GDPR Commitment

Information for Data Subjects

A Data Subject is an individual who is the subject of Personal Data. So, if we store Personal Data about you, then you are a Data Subject. In the world of Veracity a Data Subject is a visitor to our Customer’s websites and associated processing functionality (we call them Participants).

Participants should therefore always be asked for consent by the Customer before allowing the Customer to collect their Personal Data.

What information is collected on our Customer’s website?

When you visit the webpage of one of our Customers, the following information may be collected:

Contact details such as name, address, telephone number and email.
Traffic information as provided by your web browser such as browser type, language, the address of the website from which you arrived and other traffic information including IP address.
Traffic information as provided by your social media account.
Website visit information.
Clickstream behaviour such as which links you click and when.
Other personal data contained in your profile on third party social networks (Facebook etc.)
We may also in some cases compare a collected IP address with a geographic map service to derive your general location.
What information is collected on our (Veracity’s) website?
The following Personal Data may be collected about you (a Participant) by Veracity:

Contact details such as name, address, telephone number and email.
Traffic information as provided by your web browser such as browser type, language and the address of the website from which you arrived and other traffic information such as IP address.
Website visit information.
Clickstream behaviour such as which links you click and when.
Other Personal Data contained in your profile on third party social networks (Facebook etc.).
We may also in some cases compare a collected IP address with a geographic map service to derive your general location.
What Personal Data we (Veracity) may collect about you?
The following Personal Data may be collected and stored about you by Veracity:

Contact details such as name, address, company, telephone number and email.
Website visit information.
Other Personal Data contained in your profile on third party social networks (Facebook etc.).
We may also in some cases compare a collected IP address with a geographic map service to derive your general location.
How long we store your Personal Data
Veracity will only retain Participant Personal Data for as long as necessary for the stated purpose or for as long as our Customer requires it to be held, while also taking into account our need to answer queries or resolve problems and to comply with legal requirements under applicable laws.

In addition Veracity will only retain your Personal Data for as long as necessary to grow and operate our business, while also taking into account our need to answer queries or resolve problems and to comply with legal requirements under applicable laws.

This means that we may retain your Personal Data for a reasonable period after your last interaction with us or after our Customer’s last interaction with us.

When the Participant Personal Data that we collect is no longer required in this way, we will anonymise it. We may however retain Personal Data for statistical and analytical purposes, but in such cases your Personal Data will be anonymised and cannot be connected to a person.

What can I do as a Participant Data Subject?

Data Access, Data Correction and/or Data Erasure: If you wish to obtain a copy of your data, correct your data or erase your data, please contact our Customer with proof of identity. Once your identity has been proved our Customer will in turn inform us and we will take the necessary action.

Opt Out: If you do not wish to be tracked you must reject cookies from the website of our customer or the Veracity website.

What can I do as a Veracity Data Subject?

Data Access, Data Correction and/or Data Erasure: If you wish to obtain a copy of your data, correct your data or erase your data, please contact us with proof of identity. Once your identity has been proved we will take the necessary action.

Opt Out: If you do not wish to be tracked you must reject cookies from the Veracity website.

Information for Customers Data Controllers

Data controllers are those that determine the purposes and means of processing Personal Data. Because Veracity is used as a third-party system by our Customers, Customers using Veracity applications are the data controllers and will store their Customers details on Veracity applications (known to us as Participants).

Customer’s data controllers that activate the Veracity platform for their own purposes need to take action to be compliant with GDPR.

What We Do

Veracity:

We conduct routine vulnerability scans and penetration tests of our entire platform and systems.
We provide training to our employees on topics of security, privacy, and rules/regulations.
When we collect additional Personal Data from the data subject beyond that provided by our customers use of our systems we will ask for consent.
We have a formal internal security policy detailing the technical measures we follow to protect the confidentiality, integrity, and availability of our platform and data.
Data is stored in our datacentres located in EU or in US. When a data centre is located in the US, we will ensure that the processor will comply with Privacy Shield Framework or we will have a specific DPA with that processor.
We conduct routine reviews, at least yearly, of our compliance with the GDPR and our security policy.

What You Need to Do

As customer of Veracity you need to do the following:

You need to obtain active and explicit consent to track your users on your site. We recommend checking the rules and regulations that apply to your website(s) and obtaining legal advice.
If you receive a valid request to correct, delete or give access to Participant Personal Data from a Data Subject, you must notify us in writing within five (5) days via email to “[email protected]”. We will acknowledge your request and assist in any way possible, providing an official response no later than thirty (30) business days after receiving the request.
If you wish to correct or delete you own Customer Personal Data (as a Customer of Veracity) you must notify us in writing within five (5) days via email to “[email protected]”. We will acknowledge your request and assist in any way possible, providing an official response no later than thirty (30) business days after receiving the request.
You need to agree that you’ve read, understand, and implemented all of the above items (as required) prior to activating the Veracity application.