Privacy Notice for PSI Testing

Teleperformance Contact Limited, registered at Suite 510 Business Environment, Citypoint, Temple Gate, Bristol, UK, Companies Register under number 08753943, together with all the other TLScontact subsidiaries  worldwide (hereinafter “TLScontact”, “we”, “us”, “our”) are committed to protecting the privacy and security of the customers who use TLScontact websites and services (hereinafter “Customers”, “you”, “your”). The purpose of this privacy notice (hereinafter the “Privacy Notice”) is to explain how and why we use your personal data to ensure you remain informed and in control of your information.

TLScontact processes your personal data in compliance with the applicable legal requirements and, in particular, the data protection laws in your resident country, European General Data Protection Regulation 2016/679 (“GDPR”) dated on April 27, 2016 applicable as of May 25th, 2018 in the European Union, and the Data Protection Act 2018 applicable in the United Kingdom.

This Privacy Notice applies to TLScontact services for PSI testing and by using our services you acknowledge having been informed that TLScontact collects, uses and discloses your personal data in accordance with this Privacy Notice. Any questions you have in relation to this Privacy Notice or how we use your personal data should be sent to our Data Protection Officer:

TLScontact Data Protection Office:
Email:
dp@tlscontact.com

ABOUT US

TLScontact works with governments from around the world to provide visa and consular services on their behalf to travellers and citizens. Part of our business is to provide Testing Centres for PSI Services LLC (“Our Client”).

TLScontact is part of Teleperformance Group, the global leader in customer experience management and digital integrated business services.

Your personal data (i.e. any information allowing to identify you directly or indirectly) is collected on the behalf of our client (i.e. hereinafter the “Client”) for the provision of online examination services (“PSI Testing”), and to perform administrative and non-judgmental tasks related to the aforementioned services (see Section 1 of this Privacy Notice). Your personal data may also be collected by TLScontact on its own behalf notably to ensure the security of its premises, employees and visitors (see Section 2 of this Privacy Notice). Our Client is data controller within the meaning of the UK Data Protection Act and the GDPR and TLScontact may either act as a data controller or a data processer depending on the nature of the services/processing concerned. When TLScontact acts as a data processor it collects and processes personal data only on behalf and under the instructions of its Client.

1. FOR PERSONAL DATA CONCERNING YOUR TESTING PARTICIPATION AND RELATED SERVICES (TLSCONTACT ACTING AS A DATA PROCESSOR)

1.1. HOW DO WE COLLECT YOUR PERSONAL DATA?

We obtain personal data about you when you enter our testing centres as we will have to verify your identity, register you on the Examination Roster and capture your image in our testing centres as the whole testing process will be video recorded.

1.2. WHAT DO WE COLLECT?

We will only collect personal data required by our Client to provide PSI testing related service.

We collect in particular the following categories of personal data:

Personal details: details as in your Identification document (i.e. passport or ID), such as name, gender, nationality, place, date of birth, photographs, etc.

Electronic media data: Video monitoring and recordings such as CCTV images.

1.3. HOW IS YOUR PERSONAL DATA USED?

We will never sell your personal data or use it in any way without your direct knowledge. We will only use your personal data on behalf of our Client and according to its instructions in order to process the specific service that you require relating to the PSI Testing.

We may use your personal data to:

  • Validate who you say you are;
  • Ensure effectiveness and integrity during the test;
  • Test supervision;
  • Perform our obligations under our mandate from our Clients.

Such data processing is based on the execution of the contract between TLScontact and its Client and on the compliance with legal obligations.

For more information regarding the purposes of the data processing we implement on behalf of our Client, please contact PSI Services LLC.

1.4. HOW LONG DO WE STORE PERSONAL DATA?

We keep your personal data in accordance with our legal obligations and with our Client’s instructions. We will hold your personal information on our systems for maximum sixty (60) days as per our Client’s instruction so as to ensure the effectiveness, integrity and transparency in the testing process.

For more information about how long the Client keeps your personal data, please contact PSI Services LLC.

1.5. WHO HAS ACCESS TO YOUR PERSONAL DATA?

TLScontact companies

We may share your personal data with companies belonging to TLScontact within Teleperformance Group where it is necessary to process your requests and to provide you with the relevant services.

Our Client

Your personal data may be sent to our Client as the data controller. We cannot control or direct how your personal data is used after transferring it to the data controller. We strongly recommend you read their privacy notices too.

Third parties for legal reasons

We may share personal data with third parties to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. We will only disclose personal data that is necessary to deliver the services concerned. Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

  • Will be kept secure and confidential;
  • Is stored for only as long as required to process service;
  • Will never be used for anything other than to process the requested service;
  • Will never be used for any marketing purpose by the third party.

1.6. OVERSEAS TRANSFER OF YOUR PERSONAL DATA

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. By taking a PSI Testing or other related service, your personal information will be transferred to our Client’s database in the United Kingdom. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data from the EEA to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection by using our Binding Corporate rules or by entering into Standard Contractual Clauses approved by the European Commission with the data importers.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance Group.

2. FOR PERSONAL DATA CONCERNING TLSCONTACT SPECIFIC PROCESSING (TLSCONTACT ACTING AS A DATA CONTROLLER)

2.1. HOW DO WE COLLECT YOUR PERSONAL DATA?

We obtain personal data about you when you come to our testing centres.

