Website privacy policy

Last updated: Jun 2022

1. Introduction

Welcome to Checkfer. This policy explains how we handle and use your personal information in connection with your use of our website and your rights in relation to it. Under data protection law, Checkfer Limited is the controller of that information.

Checkfer Limited (“we”, “our” or “us”) is committed to protecting and respecting your privacy

This policy applies to our website located at www.checkfer.com (including our operator portal) and our social media pages (collectively, our “Site”) and the services you can access through them.

This Privacy Policy explains why and how we will use the personal information that we have obtained from you, with whom we will share it and the rights you have in connection with the information we use. Please read the following carefully.

Checkfer Limited is the controller in relation to the processing activities described below. This means that Checkfer Limited decides why and how your personal information is processed in connection with those activities. Please see the section at the end of this policy for our contact and legal

2. Information we collect about you​

We receive personal information about you that you give to us (e.g. contact details and correspondence), that we collect from your use of the Site (e.g device and Site activity data) and that we obtain from other sources (e.g. LinkedIn). We only collect personal information that we need and that is relevant for the purposes for which we intend to use it.

Personal information you give us

This is information about you that you give to us by visiting our Site, by corresponding with us phone, email or other means is provided by you entirely voluntarily. The information you give to us can include your name, contact details (such as phone number and email address), the company for whom you work and your role, your marketing and callback preferences and any personal information you include when corresponding with us, including your feedback on our Site and services. If you access the operator portal on the Site, this information includes your login details, employer’s name, job role or other information you provide to authenticate your access to that portal.

If you do not provide this information to us we may unable to resolve your queries or otherwise communicate effectively.

Information we collect about you from your use of our Site

When you use our Site or emails, we collect the following information:

  • visiting frequency, pages visited and other traffic analytics information;
  • your internet protocol (IP) address, device ID, device type, browser version and location data; and
  • cookie, pixel and beacon identification information (for more information about these, please see our Cookie Policy).

If you do not provide this information to us you may be unable to use the Site or some of its features.

We also collect audio recordings of our telephone calls with you for training and monitoring purposes.

Information we collect about you from other sources

We may obtain certain information about you that is available publicly. We obtain this either directly from websites published online (e.g. LinkedIn and other social media sites or your organisation’s website) or from third party data brokers who have themselves obtained your personal information from publicly available sources. The categories of personal information we collect from these sources including your name, company, job title, industry, location, email address, email verification status, work/personal phone number, work/personal business URL and professional/business information relating to your work role. We use this information to ascertain whether our products and services will be of interest to you or your organisation, to contact you with marketing information, to discuss business opportunities and to improve our understanding of our market, the industry we operate in and the behaviours of decision-makers within it, but in each case, only to the extent permitted by data protection law. Where applicable, we may combine this personal information with details of your past interactions with us or our Site and create a score to measure your likely level of interest in our products and services.

3. Use of your personal information​

We use your personal information for a variety of reasons. We rely on different legal grounds to process your personal information, depending on the purposes of our use and the risks to your privacy. You will always have the option to choose not to receive marketing communications from us and can opt-out of these at any time.

Data protection law requires us to have valid legal grounds (known as ‘lawful bases’) to process your personal information for each of the different purposes for which we use it. The purposes for which we use your personal information, which we have categorised by the legal grounds on which we rely, is as follows:

3.1 Where you have provided CONSENT

We may use and process your personal information to contact you with marketing communications that you have specifically requested from us on the grounds that you have consented for us to do so.

We also use and process your personal information that we receive when using cookies on your device. Please see our Cookie Policy for further information regarding how and why we use that information.

You may withdraw your consent for us to use your information in any of these ways at any time. Please see Your rights over your personal information for further details.

3.2 Where required to comply with our LEGAL OBLIGATIONS

We will use your personal information to comply with our obligations under the law including to keep a record relating to the rights you exercise in connection with our processing of your personal information.

3.3 Where processing is necessary for us to pursue a LEGITIMATE INTEREST

We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:

Processing necessary for us to promote our business

to contact you by email or by telephone with marketing information about our Site (other than where we have asked you for your consent). We will use your personal information to tailor or personalise the marketing communications you receive to make them relevant to you and also to send targeted marketing messages via social media and other third party platforms, which may involve sharing your personal information with those platforms; and
to create a profile of you and analyse this to obtain insight about market or industry trends or user behaviours which inform our marketing strategy, and to enhance and personalise your experience, including the marketing communications you receive from us.

