Trusted by 2000+ leading companies to reduce fraud and improve consumer experiences, Prove is the world’s most accurate identity verification and authentication platform.
WHAT DOES THIS PRIVACY POLICY COVER?
This Policy applies when Prove Identity, Inc. is the Controller of your Personal Information. This includes your use of our websites and branded social media pages, as well as when you receive emails, texts, faxes or have other communications with us (collectively, our “Sites”).
Prove Identity, Inc. acts in different roles with respect to your Personal Information depending on the nature of the Processing. This Policy does not apply:
There may be certain circumstances where more than one Controller Processes your Personal Information (sometimes called Joint Controllers or Co-Controllers). In these situations, we act as an independent Controller over our Processing activities. This means we determine the purposes and means of Processing your Personal Information independently from the other Controllers. Each Controller is responsible for meeting their own obligations under applicable global privacy and data protection laws.
Prove Identity, Inc. is not responsible for other Controllers’ Processing activities, including our Clients and other Joint Controllers.
WHAT PERSONAL INFORMATION DO WE COLLECT?
We collect Personal Information that you share with us when you contact us or interact with us through our website, email, phone or otherwise. You can decide not to provide certain information, or ask that any information you have previously shared is removed. If you do so, you may not be able to take full advantage of a career at Prove Identity, Inc. and progress an application.
For example, you may provide information to us when in contact about an opportunity to work at Prove Identity, Inc., sharing a CV or Resume or other career information.
Through these interactions you may share with us: your name, address, email address, postal address, contact number, career history (usually in the form of a CV) as well as any other Personal Information you include in your interactions with us. We may also ask for additional information to assist us with our recruitment process and in the event you are offered a job.
Collection and Use of Sensitive Personal Information
The following Sensitive Personal Information may be considered sensitive under the laws of your jurisdiction and may receive special protection:
We may collect and process the following Sensitive Personal Information when you voluntarily provide them, or we receive them from a third party with your consent, when relevant for a particular position to carry out our obligations under employment law, or as applicable law otherwise permits:
Where we have a legitimate need to process Sensitive Personal Information about you for purposes not identified above, we will only do so only after providing you with notice and, if required by law, obtaining your prior, express consent.
HOW DO WE USE YOUR PERSONAL INFORMATION?
If you are applying for a job in the UK or EU, we may share your Personal Information with our Prove Identity, Inc. counterpart in the US. When we make such transfers, we do so in accordance with data protection legislation, for example by using the EU-US Data Privacy Framework and/or Standard Contractual Clauses where information is transferred from Prove Identity, Inc. Identity, Inc. in the UK or Ireland to Prove Identity, Inc. Identity, Inc. in the US.
By submitting your information, you agree to us transferring, storing and handling your Personal Information in this way.
We share your Personal Information with certain third parties who provide services on our behalf. They only have access to the Personal Information they need to perform those services. They are required to keep your Personal Information confidential and may not use it other than as we ask them to and always in accordance with this privacy policy.
We use the Personal Information you share with us in the following ways:
We are required by law to state a “legal basis for processing” i.e., to tell you on what grounds we are allowed to use your information. To assess your suitability for a role or process and consider your job application, we rely upon legitimate interests for the processing of your personal information as described above.
We may share your Personal Information with the following third parties:
LINKS TO OTHER WEBSITES
Our Sites may contain links to other websites not operated or controlled by us (“Third Party Sites”), including social media websites which are not Prove Identity, Inc.-branded and other services. Personal Information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Policy. By providing Third Party Site links on our Sites, Prove Identity, Inc. does not imply that we endorse or have reviewed the privacy policies of these sites. Please contact the Third Party Sites directly for information on their privacy policies and practices.
HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
Keeping information safe. Prove Identity, Inc. maintains reasonable administrative, technical, and physical security measures to protect your Personal Information, including unauthorized access and use. However, no security system is impenetrable. In the event that any Personal Information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised, and take other steps, in accordance with any applicable laws and regulations. In the event Personal Information in our possession is affected by a security event, we will notify our Clients (and where appropriate, consumers directly) in accordance with our contractual obligations and applicable law.
