1. Our approach
Amiqus Resolution Limited (‘Amiqus’, ‘we’, ‘us’ or ‘our’), is an award-winning tech for good company selling software as a service. You can learn more about our team and our values on our website. Privacy is one of our core business values and we take protecting your data very seriously.
This Privacy Notice explains how we collect, handle and store your personal information when we act as either a data controller or a data processor in accordance with the requirements of the UK General Data Protection Legislation and the Data Protection Act 2018. We are registered with the ICO and our registration number is ZA136760.
2. Our role as a data controller
Amiqus may act as the data controller of your personal data. This means that we may make decisions about why we collect and use your personal data for our own business purposes. We may process your personal data as a data controller if you are:
- A client
- A prospective client
- A visitor to our website or app
- An individual that has been referred to Amiqus by an existing client
- An individual who is mentioned as an Amiqus job applicant’s referee for employment
a) How do we collect personal data about you?
We collect personal data about you when you engage us to provide services to you and we onboard you as one of our clients.
We also collect personal data from you when you visit amiqus.co, and any associated websites and apps owned by Amiqus Resolution Ltd. There are several points of interaction through which we will collect certain personal information about you which include when you engage with:
- One of our website contact forms;
- All automated technologies or interactions when visiting our website, such as chatbots or chatrooms; and
- Our mailing list when signing up to receive updates from us.
- Our client support team on the phone where your call may be recorded.
The table below provides an overview of the reasons we may process your personal data as a data controller and the lawful basis we rely upon to use your personal data.
b) Our processing
Purpose of processing | Personal Data | Data subject | Legal basis |
---|---|---|---|
To provide our services to you. | Name, job title and contact details such as email, business address and contact number. | Amiqus Clients. | To enter into and perform any contract between you and us. |
To monitor and improve our website and services. | Technical data including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use (Usage Data).Please refer to our cookie policy for more details. | Website visitors. | We rely on legitimate interest where we need to process personal data via essential cookies to support the functionality of our website.We ask for your consent for any processing of personal data via non-essential cookies. |
To operate, maintain and ensure security of our online accounts. | Your name and email address, address (Account data and Service Data) when you set up an online account with Amiqus. | Website visitors. | Legitimate interests, namely to maintain the proper security and administration of our website and business.Performance of any contract between you and us. |
To respond to and manage enquiries made to us. | Name, email address other information you have provided to us (Enquiry data). | Amiqus Clients and prospective clients. | Legitimate interest to contact you to support you with your query. |
To manage and process business transactions and payment for our services. | Contact details, payment card details, bank details and the transaction details. | Amiqus Clients. | Performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract. |
To share our newsletters and updates with subscribers. | Name and email address. | Amiqus Clients and prospective clients. | Consent. |
To manage our recruitment and employment processes. | Please refer to our applicant and employee privacy notices. | Job applicants and employees. | Please refer to our applicant and employee privacy notices. |
To provide information to organisations and individuals as part of the Amiqus referral scheme. | Name and business email address. | Amiqus Clients and prospective clients. | Legitimate interests, namely the business purposes of responding to referral opportunities and providing information to prospective clients. |
To promote our products and services. | Name and business email address. | Amiqus prospective clients. | Legitimate interests. |
To record calls for training, monitoring and quality assurance. | Contact details, name, business email, business address, phone. | Amiqus Clients. | Consent. Our callers are able to opt in or out of call recording. |
c) Who has access to your personal information?
We may disclose your personal information to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
In addition to these specific disclosures of personal information, we may also disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
We will never sell your information to third parties for marketing purposes.
Please note that, operationally, Amiqus have no internal access to client data due to mandatory encryption of files resting on our servers which may only ever be visible following authorisation by our clients. If access to personal information is authorised, it is tightly restricted to specific personnel who are under a duty to maintain the confidentiality and security of such information.
d) How long is your information kept for?
Any personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
If you have provided information via the website, this personal information will be retained for a maximum of seven years following the date it was submitted, at the end of which period it will be deleted from our systems, unless requested by users.
We may retain your personal information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
3. Our role as a data processor
We act as a data processor on behalf of professional service firms and other organisations (“Amiqus Client(s)”).
