This policy describes:
- How to Contact Us
- The Information We Collect
- How Long Do We Keep Personal Data
- How Do We Use Personal Data
- Legal Basis for Processing Personal Data
- Sharing of Personal Data with Third Parties
- How we store Personal Data
- Your rights
- Changes to this policy
- Where does this policy not apply?
In certain places in this Policy, we may specifically reference GDPR. By GDPR, we are referring to Regulation (EU) 2016/679 (General Data Protection Regulation).
how to contact us: We are happy to respond to any inquiries you may have regarding collection, use, disclosure, transfer or processing of your personal data or the exercise of any of your rights. If you have questions or would otherwise like to contact us, please contact the IDcentral Data Protection Officer whose contact information is provided at the bottom of the last page of this policy.
Our website is at www.IDcentral.com. We also maintain offices in Denver (Broomfield), Colorado in the U.S., Singapore, Dubai andLondon You can find full contact information for each of these offices at www.IDcentral.com/contact-us.
The information we collect: It is first important to understand what we mean by “Personal Data”. We are referring to any information that is related to and identifiable with you, personally, that we have in our possession or control. Put more precisely, we mean to use the term Personal Data in the same manner as the GDPR.
Generally, we collect Personal Data about (i) our customers, vendors, business associates and potential customers, vendors and business associates (as well as their employees and representatives), (i) people who have expressed interest in our products and services (such as through visiting our website, visiting us at trade shows and otherwise by contacting us), (iii) our employees, contractors and people who have expressed interest in becoming our employees and contractors, and (iv) data we source from our strategic partners to derive digital identities.
Further the personal data we collect and handle include Name, age, gender, Phone Number, Email Address, Device Identifiers, Location data to derive intelligent Digital Identities. We may enrich the data with syndicated data sourced from Strategic partners of IDcentral
The types of Personal Data that we collect will depend on the specific purpose for which we are collecting it. As an example, phone number, name and general background information. For people expressing an interest in our products such as by visiting our website, we may collect your contact information and other information that allows us to understand your visit to our website better such as IP address, which webpages you have visited and measurement of site performance. Please also see information below regarding our use of “cookies” when visiting our website. For customer, vendors and business associates, we may collect your contact information.
How long do we keep Personal Data: Simply put, it is our policy to retain the information we collect no longer than as reasonably necessary to fulfil the purposes for which we collect the information and to comply with our legal obligations.
How do we use Personal Data: When we collect Personal Data directly from you, we use the personal data for the purposes that are disclosed to you or for purposes that you would reasonably expect. For example, if you send us your CV in response to a job posting, you would expect we would use that information for purposes of evaluating you as a job candidate. If you give us your contact information on our website as part of requesting more information, you would expect we would use your contact information to communicate information regarding our products and services with you unless you choose to opt-out at any given point.
More specifically, we may use your personal data as follows:
- To derive the digital identities and profiles by analyzing the user attributes collected from various sources
- if you are a customer, vendor or potential customer or vendor (or representative/employee of one of these entities), to contact you regarding products and services and generally for marketing and business development activities;
- if you are a business associate (such as a company who might act as a local representative for us, a reseller or some other company who might enter into business transactions with us involving an end customer), or representative of a business associate, to contact you regarding our working relationship and generally for marketing and business development activities;
- If you have provided personal data in connection with an interest in our products or services, to provide information on our products and services and to provide an overall pleasant and productive experience on our website;
- Other reasons:
- To comply with legal and regulatory requirements;
- For legitimate business interests such as undertaking business research and analysis, managing the operation of our website and managing our business;
- To assist in reviewing and responding to complaints and questions including complaints and questions you may have;
- To exercise and defend our legal rights or to comply with court orders; and
- To prevent and respond to actual or potential illegal activities and fraud.
- To allow us to invoice/bill you for the services provided and collect any payments for services rendered
We may also use Personal Data we obtain from other sources, as well as data we compile, for the above purposes.
Legal Basis for Processing Personal Data: When we process the data for the purposes set forth above, it will be based on one or more of the following legal grounds:
- Because it is necessary for us to do so to perform your instructions or a contract with you or your organization;
- To comply with our legal obligations as well as to keep records of our compliance processes or tax records;
- Because of our legitimate interests provided that those interests are not overridden by your interests or fundamental rights;
- Because you have given us your consent to process your personal data in the way we are processing it.