Data retention. We will retain your Personal Information for as long as needed for the purposes for which it was collected. If we do not employ you, we may retain your Personal Information for up to 2 years for legal, analytical and system administration purposes and to consider you for potential job roles. If you are successful in your application, we will retain your information in accordance with our Prove Personnel Privacy Policy. A copy of this policy will be provided to you upon joining Prove.
INFORMING US OF CHANGES
If you have previously applied to a job at Prove Identity, Inc. and would like to request that we update or delete the information that we hold about you, or would like a copy of that information, please send your name and email address to careers@prove.com.
CROSS-BORDER DATA TRANSFERS
For applicants outside the United States, where permitted by applicable law, we may transfer your Personal Information we to the United States and other jurisdictions that may not be deemed to provide the same level of data protection as your home country for the purposes set out in this Privacy Notice.
Prove Identity, Inc. complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF (“UK Extension to the EU-U.S. DPF”) as administered by the U.S. Department of Commerce.
Prove Identity, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the Processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.
If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Prove Identity, Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship.
Where we transfer your Personal Information outside Europe, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information. This can be done in a number of different ways, for instance:
In other circumstances, the law may permit us to otherwise transfer your Personal Information outside Europe. In all cases, however, any transfer of your Personal Information will be compliant with applicable data protection law.
In the event your Personal Information is transferred to a third-party under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Prove Identity, Inc. shall remain liable if a third-party acting as an agent on our behalf processes your Personal Information in a manner that is inconsistent with the DPF Principles, unless we are able to prove that we are not responsible for the event giving rise to the damage.
You can request more details of the protection given to your Personal Information when it is transferred outside Europe (including a sample copy of the model contractual clauses) by using the details set out below in the “Contacting Us” section.
YOUR STATE PRIVACY RIGHTS
You have rights when it comes to how their Personal Information is handled. These rights may vary depending on the applicable jurisdiction, but may include:
To exercise these rights, please contact Prove Identity, Inc.’s Privacy Team at privacy@prove.com or by filling out an online request via the “Exercise Your Rights” page on Prove Identity, Inc.’s website.
When exercising these rights, please note that we may request specific information from you to verify your identity.
There may be instances where applicable law or regulatory requirements allow or require us to refuse to provide or delete some or all the Personal Information that we hold about you. We will inform you if we are unable to comply with your request and the reasons why we are unable to comply.
YOUR RIGHTS UNDER EUROPEAN DATA PROTECTION LAWS
Under European Data Protection Laws, Prove Identity, Inc. may be considered a controller and/or a processor depending on the nature of the transaction.
Legal Basis for Processing under GDPR: Under European Data Protection Laws, Prove Identity, Inc. may process your personal data (as defined under applicable laws) if necessary:
Prove Identity, Inc. may also process personal data on the basis of your freely given, specific, informed, and unambiguous consent. You are legally entitled to withdraw your consent at any time. If you do this and we have no alternative legal basis for processing your personal data, this may affect our ability to provide you with rights to use the Sites as well as our Solutions.
We may store personal data for as long as necessary to fulfill the purposes for which we process the data, except if required otherwise by law.
Special Categories of Data: Certain Prove Identity, Inc. Solutions may collect, store, process, and transmit biometric data (e.g., data related to human gait) to the extent legally permitted under European Data Protection Laws for the provision of such Solutions.
Prove Identity, Inc. does not directly or intentionally collect, store, process, and transmit any of the other following special categories of personal data as defined by European Data Protection Laws:
Specific Rights under European Data Protection Laws: If European Data Protection Laws, including but not limited to the UK GDPR and the EU GDPR, are applicable to you, you may have the following rights in respect of your personal data that we hold:
Additionally, you have the right not to be subject to a decision based solely on automated processing, including profiling.
In the instances where we control your data and you wish to exercise any of these rights, you may contact us in writing at the address below or via email at privacy@prove.com at any time, or by using the “Exercise Your Rights” link at the bottom of our website. We will comply with applicable laws, but may not be able to honor your request in all circumstances.
