Privacy notice

clear-english-standard_125x125.jpgWho we are

 

The Verifile group of companies is made up of numerous individual companies. There's a full list near the end
of this notice (Schedule 1).  Where the notice refers to "Verifile" and "we", it's referring to the particular company that is processing your personal information. This may be as a controller in its own right or as a processor on behalf of one of its clients.

This is our Privacy Notice for all our services. It tells you how we will use and protect any information we collect in line with the General Data Protection Regulation (GDPR).

When we process personal data on our clients' behalf, we are acting as a processor.
 

What personal information we collect and why

We collect personal information that our clients instruct us to collect. For more about the type of information we collect and why, scroll down to section 4, "What types of personal information do we collect?". For more specific details about the information we'll collect about you, please speak with the organisation that requested the services.

The most common use of our services by organisations is recruitment and employment. Therefore, for convenience, where this notice refers to "our client" or "your potential employer", it's referring to that kind of organisation.

Who we share your personal information with and why

We share your personal information with:

  • the client that requested it
  • any third party we need to contact to collect or validate your personal information, and
  • service providers we use to fulfil services and manage our infrastructure.

For more about who we share your information with, please refer to sections 4 and 6.

What we don't do with your personal information

We don't sell or disclose your personal information to governments, marketing or advertising services, other clients, or anyone else except as outlined in this statement or required by law.

Privacy Mission Statement

Verifile is committed to protecting individual privacy rights. We hold ourselves to the highest legal and ethical standard for compliance. We strive to be a privacy champion in the human resources technology industry. We value the trust our clients, colleagues, and suppliers place in us, and we work to maintain that trust by building privacy protection into everything we do. We are committed to implementing the six data protection principles that set out our responsibilities as required by Article 5 of the GDPR.

Disclosure of personal information

We process personal information in the United Kingdom that we have collected from people around the world, so we may transfer it outside the United Kingdom as follows:

  • To third parties from which personal information must be collected or verified to fulfil services requested by our client. For example, if our client asks for a criminal record check in New Zealand, we'll transfer personal information to the organisation in New Zealand that provides police certificates.
  • To contractors that provide specific services if our client has requested them. For example, if our client asks for a person's education history in Russia to be verified, we may transfer personal information to a company in Russia with expertise in verifying Russian education history in the local language.
  • To our client and to you if either of you is based outside the United Kingdom.

For more about cross-border transfers of personal information, scroll down to section 7, "Do we transfer personal information between countries?".

Table of contents

  1. Scope of our work
  2. Our legal basis for processing
  3. How and why do we collect personal information?
  4. What types of personal information do we collect?
  5. How do we use cookies?
  6. When, why and how do we communicate personal information outside Verifile?
  7. Do we transfer personal information between countries?
  8. How do we ensure your personal information is accurate?
  9. Do we engage in automated decision-making or profiling using personal information?
  10. Do we conduct research using personal information?
  11. How long do we keep personal information?
  12. How do we protect personal information?
  13. How can you access or correct your personal information, request that it be deleted, or ask for it to be transferred to another organisation?
  14. How can you complain about how we have handled your personal information or responded to a request to exercise your rights?
  15. Contact information
  16. Glossary

1. Scope of our work

This statement applies to the collection and processing of personal information, which means information about an identifiable individual (you) that Verifile collects when providing services to our clients.

2. Our legal basis for processing

When we carry out background screening on a client’s behalf, we are acting as a processor under our client’s instructions. Our client, who is acting as a controller, is responsible for deciding the legal basis for your screening. We rely on the client’s legal basis to collect and process your information. We only collect and process your personal data in line with their instructions.  

To find out the legal basis our client is relying on for your screening, please refer to their privacy notice. 

If necessary, we or our client may ask you for a signed authorisation. We need this because we will be asking third parties (for example, organisations and referees) to share information about you with us. Normally, before third parties will agree to do so, they will require us to prove that our request (on our client's behalf) is made with your knowledge and agreement. 

