Privacy Policy

DigiVerifi Private Limited
Effective Date: April 2025
Last Updated: April 2025

DigiVerifi Private Limited (“DigiVerifi”, “we”, “our”, or “us”) is committed to protecting the privacy and confidentiality of personal information processed in the course of our business operations. This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you interact with our website or when personal data is processed as part of verification services delivered to our clients.

1. Applicability of This Policy

This Privacy Policy applies to:

  • Visitors to our website
  • Individuals whose personal data is processed as part of background verification, insurance investigations, or due-diligence services conducted for our clients
  • Any individual who communicates with DigiVerifi through email, phone, or other official channels

This policy does not override contractual obligations between DigiVerifi and its clients.

2. Our Role in Data Processing

In most cases:

  • Our clients are the “Data Controllers”
  • DigiVerifi acts as a “Data Processor”, processing personal data strictly on documented instructions from clients
  • DigiVerifi does not independently determine the purpose of verification activities.

3. Legal Basis for Processing

We process personal data based on one or more of the following lawful grounds:

  • Consent obtained by our clients from the data subject
  • Performance of contractual obligations
  • Compliance with applicable laws and regulatory requirements
  • Legitimate business interests related to fraud prevention, risk mitigation, and verification

4. Types of Personal Data Processed

Depending on the service scope, we may process:

  • Identity and contact details
  • Employment and education records
  • Insurance, medical, or claims-related information (where applicable)
  • Government-issued identifiers (as provided by clients)
  • Information obtained from public or authoritative sources

We process only data that is relevant and necessary for the assigned verification purpose.

5. Sources of Data

Personal data may be obtained from:

  • Clients who engage DigiVerifi
  • Data subjects directly (where required)
  • Employers, institutions, hospitals, insurers, or authorities
  • Publicly available and lawful sources

6. Use of Personal Data

Personal data is used strictly for:

  • Conducting verification, investigation, and due-diligence services
  • Communicating with clients and authorized stakeholders
  • Meeting legal, regulatory, and audit obligations
  • Improving internal processes and service quality

We do not sell personal data.

7. Data Sharing and Disclosure

Personal data may be shared with:

  • Clients who have commissioned the verification
  • Authorized third parties strictly involved in verification activities
  • Technology and infrastructure service providers under contractual safeguards
  • Government or regulatory authorities when legally required

All disclosures are need-based and purpose-limited.

8. Data Storage and Retention

Data is stored on secure servers located in India.

Retention periods are determined by:

  • Client contracts
  • Legal and regulatory requirements
  • Business necessity

Once data is no longer required, it is securely deleted or anonymized, subject to applicable law.

9. Information Security Measures

DigiVerifi implements reasonable technical and organizational safeguards, including:

  • Access controls and role-based permissions
  • Encryption and secure infrastructure
  • Employee confidentiality obligations
  • Periodic security reviews and audits

No system is completely risk-free; however, we continuously work to mitigate risks.

10. Data Breach Management

In the event of a confirmed data breach:

  • Appropriate containment and assessment measures are undertaken
  • Notifications are issued where required by law or contract
  • Corrective actions are implemented to prevent recurrence

11. Rights of Data Subjects

Depending on applicable law, data subjects may have rights relating to:

  • Access or correction of personal data
  • Withdrawal of consent (where applicable)

Requests should generally be routed through the client organization that initiated the verification, as DigiVerifi acts as a processor in most cases.

12. Limitation of Responsibility

DigiVerifi is not responsible for the accuracy of data provided by clients or third parties, nor for decisions taken by clients based on verification reports.

13. Changes to This Policy

This Privacy Policy may be updated periodically to reflect legal, regulatory, or operational changes. The latest version will always be available on our website.

14. Contact Information

For privacy-related queries or concerns:

Data Protection Officer
DigiVerifi Private Limited
Ground Floor, A-78, Sector 4
Noida – 201301, Uttar Pradesh, India
Email: harpreet@digiverifi.com