You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Under the EU-U.S. DPF and the UK extension to the EU-U.S. DPF, you also have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanism, provided that you have invoked binding arbitration by delivering notice to us and following the procedures and subject to the conditions set forth in Annex I.
Consequences of Non-Compliance: The GDPR states that penalties for non-compliance with the GDPR must be effective, proportionate, and dissuasive for each individual case. Prove Identity, Inc. understands that GDPR-related fines can be up to 10 million euros or up to 2% of our entire global turnover of the preceding fiscal year, whichever is higher.
Inquiries and Complaints: In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Prove Identity, Inc. commits to resolve DPF Principles-related complaints about our collection and use of your human resources personal data. EU and UK individuals with inquiries or complaints regarding our handling of human resources personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact us as set out in Section 14 (Contacting Us) of this Policy.
Enforcement: The Federal Trade Commission has jurisdiction over Prove Identity, Inc.’s compliance the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
CHANGES TO OUR PRIVACY POLICY
We reserve the right to change this Policy from time to time in our sole discretion. Since we may modify this Policy from time to time, we recommend that you check the current version of this Policy periodically. If we make any modifications to this Policy, we will update the “Effective Date” at the top. By continuing to use the Sites and Solutions or providing us with information after we have posted any updates to this Policy, you consent to the revised Policy and practices described in it.
To access this policy, please visit https://www.prove.com/legal/overview#Privacy-Policy.
CONTACTING US
If you have any questions, comments, requests, or concerns regarding this Policy, or if you wish to file a complaint, please email us at privacy@prove.com, call us using our toll-free number at 888-315-8780, or use the “Exercise Your Rights” link at the bottom of our website. You can also contact Prove Identity, Inc.’s Data Protection Officer by writing to:
Prove Identity, Inc.
Attn: Prove Legal & Compliance Department
245 5th Avenue, 20th Floor
New York, NY 10016
POLAND RECRUITMENT STATEMENT
This statement only applies to applicants that are located in Poland.
The Requirement of Providing Personal Data
To consider you in the recruitment process, we need the following information from you:
Giving the Personal Data listed above is voluntary, but necessary in the recruitment process. Providing additional Personal Data is optional.
How Will We Use Your Personal Data in the Recruitment Process?
We will collect and process your Personal Data to:
How Long Will We Keep Your Personal Data?
The Personal Data that we collect about you in the recruitment process will be stored for the purposes related with that process, for no longer than 12 months after your application has been rejected.
If you give consent for your Personal Data to be used for future recruitment processes (as mentioned above), during the 12 months, your Personal Information will be used for that purpose as well.
To enable us to establish, exercise or defend legal claims arising with relation to the recruitment process, we will process your Personal Data for a period during which such claims can be raised and pursued.
The Recipients of Your Personal Data
The recipients of your Personal Data will be representatives and HR officers of Prove Identity, Inc.. Within those companies, information is transferred for internal administrative purposes.
As part of the processing, Personal Data will be transferred to entities who have their registered offices outside of the EU, including the UK and the US. Where these transfers occur, we ensure appropriate safeguards are in place to protect the transfer. These include the EU-US Data Privacy Framework, the EU’s Standard Contractual Clauses and the UK’s International Data Transfer Addendum. Transfers are only made to countries where data subject rights are enforceable and effective legal remedies are available to you.
Legal bases for Processing Your Personal Data
Your Personal Data (as listed above) will be processed for current recruitment processes based on article 6(1)(b), 6(1)(c) GDPR and article 22(1) of the Labor Code. Additional information such as contact details can be processed based on consent (article 6(1)(a) GDPR) that can be withdrawn.
Prove Identity, Inc. will also process your Personal Data for future recruitment processes if you give your consent (article 6(1)(1) GDPR and art.22(1) §1 of the Labor Code), that can be withdrawn at any time. Giving consent is voluntary and withdrawing it will not affect current the recruitment process.