Your authorisation does not alter the legal basis for processing set by our client. Furthermore, if you withdraw or withhold your authorisation, this will not affect our client’s legal basis for screening. However, when our services are used for recruitment and employment purposes, any offer of a role may depend on you successfully undergoing screening. (Screening may also be required under your existing employment contract.) If you do not give your authorisation to screening, this may affect your employment with our client. We are not involved in any decisions about your employment. We take no responsibility for any of our client’s actions regarding the screening process and its outcome. 

The optional legal bases our clients can use are:

  • compliance with a legal obligation
  • performance of a contract 
  • legitimate interest 
  • public interest 
  • vital interest 
  • ​consent

You may have questions about the consequences of withholding your personal data or withholding or withdrawing your authorisation to screening, or you may wish to know the legal basis our client is relying on. If so, you should contact our client who requested the screening. 

3. How and why do we collect personal information?

We collect your personal information in the following ways:

  • When you provide personal information to us through our web site.
  • When we have spoken with you on the phone, when you email us, or when you send information to us by post or fax.
  • When you contact us through social media.
  • When we receive information about you from our client requiring our services.
  • We may also receive personal data about you from third parties.

Providing background checks, compliance, and other services to our clients

We collect your personal information to enable us to perform our primary function, which is to provide services to our clients, as follows:

  • Background checks before and during employment, volunteering or contractual relationships.
  • Background checks before and during education.
  • Background checks before taking up a licence to practise a profession or to maintain such a licence.
  • Background checks before and after adopting a child.
  • Collection, validation, and storage of onboarding and other documents.
  • Background checks as part of due-diligence research for investments, acquisitions, partnerships, directorships and other business relationships.

When we provide services, our client is generally responsible for the following aspects of collecting and processing personal information:

  • Deciding which personal information we collect, and how we use it.
  • Establishing a legitimate basis for collecting and processing personal information, and ensuring it complies with the law.
  • If appropriate, ensuring you are notified of, or provide consent for, the collection and processing of your personal information in line with the law.
  • Complying with any legal obligations our client may have as the body that controls or owns the personal information.
  • Getting your authorisation, if it is needed, to help us perform services we are asked to provide. Often, the client will ask us to get this authorisation on its behalf.

We are generally responsible for the following aspects of collecting and processing personal information:

  • Carrying out the services requested by our client in line with its instructions.
  • Storing and protecting personal information in our custody according to our client's instructions.
  • Complying with any legal obligations we may have as a processor, custodian, service provider or similar under the law.

When we provide services to a client, we collect your personal information in line with our client's instructions. For more about this, please contact your potential employer.

Tracking the usage and security of our secure platforms

We collect your personal information through the use of cookies on our secure platforms. For more about cookies, please see section 5, "How do we use cookies?"

We collect information about your activity on our secure platforms to ensure the integrity and security of our systems and the data in our custody. We use it to audit system access and investigate suspicious activity.

Our collection of personal information for security purposes is based on our legitimate interest and legal obligation to ensure we protect personal information in our custody.

4 What types of personal information do we collect?

Review the list below to see the types of personal information we collect from or on behalf of our clients, along with an explanation of why we collect it and where we collect it from.

Not all background checks require the same level of detail and verification. If you wish to know more about what is required regarding your own background check, we recommend you ask your potential employer.

