“Consumer” means any person acting for purposes other than their trade, business or profession.
“Data Controller”, “Data Processor”, “processing”, and “data subject” shall have the meanings given to the terms “controller” “processor”, “processing” and “data subject” respectively in Article 4 of the GDPR. “Personal Data” means all such “personal data”, as defined in Article 4 of the GDPR, as is, or is to be, processed by the Data Processor on behalf of the Data Controller, as described in Clause 1.
“Service(s)” means the supply of services by InfoTrack to you including but not limited to property searches, reports and photographs, company searches, trademarks and domain names searches and other searches from time to time and includes our instructions to a Supplier, on your behalf and the dissemination of the information subsequently provided by the Suppliers.
“Sub-Processor” means any organisation or third party appointed by the Data Processor to process the Personal Data on your behalf for the purposes of providing the Services.
“Supplier” means any organisation or third party who provides data or information of any form to InfoTrack for the purposes of providing the Services.
The type of information we may collect and hold includes (but is not limited to) personal data you may give us when you place an order via Our Website (or other Ordering Methods) or contact our customer service team, or otherwise interact with us and provide personal data about:
Personal Data that you give us may consist of names, addresses, contact details, occupations and other information and generally will include:
You are not obliged to provide personal data to InfoTrack, however in many cases, if personal data we request is not provided, we may not be able to supply the relevant product or service that you have requested from us.
We collect the personal data you provide when you:
When you visit Our Website, we may collect any or all of the following technical data:
InfoTrack employ a variety of physical and technical measures to keep personal data safe to prevent unauthorised access to, use or disclosure of it. Electronic data and databases are stored on secure computer systems and we control who has access to them (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection policies and procedures which personnel are required to follow when handling personal data.
We store personal data in computer storage facilities, paper-based files and other records. We take steps to protect the personal data against loss, unauthorised access, use modification or disclosure, and against other misuse. These steps include password protection and access privileges for accessing our IT system, encryption of data stored and physical access restrictions to paper files. Some of these services, such as hosting our computer file servers, are provided by third parties in the UK and we endeavour to ensure that they also have adequate privacy safeguards in place through the use of contractual measures to protect personal data.
Because transmission of information over the internet is often insecure, we do not accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information by others over the internet.
InfoTrack shall ensure that all personnel who access and/or process any of the personal data are contractually obliged to keep Personal Data confidential.
we’ll keep a record of this), or
For the purposes connected with providing our products and services to you, we may share your data with third parties but we will not use or share your personal data for any other purpose without first obtaining your consent, unless required by law.
In any event we will only use your personal data for the purposes for which it is collected, or purposes which are very similar.
We may disclose your personal data (or the personal data of third parties that you may provide to us) to third party service providers who assist us in providing the services you request, including public authorities and providers of information services.
We may also disclose your personal data to third parties who work with us in our business to promote, market or improve the services that we provide, including:
We may also combine your personal data with information available from other sources, including the entities mentioned above, to help us provide better services to you.
We may share your personal data within the InfoTrack Group of Companies, including InfoTrack, STL Group Limited, and Perfect Portal (UK) Limited in connection with the fulfilment of the contract between us only.
You can withdraw your consent at any time to our processing of your personal data for any purpose at any time, by contacting us by email or at the postal address set out in paragraph 8.By submitting an Order, you understand that we use Sub-Processors for the purpose of providing the Services and by submitting the Order you give consent to use Sub-Processors for the purpose of providing the Services.
In the event we engage another Sub-Processor after you have placed your order for Services and before this order for Services is completed, we will give you prior written notice. If you object to any new Sub-Processor you may, despite anything to the contrary in the Terms, terminate the Agreement and your right to access and use the Services without penalty on written notice provided your notice is received by the effective date of our notice.
InfoTrack will only use suppliers that meet the requirements of the Data Protection legislation.
For some of the services we provide to you that require credit and identity checks such as our Bank Account Verification Search, we will use a Credit Reference Agency (CRA) to help us to deliver you with the best services.
If you use these services, from time to time we will also search information that the CRA has. The personal data we may exchange with the CRA is:
This data will then be used to:
When we use the CRA, this is called a credit search and the CRA will make note of this on your credit file. This is visible to lenders and other companies who perform a credit check on you in the future.
Please follow the link below for further information on how the Credit Reference Agency, Equifax, uses your data and your data protection rights.
Where you are a Supplier, and as an existing customer, we may wish to send you details regarding:
We may contact you inviting you to opt-in to receiving this information. This means that you will be given the choice as to whether you want to receive these messages and will be able to select how you want to receive them (email, telephone or post).
You may opt-out of receiving direct marketing or the disclosure your personal data for the purpose of direct marketing by:
The information we hold is never used for marketing purposes and is never marketed, rented or sold to any third parties.
The data that we collect from you will be transferred, stored and processed using Amazon Web Servers (AWS) which are held at a destination within the European Economic Area (“EEA”). AWS servers offer the highest level of security and are ISO 27001 compliant. If we transfer any data outside the EEA we will take steps to make sure adequate levels of privacy protection, in line with UK Data Protection legislation, are in place.
The data we collect will be stored and kept for as long as is necessary.
The duration of processing is limited to the duration in which we provide the Services to you.
If you wish to opt out of communications from us or withdraw your consent, your data will be deleted without undue delay. We continually review the personal data we hold and delete what is no longer required.
We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights which are as follows:
InfoTrack will, on one months’ prior written notice, submit to audits and inspections and provide you with any information reasonably required in order to assess and verify compliance with the provisions of this Agreement and both Parties’ compliance with the requirements of the GDPR.
If you would like further information on your rights or you wish to exercise them please write to us at DPO@infotrack.co.uk or InfoTrack Limited, Level 11, 91 Waterloo Road, London, SE1 8RT.
Please bear in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so. If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner’s Office, which oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk
Lloyd Smith - InfoTrack Data Privacy Officer DPO@infotrack.co.uk
Writing to us at InfoTrack Limited, Level 11, 91 Waterloo Road, London, SE1 8RT
We will acknowledge and investigate any complaint about the way we manage personal data as soon as practicable. We will take reasonable steps to remedy any failure to comply with our privacy obligations. We are not responsible for the privacy policies or privacy practices of the organisations we provide links to from Our website. We suggest that you check the privacy policies and practices of those organisations.
A 'cookie' is a piece of information that allows the server to identify and interact more effectively with your computer. The cookie assists us in identifying what our users find interesting on Our website.
When you use Our website we allocate you a unique identification number (cookie). A cookie will be allocated each time you use Our website. The cookie does not identify you as a user in our data collection process. It does identify your Internet Server Provider.