2.2. WHAT DO WE COLLECT?

We will use, store or otherwise process any of your personal data in accordance with the terms of this Privacy Notice, including but not limited to CCTV images for general surveillance.

2.3. HOW IS YOUR PERSONAL DATA USED?

We will never sell your personal data or use it in any way without your direct knowledge.

We may use your personal data to:

  • Ensure the security of TLScontact’s employees, visitors, customers and premises.

To process your personal data lawfully we need to rely on one or more valid legal grounds. The grounds we may rely upon are:

  • Where we process your personal data to deal with your enquiries that are not related to a specific service, or to protect our employees, visitors and premises, the legal basis of the processing is the legitimate interests pursued by TLScontact (except where your interests or fundamental rights override these), more specifically in responding to your needs and offering you adapted services,and in ensuring its security.
  • Where the processing is necessary for compliance with a legal obligation to which we are subject, the data processing is based on such legal obligation.

2.4. HOW LONG DO WE STORE PERSONAL DATA?

We review our retention periods for personal data on a regular basis. We generally keep your personal data for as long as it is necessary for the purpose for which the personal data is processed (i.e. for the duration of the provision of the service, during your presence in our premises, for maximum 60 days regarding CCTV images, where applicable and permitted by the local legislation). We may however be required to hold some types of personal data longer to fulfil our statutory obligations or in accordance with the applicable statute of limitations.

2.5. WHO HAS ACCESS TO YOUR PERSONAL DATA?

TLScontact companies

We may share your personal data with companies belonging to TLScontact where it is necessary to process your requests and/or to provide you with the relevant services.

Third parties for legal reasons

We will share personal data with third parties:

  • To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
  • In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
  • To protect our rights, users, systems, and services.

Third party service providers working on our behalf

We may pass your personal data to our third-party service providers, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. We will only disclose personal data that is necessary to deliver the service.

Before sharing any personal data we make sure that all service providers are contractually obliged to and can prove that your personal data:

  • Your rights will be protected;
  • Will be kept secure and confidential;
  • Is stored for only as long as required to process service;
  • Will never be used for anything other than to process the requested service;
  • Will never be used for any marketing purpose by the third party.

2.6. OVERSEAS TRANSFER OF YOUR PERSONAL DATA

Due to the nature of our business, your personal data may be transferred beyond the borders of your Country. We will never transfer your personal data in an unsafe or unsecure way.

If we transfer your personal data to other countries in which applicable laws do not offer the same level of data privacy and protection, we take measures to provide an appropriate level of data privacy and protection.

Through the implementation of our Binding Corporate Rules you can rest assured that your personal data is protected when transferred internationally within Teleperformance Group.

2.7. USE OF COOKIES

Our website is no different from other websites and uses cookies to function properly and make your browsing experience easier. For example cookies can help the website remember you and during your next visit you won’t have to choose your preferred language again.

Our websites also use Google Analytics, a service which transmits website traffic data to Google servers. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

You can turn off cookies for our website through the settings page on your browser.

3. KEEPING YOU IN CONTROL

We want to ensure you remain in control of your personal data. Part of this is making sure you understand your rights, which are as follows:

  • Access – the right to access your personal data, obtain a confirmation of your personal data we currently hold.
  • Rectify – the right to inaccurate data rectified.
  • Erase – the right to have your data erased (however, this is not an absolute right and TLScontact may have legal or legitimate grounds for keeping such personal data).
  • Restrict – the right, in some cases, to restrict processing of your personal data.
  • Object – the right to object to the processing of your personal data for direct marketing, or in any other situation in compliance with local laws.
  • Withdraw – you may withdraw your consent, at any time, for the processing of your personal data for which you have provided consent by following the Subject Access request described in this Notice. Please note that withdrawing your consent or failing to provide personal data described in this Privacy notice will impact and may stop the processing of any services that you requested or are currently enrolled in.

To exercise your rights to your personal data, all you need to do is contact us through email. You can also exercise theses rights by contacting the Client when such rights relate to the PSI Testing.

All requests are free of charge.

When the request is submitted to TLScontact, we will send you a confirmation of acknowledging your request and will process or hand over your request to our Client without undue delay.

We or our Client may contact you to clarify your request, seek additional information or to verify your identity before processing.

If you feel that your right have been impacted, please contact our Data Protection Officer.

You also have the right to complain to a supervisory authority in your country.

4. PROFILING

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements TLScontact does not do profiling.

5. LINKS TO OTHER SITES

Our website may contain links to other websites. We are not responsible for the content or functionality of any of those external websites.

If an external website requests personal data from you (e.g. in connection with an order for goods or services), the data you provide will not be covered by this Privacy Notice. We suggest you read the privacy notice of any website before providing any personal data.

When purchasing goods or services from any of the businesses that our site links to, you will be entering into a contract with them (agreeing to their terms and conditions) and not with TLScontact.

6. CHANGES TO THIS PRIVACY NOTICE

We will amend this Privacy notice from time to time to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy notice will always be posted on our website. In case of material changes we will inform you by any appropriate means.