Privacy Policy

This policy was last updated on 28th April, 2020.

Verificient Technologies Inc. (“Verificient”, “Company” or “we” or “us” and/or “our”) takes the privacy of all its stakeholders seriously. As such, we have set forth the following privacy policy:

Welcome to Verificient’s Platform (“Platform”) which provides identity verification and security and monitoring services. This privacy policy (the “Policy”) outlines the policy adopted by Verificient, relative to the collection, use, storage, and disclosure of personal information on the site and on all related websites (together “Sites”), networks, applications, and other services provided by us, including the Platform (collectively, “Services”). Through this policy, we attempt to make information about how we handle personal information available.

Please take the time to familiarize yourself with this Policy and if you have any questions, please contact us at privacy@verificient.com. This policy is incorporated into and is subject to our Terms of Service.

Services We Provide 

We provide Services on behalf of Organisations who are our clients. They may be any institution, organization or business unit of which you are a member (in any form, including but not limited to a user of their services) or an employee or individual associated with such entity (“Organisations”) in any manner or under any contract or agreement. Organisations are corporations, institutions, or companies or business units that offer any product or services. We collect and/or receive personal information about a user in order to develop, administer, or monitor a work session as configured by and on behalf of the Organisations. “Personal Information” is any information, such as name or email address, that identifies or can be used to identify the person to whom such information pertains, or is associated with a person. While providing Personal Information is voluntary, it is necessary to complete the required steps (as configured by the Organisation) to use RemoteDesk. We will handle and treat Personal Information collected or received while providing our Services in a manner that is consistent with this Policy and applicable law.

This Policy describes how we collect, use, store, and share information about you in connection with your use of the Services. If you do not accept the terms of this Policy, please do not use any of our Services.

Information We Collect 

Personal Information that you provide through the Services: We collect Personal Information from you when you voluntarily provide such information, such as when you: launch the Services from your learning management system; register for and/or login to the Platform; request customer support, a demo, or more information; communicate with us via email or social media sites; provide biometric data including as part of onboarding to the Services to create your identity profile; or use our Services for a work session as required by your Organisation. Personal Information collected through our Services may include, but is not limited to, the following:

  • Name

  • Address

  • Zip Code

  • Photograph of identity document, such as a driver’s license

  • Photograph of you

  • Telephone Number

  • Username and Password

  • Name of the Organisation(s) (i.e., the employer or incorporation(s), etc.) 

  • Employment information

  • E-mail address

  • Screen-captures

  • Audio and video recordings of the user during the work session and a scan of the work-room environment

  • Biometric data, including biometric identifiers (such as scans of hand or knuckles) and biometric information (such as knuckle, face, or keystroke patterns)

  • Government-issued identification number (if required, or as included in the identity document you provide)

 

Information Collected From Organisations: We may collect information about you from Organisations, such as your email address, to provide you a registration link to our Services. This information may also be combined with the Personal Information collected from you.

Cookies and Other Tracking Technologies: 

We use various technologies to collect information, including cookies. A cookie is a small file placed onto your device. Across the web, cookies do lots of different jobs, like letting you navigate between pages efficiently, storing your preferences, and generally improving your experience on a website. Cookies make the interaction between you and the website faster and easier. If a website does not use cookies, it will think you are a new visitor every time you move to a new page on the site – for example, when you enter your login details and move to another page it will not recognize you, and it will not be able to keep you logged in.

Our Services use cookies and similar technologies, such as web beacons, to identify your device and enable the functioning of our features, including the ability to log into your account, authentication, security, preferences retention, performance optimization, and data analytics.

If you do not want to receive cookies, you can change your browser settings. If you use our Services without changing your browser settings, we will assume that you’ve agreed to receive all cookies on the Company websites. Please note that our Services will not function properly without cookies.

Our Services may use two types of cookies, session and persistent. A session cookie expires after a set time, normally when you close your web browser. A persistent cookie remains after you close your web browser and may be used on subsequent visits to our Services to enable us to recognize you as an existing user.

We record certain information and store it in log files when you interact with our Services. This information may include IP address, browser information, mobile device information, internet service provider, operating system, date/time stamp, and other system configuration information. We and our analytics providers also collect and store analytics information when you use our Services to help us improve our Services.

