Privacy Policy
Last updated: July 2022
Overview
We at Digiteck Vision (hereinafter “we”, “us” and “our” for the purposes of this Privacy Policy) know you care about your privacy, and so do we. The purpose of this privacy policy is to inform you about what kinds of information we may collect, process or store about you, our lawful basis for processing it, how we may use that information, whether we disclose it to anyone, your rights in relation to your Personal Information and how we protect it and. We are committed to safeguarding your Personal Information.
Please read this Privacy Policy carefully to understand how we will treat your Personal Information in connection with our applications, products/services, and/or websites (the “Digiteck Vision Offerings”). We are not in the business of selling Personal Information about you to advertisers or spammers.
This Privacy Policy governs the manner in which Digiteck Vision, our technology partners and our affiliates (collectively referred to as “DTV”) collect, uses, maintain and processes data, including Personal Information on our Website, Services and Mobile Apps.
“Personal Information” is any information that relates to you, and which, alone or in combination with other information, could reasonably be used to identify you. It does not include data where the identity has been removed (anonymous data).
We may make changes to this Privacy Policy from time to time, so please review it frequently. We will indicate at the top of the policy when it was most recently updated and, if the changes are significant, we will provide more prominent notice.
If you disagree with this Privacy Policy, you should not use or stop using our Websites Services and Mobile Apps. This Website is not directed at children under 13 years of age.
Scope of this Policy
If you are using Hawiyyati as part of a service other than a Cloud Implementation (e.g., one that is hosted on-premises by your employer), then: (i) Digiteck Vision is not collecting, using or sharing any Personal Information about you; and (ii) the organization that makes the service available to you (or, if applicable, the third party that hosts the services on behalf of such organization) (the “Implementing Organization”) may collect, use or share Personal Information about you, and details about the Personal Information they collect maybe found in their own privacy policy.
If you are using Hawiyyati as part of an implementation of the Digiteck Vision Offerings other than a Cloud Implementation, please contact the Implementing Organization (such as the organization you work for, the owner/ manager of the site you intend to visit), to obtain information regarding what Personal Information they are collecting and how they are using or sharing that information.
If you are using Hawiyyati as part of a Cloud Implementation (not hosted on premises by your employer or another third party) this Privacy Policy applies to the Personal Information Digiteck Vision collects about you in connection with and for support, training, our own business purposes (such as for finance and billing), marketing, recordings and record keeping.
We may collect or receive Personal Information about you in various ways, depending on which of our applications and websites you use and how you interact with us, please see below for more information.
What We Do
In addition to, and included in, the Digiteck Vision Offerings, Digiteck Vision provides identity products and services (our “Services”) to institutions worldwide (our “Customers”) to help them create, manage their digital ID cards and credentials, and issue them to both people and things (“End Users”), these products and services include but are not limited to identity verification services, communication tools (mobile messaging services enabling customers and their end users to communicate with their Users through the mobile application and by text, video, voice and image sharing messaging), digital access control product offerings branded together as Hawiyyati (“Hawiyyati”) as part of a service that is hosted by Digiteck Vision or a third-party service provider on behalf of Digiteck Vision (a “Cloud Implementation”).
We also provide Services directly to End Users to help them create a digital identity profile and store their institutionally issued ID cards and credentials. Each End User has the option to opt-in or opt-out of receiving messages from the institution. Our Website at “www.digiteckvision.com” and other affiliated sites such as mobile app stores are used to market and advertise our Services as well as serve as a channel for support and feedback for Customers and Users.
Data We Collect
Information that you provide to us
You may choose to submit Personal Information and other information to us by purchasing or interacting with the Digiteck Vision Offerings that are offered to you directly or through your organization. Examples of this include, when you or your organization create and manage a user account via our website, join or connect with a network, request technical support services, request information or support from us, communicate with us by email, telephone, or online chat through the digiteckvision.com, subscribe to our newsletters or other subscription services, register for training, educational programs, webinars or conferences, purchase products and services, submit job applications, request marketing to be sent to you, visit one of our sites, or participate in surveys.
For certain Digiteck Vision Offerings or when you visit one of our sites, we may ask you to provide information including:
-
Basic personal details (e.g., your name, title, and gender);
-
Contact details (e.g., your corporate email address, postal address, including country and state, and phone number);
-
Professional details (e.g., your job title, your company or organization name and any professional organization memberships);
-
Usernames or URLs;
-
Your photo (in connection with Digiteck Vision World, events where you are a speaker or where you upload your photo in connection with Badge)and
-
Any other Personal Information you choose to provide us (e.g., in communications with technical support services, marketing teams, or during the provision of products/services).
