Sign up now Book a Demo
Note: You must be logged in to order searches.

InfoTrack Limited - Privacy Policy

Read our full privacy policy outlined below.

This Privacy Policy relates to the business operated in the United Kingdom by InfoTrack Limited (“InfoTrack” or “we,” “our” or “us” or “Data Processor”), a company registered in England with company number 09474590 and whose registered office is at 10 John Street, London, United Kingdom, WC1N 2EB. InfoTrack understands that your privacy is of paramount importance to you and that you care about how your Personal Data is collected and used.

InfoTrack is committed to the protection of privacy in accordance with all applicable laws (including (without limitation) the UK GDPR). We will only collect and process Personal Data in ways that are described within this Privacy Policy and in a way which is consistent with our obligations and your rights in law.

This Privacy Policy sets out how we treat Personal Data (as defined below) that we collect from you (the “Data Controller”) or that you provide to us (including our procedures regarding the handling of Personal Data, including collection, use, disclosure and storage of information, as well as your rights to access and correct that information).

InfoTrack may collect Personal Data from you in order to provide Our Products and Services and to meet our legal obligations. By using our website (www.infotrack.co.uk) (“Our Website”) or ordering Our Products and Services (e.g. via Our Website or our ordering and delivery system (which is accessible via the  Case Management Systems operated by an Integration Partner) or by telephone or by email) (“Ordering Methods”), or by you providing any Personal Data to us, you are accepting and where appropriate consenting to the collection, use and disclosure of your Personal Data as set out in this Privacy Policy and in the case of electronic ID checks you are accepting use and disclosure of your Personal Data as set out in the eCOS® Privacy Policy.

1. Definitions and Interpretation

In this Privacy Policy the following words shall have the following meanings:

“Case Management Systems” means the systems provided by an Integration Partner which you use to access and order Our Products and Services through and used by you as an Integration Partner.

Consumer” means any person acting for purposes other than their trade, business or profession.

“Data Controller,” “Data Processor,” “Personal Data,” “processing,” and “data subject” shall have the meanings given to the term’s “controller” “processor,” “personal data,” processing” and “data subject” respectively in Article 4 of the UK GDPR.

“Data Protection Laws” means any law, enactment, regulation or order concerning the processing of data relating to an individual in the UK including UK GDPR and Data Protection Act 2018.

“eCOS®means InfoTrack’s electronic client onboarding solution offering electronic ID checks and verification of funds.

“eCOS® Privacy Policy” means InfoTrack’s eCOS® Privacy Policy which can be found at https://www.infotrack.co.uk/privacy-policy/ecos-privacy-policies-all/.

“Integration Partner” means the provider of your Case Management Systems that you use to access and order Our Products and Services through.

Our Products and Service(s)” means the supply of products and services by InfoTrack to you including but not limited to property searches, reports and photographs, company searches, trademarks, eCOS®, domain names searches and other searches from time to time and includes our instructions to a Supplier, on your behalf and the dissemination of the information subsequently provided by the Suppliers.

Sub-Processor” means any organisation or third party appointed by InfoTrack acting as the Data Processor to process the Personal Data on your behalf for the purposes of providing Our Products and Services.

Supplier” means any organisation or third party who provides data or information of any form to InfoTrack for the purposes of providing Our Products and Services.

Terms” means InfoTrack’s Terms and Conditions which can be found at https://www.infotrack.co.uk/terms-conditions/

“UK GDPR” means the UK General Data Protection Regulation.

you,” “your” means the user of Our Products and Services

 

2. Information About Us

Our Website is owned and operated by InfoTrack Limited, a limited company registered in England and Wales under company number 09474590.

Registered Address:

10 John Street, London, United Kingdom, WC1N 2EB

VAT Number:

GB228530612

Data Protection Officer:

Jon Buckle

Email address:

DPO@infotrack.co.uk

Telephone number:

02071868090

Postal address:

Level 11, 91 Waterloo Road, London, SE1 8RT

 

3. What does this Policy cover?

This Privacy Policy gives you information on how InfoTrack collects and processes your Personal Data through your use of Our Website, including any data you provide to us when purchasing Our Products and Services. Please note that InfoTrack does not have control over how your Personal Data is collected, stored, or used by other websites and we advise you to check the privacy policies of each individual website before providing data to them.

Unless we notify you otherwise, you are the Data Controller and we are the Data Processor.

 

4. What is Personal Data and how does InfoTrack collect it?

Depending on your use of Our Website, we may collect some or all of the following categories of Personal Data:

Identity Data: includes first name, last name, middle name, username (or similar identifier), company name and job title.

Contact Data: includes email address, telephone number, and postal address.

Financial Data: includes bank account and payment card details.

Technical Data: includes IP address, login data, web browser type and version, time zone, location and operating system (including Device Identifier data).

Profile Data: includes your username and password, notification settings and preferences.

Usage Data: includes URL information about how you access and use Our Website, or Our Products and Services.

Marketing Data: includes your preferences in receiving marketing communications from us.

