eTeki is committed to the protection of individual privacy rights. We hold ourselves to the highest legal and ethical standards for compliance and strive to be a privacy champion in the human resources technology industry. We value the trust our clients, colleagues and suppliers place in us, and we work to maintain that trust by building privacy protection into everything we do.
You can contact eTeki’s Data Protection Officer (DPO) at
Phone: 1-813-513-7722 Ext: 6003
Send data protection related requests for a systematic review of user data before deletion occurs.
eTeki is committed to protecting your privacy and personal data as defined in the Data Protection Act 1998, the General Data Protection Regulation ((EU) 2016/679) or any successor legislation to the GDPR or the Data Protection Act 1998.
What is Personal data?
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
When we process personal data on our clients’ behalf, we are acting as a processor.
What personal data does eTeki collect from you and why?
We collect personal information that our clients instruct us to collect. For more specific details about the information we’ll collect about you, please speak with the organization that requested the services.
The most common use of our services by organizations is recruitment and employment. Therefore, for convenience, where this policy refers to “our client” or “your potential employer”, it’s referring to that kind of organization.
Who we share your personal information with and why
We share your personal information with:
- the client that requested it
- any third party we need to contact to collect or validate your personal information, and
- service providers we use to fulfill services and manage our infrastructure.
We may collect information about your computer, including where available your IP address, operating system, and browser type, for system administration and to report aggregate information for Advertising. This is statistical data about our users’ browsing actions and patterns and does not identify any individual and we will not collect personal information in this way.
We may obtain information about your general Internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalized service.
They enable us:
- To estimate our audience size and usage pattern.
- To recognize your computer or device when you return to our site.
- The ability of our embedded video and radio players to load faster.
Disclosure of personal information?
We process personal information in the United States that we have collected from people around the world, so we may transfer it outside the United States as follows:
- To third parties from which personal information must be collected or verified to fulfill services requested by our client. For example, if our client asks for a criminal record check in Spain, we’ll transfer personal information to the organization in Spain that provides police certificates.
- To contractors that provide specific services if our client has requested them. For example, if our client asks for a person’s education history in Japan to be verified, we may transfer personal information to a company in Japan with expertise in verifying Japanese education history in the local language.
- To our client and to you if either of you is based outside the United States.
1. The scope of our work
This statement applies to the collection and processing of personal information, which means information about an identifiable individual (you) that eTeki collects when providing services to our clients.
2. Our legal basis for processing
Our client is responsible for deciding the legal basis for your screening. We collect your personal data in line with their instructions. They will get your signed consent where necessary. Typically, third parties (for example, organizations and referees) will not share your information with us unless we can show that our request (on our client’s behalf) is made with your knowledge and agreement. Your consent does not alter the legal basis for the processing set by your potential employer. Furthermore, if you withdraw or withhold consent, this will not affect your potential employer’s legal basis for screening.
The optional legal bases our clients can use are:
- compliance with a legal obligation
- performance of a contract
- legitimate interest
- public interest
- vital interest
Where our services are used for recruitment and employment purposes, your offer of a role may depend on successfully undergoing screening (or screening may be required under your existing contract of employment). If so, then failure to consent to us processing your personal data for employment screening purposes may affect your employment with our client or their clients. We are not involved in any decisions about your employment. We take no responsibility for any actions by our client regarding the screening process and outcome.
If you have questions about the consequences of withholding your personal data or withholding or withdrawing your consent to the screening process, you should put them to your potential recruiter.
3. How and why do we collect personal information?
We collect your personal information in the following ways:
- When you provide personal information to us through our web site.
- When we have spoken with you on the phone, when you email us, use a chat application or when you send information to us by post or fax.
- When you contact us through social media.
- When we receive information about you from our client requiring our services.
- We may also receive personal data about you from third parties.
Providing technical interviews, background checks, compliance, and other services to our clients
We collect your personal information to enable us to perform our primary function, which is to provide services to our clients, as follows:
- Background video interviews on subject matter expertise.
- Skill level assessments.
- Coding examples, (snippets).
- Collection, validation, and storage of onboarding and other documents.
When we provide services, our client is generally responsible for the following aspects of collecting and processing personal information:
- Deciding which personal information, we will collect and how we use it.
- Establishing a legitimate basis for collecting and processing personal information, and ensuring it complies with the law.
- If appropriate, ensuring you are notified of, or provide consent for, the collection and processing of your personal information in line with the law.
- Complying with any legal obligations our client may have as the body that controls or owns the personal information.
- Getting your authorization, if it is needed, to help us perform services we are asked to provide. Often, the client will ask us to get this authorization on its behalf.
We are generally responsible for the following aspects of collecting and processing personal information:
- Carrying out the services requested by our client in line with its instructions.
- Storing and protecting personal information in our custody according to our client’s instructions.
- Complying with any legal obligations we may have as a processor, custodian, service provider or similar under the law.
When we provide services to a client, we collect your personal information in line with our client’s instructions. For more about this, please contact your potential employer.