Non-Personal Information collected from your use of our Services: We may statistically aggregate data on activities performed and other data collected during the work session in a non-person-specific format and transfer this data to Organisations. Such aggregated non-personal data may be used for quality control, security and marketing purposes, operations improvement and to improve the services, or related products.

How We Use Your Personal Information 

We use your Personal Information generally as a processor on behalf of the Organisation to provide and improve our Services and to develop new services, functions, or features for our Services. For instance, we use your Personal Information to register you as  a user, answer any questions or concerns you may have, administer the work session or monitored session, and/or convey the results of that session as per the required configuration. We may also use your Personal Information to contact you about scheduling, technical, security, or other wokr-session related issues, or to contact you for other administrative purposes, such as customer service. We use biometric data we collect from you during onboarding (first session) to create your identity profile for the Services. We use biometric data we collect from you when you use the RemoteDesk Services to compare against your identity profile for purposes of verifying your identity.

To Whom We Disclose Your Personal Information 

When you are using the Services, we provide your Personal Information to the Organisation. For further information about how your Organisation(s) may use your Personal Information, please contact your Organisation(s).

We may also disclose your Personal Information in the following situations:

  • When we believe it is reasonably necessary to comply with laws and regulations, or in response to a subpoena, court order, or other legal processes.

  • To protect against misuse or unauthorized use of our Services, or to protect the security or integrity of our Services or any facilities or equipment used to make our Services available.

  • To limit our legal liability and protect our property or other legal rights, or the rights of our Organisation and its members or employees.

  • To address actual or suspected fraud or other illegal activities.

 

We may also seek your consent for additional disclosures of information, including your Personal Information, and will share it only as described to you.

Data Security 

We take the security of your Personal Information seriously. We employ industry standard practices to protect your Personal Information in accordance with this Policy and applicable law. However, you should be aware that we do not control the security of your equipment or your network connection, and therefore any information you transmit to us through the equipment or internet connection you use, you transmit at your own risk.

Data Integrity 

We take reasonable steps to ensure that the data we collect is reliable for its intended use. However, it is your responsibility to update us with any relevant changes in your personal information so that we can provide you with our Services. We collect Personal Information that is relevant for the purposes for which it is to be used. Furthermore, we take reasonable steps to ensure that we process Personal Information in a way that is consistent with the purposes for which it is collected.

Data Retention and Deletion

Data collected from proctored activities (including biometric data) are held for up to 7 days by default or as configured by the applicable Organisation(s) after a RemoteDesk Session. Your identity profile and data collected for identification verification purposes (including the biometric data we use to create your identity profile) is retained for up to one year from the time the identity profile is created in our Platform. After the applicable retention period, we will automatically delete your Personal Information from the Platform and our systems, and maintain only the minimal amount of data required for billing and necessary business purposes and legal compliance. 

As explained above, we provide our Services as a processor on behalf of Organisations who have the right to receive your data.  We do not control what they do with your data. Organisations have their own policies with respect to data retention and deletion. For further information on such policies, to revoke consent related to biometric data, or to request deletion of any Personal Information outside of the retention policies described above, please contact the applicable Organisation(s) (for example, your employer).

Please be aware: In a case where you contact us exercising your rights to delete some or all of your data, and after verification that the request is coming from you, we likely will need to contact your Organisation who is the Data Controller for permission in order to legally comply with your request, and even though we agree to do so, you may still need to contact your Organisation to make a similar request, or your data may be retained separately by them.

International Users and International Data Transfer 

In order to provide the Services, here is how we manage your Personal Information data:

Our Services are hosted in the United States and intended for users located within the United States. If you choose to use our Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. By providing your information on or to the Services, you consent to any such transfer, storage, and processing in accordance with this Policy.

 

The Choices You Have With Your Information 

If you created an account with us in connection with your use of the Services, you may modify or update some of your Personal Information by logging in and accessing your profile. You should be aware, however, that it is not always possible to completely remove or modify information in our databases. If you wish to access or modify any other Personal Information that we hold about you, you may contact us at privacy@verificient.com. If you have not created an account with us in connection with your use of the Services and wish to access or modify any Personal Information that we hold about you, please contact the applicable Organisation(s) or privacy@verificient.com Or create a ticket request on https://www.verificient.com/support .