Some of the information is necessary for us to provide and deliver particular Digiteck Vision Offerings, or for security clearance, or to allow you access to your organization’s site(s). Digiteck Vision’s ability to provide and deliver Digiteck Vision’s Offerings may be affected by not providing certain information.
It is expressly stated that you are not under any obligation to provide your Personal Data, but that, in this case, you will be unable to use certain functionality within the Hawiyyati Mobile application.
Information that we collect automatically when you use the Website or Mobile App
When you access or use Digiteck Vision Offerings, we may also collect certain information about your device and your use of the Digiteck Vision Offerings. Such information may include:
-
IP address, geographic location (e.g. country or city-level location), and the time that you visited our Website
-
channel information, including version information, about the web browser or application you are using;
-
products/services you or your organization purchased
-
if you are using a mobile device, the model of the device and its operating system;
-
crash data;
-
a unique identifier we assign to you;
-
first name, name, data on the configuration of the reader, e-mail address, mobile number, photo of the user, data that may be entered in the variable fields by your organization or the Data Controller
-
information about your usage of the Digiteck Vision Offerings, including what functions or pages you use, the frequency of your use, links that you click on, and how often you log in;
-
cookies (please see our Cookies Policy here); and
For certain Digiteck Vision Offerings, including Digiteck Vision web or mobile applications, we do not collect any Personal Information about you. Please refer to specific application privacy practices posted on the relevant application webstores for a list of personal information each application may collect.
Cookies
We may use cookies and similar technologies to help us track your usage automatically. You can choose to opt out of our cookies and set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Policy.
We will use the information we collect to analyze how our Website and Mobile App is used and to improve the experience. We will also use it to administer our website, troubleshoot issues, route web traffic, provide advertising to you on third party sites and to enable security mechanisms to prevent abuse.
Information provided by End Users to use our Services
End Users may upload personal information, such as email addresses, telephone numbers, physical addresses, full names, and photos to our Service to create their profile. End Users will have their email address and phone number verified to ensure they are the legitimate contacts of that individual. We use this information to enable the End Users to sign into the Service and so we can send them communications about their account or their issued digital ID cards. We may use the physical mailing address submitted by End Users to enable the shipping of a physical ID card duplicate to their home or other location, if applicable. End Users may upload a profile face photo or photos of other supporting identity documentation. We use the profile face photo as the default ID card face photo when an End User is installing a new digital ID card and we enable them to submit their photos to an ID card issuing institution. We may also use the profile face photo along with their name as part of chat communications to identify their messages in a conversation. With the End Users permission, we may compare photos submitted by the End User that contain their face with photos provided by the ID Card issuing institution that contain their face as part of the ID card issuing process to prevent fraud. We may collect and process face data from the photos provided by End Users to identify violations of photo ID card guidelines before the photo is submitted to the ID card issuing institution. For example, we may use face data to ensure the End Users eyes are open, or they are not wearing a hat or dark sunglasses. We rely on data processors to process, encrypt and securely storing the photos. We do not share photos with third parties or permit sub-processors to use photos for any other purpose. We will only share photos with an ID card issuing institution upon the request of the End User as part of the digital ID card issuing process. We also provide End users with the tools to share their digital ID card photo and other identity information with third parties from their device. We do not store the face data processed from ID card photos on our servers or share face data with third parties.
Information provided by our Customers to avail our Services
Our Customers are businesses and institutions. These Customers may upload ID card information including personal information, such as email addresses, telephone numbers, physical addresses, full names, identification numbers, and photos. Customers may send us attributes of their End Users in order for us to personalize their digital ID cards as well as communication with them. We use this information to generate a digital ID Card and related identity Services to End Users for our Customers. Our Customers can import photos of End Users faces that will then be added and displayed to the End User’ ID cards in the app so that the End User can be utilized as an ID card. Customers who upload an End User face photo controls the photo and this photo can be updated, modified or deleted at any time by the Customer. With the End Users permission, we may compare the photos provided by the ID Card issuing institution that contain their face with a photo or video of the End Users face taken from the Digital ID card app as part of the ID card issuing process to prevent fraud. We may use face data from the photos submitted by the Customer to identify violations of photo ID guidelines before the photo is issued to the End User as a digital ID card or physical ID card.
