PRIVACY, ETHICS AND COMPLIANCE POLICY

 

The General Data Protection Regulation (GDPR) 2018 regulates the collection, use, disclosure and processing of personal information of individuals in the EU. It replaces existing European legislation, such as Data Protection Directive (officially Directive 95/46/EC), and introduces new requirements, it alters existing concepts, which means that businesses will need to review their existing processes to make sure they are compliant.

Private investigative businesses and services they provide (be that plain investigations, background checks, due diligence, insurance claims, etc) can involve significant personal data processing, so complete adoption of GDPR compliance is crucial. It is important for businesses to raise awareness of the changes, review current privacy notices, background screening policies and in general, their approach to this new age of data protection regulations and requirements, which GDPR 2018 certainly is.

This present DPP is valid for the services provided by Background Check Romania, a division of CIDP “Tanase V. Iulian” (trading online ) as Background Check Romania).

CONTEXT AND OVERVIEW

Replaces current policy on: 25th of May 2018 Policy prepared by: Julian Tanase
Approved on: 08th of May 2018 Becomes operational on: 25th of May 2018

INTRODUCTION

CIDP “Tanase V. Iulian” (also trading as Background Check Romania) needs to gather and use certain information about individuals and / or businesses. These can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards — and to comply with the law.


DATA PROTECTION GENERAL POLICY

We, at Background Check Romania, take extremely serious protection of any data we come in touch with. As such, we devised a solid privacy and compliance policy, which governs our business and relation with our clients since 1991, the year of our incorporation. For a full understanding on how we base our business and ethics on these policies, please check out our Data Protection Policy, valid as of the 25th of May 2018.

Consent – Seen as mandatory, we obtain a consent before acquiring, holding or using personal data. Our forms, whether paper or web-based, which are designed to gather personal data do contain a statement explaining what the information is to be used for and who it may be disclosed to. We do not engage in “blind research” and only process data expressly for the purpose mentioned in the accord.

Sensitive data – We are particularly careful when dealing with any sensitive personal data (i.e. information relating to race, political opinion, physical or mental health, religious belief, trade union membership, sexuality, etc). We do not engage in acquiring such data, and we do not process or otherwise handle, obtain or store such information.

Review files – We only create and retain personal data where absolutely necessary. Securely disposal of or deletion of any personal data which is out of date, irrelevant or no longer required is mandatory. We run regular reviews of old files and discard unnecessary or obsolete data systematically.

Disposal of records – When discarding paper records that contain personal data we treat them confidentially (i.e. shred such files rather than disposing of them as waste paper). Similarly any unnecessary or out-of-date electronic records are deleted. We do not give away or sell our computers unless Information Services have ensured that all information stored on it has been removed or deleted.

Accuracy – We keep all personal data up to date and accurate, noting any changes of data and other amendments. If there is any doubt about the accuracy of personal data then we do not use it.

Security – We keep all personal data as securely as possible (e.g. in lockable filing cabinets or in rooms that can be locked when unoccupied). We do not leave records containing personal data unattended in offices or areas accessible. We also keep in mind that e-mail is not necessarily confidential or secure so should be secured and/or encrypted to the best of our abilities.

Disclosing data – We never reveal personal data to third parties without the consent of the individual concerned, of the client, or other reasonable justification. We endeavour to co-operate with Inland Revenue, National Courts or the National Police, but steps are first taken to ensure that such requests are genuine and legitimate.

Our Service Agreement is bereft of any unnecessary data, which may negatively impact on Data Protection regulations or the views of the 2018’s GDPR. If you require a sample of our SA, please let us know and we will send you a sample copy for your perusal.

Ethics – We always conduct our own services honestly and honourably, and expect our clients and suppliers to do the same. Our advice, strategic assistance and the methods imparted through our training, take proper account of ethical considerations, together with the protection and enhancement of the moral position of our clients and suppliers. If there appears to be a conflict between our Code of Conduct and the law, we always obey the law. But, if our COC sets a higher standard than the law requires, we understand that it must be the standard for behaviour.

Confidentiality – We are committed to maintaining the highest degree of integrity in all our dealings with potential, current and past clients, both in terms of normal commercial confidentiality, and the protection of all personal information received in the course of providing the business services concerned. We extend the same standards to all our customers, suppliers and associates.

Duty of care – Our actions and advice will always conform to relevant law, and we believe that all businesses and organizations, including this consultancy, should avoid causing any adverse effect on the human rights of people in the organizations we deal with, the local and wider environments, and the well-being of society at large.

Conflict of interest – Due to the sensitive nature of our particular consultancy services, we will not provide a service to a direct competitor of a client, and we generally try to avoid any dealings with competitor companies even after the cessation of services to a client. Started in 1991, we do maintain and keep a detailed database which enables us to identify any such possible conflicts of interest.

Quality assurance – We maintain the quality of what we do through constant ongoing review with our clients, of all aims, activities, outcomes and the cost-effectiveness of every activity. We encourage regular review meetings and provide regular progress reports. This consultancy has been accredited under a number of quality assurance schemes. Further details are available on request.

MEANS OF INQUIRY AND LAW COMPLIANCE – We always endeavour to make our research and work as legally-proof as possible. We never undertake anything even remotely linked to what it may appear to be a non-legit project and in any case, we do not engage in downright illegal operations of any kind, shape or form these may be. We are always striving to observe the legality of our work; we do not put our clients at risk due to non legit reports sent to client for which he will have to answer to a court of law for the legality of it all.

Any questions on our privacy and compliance policy, or any queries at all regarding our policies of privacy and compliance, do not hesitate to contact us.

Print Friendly, PDF & Email
Contact us todayWe're on FacebookWe're on LinkedInWe're on TwitterGoogle Business
%d bloggers like this: