Security Information

MVR Check Security

MVRcheck Security & Vendor Platform Safeguards

MVRcheck takes data security, privacy, and responsible information handling seriously. Our services involve access to sensitive driver and business information, and we recognize the importance of protecting that information through appropriate administrative, technical, and operational safeguards.

MVRcheck uses secure third-party technology platforms and service providers to support account management, ordering, reporting, monitoring, and related services. Certain security controls described below may be maintained by MVRcheck’s platform vendors, hosting providers, data providers, payment providers, or other approved third-party service providers.

MVRcheck is responsible for managing client relationships, account onboarding, user access coordination, internal procedures, vendor oversight, website security practices, and support processes related to the services we provide.

Security Overview

MVRcheck works with established technology providers and data service vendors that maintain security programs designed to protect hosted systems, sensitive information, and user access. These safeguards may include encryption, access controls, logging, monitoring, vulnerability management, secure infrastructure practices, and other protective measures.

Security responsibilities may vary depending on the service, platform, or integration being used. Some systems are operated directly by MVRcheck, while others are hosted and maintained by approved third-party vendors.

Data Protection

MVRcheck and its service providers use reasonable safeguards designed to protect sensitive information from unauthorized access, misuse, disclosure, alteration, or loss.

Depending on the platform or service involved, these safeguards may include:

  • Secure transmission of information using HTTPS and modern TLS protocols
  • Encryption of sensitive data at rest where supported by the platform
  • Controlled access to systems that contain sensitive information
  • User authentication and role-based permissions
  • Logging and monitoring of system activity
  • Secure data storage and backup practices
  • Vendor-managed infrastructure security controls

MVRcheck does not sell client or driver information. Information is used only for legitimate business purposes related to the services requested by our clients and as otherwise permitted or required by law.

Secure Access Controls

MVRcheck limits access to sensitive systems and information to authorized personnel and approved users who require access for legitimate business purposes.

Access control practices may include:

  • Unique user accounts
  • Role-based permissions
  • Administrative access restrictions
  • Password requirements
  • Multi-factor authentication where available or required
  • Review of user access when accounts or roles change
  • Deactivation of access when no longer needed

Clients are responsible for maintaining the confidentiality of their own user credentials and ensuring that only authorized personnel access their account.

Vendor Platform Security

MVRcheck relies on third-party platform vendors for certain hosted technology services, including ordering systems, reporting tools, monitoring services, payment processing, and related account functions.

These vendors may maintain their own security programs, infrastructure controls, audit procedures, compliance certifications, encryption practices, monitoring tools, and vulnerability management processes.

Where applicable, MVRcheck reviews vendor security information and works with its platform providers to support appropriate safeguards for sensitive information. Security documentation from certain vendors may be available upon request, subject to vendor approval, confidentiality requirements, and applicable service limitations.

Website Security

MVRcheck maintains its public website using commercially available website, hosting, and security technologies. The public website is separate from certain third-party ordering, reporting, and account management platforms used to provide services.

Website security practices may include:

  • HTTPS encryption
  • Security monitoring
  • Spam and bot protection tools
  • Firewall or content delivery network protections
  • Software, theme, and plugin updates
  • Administrative access controls
  • Backup and recovery procedures

MVRcheck periodically reviews website security settings and works to reduce common risks related to unauthorized access, outdated software, spam, malicious traffic, and improper configuration.

Encryption

Sensitive information transmitted through supported platforms is protected using HTTPS and modern encryption protocols where available.

Depending on the vendor platform or service provider, sensitive information may also be encrypted at rest using platform-managed encryption, cloud infrastructure safeguards, or other appropriate technical controls.

Encryption practices may vary by system, vendor, and type of information processed.

Monitoring and Logging

MVRcheck and its service providers may use monitoring, logging, and alerting tools to help detect unauthorized access, unusual activity, system errors, service interruptions, or potential security events.

Monitoring practices may include:

  • Login and access activity logs
  • System event logs
  • Administrative activity tracking
  • Network or application monitoring
  • Vendor-managed security alerts
  • Review of suspicious or unusual activity

The specific monitoring tools and retention periods may vary by platform, vendor, and service.

Vulnerability Management

MVRcheck works to maintain a secure operating environment by reviewing website security, limiting unnecessary access, using reputable service providers, and relying on vendor security programs for hosted platforms.