Types of personal information collected to provide services to clients

 
Type of information Reason for collection Sources
Names - current and former This is how we identify you. If we do not know who you are, we cannot provide services. We may need former names to conduct a full background check, as old records may be held under a former name.
  • You or our client
  • Public records
  • Credit reference agencies
  • Third parties we contact when performing services
Names of your parents - current and former Some services, especially criminal record checks, require the name of your parents to identify you.
  • You or our client
Date of birth Along with your name, this serves to identify you as a unique individual, and is often required for us to perform services.
  • You or our client
Place of birth Some services require a place of birth.
  • You or our client
Sex or gender Some services require a sex or gender.
  • You or our client
Address history Some services, especially criminal record and credit checks, require several years of address history to complete.
  • You or our client
  • Credit reference agencies
  • Public records
  • Data aggregators
Contact information In most cases, we need to know how to get in touch with you. This may include your mailing address, email address and telephone number. If we collect these while providing services for a client, we'll use them only to provide those services and comply with our client's instructions and our legal obligations. We will not contact you for any other reason.
  • You or our client
Nationality Some services require your nationality to complete.
  • You or our client
Fingerprints* Some services such as criminal records in certain jurisdictions require fingerprints to identify and locate any relevant records.
  • You or our client
Photograph Some services require us to collect a photo ID
  • You or our client
Documents to prove identity or address We may be asked by our client to verify your identity, or we may be required to do so to complete services. If so, we may collect ID cards or other documents you provide.
  • You or our client
  • A third party that collects your documents or verifies your identity for the purpose of transferring that information to us.
Government-issued identity numbers (e.g. identity number, social security number, social insurance number, national insurance number, driving licence number, passport number)* Some services require this information, as records we need to retrieve from third parties are often associated with a government identity number. This may include criminal records, credit files, employment history or driving records.
  • You or our client
  • Public records
  • Government agencies
  • Credit reference agencies
Immigration status (eligibility to work) Some clients wish to verify potential employees' immigration status in the jurisdiction where they operate.
  • You or our client
  • Government agencies
Criminal records and police records* Some clients wish to review criminal records as part of their screening programme. This may also cover any barred lists, if applicable.
  • You or our client
  • Law enforcement or other government agencies
  • Courts
  • Public records
  • Media
  • Data aggregators
Credit or bankruptcy history* Some clients wish to obtain financial or identity information found in a credit file with a credit reference agency or in public record information.
  • Credit reference agencies
  • Government agencies
  • Public records
Civil court records Some clients wish to review litigation history in the civil courts.
  • Courts
  • Data aggregators
  • Public records
  • Credit reference agencies
  • Government agencies
Tax information* Some clients wish to use our services to collect tax documents from their employees.
  • You or our client
Salary/income Some services may disclose this information to us, and some clients may wish us to verify this information.
  • You or our client
  • Sources for employment history
  • Sources for credit history
Property/real-estate information Some clients wish to use our services to verify the ownership of the house(s) you live in and own as well as details of any current mortgages on it.
  • Credit reference agencies
  • Government agencies
Appearance on government watch or sanctions lists* Some clients wish to check for your presence on government watch list or sanctions list.
  • Law enforcement or other government agencies
  • Fraud prevention agencies
Directorship, shareholding and corporate governance history Some clients wish to verify current or past involvement with corporations and charities as a director, officer, trustee or shareholder. Some clients also wish to check you are not barred from holding such positions in the future.
  • You or our client
  • Government agencies
  • Credit reference agencies
  • Public records
  • Organisations with which you have had previous involvement
  • Government agencies
Employment history Some clients wish to verify employment or activity history over a period of time.
  • You or our client
  • Your current or past employers or their recordkeeping service providers
  • Agencies that placed you with your current or past employers
  • Referees you have provided
  • Credit reference agencies
  • Government agencies
Volunteering history* Some clients wish to verify volunteering or activity history over a period of time.
  • You or our client
  • Organisations with which you have volunteered or their recordkeeping service providers
  • Referees you have provided
Education history Some clients wish to verify education or activity history over a period of time.
  • You or our client
  • Educational institutions you have attended or their recordkeeping service providers
  • Government education authorities in jurisdictions where you have attended school
  • Referees you have provided
Gap history Some clients wish to verify activity history over a period of time.
  • You or our client
  • Referees you have provided
Professional credentials, designations, licences, memberships (this may also include trade union membership*), associations, awards, sanctions or reprimands Some clients wish to verify your standing as a certain type of professional; participation or completion of professional development courses; or the existence of professional sanctions or reprimands.
  • You or our client
  • Professional organisations with which you have been associated, or their recordkeeping service providers
  • Public records
  • Referees you have provided
  • Employment history sources
Opinions about you Some clients wish to obtain character references about you. Additionally, opinions may be provided during verifications of employment or volunteering.
  • You or our client
  • Your current or past employers or their recordkeeping service providers
  • Agencies that placed you with your current or past employers
  • Referees you have provided
  • Educational institutions you have attended or their recordkeeping service providers
  • Media coverage
Health information, including results from occupational health assessment, drug test and GP letter* Some clients wish to test for drug use or health conditions.
  • You or our client
  • Drug-testing laboratories
  • Medical professionals following a consultation for this purpose
Driving licence, and driving records Some clients wish to check your driving licence validity and driving history.
  • You or our client
  • Government agencies
Media Some clients wish us to locate media articles about you, assess your social media activity, or locate any other mentions of you on various web sites such as blogs, forums and more.
  • Internet search engines
  • Social media
  • Data aggregators
Other public record information Some clients wish us to search other public record sources for information.
  • You or our client
  • Government agencies
  • Public records
Call recordings We monitor some phone calls for quality-assurance and training purposes.
  • You or our client
  • Any third parties
Your opinions about your experience with Verifile We may occasionally seek your feedback about your interactions with us to improve the quality of our service.
  • You

