legal · privacy

Privacy policy

How we collect, use, and protect data when you visit this website. This is the policy for the OutsourceVerify marketing website. The separate Data Processing Agreement governs candidate data when we operate as a processor for client BGV programmes.

Effective: 17 April 2026 · Last updated: 17 April 2026

1. Who we are

This website is operated by OutsourceVerify ("we", "us", "our"). For the purposes of this Privacy Policy we are the data controller of personal data collected on our marketing website. Where we provide background verification services to client organisations, we operate as a data processor on their behalf, governed by a separate Data Processing Agreement.

For privacy enquiries: privacy@outsourceverify.com. Postal contact details available on request via the same address.

2. What data we collect

2.1 Information you provide

When you submit a form on this website (proposal request, booking request, report download, coverage assessment, calculator submission), we collect the personal data you enter, typically:

2.2 Information collected automatically

When you visit this website we automatically collect technical information needed to deliver the page and understand site usage:

3. Why we use your data: lawful basis

We process your data only where we have a lawful basis to do so:

PurposeLawful basis (GDPR Article 6)
Responding to your enquiry / proposal request / bookingArticle 6(1)(b): performance of a contract or pre-contractual steps at your request
Sending you commercial communications you have requestedArticle 6(1)(a): your consent
Operating and securing the website (logs, fraud prevention)Article 6(1)(f): our legitimate interests, balanced against your rights
Aggregated analytics to understand and improve the siteArticle 6(1)(f): legitimate interests; analytics are configured with anonymised data and IP truncation where the provider supports it
Compliance with legal obligationsArticle 6(1)(c): legal obligation

Equivalent lawful bases under DPDP Act 2023 (India), LGPD (Brazil), PDPA variants (Asia) apply where you are located in those jurisdictions.

4. Who we share your data with

We do not sell personal data. We share data only with:

We do not transfer data internationally without an appropriate safeguard (Standard Contractual Clauses, adequacy decision, or equivalent).

5. How long we keep your data

6. Cookies and similar technologies

This website uses a small number of cookies. On your first visit, you are presented with a consent banner that allows you to accept, reject, or customise cookie use. You can change your preferences at any time via the "Cookie preferences" link in the footer.

CookiePurposeTypeRetention
ov_cookie_consentStores your cookie preferences so we don't ask repeatedlyStrictly necessary12 months
ov_sessionMaintains state during your visit (e.g. calculator selections)Strictly necessarySession
Analytics cookiesAnonymised usage measurement (pages, time, country)Analytics: opt-inUp to 14 months

We do not use marketing cookies, behavioural advertising cookies, or third-party tracking pixels on this site. If that changes, we will update this page and prompt for fresh consent.

7. Your rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

To exercise any right, email privacy@outsourceverify.com. We respond within 30 days (GDPR/DPDP) or the shorter window required by your local law.

8. Security

We protect personal data with technical and organisational measures appropriate to the risk:

If you believe you've identified a vulnerability, please email security@outsourceverify.com rather than disclosing publicly. We will respond within 5 business days.

Candidate data: separate policy This Privacy Policy covers the OutsourceVerify marketing website only. When we provide background verification services to clients, we process candidate personal data as a processor on the client's behalf. That processing is governed by the Data Processing Agreement between us and the client, plus the applicable jurisdictional notice and consent framework. Candidates whose data we process for client BGV programmes should refer to the consent notice provided at the point of data collection.

9. International data transfers

Where personal data collected through this website is transferred outside your country of residence, we apply the appropriate safeguard for that transfer. For transfers from the UK or EEA, we use Standard Contractual Clauses (Decision (EU) 2021/914) or rely on an adequacy decision where one is in force. For transfers from Brazil, we use ANPD-approved Standard Contractual Clauses (Resolution CD/ANPD No. 19, 2024). For transfers from India, transfers are made consistent with the applicable provisions of the DPDP Act 2023 and supporting Rules.

10. Children

This website is intended for business users and is not directed at children. We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently collected such data, please contact privacy@outsourceverify.com and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page indicates the latest revision. Material changes will be notified through a banner on the site. Continued use of the site after the effective date of an update constitutes acceptance of the revised policy.

12. Contact

For any privacy enquiry, including to exercise your rights or to lodge a concern: privacy@outsourceverify.com.

Our Data Protection Officer can be reached at the same address with the subject line "DPO".