1. Brief Description of the Application
The Application is a software tool for assessing the authenticity of an identity document using an image of the identity document captured by the camera of a user’s mobile device. With this information, the Application also performs a Know Your Customer (KYC) and Anti-Money Laundering (AML) check on the holder of the identity document. Using the Application, users may pay to receive a comprehensive and detailed report of the results of the identity document authentication and background checking operations of the Application.
Data Controller the natural person, legal person, public administration or any other body,association or organization with the right also with another Data Controller, to make decisions regarding the purposes and the methods of processing of Personal Data and the means used;
Data Subject the natural person to whom the Personal Data refers and to whom the identity document under consideration relates;
KYC/AML Data Personal Data relating to the Data Subject, the said Personal Data being in the possession of and obtained by the Application from third parties and used for the purpose of performing a KYC or AML check on the Data Subject;
Personal Data any data regarding a natural person, a legal person, an institution or an association which is or can be identified, from the data alone or in combination with other information in the possession of the Data Controller; and
User the individual using this Application which must coincide with or be authorized by the Data Subject, to whom the Personal Data refer.
3. What Data is Collected in Connection with the Application
(a) Personal Data about the User (“User Personal Data”);
(b) data identifying the User’s mobile device; and
(c) Personal Data about the Data Subject (“Data Subject Personal Data”).
(a). User Personal Data
User Personal Data is collected by
(i) the Application; and
(ii) the platform through which the Application is delivered.
The Application collects the following User Personal Data:
User’s name (and/or Company Name)
User’s email address;
User’s mobile phone number
(ii) Platform for Delivery of the Application
(b) User’s Mobile Device
Information may be collected automatically by the Application (or third party services employed in the Application), which may include the international mobile equipment identifier of the User’s mobile device. However, the Application does not collect precise information about the location of the User’s mobile device.
(c) Data Subject Personal Data
IDscan collects Data Subject Personal Data (including without limitation, name, date of birth, nationality, address [if available]) from the identity document under consideration and from a number of other third party publicly accessible sources (including without limitation the Electoral Register, the Bankruptcy and Insolvency Register, HM Treasury PEP List, etc.)
4. What we do with the data we gather
User Personal Data collected by the Application:
IDscan requires information about the Application’s users to better understand their needs and to provide users with a better service. More specifically the Application collects User Personal Data for the purpose of:
(a) internal record-keeping
(b) to inform ongoing efforts to improve IDscan’s products and services
User Personal Data collected by the Platform:
User Personal Data Collected by the Store is used to support payment (as an “in-App purchase”) for the reports generated by the Application.
Data Identifying the User’s mobile phone
This information may be collected for the purpose of managing licenses for the Application
Data Subject Personal Data
IDscan collects Data Subject Personal Data for the purposes of
(a) assessing the authenticity of the Data Subject’s identity document; and
(b) performing KYC and AML background checking of the Data Subject.
In performing the KYC and AML checks, IDscan receives personal and non-personal data regarding the Data Subject from third party publicly accessible sources (as described above). IDscan collates this data into a report, together with the findings of its assessment of the authenticity of the Data Subject’s identity document. The processing of the Data Subject’s Personal Data to generate such reports is carried out using computers and/or IT enabled tools, following organizational procedures and models strictly related to the purposes indicated.
The User may store the report generated by the Application, in the User’s mobile device for later perusal. IDscan does not possess or maintain a centralized repository of the generated reports. The reports are stored on each mobile phone from which the identity document authentication and KYC/AML checking request originated. In other words, if a User requests an assessment of the authenticity of another person’s ID and a background check on that person, the report detailing the outcomes of these evaluations will be stored on the User’s phone only. Once the report is issued to the User’s mobile phone, the User assumes responsibility for the report and the personal data contained therein, thereby relieving IDscan of any and all subsequent responsibility for the same.
5. Links to other websites
The Application may contain links to other websites of interest. However, once the User has used these links to leave the Application, IDscan has no control over these other website. Therefore, IDscan cannot be responsible for the protection and privacy of any information provided by the User or the Data Subject to these other sites whilst visiting such sites. In particular, privacy in data provided by the User or the Data Subject to any such sites is not governed by this privacy statement.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
7. Corrections to Personal Data
Once issued, the reports generated by the Application are not in the possession or control of IDscan. Furthermore, the KYC/AML Data included in the reports is obtained from third party sources, which possess, maintain and control the relevant KYC/AML Data. Similarly, IDscan does not maintain centralised records of the identities of Users and/or Data Subjects. Accordingly, IDscan is not a Data Controller for issued reports, as it has no means of amending, correcting, supplementing or deleting an issued report or the content thereof. Data Subjects who desire any such alterations to reports pertaining thereto or the contents of any such reports should contact the relevant third party sources of the KYC/AML Data and/or the Users who possess the relevant reports.
IDscan reserves the right to make changes to this policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of last modification listed at the bottom.
This privacy statement has been prepared in fulfilment of the obligations under Art 10 of EC Directive n 95/46/EC and under the provisions of Directive 2002/58/EC.