If you have been directed to use any of Amiqus’ services, the Amiqus Client you are in contact with is the data controller of your personal data and has instructed Amiqus to process your information. If you have any questions about why an Amiqus Client uses your personal data, you should refer to their privacy notice.
Amiqus Clients may instruct us to provide services which require us to use your personal data and we do so strictly in accordance with their instructions, this privacy notice and applicable data protection laws, for the purpose of providing agree services. Types of personal data we may process when providing our services include:
- name, date of birth, contact details (i.e. phone number and email address), address history, employment vetting and screening data, ID documents (including images of these);
- special category data (i.e. passport images, photos/videos of your face and political information about you) as part of the Amiqus checks;
- criminal history check information (i.e. indicative notice of disclosure and client notes about disclosures);.
- any other information that you may provide which is required to provide the service.
All data stored by Amiqus is within a primary EU location and backed up by servers located in the UK.
a) Our Services: Amiqus Check
If you have been asked to undergo an Amiqus check, the Amiqus Client requesting you undertake the check is the data controller of your personal data and you should therefore refer to their company privacy policies first.
b) Photo ID verification checks and biometric data
If asked to complete a Photo ID verification check you may be asked to allow access to the camera and microphone on your device. This is to allow you to capture images and/or video of your document and face to fulfil the check.
If the Amiqus Client requires a Facial similarity check as part of a Photo ID verification check, the captured images/or video of your face will be used for facial recognition purposes (i.e. a digital comparison is made between the image/video of your face and your ID documents to recognise and verify it’s you).
If you are required by the Amiqus Client
to verify a biometric passport, you will be directed to download the Amiqus mobile app from the Apple App Store or Google Play Store. In the app, you will be asked to allow access to the camera and microphone on your device and to scan the passport’s near-field communication (NFC) chip using your mobile’s NFC scanner. This is to allow you to capture images and/or video of your document and face, as well as verify the data stored in the document’s NFC chip, to fulfil the check. To verify your identification documents and carry out the facial recognition check we use the services of third-party supplier Onfido Limited.
c) Automated Referencing Service
We provide a service which supports businesses and individuals with obtaining employment references using our efficient technology which automates the process, saving time for the employer who is the Amiqus Client, the job applicant seeking the reference and the referee that has agreed to provide the reference.
Amiqus may be instructed by employers to process personal data relating to job applicants and referees for the purpose of issuing automated employee reference checks.
If you are a job applicant, Amiqus will process your personal data when instructed to do so by the Amiqus Client to facilitate contact with the referees elected by you.
The Amiqus Client is the data controller of your personal data and you should refer to their privacy notice for information about how they use your information.
Prior to submitting your employee reference check, we require you to confirm with your referee that they agree to you providing their personal data to obtain an employment reference.
When you submit a reference request, Amiqus will share information including your full name, previous role title and dates of employment (commencement and termination (if applicable)) with your referee.
If you are an elected referee, Amiqus has received your contact information because you have been identified as a referee and you have provided your agreement to be contacted to provide an employment reference by the job applicant named in the automated reference request. The job applicant has confirmed that you have agreed to your information being shared for the purpose of being their referee. If you wish to decline to provide a reference, you may decline to respond, or notify us by contacting [email protected].
4. Keeping your information safe
Handling your personal information with respect and transparency is an essential part of upholding your data privacy. At Amiqus, we therefore work to exceed the minimum requirements set by the UK government’s cyber security accreditation scheme Cyber Essentials Plus; we are voluntarily certified by NQA to the ISO/IEC 27001:2013 standard and we are a member of Cisp, the National Cyber Security Centre cyber threat-sharing platform, which provides ongoing analysis, reporting and monitoring of online activity at national level.
When you provide us with personally identifying information, we take steps to ensure that appropriate cybersecurity and organisational controls are in place to protect it. These include:
Please note that you are responsible for keeping any password which enables you to access Amiqus confidential and we recommend that you use the added security of two-factor authentication when accessing any Amiqus account.
