Our privacy policy was last updated on 04/10/2023

Valid.it Evaluation Solutions Ltd. Also known as Validit Inc. (hereinafter: “Valid.it” or “The Company” or “We“, “Us“) Established in 2021, Valid.it is a user-friendly remote fraud detection solution that leverages behavioral science and signal processing to deter and detect deception using nothing but a smartphone.

We at Valid.it provide companies and organizations (hereinafter: “our customers” )in diverse sectors with a mobile-based platform that enables remote non-invasive integrity testing. Our solution is based on a systematic methodology that leverages real-world experience and professional know-how. The solution may be used for various use cases, including talent acquisition, insurance underwriting, financial statements, claims validation, and more (“hereinafter:” Platform”).

This privacy policy is intended for the Platform Users/Admin who use the Platform on behalf of the customer, and Our Website Users who interact with valid.it website (Hereinafter: “You”).

Admin, acting on behalf of our customer shares with us the information needed to contact End-Users by providing/ uploading personal information of End-Users via the platform to conduct an assessment. The Platform sends an invitation via SMS text messaging and/or via email, containing a link with unique credentials to allow the End-Users to download our mobile application and log into the assessment using the mobile application.  The End-Users shall use the account for the type of assessment requested by our customer within the contractual legal framework with Our Company. For example, the Admin may request to assess the integrity of job candidates as part of their recruitment process, OR test End-User claims authenticity as part of the insurance process.

This Privacy Policy describes how we handle Your personal data as an Admin of the platform or as a Website User, as well as Our Privacy practices, policies, and procedures on the collection, use, and disclosure of Your information with respect to Our Platform/ Website. In this Privacy Policy, we act as the “Data Controller” of Your personal information.   Please see Our Terms of Use.

This privacy policy is for Platform Users only, and it does not cover any information processed and/or uploaded and/or inserted by Admin on our platform, regarding End-Users which we act as Data Processor.  If you are an End-User, please see the privacy policy here

Please Note: We respect your privacy and are committed to using privacy practices that are transparent and fair. Carefully read this privacy policy. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy!

1. Definitions and Interpretations

The words of which the initial letter is capitalized have meanings defined under the following conditions.

For the purposes of this Privacy Policy:

• “Company” -referred to it Evaluation Solutions Ltd. as either “the Company“, “We“, “Us” or “Our” in this Privacy Policy. For the purpose of the GDPR (EU General Data Protection Regulations) in this privacy policy, the company is the Data Processor.
• “Service” refers to the Website and/or the Web/browser-based platform.
• “You” (the user)- means the individual who accesses, uses, or interacts with our services, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable, and whose personal data may be collected, processed, or stored by us in accordance with our privacy policy. You can be referred to as the Data Subject or as the User as you are the individual using the Service.
• “GDPR“- EU 2016/679 General Data Protection Regulation.
• “PIPEDA” – the Canadian Personal Information Protection and Electronic Documents Act.
• “SaaS“- Software as a Service
• “Platform“- the SaaS provided to Our Customer as part of the Service.
• “Account“- a unique account created for You to access our platform as part of our Service.
• “Admin“- the Platform Administrator account in our customer offices.
• “Cookies” are small files that are placed on Your computer, mobile device, or any other device by a website, containing the details of Your browsing history on that website among its many uses.
• “Usage Data” refers to data collected automatically, either generated using the Service or from the Service infrastructure itself (for example, the duration of a page visit).
• “Device” means any hardware that is used to access the Service such as a computer, a mobile device, or a digital tablet.
• “Personal Data” or “Personal Identifiable Information” is any information that relates to an identified or identifiable individual, directly or indirectly.
• “Service Provider” means any entity, establishment, or legal person who processes the data (either Usage Data or Personal Data) on behalf of the Company. It refers to third-party companies and/or individuals employed by the Company to facilitate and/or perform and/or provide the Service on behalf of the Company, or to assist the Company in monitoring, analyzing how the Service is used, and improving the Service as deemed necessary. For the purpose of the GDPR, Service Providers in this Privacy Policy are considered Data Processors (“Data Processors”).
• “Data Controller“, for the purposes of the GDPR, refers to the Company as the legal person/agency or other body, which alone or jointly with others determines the purposes and means of processing Personal Data.
• “Data Processor“- for the purpose of the GDPR, refers to organizations or affiliates that process personal data on behalf of the Data Controller.