Information that we collect for our Customers to perform our Services
Customers may use our Services to collect information from their End Users through the mobile app in order to verify their identity and issue them a digital ID card. This may include personal information, photos, identity information, and also device information. We may display form fields within the mobile in order to collect information or obtain consents from an End User on the Customers behalf. We may host an email address or phone number for a Customer in order for them to send and receive communication with End Users on their behalf. We may collect replies and track opens and clicks of those messages. Customers can give End Users the option to upload their own face photos or other supporting identity documentation. We process and store this information on our Customers behalf as their data processor.
Information that we collect about our Customers using the Services
We will collect information, including Personal Information, about each Customer when they register for the Service, such as name, email address, phone number company name, company address, support email. We will use that information for correspondence concerning Customer’s use of the Service, regarding such things as product functionality, security updates, billing, support or other service related or marketing reasons. Any recipients of marketing emails will always be able to opt-out of receiving marketing information at any time. If the Customer pays buy credit card, our payment processor will collect payment information in order to process payments for their usage of the Service.
Other Sources of Information
We may also collect these categories of information from sources other than directly from End Users and/ or our customers. In particular, we collect this information from publicly available sources (such as your employer's website or professional social networks such as LinkedIn), and may obtain Personal Information from third party data. Other users of the Digiteck Vision Offerings may provide information about you when they submit content through the Digiteck Vision Offerings. For example, you may be mentioned in a technical support case opened by someone else. Similarly, an administrator may provide your Personal Information such as when they designate you as the billing or technical contact on your company's account. We may also receive information from analytics providers.
Please note that we may also have access to information about you that our customers or your employer may upload to our cloud services.
Location Information
To provide certain of the Digiteck Vision Offerings, we may request your permission to access location information from your device. Some functions of the Digiteck Vision Offerings may not work if you choose not to allow access to this location information. If you initially consent to sharing your location information through one of our applications or websites, you can subsequently stop the collection of this information by changing the settings of your device or by uninstalling the applications. Where you have not enabled location services for the applications or websites, we may derive general usage information (such as time zone) from your use of the applications or websites, including from your Bluetooth signal (where this is switched on when using Hawiyyati).
Video/ Audio
To provide certain Digiteck Vision Offerings we employ the use of video conferencing services, which include the likes of companies such as Zoom, to interact with you and answer your queries or provide technical support. Digiteck Vision may record this meeting and process some or all recorded data (including personal data) for provision of services, quality control, training purposes and to improve our services. Depending on your jurisdiction, we mainly rely on legitimate interest as our legal basis for processing.
This recording shall include video images and audio. Please note that when the recording sign is on (e.g. in Zoom (the red button)), the call is being recorded. In some instances, if it is required by applicable data protection law, we will obtain your explicit consent, which we will obtain at the point of collecting the data from you and which may be refused or revoked at any time.
Please see the Zoom Privacy Policy for more information on how Zoom works and processes Personal Information.
How We Use the Information We Collect
We may use the information we collect:
-
provide products/services to you or your organization;
-
bill/invoice you or your organization;
-
complete corporate transactions
-
manage any accounts that you may have with us;
-
validate your identity;
-
send personalized marketing messages via email, post and telephone to you. Where required by applicable law, we will send these messages with your consent, and you have the right to opt out of receiving marketing by contacting us;
-
serve relevant advertising on our site and third-party sites related to our products and services which are personalized to your or your organization’s interests;
-
provide you with notice of product releases, special events, trainings, promotions or other matters relevant to you or your organization;
-
respond to your inquiries;
-
improve the services you or your organization are receive from us;
-
solicit your feedback;
-
prevent you from having to re-enter Personal Information about you on future visits to our websites or subsequent use of our applications;
-
facilitate your access to third-party services and resources;
-
keep track of your activities;
-
operate, evaluate and improve our business (including developing new products and services; enhancing and improving our services; managing our communications; analyzing our products; performing data analytics; and performing accounting, auditing and other internal functions);
-
provide technical support/ answer your or your organization’s questions via Zoom calls;
-
detect and prevent fraud and other unauthorized activity and enforce our terms of use; and
-
comply with applicable legal requirements, relevant industry standards and our policies.
