Privacy Policy

v.3.0 March 2020

Who are NetWatch Global®?

We are NetWatch Global Limited, (“NetWatch” / “we” / “us” / “our”) a company registered in England and Wales under registered number 08604760 and our registered office is at Brook Court, Whittington Hall, Worcester, WR5 2RX. Since 2013, NetWatch (and its affiliated companies) (“The Surveillance Group” / “Group”) have provided innovation and excellence in open source and social media investigation and are committed to protecting the privacy and confidentiality of sensitive information.

NetWatch are committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information and that of the Data Subjects you are processing. This policy applies to you, the user of this Web Site and NetWatch; the owner and provider of this Web Site. This Policy applies to our use of any and all Data collected by us in relation to your use of the Web Site and any Services or Systems therein.

This policy explains what personal information we collect from open sources and what we do with that information. If you have any queries about this Policy or our information practices, please contact the NetWatch Data Protection Officer at legal@netwatchglobal.com.

 

Registered Information Commissioners Office details:

Data Controller: NetWatch Global Limited

Registration Number: ZA025589

Date Registered: 30 October 2013

Registration Expires: 29th October 2021

Address:

Brook Court, Whittington Hall, Worcester, WR5 2RX

 

When and what data do we collect and why:

1.

When? When you apply for a job with NetWatch or are in employment with us we will need to process data to enable the recruitment process and annual checks that our clients stipulate within the contract

What data do we collect? We collect all data that is provided within your C.V which is required for the application of a job position such as name, address, qualifications and contact details. If your job application proceeds further Netwatch may undertake a consumer check which will involve a background check of details such as credit score and insolvency history. A DBS check may also be undertaken however we do not store the details only the certificate or reference number. At the point of job offer we will request permission to contact your references, and you will be subject to Open Source Vetting, as such any publicly accessible information available online may be collect as part of the process.

Lawful basis for processing: (Under Article 6) The processing is necessary for a contract with an individual, or because they have asked you to take specific steps before entering into a contract.

Additional processing reason due to processing of criminal offence data (Under Article 10): Complicit consent gained in the form of sign off.

2.

When? When you express an interest in our products or are a current client, we may contact you or send out marketing emails informing you of our full range of similar services. can opt out of these emails by unsubscribing at any time using the link in the marketing email or emailing our Data Protection Officer on dpo@netwatchglobal.com.

What data do we collect? Name, email, phone, company, job title, any other relevant information provided by yourself in our online forms.

Lawful basis for processing: Processing is necessary for the purposes of the legitimate interests pursued by the controller.

3.

When? When a client / customer uses our products and or services we need to process certain information to enable us to deliver a contractual service to them and receive payment for the services used. Please note that Netwatch Global will always be the processor and the client will be the Controller. (if you are customer using our services we may contact you regarding addition services that we offer)

What data do we collect? Name of data controller (client), main contact details, email addresses, phone numbers, payment information including bank details,

Lawful basis for processing: (Under Article 6) Processing is necessary for the performance of a contract to which the data subject is party.

4.

When? If you are subject to one of our investigations, then Netwatch Global will need to undertake the collection and in some cases analysis of open source information on a data subject that has been provided by one of our clients (the Controller).

What data do we collect? Netwatch will collect any publicly available information on a data subject that can be found online or within public datasets. This typically includes personal information such as name, date of birth, address, contact information, social media addresses and any information posted to these publicly.

Lawful basis for processing: Processing this data is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in our case the prevention and or detection of Fraud.

5.

When?  During an investigation Netwatch Global or one of its contracted clients (the Controller) may utilises bespoke specialist software tools to capture and store open-source and publicly available information.

What data do we collect? Our software searches for, stores and indexes publicly available information from the internet, which is used to provide investigative services to our contracted clients (controllers) with a legitimate interest.

Lawful basis for processing: Processing this data is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in our case the prevention and or detection of Fraud.

6.

When? Netwatch Global process and store information found from publicly sourced areas such as websites and the dark web. This data is placed into a database from which our clients can perform various searches.

What data do we collect? We collect social media IDs, mobile phone numbers, email addresses and any descriptive data associated with a listing or advert.

Lawful basis for processing: Processing this data is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, in Netwatch’s case the prevention and or detection of Fraud and other criminal activity.

 

How long do we retain your personal information?

                            Type of dataData retained for:
Customer account and contact information

E.g. name, address, telephone number, order history.

Active subscribers = Continuous until end of use or subscription.

 

Inactive subscribers or pay as you go customers

3 years from cancellation of last service.

Personal Data relating to an instruction (e.g. employment screening check, profile location etc.)The expiry term for the instruction data can be determined at the point of instruction and cannot exceed 365 days. Should the information be required to be retained by your company the information may be extracted and stored to your internal policies.
Completed reports7 Years
Customer Correspondence

E.g. secure emails, post, disputes, complaints.

3 years from cancellation of last service.
Payment card details

 

All payments via our website are handled via our third-party payment provider Stripe who are fully PCI Compliant. More information about their retention periods can be found at www.stripe.com/gb/privacy
Database store of open-source information7 Years

 

Your Rights and control over the data we process:

Rights of Access:

You have the right to access your personal data and supplementary information.

The right of access allows you to be aware of and verify the lawfulness of the processing.

Right to rectification:

The GDPR includes a right for you to have inaccurate personal data rectified or completed if it is incomplete.

You can make a request for rectification verbally on 01905 767879 or in writing to Thomas Hull (dpo@netwatchglobal.com)

Right to erasure:

The GDPR introduces a right for you to have personal data erased.

The right to erasure is also known as ‘the right to be forgotten’.

You can make a request for erasure verbally or in writing to Thomas Hull (dpo@netwatchglobal.com).

NWG will have one month to respond to a request.

The right is not absolute and only applies in certain circumstances.

Right to restrict processing:

You have the right to request the restriction or suppression of your personal data.

This is not an absolute right and only applies in certain circumstances.

When processing is restricted, NWG are permitted to store the personal data, but not use it.

You can make a request for restriction verbally or in writing to Thomas Hull (dpo@netwatchglobal.com).

Right to data portability:

The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services.

Upon request, NWG must move, copy or transfer personal data from one IT environment to another in a safe and secure way, without hindrance to usability.

Right to object:

You have the right to object to:

processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);

direct marketing (including profiling); and

processing for purposes of scientific/historical research and statistics.

Rights related to automated decision-making including profiling

NWG does not utilise any automated decision-making strategies.

Right to complain:

All internal complaints or for further information regarding the processing of data, please contact Thomas Hull (Data Protection Officer) at dpo@netwatchglobal.com or on 01905 767879.

Alternatively, the Information Commissioners Office can be contacted on 0303 123 1113 or via their website https://ico.org.uk/concerns/.

Right to Rectification and Data Quality:

NWG will ensure that the personal data we process remains accurate and up to date. All individuals have the right to have their personal data rectified if it is inaccurate or incomplete. An individual can make this request either verbally or in writing and NWG will have 28 days to respond to the request once identification has been established.

 

Information security

We recognise the importance of keeping your personal information secure. We take all reasonable steps to ensure that our online transactions and data stores are secure and that we protect the privacy of information provided to us. We have strict security and confidentiality procedures covering the storage and disclosure of information in order to maintain confidentiality; prevent unauthorised access; and to comply with all applicable data protection regulation and laws. We are ISO 27001 UKAS accredited.