*Items marked with an asterisk may be considered sensitive or may be subject to special protections in some places. We will not collect them in every case. We will not collect them if it is illegal. Where permitted, we will only collect and use them in line with the law. Please scroll down to section 12 to learn more about some of the measures we take to protect personal information.

Types of information, some of which may be personal information, that are logged when you access our secure platforms:

  • IP address.
  • Location.
  • Login credentials for our systems.
  • Dates, times and lengths of sessions.
  • Access to and modification of data.
  • Browser type and version.

Reuse of personal information for new purposes

We will only use your personal data for the purposes for which we collected it (eg., screening purposes as instructed by our client). Please note we may process your personal data without your knowledge or consent if the law requires it. 

If we collect personal information about you for which we act as a controller or a processor, we won’t reuse it for any new purpose that is different from the original purposes for which we collected it, unless one or more of the following is true: 

  • The new purpose is compatible with the original purpose. 
  • We have notified you of the new purpose and given you an opportunity to object to it. 
  • ​The change of purpose is otherwise permitted or required by law. 

You should contact your potential employer for details of any reuse of your personal information because it relates to personal information where they act as a controller. 

5. How do we use cookies?

Cookies are pieces of information shared between your web browser and a web site. Cookies enable the web site to collect information about your activities and give you a faster and easier experience.

These are the cookies we use:

Name of the cookie Purpose of the cookie
.VerifilePortalSecurityBackend This is used to manage user authentication to our web site.
ASP.NET_SessionId This contains a temporary unique identifier for a user's session. It's used to enable the management of session state for each user.
__AntiXsrfToken This contains a security token used to prevent cross-site request forgery (XSRF) attacks.
Portal.Framework.PreferableCultureName This contains a user's language preference.


Different cookies have different functions:

  • Session cookie: this is only stored on your computer during your web session. It is automatically deleted when the browser is closed. It usually stores an anonymous session ID allowing you to browse a web site without having to log in to each page. It does not collect any information from your computer.
  • Persistent cookie: this is stored as a file on your computer and stays there when you close your web browser. It can be read by the web site that created it when you re-visit.
  • First-party cookie: this retains your preferences for a particular web site for the body that owns the web site. It is stored and sent between Verifile's servers and your computer's hard drive. It is used only for personalisation as set by you. It may be a session or persistent cookie.
  • Third-party cookie: this cookie retains your interaction with a particular web site for a body that does not own that web site. It is stored and sent between the third party's server and your computer's hard drive. It is usually a persistent cookie.

Our service platforms, which we use to collect information from you and our clients, do not use third-party cookies. They may use first-party session cookies to track your use of the sites and first-party persistent cookies to remember any preferences you select, such as your location.

