How does Verifile handle client and candidate information?

Modified on Tue, 20 Aug at 4:38 PM

[CF]


In order to successfully screen candidates in line with British Standard 7858, Verifile must be provided with information and data from both the candidate (who are undergoing background checks) or the client (who has requested the checks).


We handle all client and candidate information with the utmost care. Security is something we’ll never compromise on or take chances with. To demonstrate to clients that we have the framework within which data security (as well as data accuracy and integrity) is guaranteed, we have invested heavily in accreditations and certifications—and will continue to do so.

We are certified to ISO 27001 (Information Security), for example, proving that we have stringent information security protocols in place. 

We’ve been awarded our Cyber Essential Plus certification, confirming our commitment to data security by having subjected ourselves to external assessment against phishing and hacking, and we also hold the National Security Inspectorate (NSI) Gold Award, demonstrating our expertise in the field of security screening.

A key component of our own security screening sees every one of our employees and contractors vetted to meet and greatly exceed the criteria of BS7858 (an important framework for conducting background checks in highly secure environments).


We encourage our clients and their candidates to read our Privacy Notice which has very detailed explanations.

The information that is provided by the client or the candidate is only used for the intended purpose of background screening checks and any information that we request helps to support for the specific checks the client has placed for the candidate.

Verifile will never use the data for any other purpose, only to carry out the background screening checks.  

Under Article 17 of the U.K. GDPR (General Data Protection Regulations), individuals possess the right to have their personal information and data erased.


It is also known as the 'right to be forgotten'. The right only applies to data held at the time the request is received. It does not apply to data created in the future.

 

Please note, Verifile is known as the Data Processor of a candidate's information and you, as the client, are the Data Controller.

 

As the Data Controller, the individual (your candidate) will need to contact you directly if they wish their data to be removed from the Verifile client Portal.

 

Verifile offers two routes for Data Deletion/Anonymisation. For more information on this please see our artcile on 'How to request Data Deletion of a candidate's information'. 




RELATED CONTENT


Whilst we have taken care to ensure that this information is accurate, we update articles regularly. If you feel something is incorrect, please use the feedback buttons below to tell us how we could improve.


Handle data, Handle information, How does Veriflle handle data, candidates information, clients information, data handling. 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article

JavaScript