International Integrity Services Version 2018.04 (legitimate interest)
The Privacy Statement provides you, as the data subject, with information about why and how International Integrity Services will be processing your personal data. This Privacy Statement is based on the General Data Protection Regulation (GDPR) which takes effect on 25 May 2018.
Until 25 May 2018 it will be governed by the Wet Bescherming Persoonsgegevens.
Why is International Integrity Services processing personal data?
International Integrity Services specialises in screening individuals. Your personal data is processed with the aim of carrying out a screening of relevant information at the request of a client with whom you are entering into a contract. For that purpose the data is stored within a secure environment to which no client has access. International Integrity Services is the independent controller for the processing of personal data. This Privacy Statement applies to all processing of personal data in connection with a screening by International Integrity Services.
International Integrity Services has a Data Protection Officer (DPO) who is registered with the Dutch Data Protection Authority.
The DPO can be contacted via firstname.lastname@example.org.
Based on which principle does International Integrity Services process personal data?
Our client has a legitimate interest (GDPR, Art. 6 paragraph 1f.) in having your integrity assessed, and therefore determines whether and to what extent it is relevant and necessary that you should be screened for particular elements. The composition of the screening is stipulated for policy reasons by the client, whereby account has been taken of the requirements laid down in the GDPR. These include the requirements of proportionality and subsidiarity, so that the only data that needs to be verified is the data which relates to the risks around the (prospective) role or (involvement with) the sale or purchase of real estate.
What personal data and/or documents does International Integrity Services process?
International Integrity Services processes a variety of personal data which we receive from
you or from our client for each screening. You can request details of this personal data via email@example.com if you wish.
From whom does International Integrity Services receive personal data?
International Integrity Services receives personal data from the following parties to carry out specific elements of a screening or to verify information:
- from you;
- our client(s);
- data providers in connection with conducting a screening;
- relevant (foreign) training institutions;
- relevant sector and/or specialized registers;
- referees and/or employers whom you have specified.
With whom does International Integrity Services share personal data?
International Integrity Services shares the necessary personal data with the following parties to carry out specific elements of a screening or to verify information:
- data providers;
- relevant (foreign) training institutions;
- relevant sector and professional registers;
- referees and/or employers whom you have specified;
- our client.
With which data providers is personal data shared?
International Integrity Services has concluded contracts with its data providers which set forth the arrangements governing the correct and secure processing of your personal data. You can request details of these data providers via firstname.lastname@example.org if you wish.
Is sensitive personal data processed?
International Integrity Services may process sensitive personal data. This depends on the elements that form part of the screening. The elements of the screening are stipulated for policy reasons by our client, whereby account has been taken of the potential risks relating to a particular role, a membership, particular activities or the (involvement in) the sale or purchase of real estate. You will be informed of the (sensitive) personal data that will/needs to be processed prior to the screening.
International Integrity Services has a licence under the Wet Particuliere Beveiligingsorganisaties en Recherchebureaus (Private Security Organisations and Detective Agencies Act / POB licence no. 967). With this licence International Integrity Services is authorised to process criminal data under certain conditions as specified in the GDPR.
Processing of identity documents (ID documents)
International Integrity Services processes ID documents as part of our client’s duty to verify.
An ID document (scan) is tested for authenticity on the basis of a number of authenticity characteristics. The document number is also used to establish that the document has not been reported stolen or missing. International Integrity Services is not authorised to process your Citizen Service Number, and therefore asks you to cover this before uploading the scan of your ID document in the secure environment.
Do you have to allow yourself to be screened?
You are not obliged to cooperate with screening. If you object to (parts of) the screening, it is best to contact the client, since the content of the screening is stipulated for policy reasons by our client.
Is my data save?
International Integrity Services has taken appropriate technical and organisational measures to secure personal data against theft or another form of improper processing.
How long will the data be retained?
International Integrity Services will delete the personal data within one year after the completion of your screening, unless alternative arrangements about this have expressly been made with the client.
Will your personal data be transmitted to a country inside or outside the EEA?
International Integrity Services processes your personal data within the European Economic Area (EEA). Under certain circumstances (part of) your personal data may be transmitted to a ‘third’ country located outside the EEA. This may occur – for example – if you, the client, a data provider or another body with which we share personal data in order to be able to carry out the verification is located in a country outside the EEA.
Under the GDPR an appropriate level of protection applies to the transmission of personal data within the EEA. Transmission outside the EEA is permitted to countries with an adequate level of data protection or where appropriate safeguards are in place. If this is not the case, transmission is justified because of your interest as the data subject in the performance of the contract concluded between International Integrity Services and the client (GDPR article 49 paragraph 1 at c).
We would like to draw your attention to your (privacy) rights
- Right of access;
- Right to rectification;
- Right to erasure (right to be forgotten);
- Right to restrict the processing;
- Right to object;
- Right to submit a complaint;
If you wish to invoke one of the above rights, you can contact International Integrity Services
for additional information and to discuss possible consequences via email@example.com.
Obviously we strive for the highest level of customer satisfaction. In the unfortunate event that you should have a complaint about our services, you can contact International Integrity Services
We will strive to resolve your complaint within 14 days.