Tracking the usage and security of our secure platforms
We collect information about your activity on our secure platforms to ensure the integrity and security of our systems and the data in our custody. We use it to audit system access and investigate suspicious activity.
Our collection of personal information for security purposes is based on our legitimate interest and legal obligation to ensure we protect personal information in our custody.
4. What types of personal information do we collect?
Review the list below to see the types of personal information we collect from or on behalf of our clients, along with an explanation of why we collect it and where we collect it from.
Not all background checks require the same level of detail and verification. If you wish to know more about what is required regarding your own background check, we recommend you ask your potential employer.
Types of personal information collected to provide services to clients
|Type of information||Reason for collection||Sources|
|Names – current and former||This is how we identify you. If we do not know who you are, we cannot provide services. We may need former names to conduct a full background check, as old records may be held under a former name.||
|Contact details – current phone and email address||Some services, especially live technical interviews on video, require email, SMS, and phone prompts to coordinate logistics between parties like when users are open to interview, interview confirmation and related reminders, tech check prompts, and troubleshooting video interview sessions. Any SMS sent to phone numbers follow global compliance standards for opt-in.||
|Names of your parents – current and former||Some services, especially criminal record checks, require the name of your parents to identify you.||
|Photograph||Some services require us to collect a photo ID||
|Video Recordings/Interviews||Some services require us to collect video to verify subject matter expertise||
|Documents to prove identity or address||We may be asked by our client to verify your identity, or we may be required to do so to complete services. If so, we may collect ID cards or other documents you provide.||
|Government-issued identity numbers (e.g. driving license number, passport number)*||Some services require this information, as records we need to retrieve from third parties are often associated with a government identity number. This may include criminal records, credit files, employment history or driving records.||
|Employment history||Some clients wish to verify employment or activity history over a period of time.||
|Volunteering history*||Some clients wish to verify volunteering or activity history over a period of time.||
|Education history||Some clients wish to verify education or activity history over a period of time.||
|Gap history||Some clients wish to verify activity history over a period of time.||
|Professional credentials, designations, licenses, memberships (this may also include trade union membership*), associations, awards, sanctions or reprimands||Some clients wish to verify your standing as a certain type of professional; participation or completion of professional development courses; or the existence of professional sanctions or reprimands.||
|Media||Some clients wish us to locate media articles about you, assess your social media activity, or locate any other mentions of you on various web sites such as blogs, forums and more.||
|Call recordings||We monitor some phone calls for quality assurance and training purposes.||
|Your opinions about your experience with eTeki||We may occasionally seek your feedback about your interactions with us to improve the quality of our service.||
*Items marked with an asterisk may be considered sensitive or may be subject to special protections in some places. We will not collect them in every case. We will not collect them if it is illegal. Where permitted, we will only collect and use them in line with the law.
Types of information, some of which may be personal information, that is logged when you access our secure platforms:
- IP address.
- Login credentials for our systems.
- Dates, times and lengths of sessions.
- Access to and modification of data.
- Browser type and version.
Reuse of personal information for new purposes
If we collect personal information about you for which we act as a controller, we will not reuse personal information for a new purpose except the original ones for which we collected it unless one or more of the following is true:
- The new use is compatible with the original one.
- We have notified you of the new use and given you an opportunity to object to it.
- The change of use is otherwise permitted or required by law.
You should contact your potential employer for details of any reuse of your personal information because it relates to personal information where they act as a controller.
5. When, why and how do we communicate personal information outside eTeki?
To provide services as instructed by our client
Often, the services we provide require us to find or validate personal information with third-party sources when requested by our client. To do so, we need to provide your personal information to allow the third party to find records about you. We generally provide the information that is required by the third party in the format and through the transmission method of the third party’s choosing. This may involve transmitting information through a web site (including API), phone call, email, fax, letter or in person.
When we provide services to a client, communication of your personal information occurs in line with our client’s instructions. For more about this, please contact your potential employer.
To provide results to our client
When we provide services to a client, we transmit personal information to it, in line with its instructions. Typically, we transmit using our secure web platforms and occasionally by phone, email, fax or mail.
To engage service providers and sources
Most of our work is done by our employees or authorized personnel who access personal information directly from our systems and whose activities are under our direct control. But we use third-party service providers for certain specialized tasks. These tasks include the storage of data, information technology support, and some services we perform for our clients.
All our work relies on collecting data about you from sources as hereinto described. It would be impractical to list all service providers and sources here, so instead, we have listed types of service providers and sources.
When we provide services to a client, we use service providers in line with our client’s instructions. For more about this, please contact your potential employer.