The major browsers have tried to implement the draft "Do Not Track" (DNT) standard of the World Wide Web Consortium (W3C) in their latest releases. As this standard has not been finalised, our sites are not compatible with DNT and so do not recognise DNT settings.

We use cookies for the following purposes:

Where strictly necessary

Cookies are essential to enable you to move around the web site and use its features, such as accessing secure areas of the site. Without them, we could not provide services such as viewing certain areas of the site or using web forms. Cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.

Performance

Cookies collect information about how visitors use a site, for instance which pages they go to and if they get error messages from web pages. Cookies do not collect information that identifies a person, as all the information they collect is anonymous. We use them to improve how our site works.

Functionality

Cookies allow our site to remember choices you make (such as your language or the region you are in) and provide enhanced features. They can also be used to remember changes you have made to text size, font and other parts of web pages you can customise. They may be used to provide services you have requested such as viewing or commenting on content on the site. The information these cookies collect is usually anonymised.

Please consult your web browser's 'Help' documents for more information about how to turn cookies on and off.

6. When, why and how do we communicate personal information outside Verifile?

To provide services as instructed by our client

Often, the services we provide require us to find or validate personal information with third-party sources when requested by our client. To do so, we need to provide your personal information to allow the third party to find records about you. We generally provide the information that is required by the third party in the format and through the transmission method of the third party's choosing. This may involve transmitting information through a web site (including API), phone call, email, fax, letter or in person.

When we provide services to a client, communication of your personal information occurs in line with our client's instructions. For more about this, please contact your potential employer.

To provide results to our client

When we provide services to a client, we transmit personal information to it, in line with its instructions. Typically, we transmit using our secure web platforms and occasionally by phone, email, fax or mail.

To engage service providers and sources

Most of our work is done by our employees or authorised personnel who access personal information directly from our systems and whose activities are under our direct control. But we use third-party service providers for certain specialised tasks. These tasks include storage of data, information technology support, and some services we perform for our clients.

All our work relies on collecting data about you from sources described in section 4. It would be impractical to list all service providers and sources here, so instead we have listed types of service provider and sources.

When we provide services to a client, we use service providers in line with our client's instructions. For more about this, please contact your potential employer.

Third-party service providers and sources

 
Third party Types of information Purposes for transfer
Data storage and delivery providers All personal information in our custody Secure data storage and delivery
IT support services Personal information in our custody with which we require technical support Technical support
Other companies that provide services similar to ours Personal information required to fulfil services Provision of services in locations where we do not operate - only used when necessary
Data aggregators Personal information required to fulfil services Provision of services where data is accessible through an intermediate organisation
Drug-testing labs, General Practitioners (GPs), and occupational health companies Personal information required to set up and carry out drug screening, occupational health screening or get information from your GP Provision of drug screening, occupational health screening services, or get information from your GP
Police, embassies, government departments, courts, and agencies Personal information required to conduct criminal record searches, verify identity, and identification documents, search court records, get driving, corporate and other public records Provision of criminal record services, civil court searches, driving, corporate and other public records, and verification of identity
Credit reference agencies Personal information required to conduct credit, bankruptcy, court, identity and similar searches Provision of credit, bankruptcy, court and identity searches and similar services
Employers, employment agencies, referees, educational institutions, education authorities, professional institutions, licensing authorities, and their recordkeeping service providers Personal information required to verify employment (including volunteering), qualifications and licences, and to get references Verification of employment, qualifications and licences, and collecting references
Your clients, accountant, lawyer, management company or agencies you registered with Personal information required to verify self-employment, and to get references Verification of self-employment, and collecting references
Translation services Personal information we have received in a language other than what is used to provide the services for which it was collected Provision of services in the language required by our client
Postal and courier services Personal information required to fulfil services Provision of services where the source of information requires a postal application
Survey services Your opinions about our services Conducting surveys
Auditors Personal information in our custody Audit services of our technology platform, financial records and quality of our services


In exceptional circumstances

We may be asked to communicate personal information to law enforcement agencies, national security agencies, courts or other public bodies in any jurisdiction where we are subject to the law, regardless of where personal information is stored. If we receive a production order, warrant, subpoena or other enforceable demand, we will comply as required by law. If we receive a request to provide information voluntarily, we will consider your interests, our business interests, the interests of our clients, public safety implications and our legal obligations before deciding whether to communicate personal information. In any case if the information in question was collected from or on behalf of a client, we will consult the client before proceeding unless prohibited by law.