Third parties
We use a number of carefully selected third parties to help provide our services to you. We require these third parties to uphold security policies that adhere to the same requirements we ourselves impose. When we use a third-party (a data processor) to process personal data, we enter into a written contract and data processing agreement to ensure that they fulfil the obligations of the data protection law.
If we are requested to share sensitive information by law enforcement, we will do so in accordance with our obligations under UK law.
Security policies
Amiqus has developed a set of security policies for our team and partners. Further information about these security policies can be made available upon request.
5. Your rights
UK data protection law enables individuals to exercise legal rights against Data Controllers that process their personal data. If we process your personal data in our capacity as a Data Processor, we will refer your request to our client as the Data Controller of your personal data.
When Amiqus is the Data Controller of your personal data, you may contact us to exercise the following rights.
Right to be informed
You have the right to ask us for information about how we use your personal data.
Right of access
You have the right to ask us for copies of the personal information we process about you.
Right of rectification
You have the right to ask us to rectify information you think is inaccurate or incomplete.
Right of erasure
You have the right to ask us to erase your personal information in certain circumstances.
Right to restriction of processing
You have the right to ask us to restrict the processing of your information in certain circumstances.
Right of data portability
If we are processing your personally identifying information (i) based on your consent, or in order to enter into or carry out a contract with you and (ii) the processing is being done by automated means, you have the right to ask us to provide that information to you or another service provider in a machine-readable format.
Right to object to data processing
You have the right to object to your personal data being processed.
Rights in relation to automated decision-making and profiling
You have the right not to be subject to this type of processing.
If you have specific questions, or wish to exercise any of these rights please contact us at [email protected].
6. Marketing
If you have provided contact information to us and have agreed to receive marketing communications, we would like to send you email communications to keep you updated about our services.
If you do not wish to receive such communications, you may unsubscribe to our emails using the link provided in the footer of the email at any time, or you can contact us at [email protected], to withdraw your consent.
For visitors to Amiqus websites and app
Amiqus will collect usage data such as IP address, length of visit and referral source, you cannot be identified from this information and it is only used to assist us in providing an effective service.
For Amiqus clients: the registered users of Amiqus
Amiqus will collect account data such as name and email address, with the source of this data being you for the purpose of operating our website, providing our services and maintaining back-ups of our databases and communication with you. The legal basis for this processing is primarily for the performance of any contract between yourself and Amiqus or taking steps at your request to enter into such a contract.
For Amiqus job applicants
Amiqus will collect personal information including but not limited to name, address, date of birth, professional qualifications and pre employment checks. Additionally, sensitive information including but not limited to marital status, nationality and gender will also be collected. We do this to comply with our legal obligations with regards to hiring and in line with the GDPR legal bases of consent and/or contract.
For Amiqus employment referees
Amiqus will collect information such as your name, company, your position held and relationship to the applicant. Additionally, we will ask for a contact number/ email address in relation to your role as voluntary referee throughout the application process. Confirming certain details of an applicant’s employment history with their consent is an essential part of our due diligence before offering a contract of employment.
For Amiqus employees
Amiqus will collect personally identifiable information and unique identifiers such as NI number, as well as sensitive and special category of personal information in compliance with legal requirements. We use this information for the administration of your employment contract, career progression and well-being.
Amiqus referral scheme
An individual has recently completed an Amiqus request, and provided us with your name and business email address to let you know about Amiqus’ services via our referral scheme.
For subscribers to Amiqus marketing
Amiqus will collect and process information you have chosen to provide us when signing up to receive updates.
7. Cookies
We use “cookies”, a type of tracking software to enable the full functionality of our website. A cookie is a small, unique, text file that is sent to your browser from a web server and stored on your computer’s hard drive. View our full cookie policy here.
8. How to contact us
If you have any questions about this privacy notice or wish to exercise your rights please contact us by email, by post or by phone using the details below.
9. Changes to this notice
As our business changes and grows, we reserve the right to update this privacy notice to reflect our most current business practices.
10. How to complain
Please report any complaint to Amiqus Data Protection Team using the contact details above and we will work to resolve any question or concern that you wish to raise about our use of your information within a reasonable time period.
If we are unable to resolve your complaint, you may wish to contact the Information Commissioner’s Office on their website
or by telephone at: 0303 123 1113.