Third-party service providers and sources
|Third party||Types of information||Purposes for transfer|
|Data storage and delivery providers||All personal information in our custody||Secure data storage and delivery|
|IT support services||Personal information in our custody with which we require technical support||Technical support|
|Other companies that provide services similar to ours||Personal information required to fulfil services||Provision of services in locations where we do not operate – only used when necessary|
|Data aggregators||Personal information required to fulfill services||Provision of services where data is accessible through an intermediate organization|
|Employers, employment agencies, referees, educational institutions, education authorities, professional institutions, licensing authorities, and their recordkeeping service providers||Personal information required to verify employment (including volunteering), qualifications and licenses, and to get references||Verification of employment, qualifications and licenses, and collecting references|
|Translation services||Personal information we have received in a language other than what is used to provide the services for which it was collected||Provision of services in the language required by our client|
|Survey services||Your opinions about our services||Conducting surveys|
|Auditors||Personal information in our custody||Audit services of our technology platform, financial records and quality of our services|
In exceptional circumstances
We may be asked to communicate personal information to law enforcement agencies, national security agencies, courts or other public bodies in any jurisdiction where we are subject to the law, regardless of where personal information is stored. If we receive a production order, warrant, subpoena or other enforceable demand, we will comply as required by law. If we receive a request to provide information voluntarily, we will consider your interests, our business interests, the interests of our clients, public safety implications and our legal obligations before deciding whether to communicate personal information. In any case, if the information in question was collected from or on behalf of a client, we will consult the client before proceeding unless prohibited by law.
We may proactively communicate personal information to law enforcement or other third parties if necessary, to investigate or report a violation of the law or a contract, or if otherwise appropriate and permitted by law.
6. How does eTeki protect my data?
To support compliance with all relevant US and EU data protection law and the requirements of the General Data Protection Regulation (GDPR). eTeki has implemented a DPIA (Data Protection Impact Assessment) and data governance program. The objective of the implementation of the DPIA is to provide direction and support for compliance with data protection requirements and good practice. eTeki shall establish, implement, maintain and continually improve their data governance program DPIA, including the processes needed and their interactions.
Certification and alignment to ISO/IEC 27001 Information Security Management, BS EN ISO 9001 Quality Management, are used to support the DPIA as well as suitable qualified and experienced personnel in the roles of data protection officer, information security and data owners. These roles will oversee and review data processing activities, maintain data inventories and data impact assessments to ensure that adequate organizational and technical measures are in place which is reviewed on a yearly basis.
7. Can I find out what information eTeki holds about me?
eTeki at your request can confirm what information we hold about you and how it is processed.
What forms of ID will I need to provide to access this?
eTeki accepts the following forms of ID when information on your personal data is requested:
- Driving license
plus, a utility bill from last 3 months
8. How do we ensure your personal information is accurate?
Much of the personal information we collect comes directly from you or our client. If you have any concerns about the accuracy of the data processed about you, you should contact your potential employer in the first instance. Our processes for collecting and transcribing personal information are automated as far as possible and subject to rigorous quality controls. Information is updated if it is found to be inaccurate, either through our own audits or after a request for correction received from our clients.
9. Do we engage in automated decision-making or profiling using personal information?
We do not make decisions about you, automated or otherwise, and do not try to analyze or predict your behavior, preferences, interests, health or other personal characteristics. However, we may carry out automated processing on our client’s instructions. For more about automated processing of personal information on a client’s behalf, please contact your potential employer.
10. Do we conduct research using personal information?
No. We maintain historical statistical data in anonymized, aggregate form for research and analysis. In this form, it is no longer regarded as personal information since it cannot identify you. We will use personal information to verify the identity of the interviewee.
11. How long do we keep personal information?
We keep personal information that was collected from or on behalf of a client for as long as the client asks us to keep it, or as long as we need to keep it to comply with our legal obligations. To understand how long we will store your personal information, please contact your potential employer.
13. How can you access or correct your personal information, request that it be deleted, or ask for it to be transferred to another organization?
At any time, you can request access to any personal information we collect from you if we are acting as a controller, e.g. if we process your personal information when you access our website. You can ask us to correct any inaccuracies and add comments or explanations to our records about you.
You can also ask about:
- whether and why we have your personal information
- how we got your personal information
- what we have done with your personal information
- to whom we have communicated your personal information
- where your personal information has been stored, processed or transferred
- how long we will retain your personal information, or how that retention period will be decided, and
- the safeguards in place to protect your information when it is transferred to third parties or countries outside the United States.
Finally, you can ask us not to collect or use your personal information for certain purposes, you can ask us to delete your personal information, or you can ask us to provide your personal information to a third party.
If we act as a processor on behalf of one of our clients, you will need to make any requests for the above directly to your potential employer. Any requests we receive from you that relate to such personal information will be referred to your potential employer.
Depending on which laws apply to your personal information, we or your potential employer may only be able to do some of these things for you. If we are unable to do what you want, we will explain to you your legal rights, the reason for our refusal and any further steps you may take.
In the event that you wish to make a complaint about how your personal data is being processed by eTeki or how your complaint has been handled, you have the right to lodge a complaint with eTeki’s Data Protection Officer.
Contact Data Protection Officer (DPO) contact details
Data Protection Officer
405 N. Reo Street
Tampa, FL 33609