logo
close
Gradient Background
Privacy Policy

Introduction

ScanWave – Comprehensive Technical Solutions F.Z.E ("ScanWave CTS", "we", "our", or "us") is committed to protecting the privacy and confidentiality of personal data processed through our (IRM) platform. This Privacy Policy explains how we collect, use, store, share, and protect personal information in line with applicable data protection laws.

Scope

This policy applies to all users of the ScanWave IRM Platform and governs the processing of:

  • Personal data uploaded by clients as part of compliance and audit documentation.

  • User account and access information.

  • System and event logging data for audit and traceability.


This policy covers data processed within our infrastructure and any transfers necessary for service delivery or regulatory purposes.

Contact Information

For more information or any inquiries regarding this policy, please contact us via email or submit a request through the “Contact Us” form on our website.

For any queries, comments, or requests regarding the processing of your Personal Data, please contact us at: Email: [email protected]

For matters specifically related to data protection, you can also reach out to our Data Protection Officer at the same contact details provided above.

Data We Collect

We collect personal data and information about you, when you use or access our platform.

The information we collect or process includes details related to your user profile, such as your name, email address, phone number, organization, and job role. We also collect access credentials, including usernames, encrypted passwords, and authentication tokens, to ensure secure access to our platform. In the context of compliance, we may process evidence documents that contain personal or sensitive information, such as employee records, access logs, and HR files. Additionally, we gather platform usage data, including IP addresses, login timestamps, and records of user activity, to maintain security and improve user experience.

Purpose of Processing

We process personal data within the IRM platform to facilitate secure and effective service delivery. This includes enabling client access to IRM tools and services, ensuring robust platform security through user authentication, and supporting compliance efforts by managing reporting and evidence documentation. We also use this data to provide customer support, manage incidents, enhance platform performance, and maintain a state of audit readiness.

Legal Basis for Processing

ScanWave CTS processes personal data on the basis of specific legal grounds to ensure responsible and lawful data handling. These include contractual necessity, which enables the delivery of services under license or subscription agreements; legal compliance, to meet applicable laws and regulatory obligations; and legitimate interests, such as enhancing platform security and managing operational risk. Where required, we also rely on user consent, particularly for certain integrations or voluntary data disclosures.

Data Sharing and International Transfers

We do not sell or commercially share personal data. Access to your data is strictly limited to authorized personnel, including designated individuals within your organization and ScanWave CTS support and infrastructure teams, as necessary to deliver and maintain our services.

Data Retention

Personal data will be retained only as long as necessary to fulfill the purposes stated in this policy or to comply with legal obligations. Compliance-related evidence is retained based on customer-defined retention settings, contractual requirements, or regulatory standards.

Data Subject Rights

You have several rights regarding your personal data:

  • Access: You can access your personal data and request information on how it is processed.

  • Rectification: You can request corrections to your personal data.

  • Erasure: You can request the deletion of your personal data in certain circumstances (right to be forgotten), unless we are legally required to retain it.

  • Portability: You can request your personal data in a commonly used, machine-readable format and ask us to transmit it to a third party.

  • Notification of Breach: You will be notified in case of a data breach that poses a high risk to your rights and freedoms.

Additionally, you have the right to:

  • Restriction or Objection: You can object to or request restrictions on the processing of your personal data.

  • Withdraw Consent: You can withdraw your consent at any time.

To exercise any of your rights mentioned in this Privacy Policy, you can submit a request to the contact information mentioned earlier in this policy.

 Data Protection

We take your privacy and data security very seriously at ScanWave. We use a variety of technical, physical, and organizational measures to keep your Personal Data safe from loss, misuse, unauthorized access, accidental disclosure, alteration, and destruction during storage, processing, and transmission.

We also ensure that any third parties we work with follow the same high standards of confidentiality, data privacy, and security. We regularly update and test our security systems and limit access to your personal data to only those who need it to provide you with our products, content, or services.

You remain responsible for keeping your user ID and password confidential, when you are using IRM platform.

 Right to Lodge a Complaint

If you have any complaints regarding alleged breaches of Data Protection Regulations, you can file them with the relevant authority.

Changes to This Policy

We reserve the right to update this policy to reflect changes to our practices in alignment with the Law.  Any updates will become effective immediately after posting the updated policy on our website.