Sharing of Personal Data with third parties: We share Personal Data with our affiliate companies, offices and employees internationally. Therefore, your Personal Data may be transferred to locations both inside and outside of the European Union. We may also share your personal information outside of IDcentral such as with:
- Affiliated Companies: We may share your personal data among the IDcentral family of companies (these are companies which are controlled either directly or indirectly by IDcentral Limited) for the purposes as described in previous section.
- Third party vendors and contractors and other service providers: We may share your personal data with these third party vendors in their normal course of their providing services to us. These third parties will be bound by obligations of confidentiality with respect to your personal data.
- Legal and government processes: We may share your personal data to comply with the law or legal processes or in response to a lawful request by a government agency.
- Others pursuant to your consent: We may share your personal data with others pursuant to your consent to do so.
Where the GDPR applies and we transfer Personal Data outside the EU/UK, we will ensure it is protected and transferred in a manner consistent with the requirements of the GDPR. This may include: (a) sending the Personal Data to a country approved by the European Commission; (b) ensuring the recipient has signed a contract based on “model contractual clauses” approved by the European Commission; or (c) if the recipient is in the U.S and item b above does not apply, ensuring he recipient is a certified member of the EU-US Privacy Shield system. If you desire further details on any of these manners of sharing your personal data, please contact our Data Protection Office who contact information is on the last page of this Policy.
- How do we store personal data: IDcentral takes reasonable steps to protect the security of your Personal Data as customarily done in the industry or as otherwise required by law.Your Rights: With respect to any of your personal data governed by the GDPR (or where otherwise required by law), you have certain rights including:
- Access: With certain exceptions, you have the right to request a copy of personal data we may hold about you. The exceptions include situations where providing your personal data may expose personal data of another person and situations where we are legally prevented from providing the information.
- Rectification: Our goal is that any data, including personal data, that we keep is accurate. If you are aware that we have inaccurate personal data about you and you notify us, we will take reasonable steps to correct it.
- Objecting or restricting processing: Under certain situations, you may be entitled to object to our processing of your personal data or to request we restrict the manner in which we process it. If you would like to object or request restriction, please notify us.
- Portability: Under certain circumstances where you have provided personal data to us, you have the right to request that some of your personal data is provided to you in a structured, commonly used, computer-readable format. Or you may have the right to request we transmit your personal data to a third party in such a format.
- Withdraw of consent: If our legal basis for processing your personal is based solely on your consent, you have the right to withdraw your consent.
- Requirement to provide data: To know whether providing the personal data is required by a statute, a contract (or necessary to enter into a contract) and the consequences of failing to provide the personal data.
- Automated Decision Making: To know whether we use automated decision making with respect to your personal data. We don’t.
If you would like to contact our Data Protection Officer the contact information is on the last page of this Policy.
Please understand that each of these rights is subject to certain conditions under which we may refuse to grant the right such as, in certain cases, where we are legally required to retain certain personal data. If we have basis to refuse your request, we will explain that basis to you.
You also have the right to lodge a complaint with the relevant supervisory authority. If you would like to exercise this right and require assistance in obtaining contact information for the correct supervisory authority, please contact us.
First, what is a cookie? Unfortunately, it is not a sweet treat that you get for having read this far. A “cookie” is a small data file that is stored on users’ computer, tablet, phone or other device when the user visits a website. Some cookies are deleted when the user close down his/her browser. These are known as session cookies. Others remain on users’ device until they expire or the user deletes them from user’s cache. These are known as persistent cookies. Persistent cookies enable the website to “remember” things about a returning user.
- Assessing your requirements to deliver content more relevant to you and your interest and to improve the website;
- To provide you with a personalized experience when visiting our website;
- Provide statistics to IDcentral on how IDcentral website and portals are used; etc.
More information on cookies can be found at www.allaboutcookies.com and on other websites. Below is a list of the Cookies used in IDcentral website:
- • _utma
- • _utmb
- • _utmc
- • _utmz
- • _cq
Changes to this policy: We may choose to review and change this Policy from time-to-time and at any time. You should check this page periodically and whenever you have questions about how we manage privacy as changes are binding on you. If we decide to change this Policy in a manner which significantly impacts how we use, share or secure your personal data, if collection of that data was based on your consent, we will attempt to give you a chance to “opt-out” if doing so is allowed by law and is reasonably practical.
Where does this policy not apply: While we generally respect your Personal Data, as noted in the Your Rights section, certain rights are presently only applicable when governed by the GDPR or where such rights are otherwise required to be given under applicable law. Also, this Policy also does not apply where we are processing Personal Data as a Processor for another party (such as we may do with respect to Personal Data from our customers). Our processing of Personal Data as a Processor is controlled and governed by our agreements with such third parties.
Data protection officer: