Last updated: 13 June 2022
1. APLY Limited (APLYiD)
APLYiD Limited and its related companies (APLYiD, we) provide Software as a Service using electronic biometric identification technology (System) to enable APLYiD’s business customers (Customers) to verify the identity of their own prospects, customers, business partners, employees and vendors (Applicants) for legal and regulatory compliance purposes (Service). The APLYiD entity responsible for your data will depend on the location of the Customer, as set out in the table below.
This Policy applies to the use, collection and disclosure of information relating to you (Personal Information) that is submitted to or collected by APLYiD’s web application (App) or website www.aplyid.com (Website) in connection with the Service.
We may sometimes need to modify or even replace this Policy. Please check the Privacy Policy page at the Website regularly for changes, though we will also try to notify you via the Service of any changes if these might impact your use of the Service or the treatment of your Personal Information.
Some parts of this Privacy Policy will only apply to you if you live in the United Kingdom (UK), as you have specific rights that are available under applicable data protection laws, including the UK Data Protection Act 2018 and the EU General Data Protection Regulation 2016/679, as it forms part of UK law by virtue of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (UK Data Protection Laws).
2. Collection of Personal Information
Applicants
Because we verify Applicants’ identities as part of the Service, if you are an Applicant you will need to disclose Personal Information to us and our service providers.
If you are an Applicant, we may collect and process your Personal Information as a data processor on behalf of and according to the instructions provided by our Customers, who are the controllers of that Personal Information and use the Service to verify your identity. The Personal Information we may collect or hold about you on behalf of our Customers includes:
The Personal Information we collect differs from person to person depending on the type of identity documentation verified.
Other Data Subjects
If you visit the Website or use the App not as an Applicant, or you are a Customer or an employee of a Customer, the Personal Information we may collect or hold about you (where we are acting as a data controller) includes:
We collect your Personal Information when you:
Our Website and Services are not directed at children. We do not knowingly collect, use or share Personal Information about children under the age of 18.
Reasons for collecting Personal Information
We only collect and process Personal Information if necessary for: (i) the purpose of providing the Service to our Customers, (ii) the performance of a contract to which you are a party, (iii) any other purpose(s) for which you have given consent, (iv) compliance with our legal obligations, or (v) fulfilling our other legitimate interests as described in this Policy, except where our legitimate interests are overridden by your privacy rights.
If you live in the UK, we rely on the following legal bases under UK Data Protection Laws when using your Personal Information for the above purposes:
(a) Contract
We use your Personal Information when it is necessary to perform a contract with you, or where you have asked us to take steps prior to your entering into a contract with us, in particular:
(b) Legal obligation
We use your Personal Information to comply with our legal obligations, which, depending on local laws, may include responding to legal processes or complying with or as required by any applicable law or the governmental or regulatory requirements of any relevant jurisdiction.
(c) Legitimate interest
We use your Personal Information when it is necessary for our legitimate interests or those of third parties. In these cases, we perform relevant legitimate interests balancing tests to ensure that we have considered and weighed any privacy impact in relation to the interest in question. In particular, we may use your Personal Information to:
You have no obligation to provide APLYiD with any Personal Information requested by us. However, due to the nature of the Service, if you do not to provide us with the information requested, we will be unable to provide the Service to our Customer and if you are an Applicant you may need to verify your identity in a different way.
3. Disclosure of Personal Information
We may disclose your Personal Information to:
In exceptional circumstances, we may share your Personal Information with another party if we believe it is reasonably necessary to: (a) comply with any applicable law, legal process or governmental request; (b) enforce our agreements, policies and terms of service; (c) protect the security or integrity of our Service or Website; or (d) protect us, our Customers, or the public from harm or illegal activities.
4. Overseas Transfers of Personal Information
Some of our service providers may be based outside the country in which you live. Whenever we transfer your Personal Information to another country, we comply with applicable law and ensure a similar degree of protection is given to it using contractual or other safeguards.
Please contact our Privacy Officer if you want further information on the specific safeguards used when transferring your personal information to another country or if you are an individual in the UK and you want to obtain a copy of them.
If you live in the United Kingdom, the following applies to you:
5. Using Personal Information
We understand the importance of using your Personal Information in a responsible and secure manner. We will only use your Personal Information to:
We will never sell your Personal Information to anyone.
6. Storage and Security of Personal Information
We have put in place measures to ensure the security of the Personal Information we collect and store.
Your Personal Information will be held in our System which is hosted by Amazon Web Services (AWS) and Heroku. Both platforms provide encryption in transit with HTTPS and SSL across all services.
If you are an Applicant, we will securely delete your Personal Information no later than 14 days after collection.
We strive to protect your Personal Information against unauthorised disclosure or access, including using network and database security measures, but we cannot guarantee the security of any information we collect and store.
If you have an account with us, you must prevent unauthorised access to your account and Personal Information by selecting and protecting your password or other sign-on mechanism appropriately and limiting access to your computer or device by signing off after you have finished accessing your account.
Our Customers who use the Service to verify your identity are responsible for their own compliance with applicable data protection and privacy laws with respect to their collection, storage and use of your Personal Information.
If you are not an Applicant, we will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for. Depending on the applicable purposes of the processing, we will store your Personal Information for as long as in at least one of the following cases:
7. Privacy Officer
You can contact us at privacy@aplyid.com if you have any questions on our Privacy Policy or treatment of data.
8. Your Rights
If you receive a verification link from a Customer to verify your identity, you can (and should) review your information during the identification verification process and correct any errors that might have occurred as the information has been extracted from the identification documentation you submitted to the Service. After this, you will have no ability to access or review your results from the verification process. If you have completed the identification verification process with the incorrect information, you must request that the Customer sends you another verification link. You may also supplement any incomplete Personal Information we have, taking into account the purposes of the processing. Any supplementary Personal Information will need to be provided directly to the Customer.
In certain circumstances, by law you may have the right to:
If you wish to exercise any of these rights, please email our Privacy Officer. We may not be able to provide your personal information if it has already been deleted from our systems.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information or to exercise any of your other rights. This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. To speed up our response, we may also contact you to ask you for further information in relation to your request.
We will not generally charge you a fee for exercising your legal rights. However, we may charge a reasonable fee for making information available to you in accordance with your request where the law allows (for example if there is significant work involved).
We try to respond to all legitimate requests within two weeks. Occasionally it may take us longer to respond if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
In some circumstances, the law may allow us to deny you access to the Personal Information we hold about you. In such a case we will explain to you the reason for refusing access.
If you live in the United Kingdom, you have the following additional rights:
To exercise your rights described above, please contact us as described in section 7. If you disagree with the way we process your Personal Information, you also a have right to lodge a complaint with the Information Commissioner (ICO). You can contact the ICO using information available at: https://ico.org.uk/global/contact-us/.
9. Log Data
Whenever you visit the Website, we collect information that your browser sends to us (Log Data). Log Data may include information such as your computer’s Internet Protocol (IP) address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics. The Log Data is a type of Personal Information.
10. Cookie Notice
We may use cookies, tracking pixels and other related technologies containing information that can identify the computer, smartphone or other web–enabled device that you are using. You may access and change your cookie preferences at any time by clicking the below icon at the bottom left corner on the Website.
What are cookies?
A cookie is a very small text document, which often includes an anonymous unique identifier. Cookies are created when your browser loads a particular website. The website sends information to the browser which then creates a text file. Every time the user goes back to the same website, the browser retrieves and sends this file to the website's server. Find out more about the use of cookies on www.allaboutcookies.org.
We also use other forms of technology (as mentioned above), which serve a similar purpose to cookies and which allow us to monitor and improve our Website and email communications. When we talk about cookies in this Cookie Notice, this term includes these similar technologies.
What cookies do we use and what information do they collect?
We may use the information generated by cookies, tracking pixels and other related technologies for the following purposes:
Third parties
Your use of the Website may result in some cookies being stored that are not controlled by us. This may occur when a part of the Website you are visiting makes use of a third-party analytics or marketing automation/management tool or includes content displayed from a third-party website, for example, Google or Facebook. You should review the privacy and cookie policies of these services to find out how these third parties use cookies and whether your cookie data will be transferred to a third country.
Information on the third parties that place cookies on the Website can be found by clicking the below icon at the bottom left corner on the Website.
Your consent
When you visit the Website for the first time, you may be asked to accept or decline cookies. You can manage or reset cookies on the Website by clicking the above icon at the bottom left corner on the Website, or through your browser settings. Each browser is different, so check the “Help” menu of your browser to learn about how to change your cookie preferences. You do not need to have cookies turned on to use the Website in general, but cookies are often used to enable and improve functions on the Website. If you choose to switch certain cookies off, it may affect how the Website works and you may not be able to access all or parts of the Website. We can use Necessary cookies without your consent. We may use other types of cookies only with your consent.
How do you manage these technologies?
We keep information collected from cookies for a maximum of 24 months.
11. Links to Other Sites
Our Service may contain links to other websites. If you click on a third-party link, you will be directed to that site. We strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.