Boost your odds of securing your dream job with a certified CV.

Menu
Login / Signup
Login / Signup
Login / Signup

Privacy Policy

Effective date: 1 March 2026

1. General

Knowme is an application operated by Integrity (Thailand) Ltd. and its associate companies within the Integrity group including PT. Integrity Indonesia (“Integrity”, “Knowme”, “us”, “we”) to support background screening processes. One of Integrity’s services is to provide background screening services for prospective companies/organizations or your company/organization (“Our Client”). Knowme is an interface for candidates/employees who are being screened (“User”, the “Candidate”, “Candidates”, “you”, “your”) and is part of Integrity’s background screening ecosystem. This Privacy Policy defines and informs you about the processing of personal data within Knowme.

2. Personal Data We Collect

2.1. User Data

We collect and store your personal data to conduct background screening activities. Please note that this does not mean we collect all the data listed below. The data we collect depends on the type of service and methodology Our Client chooses:

  1. Account and device data: This may include your IP address, user agent, email, timestamp, and ID / UUID.
  2. Biometric data: This may include your real-time selfie or facial biometric data including liveness detection.
  3. General Information: This may include your name, age, date of birth, gender, marital status, photos, and nationality.
  4. Identity Information: This may include your name, username, identity number, passport number, social security number, driver’s license, vehicle registration plate number, employee number, and similar identifiers.
  5. Contact Information: This may include your email address, telephone number (home, mobile, and/or business), home and/or office address (street, zip, postal code, and city), and company name.
  6. Employment History: This may include the company you have worked for, your time and period of work, as well as your position and title.
  7. Education and training: This may include the type of education you took, where you took your education, and when you completed your education (including certificates of expertise and training).
  8. Criminal Record: Criminal record as decided by the authorities.
  9. Financial Information: This may include your bank account details, credit record, income, and bankruptcy records.
  10. Health Information: This may include your medical records, health conditions, genetic information, and disability information.
  11. Our Communication with You: We may retain a record of our communication with you, which includes communication via email, telephone, and other means.

2.2. Third Party Data Subject Related to You

2.2.1. To support the screening process, particularly employment checks or contact number verification, we may process other third-party personal data related to you. These third parties may include your references, emergency contacts, and other verifiers.

2.2.2. The processing of third-party data will usually be carried out based on legitimate interest. However, it is recommended that Candidates request permission from the relevant subject as it may potentially disturb their privacy. When we communicate with these third parties, we may obtain their confirmation and consent to provide information or to have their data processed. If they do not agree, we will not continue the process with the third party.

2.2.3. The third-party data we may process include:

  1. Referee: name, job title, phone number, email, company name.
  2. Emergency contact: name, phone number, and email.
  3. Verifier: name, role, phone number, email.

2.2.4. The Candidate hereby declares that they are willing to accept responsibility for complaints regarding third-party data provided by the Candidate.

3. How We Obtain and Process Your Personal Data

3.1. We may collect your Personal Data in several ways:

  1. Directly from you by entering and submitting data/documents through Knowme. Specifically, facial biometric data is only captured after you grant explicit permission to access your device’s camera. By voluntarily initiating identity verification (e-KYC) and liveness detection process, you provide real-time imagery directly to the system; this live capture ensures authentic physical presence and is used strictly for e-KYC purposes.
  2. Publicly accessible data sources that are open to the public, such as social media, the media, public agencies, government agencies, law enforcement agencies, and educational institutions.
  3. Other third parties that have the authority to be a reference or primary source for verifying your data.
  4. Automatic data recording of activities or interactions using Knowme to improve the application’s functions, features, verification, and security.

3.2. Once your data has been collected through Knowme, we will conduct screening using various methods such as phone calls, messages, publicly accessible information/platform, field verification, and other methods. The verification results will then be compiled into a report that will be submitted to Our Client.

3.3. Knowme may need access to your camera to eKYC and help you upload data or documents. You need to give permission to access your camera.

4. Purposes and Legal Ground of Personal Data Processing

4.1. We collect, store, and process your data based on instructions from Our Client. In this context, Integrity acts as the data processor and Our Client as the data controller, unless you are an internal candidate of Integrity.

4.2. We process candidate data based on explicit consent obtained before the screening process begins, either digitally or manually. Since Our Client acts as the data controller, the purpose of processing candidate data belongs to Our Client (this outlined in the consent form). Integrity supports that purpose within a feasible and lawful framework, typically: a) human resource risk management; b) crime and fraud detection, prevention, and mitigation; and c) legal compliance.

4.3. Facial biometrics and ID data are processed strictly for e-KYC. This automated process utilizes Optical Character Recognition (OCR) and liveness detection to ensure the candidate is physically present and matches their identification document, effectively preventing fraud and identity theft during onboarding. The processing is based on explicit consent provided by the user during the capture process.

4.4. You acknowledge that your digital consent is valid and has the same force as a wet signature.

4.5. We process third-party data related to prospective employees based on the legitimate interests of Our Client. In this processing, similar to the processing of prospective employee data, Integrity acts as a data processor for your organization.

5. Access and Data Disclosure

Knowme will not disclose or provide access to your data except for the following instances:

5.1. Your Organization

Candidates’ personal data will be accessed and processed by Our Client for their purposes. Screening results will be reported and accessible to Our Client.

5.2. Authorized Verifiers

Candidates’ personal data will be disclosed to parties or authorities during the verification process. These parties or authorities are entities that may include public agencies, government institutions, your former employers, or any other parties that are authorized or have the authority to confirm the accuracy of data or information. The disclosure referred to is, for example, when we submit your ID or certificate number, combined with your name, to the verification system in order to obtain results confirming that your certificate is valid.

