<aside> 💡 At gocertify, we take data protection and privacy seriously. As part of our commitment to safeguarding the personal data of customers, partners, and employees, we adhere to the regulations set forth by the General Data Protection Regulation (GDPR). This document outlines our approach to GDPR compliance and the measures we have implemented to ensure the lawful and transparent processing of personal data.
</aside>
Verification Feature: As independent data controllers, we verify if a data subject meets your campaign requirements. We only communicate verification status without passing personal data. Our users are informed about the data processing following the verification process through our Privacy Policy, which is acknowledged each time a user passes through a verification process.
Addition of DataCapture: Controller to Controller relationship remains the same, an additional consent step is added that the user must accept before receiving an offer which opts the data subject into marketing.
OfferHub feature: Acting as data processors, we collect data from subjects per your requirements and transfer it for your use, subject to your privacy policy (which the data subject will need to consent to before receiving any offer).
Once the user's personal data is passed (or made available) to you, as a data controller, you are fully responsible for how you choose to use that data.
Addition of DataCapture: The Data controller to processor relationship remains the same, an additional consent step is added that the user must accept before receiving an offer which opts the data subject into marketing messages.
Our relationship as controllers (you) and processor (us) is governed by our Data Processing Agreement.
We ensure that user consent is informed, valid and freely given. To receive a discount the user must accept gocertify`s Terms and Conditions and Privacy Notice before registering and providing documents/information which is necessary for the service under GDPR.
We don't deliberately collect special categories of personal data under Article 9 of GDPR. However, sensitive data like pay slips and identification documents may be processed. We delete pictures/scans post-verification to comply with data protection principles.