We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
Our Marketing Activities
Where you have submitted your details on the Digiteck Vision Website or at an event, webinar, via Zoom, or otherwise provided them to us so that we can provide you or your organization with further information about our products and services, we will only use the Personal Information you provide us for those purposes and, depending on your jurisdiction, in line with the consent we have obtained from you at the time.
We will communicate with you using the contact information provided (i.e. if you provide us your telephone number, we will call you, if you provide us your e-mail address, we will e-mail you), unless you have indicated a preferred method of contact, in which case we will follow that method of communication. Where we e-mail you with information about our products and services, we will provide you with a clear way to opt-out of receiving any further communications.
Please note, marketing communications are not the same as “information only”, or “service” or “transaction” communications where consents are not usually required for us to communicate with you about the services you or your organization have inquired about or have signed up to obtain through the Digiteck Vision Website, using contact details you have provided for this purpose.
Where you no longer wish to receive emails that are marketing communications, you can unsubscribe at any point by contacting us using the contact details in the email sent to you or by using the contact details contained in this Privacy Policy. You can also opt out of receiving marketing communications from us by logging into our website and unchecking relevant boxes to adjust your marketing preferences in our preference center.
Please note, we are not responsible for any direct marketing sent to you by any third party in respect of which you have given your consent. In such instances, you should refer to the privacy policy of that third party. If you wish to unsubscribe you will need to contact them directly.
Data Enrichment & Profiling
We sometimes utilize third party business databases such as ZoomInfo to keep our contact database up to date and accurate. We compare the data we hold about you as a business contact with data held by Zoominfo, and we update where necessary, for example by adding your new business address. This is known as ‘data enrichment’. Please note that we do not share or contribute any of your information to ZoomInfo. For more information on ZoomInfo please see their Privacy Policy.
We use your information to build a business profile about your organization, you, in your professional/business capacity, type of contract and product use/ feedback, and responses to our communications. We use this information in order to better assess your business needs and to understand what products within the Digiteck Vision Offerings might be suitable for you in future, such as relevant upgrades. We may use such information to determine which marketing communications to send to you, and depending on your jurisdiction, where you have opted in to receive these.
With Whom We May Share Information
We disclose information about you:
-
to our third-party service providers, such as IT systems, network and back-up and storage;
-
to other Digiteck Vision group companies;
-
system integrators;
-
referral partners;
-
technology partners;
-
professional advisors, such as lawyers, accountants, auditors and/or consultants; or
-
government agencies, such as law enforcement authorities, or regulators.
We also reserve the right to transfer any information we have about you in connection with any sale or transfer of all or a portion of our business or assets, including in the event of a reorganization, dissolution or liquidation.
In addition, if you are using Hawiyyati, we may share certain of your information with the administrator of an identity Network that you are a member of, with other users of the Hawiyyati application, or with third party services with which your Hawiyyati Badge is integrated.
How We Protect Personal Information
We maintain appropriate administrative, technical and physical safeguards designed to protect the Personal Information you or your organization provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We have put in place procedures to deal with any suspected breach of Personal Information and will notify you and any applicable regulator of a breach where we are legally required to do so.
How Long We Keep Personal Information
We also ensure that, in compliance with applicable law, we do not retain Personal Information longer than necessary. We will keep Personal Information about you for as long as we have a relationship with your organization and you, for example as long as you wish to keep receiving marketing messages from us, or as long as you are an employee of your organization (and for a reasonable period thereafter). When determining how long to retain Personal Information after we no longer have a relationship with you or your organization, we take into account how long our customers usually want to continue hearing from us, our legal obligations and the expectations of regulators, as well as the length of time information is needed for internal audit purposes and to exercise or defend our legal rights.
We also consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
This includes the following:
-
Retention in case of queries - We may retain your Personal Information for a reasonable period in case of follow up queries from you.
-
Retention in case of claims - We may retain your Personal Information for the period in which you might legally bring claims against us (this means we will retain it in line with relevant limitation periods, which are applicable to your jurisdiction, for example 7 years from the end of the contract, for information relating to contracts with us if based in the UK) if and to the extent this is relevant.
-
Retention in accordance with legal and regulatory requirements - We will consider whether we need to retain your Personal Information after the period of retention in the case of queries or claims because of a legal or regulatory requirement.
-
Retention permitted under applicable law - We will continue to retain Personal Information where necessary to provide our services to you and the retention of such Personal Information is necessary for the purposes of pursuing our legitimate interests or where it is necessary for public interest purposes.