 

 

External Websites and Third Parties 

From time to time, our Services may contain links to third party websites. The policies and procedures we describe in this Policy do not apply to the third party websites. The links from our Services do not imply that the Company endorses or has reviewed the third party websites. We suggest contacting those sites directly for information on their privacy policies before providing any of your personal information to them.

“Stripe” is used as a third party payment gateway. Stripe is only a channel used to accept payments and does not have access to any user data and no personal or user data is shared with Stripe. AWS (amazon) and GCP (Google) are our cloud service providers. All the Data stored on the cloud servers is encrypted.

 

Your California privacy rights

This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA”.

For more details about the personal information we have collected over the last 12 months, including the categories of sources of personal information collected, please see the “Information We Collect” section above. We collect this information for the business and commercial purposes described in the “How We Use Your Personal Information”  section above. We share this information with the categories of third parties described in the “To Whom We Disclose Your Personal Information”  section above. Verificient does not sell the personal information we collect. Please note that we do use third-party cookies due to the technology of how Proctortrack is integrated with the work platforms utilized by the Organisations and for continuous use of the App (Desktop app, mobile app or browser plugin/extension app) and for purposes as further described in our “Cookies and Other Tracking Technologies” section above. 

Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), the right to request deletion of their personal information, the right to opt out of any “sales” of their personal information that may be occurring and the right to not be discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CCPA by contacting us at privacy@verificient.com Or may create a ticket request on https://www.verificient.com/support. We will verify your request using the information associated with your account along with the steps within our identifying process, including email address along with the assistance of your Organisation. Government identification may be required. Consumers can also designate an authorised agent to exercise these rights on their behalf.

Information from Children 

Parental consent is required for use of the Services under the age of 13. We do not knowingly collect, maintain, or use personally identifiable information from children under the age of 13. We request that all visitors to our Sites who are under 13 years of age not disclose or provide any Personal Information. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Information on our Services without their permission. If we discover that a child under 13 years of age has provided us with Personal Information, we will take steps to delete such information.

Changes to this policy 

Company reserves the right to change this Policy from time to time by posting an updated Policy to this site and the “last updated date” at the top of this page will be updated. We may also provide you additional notice, such as adding a statement to the home screen or sending you an email notification. Please review this Policy periodically, and especially before you provide any Personal Information. Your continued use of the Services after any changes or revisions to this Policy shall indicate your agreement with the terms of such revised Policy.

Our Contact Information 

Please contact us with any questions or comments you have about this Policy, your information, our use and disclosure practices, or our Services by email at privacy@verificient.com.

Verificient Technologies Inc. adheres to the Privacy Shield Principles.

Note: Verificient adheres to EU General Data Protection Regulation (“GDPR“). Refer to our GDPR page for more information.

Verificient Technologies Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Verificient Technologies Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Verificient Technologies Inc. is subject to the jurisdiction and enforcement authority of the US Federal Trade Commission (FTC).

In compliance with the Privacy Shield Principles, Verificient Technologies Inc. commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Verificient Technologies Inc. at: privacy@verificient.com, or contact our Support team at : support@verificient.com, or chat with us via the chat window on our website – www.verificient.com.

Verificient Technologies Inc. has further committed to refer unresolved Privacy Shield complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. The services of BBB EU PRIVACY SHIELD are provided at no cost to you.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration before a Privacy Shield Panel when other dispute resolution procedures have been exhausted.

We acknowledge the right of EU and Swiss individuals to access their personal data. EU and Swiss individuals wishing to view, correct or delete their personal data may do so by following the instructions in this privacy policy found in “The Choice You Have With Your Information” section.

Verificient Technologies Inc. may be required to release the personal data of EU and Swiss individuals in response to lawful requests from public authorities including to meet national security and law enforcement requirements.

Verificient Technologies Inc. may be liable for the onward transfer of personal data of EU and Swiss individuals to agent third parties unless it can be proven that we were not responsible for the actions giving rise to the damages.

 

You can view the complete Terms of Service here.