Privacy Policy


1.                  General Terms

 

Your privacy has highest priority for us and we handle your personal data with the upmost diligence. The International Specialized Verification Services Company ("ISVSC") complies therefore with the applicable provisions on the protection, processing and confidentiality of personal data as well as data security.

 

Subject of this Privacy Policy is to inform you:

 

·         On the data controllers

·         Which personal information is collected and processed

·         How we obtain your personal information

·         How your personal information is used

·         On what basis we use your personal information

·         For how long we keep your personal information

·         With whom we share your personal information

·         How your personal information is protected

·         To which countries your personal information is transferred

·         Your rights regarding your personal information

 

We kindly ask you to read carefully through this Privacy Policy and its updates.

 

2.                  Data Controller

 

ISVSC is responsible for collecting and processing your personal information as a controller and processor.

 

ISVSC is one of the largest providers of verification services in the world, serving both governments and the private sector. ISVSC specializes in employment screening, asset protection, and trademark research in addition to evaluation services for companies and individuals.

 

3.                  Which personal information is collected, on what legal basis is it processed and for how long we keep it

 

3.1.              Authorized Forms

 

We provide clients with authorized forms (online or in physical format) to collect the data necessary for their decision making and our verification service. If you provide your personal data by filling such a form of our clients or directly to us, we process especially the following categories of personal data:

 

·         Primary information such as your name, birthday, title, passport number, national ID number business, position or your connection to legal or individual persons;

·         Contact details, such as postal address, e-mail address and telephone numbers;

·         Data on your qualification and enrollment such as, staff number/employee code, seat/roll/hall ticket number, registration/enrolment/license number,

·         Financial information, such as payment-related information (e.g. bank account details/receipt number)

·         Information you provide for meeting scheduling or presence at meetings or events;

·         Background information provided by you or gathered as part of the verification service;

·         Personal information provided or generated by ISVSC in the course of, or while providing services to our clients, such as passport copy, national ID, copy of certificates (e.g. on education, employment, licenses or marriage), but also including special categories of data usually provided in a CV or personal data relating to criminal convictions and offences such as criminal records.

·         Any other information that you may give us or contained within any scanned or photographed documentation you provide us with.

 

Such information we process on behalf of our clients as their processor. Therefore, our clients decide on the purpose and the legal basis of the processing as well as on the retention period.

 

3.2.              Verification Service

 

When providing verification service to our clients we process your personal data as a controller. We check and assess the information you provided to our clients and us and match it with data from other sources. The personal data included is the data listed in 3.1.

 

Processing for purposes of verification is based on consent, legal requirements (e.g. Anti-Money-Laundering, …) and prevailing legitimate interest of our clients.

 

We keep such data for seven years.

 

3.3.           Client system access

 

When our clients grant us access to their internal systems, we process your personal data available there by downloading documents from the client's system and uploading them to our system. The personal data included is the data listed in 3.1.

 

Processing for purposes of verification is based on consent (which you give with your active application), legal requirements (e.g. Anti-Money-Laundering, …) and prevailing legitimate interest of our clients.

 

We keep such data of applicants who run through the verification process for seven years and of applicants who withdraw before the verification starts for one year.

 

3.4.              Log files through use of our Website

 

Through your use of the Website, we gather, collect and store the following data:

 

·         IP Address

·         GPS-location

·         access to personal data through social media platforms

·         Referring (exit pages and URLs)

·         Number, duration and time of visits (your interaction with the Website)

·         Search engines, keyphrases and keywords used to find our site

·         Browser type, type of device, screen size, internet service provider and operating system

 

We collect these log files automatically by using cookies (for further details please see below). The log files collected are only used for statistical evaluations in an aggregated form for the purpose of operation, security and optimization of the Website.

 

Any processing of such personal data is based on your consent. For more details see 6. below.

 

3.5.           Online portals

 

We process personal data when you enter or upload information and documents via one of our portals. In our portals we ask you for the personal data listed in 3.1. In our portals we furthermore ask you for your payment data, which we process in case you apply via an online portal.

 

Processing for purposes of your application is based on consent (which you give with your active application), and prevailing legitimate interest of our clients.

 

We keep such data of applicants who run through the verification process for seven years and of applicants who withdraw before the verification starts for one year.

 

3.6.              Active contact to ISVSC

 

When you actively establish contact via the contact form, e-mail, phone or telefax, Online chat to ISVSC, we use the provided personal data (e-mail, name, telephone number, telefax number) for the purpose of answering you. We obtain your personal information when you provide it, or interact directly with us e.g. by contacting one of our employees;

 

Such processing is based on your consent or a prevailing legitimate interest.

 

We keep such data of applicants who run through the verification process for seven years and of applicants who withdraw before the verification starts for one year.

 

4.                  With whom we share your personal information

 

All information you provide to us is stored on our secure servers. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. The physical location of the data does not need to be in the same country in which you provided the data as our servers are in different countries.

 

When you apply for job at one of our clients you enter into a precontractual legal relationship with our client and we conduct our verification service on behalf of the client to process your application and based on your precontractual relationship with our client. The verification of your application requires the transmission of your personal data. We may therefore share your personal information with third parties in accordance with contractual rights and obligations, including:

 

·         our clients in form of reports

·         our MIS department to conduct the statistical reports monthly, quarterly, annually

·         universities, employers, licensing authorities or any Government/semi Government entities to confirm the authenticity of the documents provided by applicants.

·         our professional consultants and auditors;

·         suppliers with whom ISVSC contracts for certain support services, such as, translations, copies, document reviews;

·         IT-providers, providers of other tools, software solutions and marketing tools as well as further providers with similar services;

·         third parties involved in the services we provide, such as lawyers, enforcement agents, local consultants and others;

·         Entities involved in the organization of events or seminars or co-hosts thereof

 

All our Processors process your data solely on our behalf and on the basis of our instructions for the purposes as described above.