We review our retention periods for Personal Information on a regular basis, and all data is retained in compliance with applicable data protection law. We will only permanently retain certain basic Personal Information, for limited purposes. This is in relation to retaining basic contact details, to keep a record that you were a customer, in case you return in future, or where you have asked us not to contact you again.
Our Lawful Bases for Processing
We will only process your Personal Information if we have a lawful basis for doing so. Lawful bases for processing include, depending on the applicable law, consent, contractual necessity, and our “legitimate interests” or the legitimate interest of others, as further described below.
Consent
Depending on your jurisdiction, some activities may require your consent, for example where we collect your personal data at events for our direct marketing communications so that we can provide further information and marketing to you. If applicable law requires your consent to process data in a certain way, then we will obtain it before carrying out that activity. When we process Personal Information based on your consent, it will be expressly indicated to you at the point and time of collection.
Where consent is not required, we will process your Personal Information because either it is necessary for our legitimate interests, is necessary to enable us to perform the contract or provide our services to you, or it is necessary for us to comply with our legal obligations.
Necessary to comply with a Legal/ Regulatory Obligation
From time to time, we may also need to process Personal Information to comply with a legal or regulatory obligation. We rely on this lawful basis when processing any data subject rights requests in accordance with applicable data protection laws and for activities relating to the prevention, detection and investigation of any crime. We also rely on it to comply with our financial reporting obligations and compliance with subpoenas or similar court orders.
Vital Interests/ tasks carried out in public interest
We may also need to process Personal Information if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
Necessary to fulfill a contract
Other activities are carried out to fulfill a contract or agreement (for example, to comply with contractual obligations we have to you, or your organization including when we provide Digiteck Vision Offerings to you or your organization in accordance with the applicable terms and conditions, or when we process payments and purchases you or your organization make). If a contract or account is in place, then we will process your Personal Information on the basis that it is necessary to perform our contractual commitments to you.
Legitimate Interests
In addition to the uses set out above, we may also process the Personal Information we collect for our legitimate business interests when that is an available legal basis under applicable law. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to give you the best service and products and the most secure experience. For example, we have an interest in making sure our marketing is relevant for you, so we may process your information to send you marketing that is tailored to your interests. Our legitimate interests can also apply to processing that is in your interests as well. For example, we may process your information to ensure our websites and systems are secure. Specifically, we may also process the Personal Information we collect on the basis of the following legitimate business interests:
-
where the processing enables us to enhance, modify, personalize or otherwise improve our services and communications for the benefit of our customers;
-
to enhance the security of our network and information systems;
-
to better understand how people interact with our websites;
-
to review and update the information we hold on you, to ensure it is accurate and up to date;
-
to assess your purchasing history and build a business profile on you (in your professional/business role);
-
for analysis and research in connection with product offerings and development;
-
promoting our products and services; and
-
for direct marketing purposes (where this is permitted) and to determine the effectiveness of promotional campaigns and advertising.
Your Rights
Depending on your jurisdiction, you may be entitled to certain rights, which can include:
-
Where our use of your Personal Information requires consent, you may withdraw this consent at any time;
-
You may request access to your Personal Information we hold about you and obtain information about how we process it. Depending on the applicable privacy laws (e.g. California law), you may be entitled to request the categories and specific pieces of Personal Information that we have collected about you, the categories of sources from which the Personal Information was collected, the purposes of collecting the Personal Information, the categories of third parties we have shared the Personal Information with, and the categories of Personal Information that have been shared with third parties for a business purpose;
-
You may update, correct or amend the Personal Information we hold about you if it is wrong;
-
You may ask us to change, restrict or stop the way in which we communicate with you or process Personal Information about you;
-
You may ask us to delete your Personal Information;
-
You have rights in relation to automated decision making, including profiling which has a legal effect, or which causes a significant effect;
-
You may ask us to move, copy or transfer your Personal Information;
-
You may object to our processing of your Personal Information; and
-
You may opt out of the sale of Personal Information—however, we do not sell your Personal Information to third parties, nor do we intend to. We also have not done so for the last 12 months. In addition, we have contracts with our service providers to prohibit any sale of the personal information we provide them; but if you have any concerns that our third parties might be selling your information, please contact us.
If you would like to exercise any of your rights or if you have any questions about this notice or would like to make a complaint please send an email to privacy@DigiteckVision.com that details your request and includes your exact name, physical address and email address. You may also submit a request to access or delete your information via our webform.
Please note that, where required by law, we may need to verify your identity when you request to exercise your privacy rights. To do so, we may ask you to confirm information we already have on file or provide such other proof as we need in order to determine and confirm your identity before responding to your request. Also, as may be expected in other jurisdictions, if you would like to authorize someone to make a request on your behalf, you must provide the agent with written, signed permission to submit privacy right requests on your behalf, or provide a letter from your attorney. The agent or attorney must provide this authorization at the time of request. Note that we may require you to verify your Hawiyyati with us directly before we provide any requested information to your approved agent.
We will not discriminate against you in any way for exercising your rights.
You have the right to make a complaint at any time to your local data protection regulator. If you are based in the European Economic Area, you can access a list of these here. If you are based in the UK you can access contact details for the ICO here. We would, however, appreciate the chance to deal with your concerns before you approach your regulator or ICO so please contact us in the first instance.
Your Privacy Under CCPA
If you are a resident of California, you have the right to request access, modification, and deletion of any personal information we process about you under the California Consumer Privacy Act. Our CCPA obligations cover any California resident’s personal information we process through the use of our Website, Services, and Mobile Apps. Data submitted to another company independently or through our Services is not covered under this section and all inquiries regarding your data rights should be directed to them.
When you use our Website, Services, and Mobile Apps we collect certain categories of personal information from you including identifying, contact, payment, biometric, geographic and navigational information as well as system usage data. We may disclose these categories of personal information for business purposes in order to provide our services to you, business operational reasons, and to provide internal data analytics information. We do not sell your personal information to any third parties.
You have the right to request the disclosure of all personal information we process about you over the past 12 months, including the right to know what personal information we disclosed to third parties for a business purpose. We will review your request and provide a disclosure which contains the categories and specific pieces of personal information we have processed, the sources of personal information, the business purpose for processing, and any third parties with whom we have shared your personal information. To ensure your privacy and security, we will take reasonable steps to verify your identity before processing your request.
You have the right to request the deletion of your personal information we have processed. We will review your request and will delete your personal information as well as direct all service providers to delete your personal information from their systems. Deletion of personal information is subject to certain exceptions, such as complying with law enforcement requests or other legal matters.
If you choose to exercise any of your data rights, we will not discriminate against you or your use of our Services in any of the following ways, including denying goods or services to you, charging different prices or rates for goods or services, providing a different level or quality of goods or services to you, or suggesting any of the above.
You can send an email to privacy@digiteckvision.com to request a disclosure or deletion of your personal information. Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.
Your Privacy Rights Under GDPR
You may request access to your information to review, modify or request deletion of any personal information we process about you. We will review your request and will respond in accordance with applicable data protection laws. To protect your privacy and security, we take reasonable steps to verify your identity before processing rights requests. We will also stop sending marketing communications to you by clicking “Unsubscribe” in any marketing e -mail communications we send you.
If you are a resident of the EEA, you can object to processing of your personal information, ask us to restrict processing of your personal information or, if applicable, request the portability of your personal information. You can send an email to privacy@digiteckvision.com to exercise these rights. If you are a resident in the EEA, you have the legal right to complain to the data protection authorities in the EEA about our collection and use of your personal information.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Data Hosting & Security
Information collected from our Website, the Service and the Mobile App is transferred to and hosted locally within the GCC. Additionally, we may use third-party vendors and affiliates in various countries around the world to host and process your information. We have taken appropriate safeguards to ensure that your personal information will remain protected in accordance our obligations.
We have legitimate business interests to collect process and retain personal information for the purposes described in this Policy. We retain personal information we collect from you for as long as we have an ongoing legitimate business reason or requirement to do so. While retaining the data, we will securely store your personal information. We use appropriate technical and organizational security measures to protect personal information against unauthorized access, disclosure, alteration, and destruction.
Data Disclosure to Third-Parties
We do not sell or rent any of your information to third parties for any advertising or marketing purposes. However, the following describes some of the ways that We may disclose your information in the normal course of providing Our services.
Vendors
We may use third party vendors, consultants and other service providers to help us with any of the collection and processing activities described herein. Those providers work on our behalf, as instructed by our team. Prior to sharing data with a third party, we assess the provider’s controls to ensure the data is correctly processed and adequately protected. We require that any information disclosed to a provider is used only to provide services to us and only as allowed by applicable law. For a list of third party vendors we use to process personal information see Exhibit 2 of our Terms of Service
Affiliates
We may provide your information with a subsidiary, parent company or company under common control with Digiteck Vision Our affiliates will use your information only as described in this Policy.
