Turn applies FCRA, EEOC, SOC 2, and PBSA standards to every domestic check, and meets GDPR, PIPEDA, and local privacy laws across 200+ countries. No guesswork. No gaps.
Every check includes proper disclosure, candidate authorization, adverse action workflows, dispute resolution, and reinvestigation procedures. Turn has maintained full FCRA compliance across millions of checks over nine years of operations.
Screening practices designed to support individualized assessments and align with EEOC enforcement guidance on the use of criminal records in employment decisions.
Turn's platform accounts for state-specific requirements including ban-the-box laws, salary history restrictions, and state CRA registration obligations across all 50 states.
Candidate rights to know, delete, and opt out supported under the California Consumer Privacy Act and expanding state-level privacy frameworks.
Pre-adverse action notice with report and Summary of Rights
Configurable waiting periods by state and jurisdiction
Final adverse action notice delivery and documentation
Full audit trail for every step of the process
Full compliance including Standard Contractual Clauses, candidate consent management, right to access, and right to erasure for all data subjects.
Canadian privacy compliance with jurisdiction-specific consent collection, secure data handling practices, and adherence to national regulatory standards.
Adherence to Brazil’s General Data Protection Law, ensuring compliant screening processes, consent handling, and protection of candidate information.
Compliance with Australian data protection requirements, including AFP checks, employment screening standards, and proper handling of personal data.
Consent flows, data handling, and result delivery are configured per country, ensuring compliance across all jurisdictions in our coverage network.
Important: The FCRA applies to employment screening decisions made by US-based employers, regardless of whether the candidate or the check is domestic or international. Turn's platform includes FCRA-compliant workflows for all screening.
Independently audited certification covering security, availability, and confidentiality, with continuous auditing rather than a single point-in-time review.
Publicly available report summarizing Turn’s security controls, providing transparency into compliance practices and overall system reliability.
Aligned information security management workflows ensuring structured risk management, data protection controls, and continuous security improvement processes.
Member of the Professional Background Screening Association, demonstrating commitment to rigorous industry standards and enterprise-grade security practices.
Independently audited
Aligned workflows
Publicly available
EU & UK compliant
The same standards apply to our AI. Turn uses AI to make screening faster and more accurate, but every AI system operates within the same security perimeter, the same audit scope, and the same compliance controls described above. AI governance is not a separate initiative at Turn; it is an extension of how we already protect data and maintain compliance.
| Feature | What it does | Human role |
|---|---|---|
| Turn AI Assistant | Provides contextual FCRA guidance within the platform | Informational only; no report modification |
| ClarifAI | Translates criminal/MVR record language into plain summaries | Human review of all summaries before delivery |
| AI Record Matcher | Matches records to candidates across multiple data sources | Human validation prior to report finalization |
| Document Intelligence | Authenticates identity and detects fraud in submitted documents | Human review of all flagged items |
| Operational AI | Automates internal quality control workflows | Augments, does not replace, compliance staff |
No Turn AI system makes independent employment decisions. Every AI-influenced output is reviewed by qualified personnel before impacting candidate reports or compliance workflows. This is enforced as a technical control, not just a policy.
Your candidates’ data remains yours. Turn processes Customer Data only to deliver contracted services. We never use identifiable or partner-specific data to train AI. Improvements rely on aggregated, anonymized, and synthetic data.
Turn conducts regular bias audits across protected characteristics, including race, sex, national origin, and age, aligned with EEOC guidance. When risks are identified, we apply corrective actions such as rebalancing data, adjusting models, or increasing human review.
Turn’s AI governance framework meets or exceeds requirements under the EU AI Act, Colorado SB 24-205, California FEHA, Illinois Human Rights Act, and other laws governing high-risk AI and automated decision-making systems.
Questions about AI at Turn? Contact our compliance team at compliance@turn.ai. Partners may request a summary of Turn's AI governance documentation under the terms of their agreement.
| Area | Standard | Status |
|---|---|---|
| US Employment Screening | FCRA | Full compliance, 9 years continuous |
| US Equal Employment | EEOC Guidance | Aligned |
| US State Privacy | CCPA + state laws | Supported across all 50 states |
| Data Security | SOC 2 Type II | Independently audited (continuous) |
| Data Security | SOC 3 | Publicly available |
| Information Security | ISO 27001 | Aligned workflows |
| Industry Membership | PBSA | Active member |
| EU/UK Privacy | GDPR | Full compliance including SCCs |
| Canadian Privacy | PIPEDA | Full compliance |
| Brazilian Privacy | LGPD | Compliant |
| Australian Privacy | Privacy Act | Compliant |
| Data Residency | US, CA, UK, AU | Configurable by employer |
| Infrastructure | AWS, E2E Encryption | Enterprise-grade |
| AI Governance | Responsible AI Principles | Human oversight on all AI outputs |
| AI Training Data | Data Use Policy | No live candidate data used for training |
| AI Bias | EEOC-aligned audits | Regular bias testing across protected classes |
| AI Regulation | CO, CA, IL, EU AI Act | Framework designed to meet or exceed |
Independently audited
Aligned workflows
Publicly available
EU & UK compliant
Schedule a compliance consultation, or get a free demo.