Processing necessary for us to support enquiries from users of our Site

to correspond and communicate with you in connection with the Site;
to identify ways of improving your experience of the Site; and
to train and monitor our staff and to identify ways of improving your customer service experience;

Processing necessary for us to respond to changing market conditions and our visitors’ needs

for market research, insight and intelligence in order to improve our understanding of our market and industry; and
to analyse patterns of use, determine where we should focus our efforts through processing anonymised and aggregated data and to monitor the features of the Site that have been used most frequently.

Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively

to authenticate your access to the operator portal accessible through the Site;
to resolve technical issues and provide the most-up to date version of the Site, with improved features;
to administer the Site and for internal operations, including troubleshooting, testing and statistical reporting purposes;
for the detection and prevention of fraud and other criminal activities and to apprehend offenders;
to verify the accuracy of information we hold about you and create a better understanding of you as a visitor;
for network and information security purposes in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on a suppression list to be able to comply with your request);
for the purposes of a corporate restructure or reorganisation or sale of our business or assets;
for efficiency, accuracy or other improvements of our databases and systems e.g. by combining systems or consolidating records we hold about you;
to enforce or protect our contractual or other legal rights or to bring or defend legal proceedings; and
for general administration including managing your queries, complaints, or claims, to send service messages and to provide you with important information about our business.

4. Disclosure of your personal information by us​

We only disclose your personal information outside our business in limited circumstances. If we do, we will put in place a contract that requires recipients to protect your personal information, unless we are legally required to share that information. Any contractors or recipients that work for us will be obliged to follow our instructions. We do not sell your personal information to third parties.

As the controller of your personal information, we decide why and how it is processed. Our responsibility for that processing extends to processing by our service providers if they process your personal information based on our instructions. We also work with other, more independent, organisations in connection with some of the processing activities described in this statement, such as our group companies, social media platforms and certain suppliers.

Where that personal information is collected and sent to other organisations for a processing purpose that is in both our and their interests or where we make decisions together in relation to that particular processing, we will be “joint controllers” with the organisations involved. Where this applies, we and the other organisation will be jointly responsible to you under data protection laws for this processing. If we pass your personal information to an organisation that independently decides why and how to use your personal information then it will be separately responsible to you for that processing and use your personal information in the ways described in its privacy policy (and not ours).

We may disclose your information to our third party service providers, agents and subcontractors (Suppliers) for the purposes of providing services to us or directly to you on our behalf, including the operation and maintenance of our Site and social media pages. Our Suppliers can be categorised as follows:

Recipient / relationship to us

Industry sector (& sub-sector)

Advertising, PR, digital and creative agencies

Media (Advertising & PR)

Cloud software system providers, including database, email and document management providers

IT (Cloud Services)

Customer care/services providers

Customer Services (Support)

Delivery and mailing services providers

Logistics (Delivery Service)

Facilities and technology service providers including scanning and data destruction providers

IT (Data Management)

Social media platforms

Media (Social Media)

Insurers and insurance brokers

Insurance (Underwriting & Broking)

Legal, security and other professional advisers and consultants

Professional Services (Legal & Accounting)

Market and customer research providers

Media (Market Resarch)

Website and data analytics platform providers

IT (Data Analytics)

Website and App developers

IT (Software Development)

Website hosting services providers

IT (Hosting)

When we use Suppliers, we only disclose to them any personal information that is necessary for them to provide their services and only where we have a contract in place that requires them to keep your information safe and secure.

We may disclose the personal information to other third parties as follows:

social media platforms with whom we work (see further Our use of social media below);
any third party who is restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event; and
if we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation or request, including by the police, courts, tribunals or regulators.

5. Our use of social media

We use social media platforms in a variety of different ways, including by publishing pages through which you can interact, running competitions or advertising to you using information you have provide those platforms or which has been provided by us or collected from this Site. Our legal relationship with each platform will vary with the particular way we are using that platform.

