Legal Policies
Privacy & Legal Notices
Version: 1.0
Last updated: 21 January 2026
This Privacy Statement explains how VERIS Consulting (“VERIS”, “we”, “us”) collects, uses, discloses, and protects personal data when you:
visit our website; and/or
participate in background screening services delivered by VERIS (including via the VerisChecks™ platform, where applicable).
By using our website or services, you acknowledge that you have read and understood this Privacy Statement. If you do not agree with its terms, please do not use our website or services.
Scope and Who This Applies To
This Privacy Statement applies to the following categories of individuals (“Data Subjects”):
A. Website Visitors
Individuals who access or browse our website, contact us, or interact with content/features on our website.
B. Candidates / Background Screening Subjects
Individuals whose personal data is processed by VERIS in connection with background screening services provided to our clients (typically employers or organizations requesting screening).
C. Business Contacts
Client representatives, prospects, vendors, partners, and other professional contacts who communicate with VERIS.
Roles and Responsibilities (Controller vs Processor)
Depending on the context, VERIS may act as:
Data Controller
Data Controller for personal data collected directly through our website and business communications (e.g., inquiries, marketing communications), where VERIS determines the purposes and means of processing.
Data Processor
Data Processor (or equivalent role) for personal data processed as part of background screening services, where our client typically determines the purposes of processing and VERIS processes data on the client’s instructions.
Where required, our processing is governed by applicable laws and contractual arrangements with our clients and service providers.
Personal Data We Collect
A. Website Visitors
We may collect:
✔Technical and usage data: IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, time spent, and other website interaction logs.
✔Cookies and similar technologies: identifiers and preferences stored on your device (see Section 8).
✔Inquiry data: name, email address, phone number, company, and message content when you submit an inquiry or contact form.
B. Candidates / Background Screening Subjects
Depending on the screening scope, we may collect:
✔Identity information: name, contact details, date of birth, identification numbers (where applicable), and identity documents.
✔Employment and education information: employment history, references, education history, qualifications, certifications.
✔Verification results and supporting evidence: confirmation outcomes, discrepancies, and related documentation.
✔Other data relevant to the screening scope: information necessary to conduct specific checks requested by the client and permitted by law.
C. Business Contacts
We may collect:
✔Name, business email, business phone number, job title, organization, and communications history.
How We Collect Personal Data
We may collect personal data:
A. Website Visitors
- Directly from you (e.g., forms, email inquiries)
- Automatically when you use the website (e.g., logs, cookies)
B. Candidates / Background Screening Subjects
- Directly from you (e.g., forms, documents, consent/authorization)
- From our client (e.g., employer-provided candidate details)
- From third parties relevant to verification (e.g., referees, educational institutions, former employers), where permitted and appropriate
Purposes of Processing
A. Website Visitors
We process personal data to:
- operate, maintain, and improve the website
- respond to your inquiries and requests
- administer security and prevent fraud/abuse
- perform analytics to understand website usage
- provide updates and communications (where applicable and permitted)
B. Candidates / Background Screening Subjects
We process personal data to:
- perform background screening and verification services requested by our clients
- validate the authenticity and accuracy of information provided
- compile and deliver screening results to our clients
- manage compliance, disputes, complaints, and quality assurance
- maintain security and prevent fraud/abuse
C. Business Contacts
We process personal data to:
- manage business relationships and communications
- provide services and support
- administer contracts, billing, and vendor management
Legal Bases for Processing
Where required by applicable law, we rely on one or more legal bases, which may include:
- consent/authorization (e.g., where candidates provide authorization or where required)
- performance of a contract or steps prior to entering a contract
- legal obligations
- legitimate interests (e.g., operating and securing our website, responding to inquiries), balanced against your rights
Sharing and Disclosure
We may share personal data with:
A. Website Service Providers (Processors)
We use third-party service providers to host and operate the website and related communications, including:
- Hosting / infrastructure: Hostinger (managed WordPress hosting). Website server/logs are hosted in Singapore.
- Website platform: WordPress (including necessary themes/plugins used to operate site features).
- Email services: Google Workspace (to receive and respond to website inquiries).
These providers are permitted to process personal data only to provide services to VERIS and under appropriate safeguards.
B. Clients (Background Screening)
For candidate screening, VERIS shares screening results and relevant information with the client that requested the screening, in line with the agreed scope and applicable law.
C. VerisChecks Platform (Candidate Services)
The VerisChecks platform domain is managed via GoDaddy. The application and personal data are hosted and stored on Amazon Web Services (AWS) infrastructure, with servers located in Singapore.
D. Legal and Compliance
We may disclose personal data where required by law, regulation, legal process, or to protect rights, safety, and security.
Cookies and Similar Technologies (Website Visitors)
We use cookies and similar technologies that are necessary for website functionality and security (for example, to support basic WordPress features and help protect the site).
We do not use:
- Google Analytics (GA4) or Google Tag Manager (GTM)
- Marketing/advertising pixels (e.g., Meta/Facebook Pixel, LinkedIn Insight Tag, Google Ads conversion tracking)
- Session replay/heatmap tools (e.g., Microsoft Clarity, Hotjar)
- reCAPTCHA
- Cloudflare (CDN/WAF)
Cookie choices:
- You can manage or disable cookies through your browser settings. Please note that disabling cookies may affect some website features.
- We do not currently display a cookie consent banner because we do not use analytics/marketing cookies on this website.
International Transfers
Website context:
Our website and related systems may be hosted or supported by third-party service providers, and website logs may be processed or stored outside the data subject’s country of residence. Appropriate safeguards are implemented in accordance with applicable law.
Candidate / VerisChecks context:
Personal data processed through the VerisChecks platform is stored and processed on Amazon Web Services (AWS) servers located in Singapore. GoDaddy is used solely as a domain name service provider and does not host or store personal data. Where data is processed or stored outside the data subject’s country, appropriate safeguards are implemented in accordance with applicable law.
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described in this Privacy Statement, including for compliance, dispute resolution, security, and contractual requirements.
- Website inquiries and business communications: retained for operational, security, and legal needs.
- Website logs: retained in line with hosting/security requirements.
- Background screening records: retention varies by client contract and our internal retention schedule.
Security
We maintain appropriate administrative, technical, and organizational measures designed to protect personal data from unauthorized access, loss, misuse, alteration, or disclosure.
Your Rights
Subject to applicable law, you may have rights including:
- access to your personal data
- correction of inaccurate data
- deletion/erasure (where applicable)
- restriction or objection to processing (where applicable)
- withdrawal of consent (where consent is the basis)
To exercise your rights, contact us using the details below. We may need to verify your identity before fulfilling requests.
Contact Us (DPO / Privacy Contact)
If you have questions or requests related to this Privacy Statement or your personal data, please contact our Data Protection Officer (DPO):
- Eko Sucahyo Kurniawan
- Email: dpo@veris-consulting.com
Updates to This Privacy Statement
We may update this Privacy Statement from time to time. The “Last updated” date at the top of this page indicates when changes take effect.