2. Collecting and Using Your Personal Data

Personal Data/User Data

While using Our Service, We may request personally identifiable information from You that can be used to contact or identify You. This data may include, but is not limited to Types of Data Collected:

When You open an Admin Account through the Platform

• Business Email Address
• Full Name
• Phone Number [Mobile]
• Job Title
• Company Name
• Company Address, Size, and Website
• Industry

When You Book a Demo through Our Website

• Full Name
• Phone Number
• Email Address [preferably Business Email Address]
• Industry
• Company Name and Size
• Country/Province/City
• The Content of Your Request [any other information you choose to share with Us]

When You Contact Us through the Website

• Name
• Phone Number
• Email Address

 

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device’s unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

For more information about the cookies we use, and your choices regarding cookies, please see our Cookies Policy below.

3. How we collect your data

We want to inform you about the various methods we use to collect data when you interact with our Services as part of our commitment to protecting your privacy. The primary methods we use are as follows:

• Direct Collection: We obtain personal data directly from you when you voluntarily provide it to us, such as when you create an account or contact us via the website channel or via mail.
• Automated Collection: As you interact with our service, certain usage data and technical information may be automatically collected through cookies, server logs, and other tracking technologies. This may include details about your device, browser, IP address, access times, and pages viewed.

Please keep in mind that our Privacy and Cookie Notice explains how we use and protect the data collected through these methods and the options and rights you have regarding your personal data.

4. Purpose of Data Processing and Use of Your Personal Data

We may use Personal Data for the following purposes:

• To provide you with the requested services: We use your Personal Data to respond to your requests, such as providing customer service, and delivering our services to you.
• To improve, support, and analyze our services: We may use your Personal Data to conduct research and analysis to improve our services. This includes gathering feedback on our services, analyzing website traffic and usage patterns, and identifying areas for improvement.
• To Manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user such as providing our products and services and/or downloading an asset.
• To communicate with you: We may use your personal data to communicate with you about our services, including marketing communications and promotional offers. If you have opted in to receive marketing communications from us, you can always opt-out by following the instructions provided in the communication.
• To manage Your requests: To attend to and manage Your requests to Us as well as provide an answer and further information to the extent requested.
• To comply with legal obligations: We may use your personal data to comply with applicable laws, regulations, and other legal requirements, including responding to lawful requests from law enforcement agencies and government authorities.
• For other legitimate business purposes: We may use your personal data for other legitimate business purposes, such as enforcing our terms of service, protecting our rights and interests, and preventing fraud or other illegal activities.

 

5. Share and Disclosure of Your personal information

 

• With Service Providers: for the purpose of tracking and analyzing how our services are being used, We might disclose Your personal information to the Service Providers such as hosting and server co-location services, communication, content delivery networks, data and cyber security services, fraud detection and prevention services, and web analytics and any other relevant services.
• With Your consent: We may disclose Your personal information for any other purpose with Your consent.
• With Affiliates: We may disclose Your information with Our affiliates, in which case we will require them to follow this Privacy Policy. Information shared as needed only serves to allow us to fulfill our legal obligations towards our customers, and to ensure that our solution performs optimally.
• Law enforcement: Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

• Other legal requirements: The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
• Comply with a legal obligation.
• Protect and defend the rights or property of the Company.
• Prevent or investigate possible wrongdoing in connection with the Service.
• Protect the personal safety of Users of the Service or the public.
• Protect against legal liability.
  
  

6. Data Location and Transfer

The company may maintain, process, access, and store your personal data by us or our authorized service providers (see section 3 above) in different locations, in compliance with the applicable laws to Your Organization. Valid.it maintains offices in Israel, and currently uses AWS services located in Ireland for processing, analyzing, and storing Platform Users Data, and Wix.com [WordPress] located in Europe for Website Users, and may access your personal data from any of these locations or any other location necessary for the activity of the platform for the purpose of providing technical support and customer service for Your organization. 

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and appropriate lawful mechanisms, and no transfer of Your Personal Data will take place on behalf of your organization, to a country unless there are adequate controls in place including the security of Your data and other personal information, as follows:

• Internal transfers: Transfers within the Valid.it group will be covered by an internal processing agreement entered by members of the Valid.it Group (an intra-group agreement) which contractually obliges each member to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred to.
• External transfers: Where we transfer your Personal Data outside of the EU/EEA (for example to third parties who provide us with services), we will do so with a third country or an international organization that the commission has determined is an adequate level of protection. If not, We will obtain relevant contractual framework commitments from them to protect your Personal Data, such as the Standard Contractual Clause (SCC) or Data Transfer Agreement (DTA)/Data Processing Addendum (DPA) depending on which country receiving the data.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement and consent to that transfer.