5.3. Integrity and Our Ecosystem

5.3.1. The background screening process will be carried out by several roles within Integrity, such as verification specialists and quality assurance editors. They will be able to access your data for the screening process.

5.3.2. Integrity has associates in several countries, mainly in Asia (Indonesia, Malaysia, and Thailand) with headquarters in Indonesia. Collaboration between entities and teams is possible. As an illustration, the development, design, and support team of Knowme is carried out by our team in Indonesia. Therefore, developers and support teams in Indonesia have access to data from various entities. However, access is strictly limited to parties with “need to know” and “need to have” principles. We apply standard binding internal policies and standard contract clauses in each and every entity of the company.

5.4. Vendors, Consultants, and Other Third-Party Service Providers

5.4.1. To provide background screening services and run Knowme, we may use third party services, subcontractors, subprocessors, legal counsel, auditor, or agents who perform services for us or on our behalf. These parties may require access to your data to carry out their work, such as audit, technology infrastructure, software, data analysis, promotions, fraud detection, and other support.

5.4.2. We ensure that third parties will only utilize personal data as necessary to support the provision of Integrity’s Services. Additionally, we ensure that vendors, consultants or other third parties are subject to binding agreements with us and implement or have appropriate levels of protection.

5.4.3. The application performs e-KYC by utilizing third party’s OCR and liveness APIs to extract a reference portrait from the User’s national ID and verify their real-time physical presence. These datasets are then processed through an automated face-match comparison via a third party’s backend to confirm the User’s identity.

5.5. Compliance with Laws and Law Enforcement

5.5.1. We may disclose your Personal Data to individuals, organizations, entities, governmental authorities, or legitimate law enforcement agencies, who can provide valid evidence to us and demonstrate that they are authorized and/or obligated by legal rules and/or competent authorities that impose a legal obligation on us to disclose your Personal Data.

5.5.2. We may disclose your Personal Data if we are legally required to do so to comply with applicable laws, governmental requests, judicial proceedings, court orders, or legal processes. This includes responding to court orders or subpoenas and meeting national security or law enforcement requirements as requested by public authorities.

5.6. With Your Consent

We may disclose your Personal Data for other purposes with your consent.

6. Security Measures

6.1. Your security and privacy are our priority. We implement technical, operational, and organizational measures to keep your data and information secure. Security measures are implemented when data is used, transmitted and stored. We maintain high standards for information security. Our central development, maintenance, operating, and infrastructure entity in Indonesia is certified to ISO 27001:2022, and all associated entities follow this Information Security Management Systems framework.

6.2. To ensure data security, we conduct an authentication process, so that only specifically invited Users can activate Knowme.

7. Data Retention

7.1. After you enter your data into Knowme and submit it, your data will be stored for verification by Integrity.

7.2. Please note, as explained in section 4, that we process data as a data processor, unless you are a Candidate employee of Integrity. Based on this, the decision on the retention period rests with Our Client. Unless otherwise agreed or instructed by Our Client, your data on Knowme will be stored for a minimum of 6 months and a maximum of 1 year by default (Retention Period). When your data has reached the Retention Period, or the agreement between Integrity and Our Client expires, your data on KnowMe and Integrity will be securely destroyed.

7.3. Background screening results (report) will be processed and stored by Our Client for the period deemed necessary based on their legal obligation.

7.4. Specifically, raw images and facial biometrics data are stored securely and then automatically deleted within 24 hours from our internal servers and within 30 minutes from the third-party processor’s system once verification is complete.

8. Data Subject Rights and How to Fulfil

8.1. You acknowledge that Integrity acts as a data processor in the processing of data at Knowme, except for our prospective employees/employees. Where Integrity is a data controller, we will fulfill our obligation to fulfill data subject rights as described in this Privacy Policy. Where Integrity is a data processor, we will, where required and permitted, support the fulfillment of data subject rights by Our Client.

8.2. You have the right to withdraw consent, access, correct, and delete your data. You may exercise these rights by contacting Our Client, and if instructed by Our Client, we will support you in exercising your rights.

8.3. Please note that certain exceptions and limitations may apply to these rights as permitted by applicable data protection laws. We will respond to your request in accordance with the relevant legal requirements.

8.4. You may have data portability rights, which is the right to use or send your personal data to be used by our Clients, who are also your prospective companies/organizations, for background screening purposes. To fulfill your rights, Knowme will store the results of your eKYC verification.

9. Cross-Border Data Transfer

9.1. Your information, including Personal Data, may be transferred to and stored on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside of Thailand and choose to provide information to us, please note that we transfer the data, including Personal Data, to Thailand and process background screening there.

9.2. As explained in section 5.1, Integrity has entities in several countries, mainly in Asia (Indonesia, Malaysia, and Thailand), with headquarters in Indonesia. Knowme is developed and managed by our team in Indonesia, so your data may be accessible from Indonesia.

9.3. Integrity may also use third-party services in the form of Infrastructure as a Service (IaaS), Platform as a Service (PaaS), or Software as a Service (SaaS) with the main infrastructure possibly located outside your country’s territory. For your information, Knowme uses cloud services based in Singapore.

9.4. You hereby consent to the cross-border transfer of personal data to the destination country as described in sections 9.1, 9.2, and 9.3.

9.5. We will take all necessary and reasonable steps to ensure that your data is treated securely and in accordance with applicable data protection laws. We will not transfer your Personal Data to any organization or country unless we have implemented adequate controls to ensure the security of your data and other personal information.