iProov Transparency Notice
Who we are:
iProov delivers its genuine presence assurance services to organisations around the world by authenticating remote users online for onboarding and verification purposes.
iProov Limited (we, us or iProov) is a company incorporated in England & Wales under company number 07866563 whose registered office is at 10 York Road, London SE1 7ND England.
Why have I received this?
iProov has been provided with some personal data that relates to you (your personal information) that is used for the marketing of our services to you and for the purposes set out below.
Purpose of this notice
The purpose of this notice is to inform you of the collection and processing by iProov of your personal information, and your rights in relation to that data and processing.
How did we get your personal information?
Your personal information has been provided to us through a third party service, such as the ZoomInfo platform. Note: we do not control the use of your personal information by those third parties. You should consult their privacy and data protection terms as they differ to iProov’s terms.
What information does iProov collect?
Your personal information typically comprises:
- Name
- Job title
- Job function and responsibilities
- Education
- Company Office
- Company Address
- Company email address
- Company Telephone Number
- Social Media URL
Over time, your personal information may be supplemented with further information that you provide to us or that is generated as a result of our interactions with you.
What do we do with your personal information ?
iProov only collects and uses your personal information for communicating with you in order to market and promote iProov’s services to you and the business you represent, and to go through sales processes with you and that company or entity.
Lawful basis
iProov’s lawful basis for processing your personal information is our legitimate interest in marketing and selling our services to you and the business you represent. A legitimate interest is when we have a business or commercial reason to use your personal information, so long as this is not overridden by your own rights and interests. Where iProov has a legitimate interest we always carry out an assessment, in order to balance our interests against your own.
Opting out
You have the right to opt your personal information out of receiving our marketing communications at any time by clicking on the following link: [insert link here]. Please note: it may take up to 48 hours for the removal of your personal information to be effected.
Whom do we share your personal data with ?
We share your personal information with third party service providers who help us with our business, its marketing and sales processes. We only allow those organisations to handle your personal information if we are satisfied they take appropriate measures to protect your personal information and where we have a contract in place to safeguard your data .
A list of iProov’s sub-processors can be found here.
Transferring your personal data out of the UK and EEA
It is sometimes necessary for us to share your personal information in countries outside the UK and EEA, some of which may provide lower levels of protection of privacy than the UK and EEA . In those cases we will comply with applicable laws designed to ensure the privacy of your personal information.
How do we keep your personal information secure?
We have put in place appropriate security measures intended to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Your legal rights
Under the law, you have the right to:
- Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of your personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal information. This enables you to ask us to delete your personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your personal information unlawfully or where we are required to erase your personal information to comply with a legal or regulatory obligation.
- Object to processing of your personal information where we are relying on our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your personal information which override your rights and freedoms.
- Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; or (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- Request the transfer of your personal information to you or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format.
- Withdraw consent to the processing of your personal information (where consent is the basis upon which we process your personal information), or to profiling by means of your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the relevant personal information (or to exercise any of your other legal rights). This is a security measure we take to help avoid your personal information being disclosed to a person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to help speed up our response.
We try to respond to all legitimate requests within one month of receipt of the request. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
How do you contact iProov to exercise your rights?
iProov has a data protection officer who can be contacted at DPO@iproov.com. If you have any questions about this iProov Transparency Notice or about any requests to exercise your legal rights, please send an email to this email address.
If you would like to write to us, iProov’s UK and head office address is
iProov Ltd
10 York Road
London
SE1 7ND
Company Number 07866563
iProov has appointed an EU representative who can be contacted at:
iProov Netherlands B.V.
Siriusdreef 17 Transpolispa,
Hoofddorp,
213WT
Email: eurepresentative@iproov.com
Company Number: 74408259
Please click here to view iProov’s website privacy policy
Disputes and filing a complaint:
You have the right to make a complaint at any time to a data protection Supervisory Authority in your jurisdiction. A list of EU Supervisory Authorities can be found here : https://edpb.europa.eu/about-edpb/about-edpb/members_en
In the UK, the Supervisory Authority is the Information Commissioner’s Office (ICO), (www.ico.org.uk).
If you are located outside of the EU or UK, please contact the Data Protection Supervisor (or similar) within your state or region.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so would request that you contact us in the first instance.
We are registered with the ICO under number ZA441165.