or about their third party business associates, including information which is hosted on KOL (Kreller’s risk management system) and Kreller’s Case Management System. Kreller will not share Personal Information with third parties for purposes other than those in support of Kreller’s business operations and as necessary to facilitate the purpose for which it was provided. Kreller personnel, third party agents and third party administrators are required to treat this information confidentially and to use and disclose it only to provide the services for which Kreller was retained. Accordingly, Kreller has in place written agreements with client organizations using our services, as well as our third party agents and administrators which require, amongst other things, that parties safeguard Personal Information, and abide by all applicable laws.  For our clients who are subject to the GDPR, the agreements will set forth a permissible basis for the onward transfer of Personal Information from the EU, EEA, UK or Switzerland to the United States. Except as set forth in this privacy statement, Kreller does not disclose Personal Information received from its clients to third parties without its clients’ consent. To the extent permitted by Privacy Shield, the FCRA and other applicable laws, Kreller reserves the right to process Personal Information in the course of our internal business operation without the knowledge of the individuals involved. Kreller does not provide Personal Information to third parties for their marketing purposes.  In cases of onward transfer of EU Personal Data, Kreller has the responsibility for the processing of personal data it receives under Privacy Shield and subsequently transfer to a third party acting as an agent on its behalf.  Kreller shall remain liable if the agents we engage to process such personal information do so in a manner inconsistent with the Privacy Shield Principles, unless Kreller proves that it is not responsible for the event giving rise to the damage.

Kreller will offer individuals the opportunity to choose (opt out) whether their Personal Information is (a) to be disclosed to a non-Agent or non-third party administrator or (c) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, we will give individuals the opportunity to affirmatively and explicitly (opt in) consent to the disclosure of the information to a non-Agent third party or non-third party administrator or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

In the event you decide that you want to opt out from Kreller’s use of your Personal Information that you previously provided to Kreller, notify us by email at: privacy@kreller.com.

We may also be required to disclose your Personal Information in response to lawful requests by public authorities having jurisdiction over Kreller, including to meet national security or law enforcement requirements. We may also use or disclose your Personal Information, if necessary, to protect and defend the rights or interest of Kreller or others.

Kreller may, as a result of a sale, merger, consolidation, change in control, transfer of assets, reorganization or liquidation of our company, transfer, sell or assign your Personal Information to third parties involved in the aforementioned events.

Security, Data Integrity and Purpose Limitation

Kreller combines technical and physical safeguards with employee policies and procedures to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration and destruction. Kreller employs Secure Socket Layer (SSL) data encryption when data is transmitted over the Internet to our Website. We have installed layered firewalls and other security technologies to help prevent unauthorized access to our systems. The servers used to store Personal Information are maintained in a secure environment with appropriate security measures. Password protection protocols are utilized on all computers.

Furthermore, only employees and agents who need the information to perform a specific job are granted access to Personal Information and all employees and agents undergo a thorough background screening and/or vetting process and are trained to ensure that information is handled responsibly and in accordance to this Privacy Policy.

Kreller will use your Personal Information only in a manner that is compatible with the purpose for which it was collected or authorized by the individual or our client. Kreller will take commercially reasonable measures to ensure that Personal Information is accurate, complete, current, and otherwise reliable with regard to its intended use. Data will be retained only for as long as it serves its relevant purpose and in consideration of correlated compliance and legal considerations.


Kreller acknowledges that EU individuals have the right to access the personal information that we maintain about them. Upon request, and with proof of identity, we will grant individuals reasonable access to their Personal Information that Kreller holds about them in response to a lawful request by public authorities having jurisdiction over Kreller. Under such circumstances, Kreller will allow individuals to correct, amend, or delete that information that is demonstrated to be inaccurate or incomplete except where providing such access would be unreasonably burdensome or expensive in the circumstances or where the rights of persons other than the individual would be violated as a result. Additionally, access to Personal Information will be granted under the terms of the Fair Credit Reporting Act when information is processed or obtained related to a request which qualifies under the Fair Credit Reporting Act. Although we make every effort to ensure that the data we collect and store about you is as accurate as possible, we cannot guarantee that third parties are accurate in information that they transmit and therefore we are not responsible for the accuracy of the data that may be supplied by any third-party sources of information or our clients.

Recourse, Enforcement and Liability

Kreller is subject to the investigatory and enforcement powers of the Federal Trade Commission in connection with the processing of your Personal Information under the Privacy Shield Framework.

In compliance with the EU-US and Swiss-US Privacy Shield Principles, Kreller is committed to resolve complaints about your privacy and our collection and/or use of your Personal Information if it was collected from an individual within the EU. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact our Privacy Officer, Harvey Rosen, at privacy@kreller.com.

Dispute Resolution for EU and Swiss Individuals

Kreller has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

Please note that if your complaint is not resolved through the above channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.