If there is information in the documents that is mentioned in article 9 GDPR, it is necessary for you to give consent to the processing of that information (article 9(2)(a) GDPR and art.22(1) §1 of the Labor Code) that can be withdrawn at any time.
Labor law regulations: Labor Code art. 22 and Labors Minister and Social Policy §1 decree from May 28th1996 on the scope of keeping documentation by employers in matters related to the employment relationship and the manner of keeping personal files of an employee.
Processing your Personal Data to establish, exercise or defend legal claims arising with relation to the recruitment process is based on legitimate interests pursued by Prove.
Rights of Data Subjects
You have the right to:
CALIFORNIA PRIVACY STATEMENT
Prove Identity, Inc. will collect and use your Personal Information, including Sensitive Personal Information (which may be held on paper, electronically or otherwise) about applicants for roles in our business. We are committed to properly handling the Personal Information collected or processed, in accordance with the California Privacy Rights Act (CPRA) and other applicable data protection laws.
This Notice serves as our “Notice at Collection” under the CPRA.
Categories of Personal Information We Collect
We may collect the following categories of Personal Information and Sensitive Personal Information:
Please note, we do not use your Sensitive Personal Information for any other purpose other than those outlined below that would permit you to limit the use of such information.
Sources of Personal Information
We will collect Personal Information directly from you during your application process or when you otherwise contact us. In most instances, you are required to provide your Personal Information for the recruitment process. Where the provision of your Personal Information is optional, we will inform you accordingly.
We may combine the Personal Information you provide with information we collect from other sources, such as:
Business Purposes for Collecting Personal Information
We process the categories of Personal Information listed above for the following purposes:
Disclosure of Personal Information
We may share your Personal Information with the following third parties:
Selling of Personal Information
We will not sell the Personal Information, including any sensitive personal information, we collect about our employees or applicants for employment or share it with third parties for cross-context behavioral advertising.
Purpose Limitation
We will only process your Personal Information for the purposes outlined above.
Data Minimization
Your Personal Information will only be processed to the extent it is necessary for the purposes outlined to you.
Protecting your Personal Information
Keeping information safe. Prove Identity, Inc. maintains reasonable administrative, technical, and physical security measures to protect your Personal Information, including unauthorized access and use. However, no security system is impenetrable. In the event that any Personal Information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised, and take other steps, in accordance with any applicable laws and regulations. In the event Personal Information in our possession is affected by a security event, we will notify our Clients (and where appropriate, consumers directly) in accordance with our contractual obligations and applicable law.
Data retention. We will retain your Personal Information for as long as needed for the purposes for which it was collected. If we do not employ you, we may retain your Personal Information for up to 2 years for legal, analytical and system administration purposes and to consider you for potential job roles. If you are successful in your application, we will retain your information in accordance with our Prove Personnel Privacy Policy. A copy of this policy will be provided to you upon joining Prove.
Your Rights
The CPRA provides you with certain rights in relation to your Personal Information. These include:
To exercise these rights, please contact Prove Identity, Inc.’s Privacy Team at privacy@prove.com or by filling out an online request via the “Exercise Your Rights” page on Prove Identity, Inc.’s website.
When exercising these rights, please note that we may request specific information from you to verify your identity.
There may be instances where applicable law or regulatory requirements allow or require us to refuse to provide or delete some or all the Personal Information that we hold about you. We will inform you if we are unable to comply with your request and the reasons why we are unable to comply.
Contacting Us
If you have any questions, comments, requests, or concerns regarding this Policy, or if you wish to file a complaint, please email us at privacy@prove.com, call us using our toll-free number at 888-315-8780, or use the “Exercise Your Rights” link at the bottom of our website. Prove's Data Protection Officer is Dayna Myers. You can also contact Prove Identity, Inc.’s Data Protection Officer by reaching out to DPO@prove.om or by writing to:
Prove Identity, Inc.
Attn: DPO - Prove Legal & Compliance Department
245 5th Avenue, 20th Floor
New York, NY 10016
Trusted by 2000+ leading companies to reduce fraud and improve consumer experiences, Prove is the world’s most accurate identity verification and authentication platform.