We may proactively communicate personal information to law enforcement or other third parties if necessary to investigate or report a violation of the law or a contract, or if otherwise appropriate and permitted by law.

7. Do we transfer personal information between countries?

Yes. We store personal information in the United Kingdom. We also use service providers in various other countries, usually to collect or translate information from that service provider's country or region where we need to provide services.

Based on where you have lived, worked and studied, we may need to transfer parts of your personal information to countries that do not have data protection laws equivalent to those of the European Economic Area (for example, Australia, United States, China).

If your personal information is subject to European Union (EU) or Swiss law, we may transfer it outside the EU or Switzerland, relying on one or more of the following legal bases:

  • You have provided your consent for us to transfer personal information outside the EU or Switzerland to allow us to carry out services for you or on a client's behalf.
  • We have in place with the receiving body a contract that the relevant authority regards as giving adequate protection of personal information.
  • The transfer is to a country that the European Commission or another supervisory authority regards as having an adequate level of protection.
  • An association or other body representing us or our client has an approved code of conduct in place that applies to the non-EEA territory or territories to which we are to transfer your personal information.
  • An approved certification mechanism is in place for the territory.
  • The transfer is necessary to implement pre-contract measures taken at your request.
  • The transfer is necessary to conclude or perform a contract in your interest between us and another person (Article 49(1)(c)).

In all cases, we will ensure that appropriate safeguards are in place to ensure the protection of your personal information.

8. How do we ensure your personal information is accurate?

Much of the personal information we collect comes directly from you or our client. If you have any concerns about the accuracy of the data processed about you, you should contact your potential employer in the first instance. Our processes for collecting and transcribing personal information are automated as far as possible and subject to rigorous quality controls. Information is updated if it is found to be inaccurate, either through our own audits or after a request for correction received from our clients.

9. Do we engage in automated decision-making or profiling using personal information?

We do not make decisions about you, automated or otherwise, and do not try to analyse or predict your behaviour, preferences, interests, health or other personal characteristics. However, we may carry out automated processing on our client's instructions. For more about automated processing of personal information on a client's behalf, please contact your potential employer.

10. Do we conduct research using personal information?

No. We maintain historical statistical data in anonymised, aggregate form for research and analysis. In this form, it is no longer regarded as personal information since it cannot identify you.

11. How long do we keep personal information?

We keep personal information that was collected from or on behalf of a client for as long as the client asks us to keep it, or as long as we need to keep it to comply with our legal obligations. To understand how long we will store your personal information, please contact your potential employer.

12. How do we protect personal information?

Verifile takes information security very seriously. As a result, we hold multiple certifications and accreditations following international and British standards. 

We have advanced security measures to secure and protect your personal information, such as internal and external firewalls, monitoring and alert systems to prevent and detect intrusion attempts, and 128-bit encryption of data in transit and at rest. Our servers are located in securely managed buildings and networks, and undergo multiple reviews by independent auditors. Our employees access data through secure virtual desktop interfaces. Our online interfaces are encrypted, password-protected and monitored.

We employ equally rigorous physical security policies to prevent physical access to our premises. Our servers and offices, including personal information in hard copy, are kept in access-controlled and monitored environments.

All our employees have been carefully screened to exceed the requirements under British Standard 7858 and have undergone thorough security and privacy training. We restrict access to your personal information to individuals who need it to do their work. Our operations, customer service, account management, finance, quality, vendor management and compliance teams may have regular access to your information. Employees in other departments may access it occasionally as required to provide services, communicate with you and fulfil our legal obligations.