Depending on the platform or vendor, vulnerability management practices may include:

  • Software updates and patches
  • Security scans
  • Code review
  • Penetration testing
  • Infrastructure monitoring
  • Risk assessment
  • Remediation of identified issues

Certain vulnerability testing, penetration testing, static code analysis, or infrastructure reviews may be performed by MVRcheck’s third-party platform vendors as part of their own security programs.

Compliance and Responsible Use

MVRcheck provides information and technology services to support legitimate business purposes such as employment screening, driver qualification, insurance review, fleet safety, compliance review, and account-based ordering.

Clients are responsible for using MVRcheck services in accordance with applicable laws, regulations, authorization requirements, permissible purpose requirements, and internal company policies.

Depending on the service used, applicable requirements may include:

  • Fair Credit Reporting Act requirements
  • Driver authorization requirements
  • State motor vehicle record access rules
  • DOT or FMCSA-related compliance obligations
  • Privacy and data protection obligations
  • Client-specific employment or insurance review policies

MVRcheck does not make hiring, retention, promotion, licensing, insurance, underwriting, or employment decisions for clients. Clients are solely responsible for decisions made based on information obtained through the services.

Payment Security

Payment processing may be handled through third-party payment processors or billing platforms. MVRcheck does not intend to store full payment card numbers on its public website.

Payment processors and billing providers may maintain their own payment security controls, PCI-related safeguards, encryption practices, and fraud prevention tools.

Clients should follow secure payment practices and notify MVRcheck promptly if they believe unauthorized billing activity has occurred.

Incident Response

MVRcheck takes potential security incidents seriously. If MVRcheck becomes aware of a suspected security issue involving systems, data, vendors, or client accounts, we will review the matter and take appropriate steps based on the nature of the issue.

Incident response steps may include:

  • Reviewing available logs and activity records
  • Coordinating with affected vendors or service providers
  • Restricting or disabling access when appropriate
  • Notifying affected parties when required
  • Preserving relevant information
  • Taking corrective action to reduce future risk

Notification obligations may vary depending on the facts, applicable law, vendor involvement, and the type of information affected.

Client Responsibilities

Clients play an important role in protecting account access and sensitive information.

Clients should:

  • Use strong, unique passwords
  • Enable multi-factor authentication where available
  • Limit account access to authorized personnel
  • Remove users who no longer require access
  • Protect driver authorization forms and sensitive records
  • Avoid sharing login credentials
  • Review account activity periodically
  • Notify MVRcheck promptly of suspected unauthorized access
  • Follow applicable FCRA, DOT, state, and privacy requirements

MVRcheck may not be responsible for unauthorized activity caused by shared credentials, compromised client email accounts, weak passwords, or failure to properly manage client-side user access.

Third-Party Links and Integrated Services

MVRcheck’s website and services may link to third-party platforms, vendor portals, ordering systems, payment systems, support tools, or integrated services.

These third-party systems are governed by their own security practices, privacy policies, terms of use, and operational controls. MVRcheck encourages clients to review applicable third-party terms and security information when using those systems.

Data Retention

Data retention may vary depending on the service, vendor platform, legal requirements, client account settings, and operational needs.

MVRcheck and its service providers may retain records as needed to provide services, support account activity, comply with legal obligations, resolve disputes, maintain audit trails, prevent fraud, or enforce agreements.

Clients should maintain their own policies for retention, access, and disposal of records downloaded or stored within their organization.

Security Questions

Clients with security-related questions may contact MVRcheck for additional information about our security practices, vendor platform safeguards, account access procedures, or available documentation.

Security information provided by MVRcheck may be subject to confidentiality requirements, vendor restrictions, and the nature of the client relationship.

Important Notice

Some security controls, infrastructure protections, encryption practices, monitoring tools, audits, compliance programs, and vulnerability management practices referenced on this page may be maintained by MVRcheck’s third-party platform vendors or service providers rather than directly operated by MVRcheck.

MVRcheck relies on these providers for hosted platform security while maintaining internal administrative, client support, access coordination, website management, and vendor oversight responsibilities.

Security practices may vary by platform, service, vendor, and integration. This page is provided for general informational purposes and does not modify any written agreement, service terms, privacy policy, or legal obligation between MVRcheck, its clients, or its service providers.