Links to Other Websites
The Digiteck Vision Offerings may contain links to websites maintained by third parties, whose information and privacy practices differ from ours, including, for example, websites that process online payments. We are not responsible or liable for the content of any such websites, any use of such websites or the information or privacy practices employed by the providers of such websites. We encourage you to read the privacy statements of all third-party websites before using such websites or submitting any Personal Information or any other information on or through such websites.
Authorities
We reserve the right to disclose information as required by law or regulation and when necessary to comply with a judicial proceeding, court order, or legal process.
Change of Control
If we are involved in a merger, acquisition or sale of all or a portion of its assets, your information may be shared or transferred as part of that transaction, as permitted by law and only for the purposes disclosed herein.
Privacy Shield
Digiteck Vision complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union and the United Kingdom countries and Switzerland transferred to the United States pursuant to Privacy Shield. Digiteck Vision has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/.
We are subject to the investigatory and enforcement powers of the Federal Trade Commissions within the territories we operate in.
Pursuant to the Privacy Shield Frameworks, all individuals have the right to obtain our confirmation of whether we maintain personal information relating to you with Digiteck Vision. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred under Privacy Shield, should direct their query to privacy@digiteckvision.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice (for personal data) or opt-in choice (for sensitive data) before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@digiteckvision.com.
DTV’s accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, DTV remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless DTV proves that it is not responsible for the event giving rise to the damage.
We may be required in certain circumstances to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In the event a customer end user transfers human resources data from the EU in the context of the employment relationship, DTV will cooperate with the appropriate EU or Swiss data protection authorities.
In compliance with the Privacy Shield Principles, DTV commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact DTV at: privacy@digiteckvision.com
DTV has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Cross-Border Data Transfer
We are committed to safeguarding your personal information and to take appropriate steps to protect your Personal Information regardless of where it is stored, taking into consideration the requirements of the data protection laws which we consider are applicable to how we process your Personal Information. These include entering into contracts with third parties. An example of this could arise if our processing of your Personal Information is protected under United Kingdom or European Union data protection laws. If that Personal Information will be transferred by us or on our instructions to a country outside the United Kingdom or European Economic Area and doing so would otherwise be restricted under prevailing data protection law applicable to us, because your Personal Information would not be protected to an equivalent data protection law standard, we will put in place an approved mechanism for providing appropriate safeguards to protect it. This includes approved mechanisms such as standard contractual clauses.
There may also be some instances in which we rely upon one or more permitted exceptions under the relevant data protection law from taking this step for particular situations. For example, where we have asked for your explicit consent to do, or to perform a contract with your organization and/ or you, or take steps prior to doing so, to conclude or perform a contract with another party concluded in your interest, for important reasons of public interest, or where it is done in the context of legal claims.
Digiteck Vision, and its affiliated entities, also comply with the EU-U.S. Privacy Shield Framework and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Digiteck Vision has certified through its partners to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
Where local implementations are done, Digiteck Vision has complied with the relevant authorities, these include but are not limited to Saudi Arabia, United Arab Emirates, Kingdom of Bahrain, Kuwait, Sultanate of Oman, Jordan, Lebanon, Turkiye, Egypt, Morocco and others have jurisdiction over Digiteck Vision’s compliance with the local data privacy guidelines.
While for EU-U.S. Privacy shield the Federal Trade Commission has jurisdiction over our Partners and Service Providers compliance with the local Privacy Shield.
In compliance with the Privacy Shield Principles, Digiteck Vision commits to resolve complaints about our collection or use of your personal information. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Digiteck Vision at privacy@DigiteckVision.com
Digiteck Vision has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
This Policy
How to Contact Us
If you have any comments or inquiries about this Privacy Policy, if you would like to update information we have about you or to exercise your rights, you may contact us sending an email to privacy@DigiteckVision.com or by sending regular mail to the following address:
Attn: Office of General Counsel
Digiteck Vision WLL
Office 04111, Bldg 1459 (West Tower, Bahrain Financial Harbor)
Road 4626, Manama/ Sea Front, Block 346
Kingdom of Bahrain
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority in the country in which you live via their website.
Changes to this Policy
We may change this Policy from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We will update the date at the top of the Privacy Policy accordingly. We encourage you to check this Policy for changes when you revisit the Digiteck Vision website.