PLEASE READ THE FOLLOWING CAREFULLY TO UNDERSTAND OUR VIEWS AND PRACTICES REGARDING YOUR PERSONAL DATA AND HOW WE WILL TREAT IT. BY VISITING OUR WEBSITE, YOU ARE ACCEPTING AND CONSENTING TO THE PRACTICES DESCRIBED IN THIS POLICY.
Below we describe how your personal data is collected, used, and shared when you visit the https://scanfraud.com (“Website”).
Data protection is of a particularly high priority for the management of SFC GROUP LTD (“Company”). The use of the Internet pages of the Company is possible without any indication of personal data; however, if a data subject wants to use our special services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Company. By means of this data protection declaration, our Company would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.
As the processor, we have implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone and to take personal responsibility to ensure transferred data safety.
1. DEFINITIONS
This data protection declaration is based on the terms used by the United Kingdom Data Protection Act 2018 and by the European legislator for the adoption of the General Data Protection Regulation (GDPR) 2016/679. Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
Personal data - any information relating to an identified or identifiable natural person ("Data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject - any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing - any operation or set of operations that are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing - the marking of stored personal data with the aim of limiting their processing in the future.
Controller - a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
Processor - a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient - a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Third-party - a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent - any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. NAME AND ADDRESS OF THE PROCESSOR
Processor for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the United Kingdom or the European Union and other provisions related to data protection is:
SFC GROUP LTD
Suite 7086 128 Aldersgate Street, Barbican, London, United Kingdom, EC1A 4AE
Email: [email protected]
Website: www.scanfraud.com
SFC GROUP LTD may act in the role either as a Data Controller or Data Processor.
3. COOKIES
Our Internet pages use cookies. Cookies are text files that are stored in a computer system via an Internet browser. Many Internet websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet websites and servers to differentiate the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
Through the use of cookies, we can provide the users of this website with more user-friendly services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as previously mentioned, to recognize our website users. The purpose of this recognition is to make it easier for users to utilize our website. The website user that uses cookies e.g. does not have to enter access data each time the website is accessed, because this is taken over by the website, and the cookie is thus stored on the user's computer system. Another example is the cookie of a shopping cart in an online shop. The online store remembers the articles that a customer has placed in the virtual shopping cart via a cookie.
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable. More is defined on the separate page “Cookies Policy” placed on the Website
4. COLLECTION OF GENERAL DATA AND INFORMATION
The website collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files.
Processed data:
the person's name;
surname;
gender;
identity document number;
personal code (if it is issued);
identity number (i.e. national identification number) (if it is issued);
birth date;
identity document expiry date;
identity document issued date;
identity document photograph(s);
citizenship/nationality.
Processed information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack, (5) provide products and services for our clients and fulfill the agreement conditions between the Parties
We collect personal data in a variety of ways, such as when you:
communicate with us by phone, e-mail, etc.;
apply for a job or register for a product demo;
participate in surveys, promotions and special offers;
submit Personal Data through our feedback form;
join an email mailing list;
request support;
submit Personal Data through our Site.
5. SHARE OF YOUR PERSONAL DATA
Personal Data may be shared with third party service providers who need the Personal Data to perform their work on our behalf, such as data validation services, authentication features, email and Call/SMS communications providers. These trusted third parties are authorized to use the Personal Data only as necessary to provide their services. We take appropriate steps to ensure that third parties protect your Personal Data. We may share data with its providers and will only use the data as described in this Policy.
Additionally, your Personal Data may be disclosed as required by law and when we have reason to believe that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
We use Google Analytics to help us understand how our customers use the Website. You could read more about how Google uses your Personal Data here: https://www.google.com/intl/en/policies/privacy/. You could also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
6. ROUTINE ERASURE AND BLOCKING OF PERSONAL DATA
The data processor shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator, UK legislator or other legislators in laws or regulations to which the processor is subject to. If the storage purpose is not applicable, or if a storage period prescribed expires, the personal data are routinely blocked or erased in accordance with legal requirements.
7. RIGHTS OF THE DATA SUBJECT
Right of confirmation - Each data subject shall have the right to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee from where services are bought/granted.
Right of access - Each data subject shall have the right to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the UK regulations, the European directives and regulations grant the data subject access to the following information:
the purposes of the processing;
the categories of personal data concerned;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
the existence of the right to lodge a complaint with a supervisory authority;
where the personal data are not collected from the data subject, any available information as to their source.
Right to rectification - Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure (Right to be forgotten) Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject withdraws consent to which the processing is based and where there is no other legal ground for the processing.
The data subject objects to the processing and there are no overriding legitimate grounds for the processing or the data subject objects to the processing.
The personal data have been unlawfully processed.
Right of restriction of processing - Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead of the restriction of their use instead.
The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
The data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
Right to data portability - Each data subject shall have the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format.
Right to object - Each data subject shall have the right to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her.
Right to withdraw data protection consent - Each data subject shall have the right to withdraw his or her consent to the processing of his or her personal data at any time.
8. PERIOD FOR WHICH THE PERSONAL DATA WILL BE STORED
Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfil the purposes outlined in this privacy policy or until you request that the Data be deleted. Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes. Your information is retained in electronic or paper format or both. When it is no longer required, it will be deleted or destroyed.
9. CROSS BORDER TRANSFERS OF DATA
Data we collect may be stored and processed in and transferred between any of the countries in which we operate. By submitting your Personal Data, you are agreeing to this transfer, storing or processing. When we transfer your data outside of the UK, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as required by the GDPR and as outlined in this Privacy Policy.
10. CHILDREN
Please note that we and our Website are not intended for children under the age of 16. We are committed with the protection of children’s privacy, particularly in an online environment. To our best knowledge, we do not collect personally identifiable information from children under 16 without parental authorisation. If a parent or guardian becomes aware that his/her child has provided Data to us without his/her authorisation, please contact us immediately.
11. NOT PROVIDING YOUR DATA
You are not obligated to provide your personal information to us, however, as this information is required for us to provide you with our services, we will not be able to offer some/all our services without it.
12. CHANGES TO THIS POLICY
We reserve the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.
13. CONTACT INFORMATION
If you have any questions about this Privacy Policy, or if you wish to exercise your rights mentioned herein, please contact us via email address: [email protected].