We process your personal information using social media platforms in a variety of ways, as follows:

Pages. We use your personal information when you post content or otherwise interact with us on our official pages on Facebook and LinkedIn and other social media platforms. We also use the Page Insights service for Facebook, Instagram and LinkedIn to view statistical information and reports regarding your interactions with the pages we administer on those platforms and their content. Where those interactions are recorded and form part of the information we access through the Page Insights services, we and the relevant platform are joint controllers of the processing necessary to provide that service to us.

Targeted advertising. We use social media platforms (as well as search engines and third party websites and other platforms to deliver targeted advertising to you via those platforms, unless you object. You may receive advertising because you have previously interacted with us (such as by visiting one of our websites) or because of your profile on a social media platform on which you have an account. You can find our more by consulting the help pages of the relevant social media platform but in summary we use social media platforms to send targeted advertising using two methods:

  • ‘Custom audience’ targeting. You may receive advertising based on information about you that we have provided to the platform or allowed it to collect using cookies/pixels or code embedded in this Site (or a combination of the two). For example, we may target you if you have signed up to our mailing list and where cookies have detected that you have visited our Site in the last month. Please see the paragraph below regarding our use of cookies to send targeted advertising using social media.
  • ‘Lookalike audience’ Targeting. You may also receive advertising because, at our request, the social media platform has identified you as falling within a group or ‘audience’ whose attributes we have selected, or a group that has similar attributes to you (or a combination of the two).

Cookies. We use cookies and similar technologies in this Site to collect and send information to Facebook and LinkedIn about actions you take on this Site. In particular:

  • Facebook uses this information to provide services to us and also for further processing for its own business purposes. We and Facebook are joint controllers of the processing involved in collecting and sending your personal information to Facebook using cookies and similar technologies as each of us has a business interest in Facebook receiving this information. You can find out more about these technologies by visiting our Cookie Policy. The services we receive from Facebook that use this information are delivered to us through Facebook’s Business Tools, which include Facebook Login (Facebook’s single sign-on service, see above), Facebook Pixel and Website Custom Audiences (which includes ‘lookalike audience’ targeting). The data from these tools allows us to target advertising to you within Facebook’s social media platform by creating audiences based on your actions on our website and applications. They also allow Facebook to improve and optimise the targeting and delivery of our advertising campaigns for us. Please see the paragraph above for further information.
  • We use LinkedIn Insight Tag, a small piece of code that we embed in this Site that allows us to perform in-depth campaign reporting and unlock insights about users that may visit this Site via our LinkedIn campaigns (e.g. by allowing us to discover business demographics by layering LinkedIn data on data about our Site’s visitors). LinkedIn Insight Tag enables the collection of metadata such as IP addresses, timestamps, and events such as page views. You can find out more about these technologies by visiting our Cookie Policy.

Our relationship with Facebook and LinkedIn. As we are joint controllers with these platforms for certain processing, we and each platform have:

  • entered into agreements in which we have agreed each of our data protection responsibilities for the processing of your personal information described above;
  • agreed that we are responsible for providing to you the information in this privacy statement about our relationship with each platform; and
  • agreed that each platform is responsible for responding to you when you exercise your rights under data protection law in relation to that platform’s processing of your personal information as a joint controller.

Facebook and LinkedIn also process, as our processors, personal information that we submit for the purposes of matching, online targeting, measurement, reporting and analytics purposes. These services include the processing these platforms carry out when they display our advertisements to you in your news feed at our request after matching contact details for you that we have uploaded to them. These advertisements may include forms through which we collect contact information you give to us.

Further information. The Facebook company that is a joint controller of your personal information is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The LinkedIn company that is a joint controller of your personal information is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. For further information regarding these platforms and their use of your personal information, please see:

6. Transfers of your personal information outside of Europe​

We may transfer your personal information outside of the United Kingdom (UK) and European Economic Area (EEA). We take measures to protect your personal information when it is transferred to a country which does not have similar data protection laws to the UK.

All the personal information collected about you by us or on our behalf may be transferred to countries outside the UK and EEA. By way of example, this may happen if any of our servers or those of our third party service providers are from time to time located in a country outside of the UK and EEA. These countries may not have similar data protection laws to the UK and so they may not protect the use of your personal information to the same extent.

If we transfer your information outside of the UK and EEA in this way, we will take steps to ensure that appropriate measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include selecting recipients located in countries that have been declared adequately protective of your personal information by the relevant authorities or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Where they do not, we ensure that we impose contractual obligations on them that are broadly equivalent as required by UK data protection law. Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.