 

7. Retention of Your Personal Data

The Company will retain Your Personal Data in accordance with its instructions. Additionally, we may retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy as well as to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws of taxing or accounting requirements), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Such Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

8. Security of Your Personal Data

The security of Your Personal Data is important to Us, and for that purpose, We have implemented technical, organizational, and security measures designed to protect your Personal Data. However, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security. As the security of information depends in part on the security of the computer, device, or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

9. Your rights:

Under the GDPR

You have the right under this Privacy Policy, by law, and for the purpose of the GDPR, as follows:

• The right to notice. You have the right to be notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.
• Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request the deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
• The right to request the erasure and deletion of Personal Data. You have the right to request the erasure deletion of Your Personal Data when there is no good reason for Us to continue processing it. Such erasure is subject to certain exceptions under the CCPA or the GDPR, In the event that one of the exceptions applies, we will notify you in accordance with the law.

• Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
• Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
• Request the transfer of Your Personal Data (Data Portability). We will provide to You, or to a third party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information that You initially provided consent for Us to use or where We used the information to perform a contract with You.
• Withdraw Your consent. You have the right to withdraw Your consent to use your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
• You have a right to lodge a complaint with your local data protection supervisory authority: (i.e., your place of habitual residence, place of work, or place of alleged infringement) at any time or before the relevant institutions in your place of residence. We ask that you please attempt to resolve any issues with us before you contact your local supervisory authority and/or relevant institution.

In order to exercise your rights as mentioned above, please contact us at support@validit.ai.

Processing and answering your request are Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance, if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

Under PIPEDA:

You have the right under this Privacy Policy, by law, and for the purpose of PIPEDA, as follows:

• The right to access your Data.
• The right to Correct your inaccurate Data, and/or deletethe inaccurate personal information. 
• The right to withdraw your consent.

 

• Children’s Privacy

Our Service does not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 18 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

If you believe that we might have any such information, please contact us at support@validit.ai.

• Interaction with third-party products

Our platform may contain third-party links and you We may thus be able to interact with third-party websites, mobile software applications, and products or services that are not owned or controlled by us (each a “Third Party Service”). Therefore, If You click on a third-party link, You may be directed to that third party’s site, which may not be operated by Us, and We thus cannot assume responsibility for the privacy practices or the content of such Third-Party Services. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

• Special Section for The Purpose of GDPR Privacy Policy

Legal Basis for Processing Personal Data under GDPR

We may process Personal Data under the following conditions:

• Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
• Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
• Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
• Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.

In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

• Cookie Policy

Like many websites and applications, we use “Cookies” and similar technologies for several reasons, to collect information including to help personalize your experience and we also use a cookies tool on our platform to gain consent for the optional cookies we use. Third parties through which we provide the services may be placing and reading cookies on your browser. When visiting our platform, you shall be notified of the use of and placement of cookies and other similar technologies on your device as specified herein.

There are different types of cookies, as follows:

A “session cookie” is temporary and will remain on your device until you leave the Site/platform/service.

A “persistent cookie” may be used to help save your settings and customizations across visits. It will remain on your device until you delete it.

“First-party cookies” are placed by us, while third-party cookies may be placed by a third party. We use both first- and third-party cookies.

We may use the term “cookies” to refer to all technologies that we may use to store data in your browser or device or that collect information or help us identify you in the manner described above, such as web beacons or “pixel tags”.

• How do we use cookies?

We use cookies and similar technologies for a number of reasons, as specified below. The specific names and types of cookies, web beacons, and similar technologies we use may change occasionally. However, the cookies we use generally are Necessary Cookies. These cookies are necessary to allow the Site to work correctly. They enable you to access the Site, move around, and access different services, features, and tools. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session. These cookies cannot be disabled.

Cookies for better Functionality. These cookies remember your settings and preferences and the choices you make (such as language or regional preferences) to help us personalize your experience and offer you enhanced functionality and content.

Analytics and Performance Cookies. These cookies collect information regarding your activity on our platform to help us learn more about which features are popular with our users and how our platform and/or our online services can be improved. It can also help us understand how you use our platform, for example, whether you have viewed messages or specific pages and how long you spent on each page. This helps us improve the performance of our platform and/or our online services.

 

Advertising Cookies. These cookies are placed in order to deliver content, including ads relevant and meaningful to you and your interests. They may also be used to deliver targeted advertising or to limit the number of times you see an advertisement. This can help us track how efficient advertising campaigns are, both for our own Services and for other websites. Such cookies may track your browsing habits and activity when visiting our platform and/or our online services and those of third parties.

How to adjust your preferences. Most Web browsers are initially configured to accept cookies, but you can change this setting so your browser either refuses all cookies or informs you when a cookie is being sent. In addition, you are free to delete any existing cookies at any time. Please note that some features of the Services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit.

Email Cookies. Additionally, cookies may be placed in messages we send to track your interaction with such emails.

• Contact us

If you have any comments or questions regarding this Privacy Policy for End Users, please contact your organization Admin or our support at: support@validit.ai