We also enter into contracts with service providers with which we may need to share your personal information. These contracts require service providers to protect your personal information to the same level we do. They also allow us to audit the service providers' compliance with that obligation.

13. How can you access or correct your personal information, request that it be deleted, or ask for it to be transferred to another organisation?

At any time, you can request access to any personal information we collect from you if we are acting as a controller, e.g. if we process your personal information when you access our website. You can ask us to correct any inaccuracies and add comments or explanations to our records about you.

You can also ask about:

  • whether and why we have your personal information
  • how we got your personal information
  • what we have done with your personal information
  • to whom we have communicated your personal information
  • where your personal information has been stored, processed or transferred
  • how long we will retain your personal information, or how that retention period will be decided, and
  • the safeguards in place to protect your information when it is transferred to third parties or countries outside the EEA.

Finally, you can ask us not to collect or use your personal information for certain purposes, you can ask us to delete your personal information, or you can ask us to provide your personal information to a third party.

If we act as a processor on behalf of one of our clients, you will need to make any requests for the above directly to your potential employer. Any requests we receive from you that relate to such personal information will be referred to your potential employer.

Depending on which laws apply to your personal information, we or your potential employer may only be able to do some of these things for you. If we are unable to do what you want, we will explain to you your legal rights, the reason for our refusal and any further steps you may take.

14. How can you complain about how we have handled your personal information or responded to a request to exercise your rights?

We are committed to investigating and resolving complaints about our collection or use of your personal information. To make a complaint - regardless of your location, residency or citizenship - contact us or your potential employer. If you are not satisfied with our resolution of your complaint, you may complain to the Information Commissioner's Office. We are committed to:

  • cooperating with the panel established by the EU data protection authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC), and
  • complying with the advice given by the panel or the FDPIC regarding personal information transferred from the EU or Switzerland.

15. Contact information

Verifile is based at:

5 Franklin Court
Stannard Way
Priory Business Park
Bedford MK44 3JZ

For any questions on this notice please contact us at privacy@verifile.co.uk. For all other queries please use our contact us form.

Our Information Commissioner's Office Registration Number: Z8845041

16. Glossary

Anonymised means that sufficient information has been removed from personal information so that it can no longer be associated with an identifiable individual.

Client means an organisation that contracts with us to perform services.

Due diligence means a comprehensive appraisal of a business by a prospective customer, supplier or investor, especially to establish its assets and liabilities and evaluate its commercial potential.

Individual, subject or you means the individual that the personal information is about.

Onboarding means the action or process of integrating a new employee into an organisation or familiarising a new customer or client with its products or services.

Personal information means information about an identifiable individual.

Processing, handling or use means anything we do with personal information.

Profiling means automated use of your personal information to analyse or predict things like your performance at work, creditworthiness, reliability and conduct.

Services means the human resources technology services we provide to our clients, including background screening.

Service provider means a company engaged to process personal information on another company's behalf.

Source means an organisation holding records on you that we are collecting.

Third party means a person or organisation that is neither you nor us.

SCHEDULE 1

GROUP COMPANIES

Verifile Group Company Registered address Registration number
Verifile Holdings Limited 5 Franklin Court,
Stannard Way,
Priory Business Park,
Bedford,
MK44 3JZ,
UK
07450770
Verifile Limited 5 Franklin Court,
Stannard Way,
Priory Business Park,
Bedford,
MK44 3JZ,
UK
05129976
Verifile Technologies Limited 5 Franklin Court,
Stannard Way,
Priory Business Park,
Bedford,
MK44 3JZ,
UK
05129976
WorkPass Limited 5 Franklin Court,
Stannard Way,
Priory Business Park,
Bedford,
MK44 3JZ,
UK
06529355


Document Control

Document Name Privacy Notice
Last Review date February 2023


Change Record

Version Date Modified Modified by Modification
5.0 01/04/2021  Eyal Ben Cohen Sections 2, 4, 7, and 12 been updated 
4.0 24/05/2018 Eyal Ben Cohen GDPR compliant version written