7. Security and links to third parties

We take the security of your personal information seriously and use a variety of measures based on good industry practice to keep it secure. Nonetheless, transmissions to and from our Site may not always be completely secure, so please exercise caution.

We employ security measures to protect the information you provide to us, to prevent access by unauthorised persons and unlawful processing, accidental loss, destruction and damage..

You may be required to download and activate certain third party software in order to access all of the Site and its functionality. This policy does not apply to those third party services‚ so we encourage you to read their privacy policies. We are not responsible for the privacy policies and practices of other third party services (even if you access them using links that we provide) and we provide links to those third parties, solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third parties is at your own risk.

8. The periods for which we retain your personal information​

We will not hold your personal information in an identifiable format for any longer than is necessary for the purposes for which we collected it. The periods for which we hold your personal information will depend on the type of personal information. These periods also apply where we share your information with suppliers who process your personal information on our behalf.

We retain your personal information for the purposes of establishing, bringing or defending legal claims for up to 6 years from the date we no longer require it for the purposes listed above.

The only exceptions to the period mentioned above are where:

you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Your rights over your personal information);
you exercise your right to require us to retain your personal information for a period longer than our stated retention period (see further Your rights over your personal information);
we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible;
your account is subject to an investigation of criminal or fraudulent activity; or
in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.

We also retain an anonymised version of the submitted personal information for as long as we require it for reporting and other statistical and analytical purposes. Such anonymised information will not identify you and may be derived from personal information that was contained within accounts that have subsequently been deleted.

9. Your rights over your personal information​

You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to verify your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month after we have received this information or, where no such information is required, after we have received full details of your request.

You have the following rights, some of which may only apply in certain circumstances:

  • to be informed about the processing of your personal information (this is what this policy sets out to do);
  • to have your personal information corrected if it is inaccurate and to have incomplete personal information completed;

The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your name or email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this policy.

  • to object to processing of your personal information;

Where we rely on our legitimate interests as the legal basis for processing your personal information for particular purposes, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.

You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please click on the unsubscribe message on our emails.

  • to withdraw your consent to processing your personal information;

Where we rely on your consent as the legal basis for processing your personal information, you may withdraw your consent at any time by contacting us, using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can also do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.

  • to restrict processing of your personal information;

You may ask us to restrict the processing of your personal information in the following situations:

where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings.

In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.

  • to have your personal information erased;

In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.

  • to request access to your personal information and information about how we process it;

You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information, if this concerns other individuals or we have another lawful reason to withhold that information.

  • to electronically move, copy or transfer your personal information in a standard form (data portability); and

Where we rely on your consent as the legal basis for processing your personal information, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.

You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

  • rights relating to automated decision making, including profiling.

We do not envisage that any significant decisions will be taken about you using purely automated means, however we will update this policy if this position changes.

To exercise these rights, please contact us using the details at the end of this policy.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the data protection regulator in the UK, where your personal information has or is being used in a way that you believe does not comply with data protection laws. However, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.

11. Contact and legal information

Please check this page regularly for changes to this policy. We will notify you of changes via your account and/or by email (if we hold a valid email address for you).

We may review this policy from time to time and any changes will be notified to you by posting an updated version on our Site, and/or by contacting you by email or via your account. Any changes will take effect 7 days after we post the modified terms on our Site, or after the date we notify by email or via your portal account (where applicable). We recommend you regularly check for changes and review this policy when you visit our Site. If you do not agree with any aspect of the updated policy, you must promptly notify us and cease visiting our Site.

10. Changes to our Privacy Policy​

You can contact us with your queries in relation to this policy or for any other reason at any time.

To contact us for any reason, including to exercise any of your rights in relation to your personal information, please write to the Data Protection Manager at the correspondence address below or email us at help@checkfer.com.

Checkfer Limited is a company incorporated in England and Wales under company registration 10863591, and registered office address 20-22 Wenlock Road, London, N1 7GU, United Kingdom.

If you would like to write to us, please use our correspondence address at Checkfer, Challenge House, Sherwood Drive, Bletchley, Milton Keynes. MK3 6DP.

© 2022 Checkfer Ltd

© 2022 Checkfer Ltd