Profiden
Profiden

Employee Verification

Pre/Post Employee White Collar Blue Collar GIG Works

KYC & Onboarding

Identity Verification Address & Contact Verification AML & Risk Screening

B2B Risk Assessment

Vendor Onboarding Director & UBO Check GST & MCA Checks Financial Health View all solutions
Banks & NBFCs Fintech & Payments IT & Technology Staffing & Gig Healthcare Real Estate Gaming & Crypto E-Commerce & Retail
Platform Blog Company Careers
Log in Request demo
Legal

Privacy Policy

Last updated: 1 January 2025

1. Introduction

Profiden Technologies Private Limited ("Profiden", "we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our platform, website, and services. By accessing or using Profiden, you agree to the terms of this policy.

2. Information We Collect

We collect the following categories of information:

Account Information
Name, email address, job title, and company name provided when you register or contact us.
Verification Data
Identity documents, biometric data, and personal information submitted as part of verification checks — collected only with explicit consent from the data subject.
Usage Data
Log data, IP addresses, browser type, pages visited, and session duration collected automatically when you use our platform.
Payment Information
Billing name, address, and payment card details processed securely via our PCI-DSS compliant payment processor. We do not store card numbers.
Communications
Emails, support tickets, and survey responses you send to us.

3. How We Use Your Information

We use collected information for the following purposes:

  • Delivering and improving our verification and compliance services
  • Processing payments and managing your account
  • Sending service notifications, product updates, and security alerts
  • Responding to support requests and enquiries
  • Complying with legal obligations under applicable law
  • Detecting, preventing, and investigating fraud and abuse
  • Analysing usage patterns to improve platform performance

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process personal data under the following lawful bases: (a) Contract performance — to deliver the services you have subscribed to; (b) Legitimate interests — to improve our services, prevent fraud, and ensure platform security; (c) Consent — for optional communications and marketing; (d) Legal obligation — to comply with applicable law and regulatory requirements.

5. Data Sharing & Disclosure

We do not sell your personal data. We may share data with:

  • Government databases and registries — to perform the verification checks you request
  • Trusted sub-processors (cloud infrastructure, payment processors, analytics tools) — bound by data processing agreements
  • Law enforcement or regulatory bodies — only when legally required
  • Acquirers in a merger or acquisition — subject to equivalent privacy protections

6. Data Retention

We retain verification records for the period required by applicable law or as specified in your service agreement. Account data is retained for the duration of your subscription plus 6 months. You may request deletion at any time — see Section 8.

7. International Transfers

Data is stored in India by default (AWS Mumbai). For customers in the EU, we offer EU data residency with appropriate Standard Contractual Clauses (SCCs) in place. We do not transfer data to third countries without appropriate safeguards.

8. Your Rights

Depending on your jurisdiction, you have the right to:

Access
Request a copy of the personal data we hold about you.
Rectification
Correct inaccurate or incomplete data.
Erasure
Request deletion of your personal data.
Portability
Receive your data in a machine-readable format.
Restriction
Restrict how we process your data.
Objection
Object to processing based on legitimate interests.

9. Security

We implement technical and organisational measures including AES-256 encryption, TLS 1.3, multi-factor authentication, and ISO 27001-certified security controls. For a full overview of our security practices, see our Security page.

10. Cookies

We use strictly necessary cookies for session management and optional analytics cookies (with your consent) to improve the platform. You may disable non-essential cookies at any time via your browser settings.

11. Changes to This Policy

We may update this policy periodically. Material changes will be communicated by email at least 30 days before they take effect. Continued use of our services after that date constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related queries or to exercise your rights:

Address: 1216, Vipul Business Park, Sector 48, Gurugram, Haryana 122001, India