Another Feather in the Cap – Shufti Pro Becomes Guild Certified

Another Feather in the Cap – Shufti Pro Becomes Guild Certified

Learn more

LONDON, UK (September 24, 2019) Shufti Pro has been awarded the Guild Certificate of Compliance, accrediting that the identity verification service complies with the requirements of the QG-GDPR Management Standard.

The Quality Guild(QG) Management Standards assist organizations in complying with new regulatory requirements. These standards are based on the principles of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).

Another Feather in the Cap - Shufti Pro Becomes Guild Certified

Shufti Pro is always a step ahead in cooperating and adhering to compliance measures. Here are the salient measures that the KYC service provider has taken to deserve the certificate: 

  • Processing practices in accordance with principles of Article 5 of the GDPR.
  • Allowance to fulfill Data Subject rights.
  • Maintenance of vital records as per obligations on a Data Processor. 
  • Stringent security controls in place for data protection and processing(Art 32).
  • SSAE compliant and ISO-certified data centers for all data storage.
  • Performance of necessary privacy and risk assessments.

Shufti Pro has taken the initiative of external accreditation to ensure that it leaves no stone unturned in compliance and provides the safest and fastest identity verification services.  This trustwave certificate is also an acknowledgment of data Integrity, data security, and of a reliable platform, which the company provides.

The ID verification SaaS provider ensures that the data is processed in a secure environment, and is not subjected to any alterations or edits. It deals in ID verification from over 220 countries and territories and takes data security very seriously.

About Shufti Pro

Shufti Pro is a trusted name in ID verification services. It provides its clients with seamless customer experience, fraud prevention, which results in uninterrupted revenue generation. Its state of the art SaaS is a combination of Artificial Intelligence and Human Intelligence. Businesses can now experience streamlined digital verification. It provides services to all countries with Universal Language Support.

35 Little Russell Street, 

London WCIA 2HH

United Kingdom


Shufti Pro GDPR Review 2018: How we protected our clients from regulatory fines?

Shufti Pro GDPR Review 2018: How we protected our clients from regulatory fines?

Learn more

Shufti Pro stands out in KYC industry not only because of its highly customizable and global identity verification services but because of the unique regulatory protection provided by Shufti Pro to its customers. After all, the collection of personal information to authenticate the true identity of an end-user puts both Shufti Pro and its customers at a substantial risk. Regulators from all over the world have put forward strict privacy laws and regulations that not only dictate strict guidelines for personal data collection but also want companies to follow set rules when it comes to using personal information of a common user.

GDPR was one of the most comprehensive and powerful regulations introduced a couple of years back and July 2018 was the deadline for businesses to become GDPR Compliant. This set of rules was applicable for businesses that were either based within the European Union or even those that were based outside of EU but provided services to its citizens. In order to safeguard its customers from multi-million dollars fines – fines for businesses found in breach of GDPR – Shufti Pro aligned its verification services in line with GDPR specific guidelines.

GDPR guidelines for Identity Verification Services by Shufti Pro

GDPR never had any specific guidelines set out for identity verification services or for third party KYC service providers. In fact, it was a generic set of instructions for any business that was collecting personal information of its customers and the privacy guidelines that these businesses have to follow.

As a third-party verification service that was verifying the identity and financial risk attached to customers of online businesses, Shufti Pro designated a special role for itself as per the specific terminology introduced by GDPR i.e. processor of data. This made our clients collecter of personal information in order to verify the identity of incoming users.

Read: Try Shufti Pro KYC Services Free of Cost for 7 Days Now

It meant that although, Shufti Pro was the business entity that was tasked to verify the personal information claimed by end-user it was the responsibility of Shufti Pro client to secure that data. On our own end, the collected information was secured from not only any brute force attack but special protocols were developed to delete the collected data, when a request was received either from Shufti Pro client but also from an end-user as well.

KYC Verification procedure under GDPR

Shufti Pro only collects data for verification purposes as per the legal agreement signed by Shufti Pro and its customers. This data will be limited to verification of the credentials, identity or any other related verification that was required by our customers to be provided as per the legal agreement. We have even added a consent button at the form where a customer is supposed to fill its identification details. We also provide the option for customers to go through our data protection, privacy policy and Terms & Conditions, to ensure full transparency.

Access Rights

User can request access to the personal data he has shared with Shufti Pro about himself. Personal data is anything identifiable, like his name and email address. If he requests access, Shufti Pro (as the processor) need to provide a copy of the data, in most cases in machine-readable format (e.g. CSV or XLS). Daniel can also request to see and verify the lawfulness of processing. A client can seek access to their data by asking Shufti Pro of what they require at [email protected] We at Shufti Pro believe to be at legal and moral obligation to facilitate any manner of an individual rights request. Shufti Pro enables you to grant any access request by easily exporting user record into a machine-readable format.

Deletion Rights

Under the GDPR, the user has the right to request that Shufti Pro delete all personal data it has collected from him. The GDPR is required to permanently remove userís contact from their database, including verification results, all personal information, saved images/video, form submission data, and credit card data. In a GDPR compliant manner, a client can seek to have their data deleted by querying Shufti Pro at [email protected] The Data protection officer at Shufti Pro in most cases will respond back within a 30 day period. In many cases, the right to deletion is not absolute and can depend on the context of the request, so it doesnít always apply.