Privacy & Data Protection Policy

This is a context-agnostic policy statement intended to apply to a broad category of users and to offer general guidance only. A user accessing Veryfy services and applications because of and through their affiliation with any of our enterprise clients would likely be subject to another, usually more detailed, agreement entered into between that enterprise and Psynthax or one of our subsidiaries or resellers.

The resultant legal arrangement would have included written provisions specifically drafted to meet their own specific circumstances. In those circumstances, some of the provisions in that agreement may have superseded what is disclosed here.

Individual and non-affiliated users on the other hand should find within these provisions an adequate overview of the essential policies that apply to our handling, storage and management of their data, as well as the relative division of responsibilities between users and Psynthax in connection with the sound use of Veryfy services and applications.

The Director of External Relations’ office in Psynthax can provide additional information about the legal context of specific provisions as they relate to the laws operative at the time of the inquiry in specific jurisdictions.
You may reach the office by writing to [email protected] with the following words in the subject line: [Privacy & Data Protection for Veryfy Use].

Introduction

Psynthax and/or the team responsible for the design, execution and management of the Veryfy services and applications (hereinafter, “the Veryfy Team”) needs to collect and use certain types of information about the Individuals or Application and/or Service Users who come into contact with the Veryfy app and related services in order to continue to update, upgrade, maintain and support these applications and services. Such personal information must be collected and dealt with appropriately, and in whichever form or manner it is collected, stored, processed, recorded or managed, safeguards and control protocols exist to ensure that generally accepted sound practices are being followed and the laws and regulations pertaining to such activities in the jurisdictions of control are observed.

Data Controls

Veryfy senior management designate controllers for the data in order to clarify responsibilities regarding the determination of what purposes and under which conditions personal information is to be collected, processed, handled, managed and utilised. A controller so designated is also responsible for guiding the Veryfy Team identify the most appropriate regulations and precepts in the relevant jurisdictions of control applicable in determining the scope of the data it holds or is likely to hold, and the general purposes that this data may be used for.

Disclosure

The Veryfy Team may share data with other parties, including government and state agencies, such as regulatory institutions, police, security establishments, local authorities, preventive bodies and other such organisations. It will also share data with the contractors that manage and operate components of its infrastructure outsourced to such contractors.

The Individual/Service User can rest assured that they shall be duly notified when substantial changes occur regarding the existing terms and conditions imposed on external contractors and others who handle, process, store and transmit personal data on behalf of the Veryfy There are circumstances where the law in virtually all jurisdictions allow, and sometimes dictates, the disclosure of personal data (including sensitive data) without the data subject’s consent or awareness.
These include:

The Veryfy Team considers it a matter of general policy to consider the lawful and sound handling and treatment of personal information as integral and indispensable to the trust-building process we are constantly undertaking with our stakeholders, including our customers. It is a foundational component of the Veryfy market strategy to make the sound and judicious treatment of personal data a competitive advantage and positioning factor of the Veryfy brand.

In light of this strategy, Veryfy Team strives to go beyond the explicit provisions of corporate policy, the law in force in our operational jurisdictions, and standard industry practice and braces itself to be guided by holistic and expansive principles that align deeply with our values as a stewardship organisationa.
Some of these principles are:

The Veryfy Team shall, applying sound management and technical standards, and complying with relevant technical criteria and operational controls:

Data Collection

Informed consent is when, an Individual/Service User clearly understands why their information is needed, who it will be shared with, the possible consequences of them agreeing or refusing the proposed use of the data and then gives their consent.

When collecting in-person data, the Veryfy Team shall ensure, as much as practicable, that the Individual/Service User:

Data Storage

Information and records relating to service users will be stored securely and will only be accessible to authorised staff, contractors, interns and volunteers.

Information will be stored for only as long as operationally required, legally dictated, or technically advised.

The appropriate Data Controllers shall strive to ensure all personal and company data is non-recoverable, within the bounds of the technical capacity available within the Veryfy Team, from any computer system previously used within the organisation, which has been passed on/sold to a third party.

Data Access And Accuracy

All Individuals/Service Users have the right to expect that when services are delivered through the Veryfy infrastructure for their benefit, and their personal data used to enhance their experience of that service, the Veryfy Team shall strive to ensure the technical accuracy of the information used.
In addition, the Veryfy Team will ensure that:

Policy Update

This policy is subject to periodic revision and review to ensure continued alignment with emergent best practice in the relevant industries and jurisdictions for managing data protection, security and quality.

Further Information

In case of any queries or questions in relation to this policy please contact the Data Protection Officer in the Office of the Director of External Relations: [email protected]