Our data processing privacy policy

TrustID Privacy Policy

(Last updated: 07/10/2021)

Our contact details

Name: TrustID Limited
Address: 9 Greyfriars Road, Reading, RG1 1NU
Phone Number: 0118 466 0822
E-mail: info@trustid.co.uk

The type of personal information we collect

We need to collect a range of information to provide our identity document checking services to our customers.  The information we need to collect depends on the service that is provided to the customer.  The basis of each check is the image of an identity document, and we check this is genuine either as a service in itself, or then use to perform follow-on checks.  For example, some customers will also ask us to perform a facial match assessment, where we check that the image in an identity document matches a selfie provided by the holder.  We may also be asked to perform an address verification check, and to do so we will check whether there are records of the identity document holder living at a specified address.

We therefore may process the following information depending on the service being accessed:

  • Contact information
    • Name
    • Email address
    • Job title
    • Street address
  • General identifiers
    • Sex
    • Date of birth
    • Nationality
    • Passport number
    • Driving licence number
    • Identity card number
  • HR information
    • Potential employer
  • Credit and anti-fraud
    • Sanctions information

No special categories of data are collected or processed.

How we get the personal information and why we have it

TrustID Customers will either pass your information to TrustID for the purposes they have agreed with you, or they will send you a link to enable you to upload your information to TrustID directly. We use the information that you have given us or the TrustID customer to perform the checks the TrustID Customer has contracted us to perform.

TrustID may then process the information for one of the following reasons:

  • Right to work checks
  • Right to rent checks
  • Right to study checks
  • Customer screening
  • Address verification
  • PEP & Sanction checks

We also receive personal information indirectly, from the following sources in the following scenarios:

  • For KYC checks, TrustID sends your data to a third party to perform address verification and PEP & Sanctions checks.

We may share this information with the TrustID Customer, and third-party processors necessary to carry out data processing.

Regardless of data origin, TrustID will perform the required checks and communicate the results back to the TrustID Customer only.  The Customer then decides whether they want to proceed with your application.

Under the General Data Protection Regulation (GDPR), we rely on “Contractual Obligation” as the lawful basis for processing this information.

How we store your personal information

Your information is securely stored in the United Kingdom.

We keep the information you provide for as long as we are contractually obliged to by the TrustID Customer.  After this point your information is permanently and irretrievably deleted. The default retention period is 7 days, although the data can be deleted manually prior to this point if no longer required by the TrustID Customer.  The TrustID Customer may extend the retention period so Data Subjects should contact the TrustID Customer (i.e. the organisation requesting your data) directly to confirm the retention period.

Your data protection rights

Under data protection law, you have rights including right of access, right to rectification, right to erasure, right to restriction of processing, right to object to processing and right to data portability.  If you would like to access a copy of, delete or otherwise exercise control over your personal information, contact TrustID using the details below.  Please be aware that for most requests, TrustID will need to notify the TrustID Customer as it is likely that the Customer not TrustID will need to fulfil the request.  This is necessary where TrustID is acting on the customer’s behalf.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please email dpo@trustid.co.uk or write to us at TrustID Ltd, 9 Greyfriars Road, Reading, Berkshire, United Kingdom, RG1 1NU if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at dpo@trustid.co.uk.

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

 

 

What being ISO27001 certified means

Our IS27001 accredited certification lets you know that we follow information security best practice, helping to eliminate or minimise the risk of a security breach, keep information secure and ensure compliance with data protection regulations.

ISO logo