 

Furthermore, we may share your information with regulatory authorities, courts, and official entities where necessary to comply with legal or regulatory requirements or with contractual obligations.

 

5.                  Use of Cookies

 

Cookies are small text files that are temporarily stored on your device and saved by your browser. Due to that the use of ISVSC Website is made more comfortable.

 

As most websites ISVSC uses cookies, provided that you have granted your consent, to improve the use of the Website with your help. If you do not grant your consent, we will gather only anonymous data about your visit to ISVSC Website to, for example, be able to determine the total quantity of users of the Website.

 

If individual cookies implemented by us also process personal data, the processing is carried out in accordance with Art. 6 Para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit or on the basis of your consent in accordance with Art. 6 Para. 1 lit. a GDPR. This website currently uses the following cookies:

 

Name

Provider

Duration

Purpose

GPS

youtube.com

1 day

Registers a unique ID on mobile devices to enable tracking based on geographic GPS location.

IDE

doubleclick.net

1 year

Used by Google DoubleClick to register and report the user's actions on the website after viewing or clicking on one of the provider's ads, for the purpose of measuring the effectiveness of an advertisement and displaying targeted advertising to the user.

PREF

youtube.com

1 day

Used to check whether the user's browser supports cookies.

test_cookie

doubleclick.net

1 day

Used to check whether the user's browser supports cookies.

VISITOR_INFO1_LIVE

youtube.com

179 days

Trying to estimate user bandwidth on pages with integrated YouTube videos.

YSC

youtube.com

Session

Registers a unique ID to keep statistics of YouTube videos that the user has seen.

yt-remote-cast-installed

youtube.com

Session

Saves user settings when retrieving a Youtube video integrated on other websites.

yt-remote-connected-devices

youtube.com

Persistent

Saves user settings when retrieving a Youtube video integrated on other websites.

yt-remote-device-id

youtube.com

Persistent

Saves user settings when retrieving a Youtube video integrated on other websites.

yt-remote-fast-check-period

youtube.com

Session

Saves user settings when retrieving a Youtube video integrated on other websites.

yt-remote-session-app

youtube.com

Session

Saves user settings when retrieving a Youtube video integrated on other websites.

yt-remote-session-name

youtube.com

Session

Saves user settings when retrieving a Youtube video integrated on other websites.

 

6.                  How your personal information is protected

 

We use a variety of technical and organizational measures to help protect your personal information from unauthorized access, disclosure, modification, loss or destruction in accordance with applicable data protection laws. All information you provide to us is stored on our secure servers. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. The physical location of the data does not need to be in the same country in which you provided the data as our servers are in different countries. Our security measures are continuously improved in line with technological developments.

 

7.                  What rights do you have?

 

GDPR and other applicable European data protection laws protect certain rights for data subjects located in the EU. In particular:

 

Right of Access - right to obtain confirmation of which of your personal information is processed and information about it, for instance, which are the purposes of the processing, what are the conservation periods, among others.

 

Right of Rectification - right to request modification of your personal information that is inaccurate or request incomplete personal information, such as the address, VAT, email, telephone contacts, or others.

 

Right to Erasure or "right to be forgotten" - right to erase your personal information, provided that there are no valid grounds for its retention, for example in cases where ISVSC has to keep the data to comply with legal obligation or because a court case is in progress.

 

Right to Data Portability - right to receive the data you have provided us in a digital format of current use and automatic reading or to request the direct transmission of your data to another entity that becomes the new responsible for your personal information, however only if technically possible.

 

Right to Withdraw Consent or Right of Opposition - right to object or withdraw consent at any time to data processing, for example in the case of data processing for marketing purposes, provided that no legitimate interests exist prevailing over your interests, rights and freedoms, such as defending a right in a judicial process.

 

Right of Limitation - right to request the limitation of the processing of your personal information, in the form of: (i) suspension of processing or (ii) limitation of the scope of processing to certain categories of data or purposes of processing.

 

Right to object and automated individual decision-making - When the processing of personal information, including the processing for the definition of profiles, is exclusively automatic (without human intervention) and may have effects in your legal sphere or significantly affect it, the Client shall have the right not to remain subject to any decision based on such automatic processing, except as otherwise provided by law and shall have the right that ISVSC take appropriate measures to safeguard its rights and freedoms and legitimate interests, including the right to have human intervention in decision making by ISVSC, the right to express its point of view or contest the decision taken on the basis of automated individual information processing.

 

Right to complain - right to complain to the supervisory authority, in addition to ISVSC.

 

The exercise of rights is free of charge, except in the case of a manifestly unfounded or excessive request, in which case a reasonable fee may be charged regarding its costs.

 

The information must be provided in writing but may be given orally if requested. In this case, ISVSC should verify your identity by means other than oral.

 

The response to requests should be provided within a maximum of 30 days, unless it is a particularly complex request.

 

8.                  Who can you contact

 

Please contact our data protection officer should you have any questions concerning this privacy policy or on the exercising of your rights:

 

Privacy@isvsc.com.sa

 

For Data Subjects in the EU:

 

We appointed GDPR-Rep.eu as representative according to Art 27 GDPR. If you want to

make use of your GDPR data privacy rights, please visit: https://gdpr-rep.eu/q/11449484

Contact GDPR-Rep.eu

GDPR-Rep.eu

Maetzler Rechtsanwalts GmbH & Co KG

Attorneys at Law

c/o The International Specialized Verification Services Company

Schellinggasse 3/10, 1010 Vienna, Austria

 

Please add the following subject to all correspondence:

GDPR-REP ID: 11449484