InfoTrack collects the Personal Data you provide when you:

  • apply to become a client or user of Our Products and Services;
  • fill in and return to us a signed client form;
  • use Our Products and Services by logging into our system or ordering products or services from us via Our Website or other Ordering Methods;
  • enter Personal Data into our system about you or other third parties in connection with your use of Our Products and Services;
  • store details of Our Products and Services you have ordered or information and data contained in the particular products or services you have ordered - for example if you order a title search which includes Personal Data, we store that search information so you can retrieve it again later on; or when you contact us as a prospective employee or contractor of InfoTrack.

When you visit Our Website, we may collect any or all of the following technical data:

  • Device Identifiers (the internet protocol address used to connect your device to the internet, your log- in information, browser type and version, regional settings, operating system and platform);
  • Data about your use of Our Website (the full Uniform Resource Locators (“URL”), clickstream to, through and from Our Website (including date and time), products you viewed or searched for, time spent on certain pages or screens, interaction data (such as scrolling, clicks and mouse-overs). 

You are not obliged to provide Personal Data to InfoTrack, however, please be advised that in many cases, if the Personal Data we request is not provided, we may not be able to supply the relevant product or service that you have requested from us.

Where you (or a Consumer) require further information regarding entries found within a Regulated Local Authority Search (“RLAS”) and are accessing a link or QR code contained within the report, we will collect technical data for the sole purpose of monitoring the functionality of this feature. It will only be collected for internal use and will not be shared with any third party. When collecting Device Identifier data for a RLAS, information will be stored anonymously and will be deleted within 6 months from the date of collection.

In the case of a Supplier if you provide to us, and we collect from you, Personal Data of a third party, it is your responsibility to ensure that the third party is provided with a copy of this Privacy Policy.

 

5. How does InfoTrack protect your Personal Data?

InfoTrack employs a variety of physical and technical measures to keep Personal Data safe to prevent unauthorised access to, use or disclosure of it. Electronic data and databases are stored on secure computer systems and we control who has access to them (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection policies and procedures which personnel are required to follow when handling Personal Data.

We store Personal Data in computer storage facilities, paper-based files and other records. We take steps to protect the Personal Data against loss, unauthorised access, use modification or disclosure, and other misuse. These steps include password protection and access privileges for accessing our IT system, encryption of data stored and physical access restrictions to paper files. Some of these services, such as hosting our computer file servers, are provided by third parties in the UK and we endeavour to ensure that they also have adequate privacy safeguards in place through the use of contractual measures to protect Personal Data.

Because transmission of information over the internet is often insecure, we do not accept responsibility for the security of information you send to or receive from us over the internet, or for any unauthorised access or use of that information by others over the internet.

InfoTrack shall ensure that all personnel who access and/or process any of the Personal Data are contractually obliged to keep Personal Data confidential.

 

6. The purposes for which we collect, use and disclose Personal Data

Except as otherwise specified in this Privacy Policy, we will only use Personal Data with your consent or where it is necessary in order to:

  • enter into, or perform, a contract with you e.g. to fulfil any orders you place through Our Website or via other Ordering Methods;
  • perform the services you have asked us to provide;
  • comply with a legal duty;
  • protect your vital interests;
  • remember your preferences (e.g. where you are a Supplier, if you ask not to receive marketing material, we will keep a record of this); or
  • for our own (or a third party’s) lawful interests, provided your rights do not override.

For the purposes connected with providing Our Products and Services to you, we may share your data with third parties but we will not use or share your Personal Data for any other purpose without first obtaining your consent, unless required by law.

In any event, we will only use your Personal Data for the purposes for which it is collected, or purposes which are very similar.

Except as otherwise specified in this Privacy Policy, we use Personal Data that you provide for the following purposes:

  • to set up your account with us, which (where you are a Consumer) may include confirming your identity and obtaining a credit or reference check from a third party;
  • to provide Our Products and Services you have requested from us;
  • to answer any enquiries that you make;
  • for payment processing;
  • to administer our databases for client services, marketing, credit control and financial accounting purposes;
  • to comply with legal requirements regarding collection and retention of information concerning Our Products and Services that we provide; and
  • for any enforcement or legal compliance purposes including any breaches by you of your agreement with us or this Privacy Policy.

We may disclose your Personal Data (or the Personal Data of third parties that you may provide to us) to third party service providers who assist us in providing Our Products and Services you request, including public authorities and providers of information services. We do share your Personal Data with third party service providers in the delivery of eCOS®. Further information about these third-party service providers can be found within the eCOS® Privacy Policy.

We may also disclose your Personal Data to third parties who work with us in our business to promote, market or improve Our Products and Services that we provide, including:

  • providers of customer relations management database services and marketing database services;
  • marketing consultants, promotion companies and website hosts; and
  • consultants and professional advisers.

We may also combine your Personal Data with information available from other sources, including the entities mentioned above, to help us provide better services to you.

We may share your Personal Data within InfoTrack’s group of companies including (but not limited to) Pheonix Searches Ltd (trading as Search Acumen) and Perfect Portal (UK) Limited in connection with the fulfilment of the contract between us only. InfoTrack maintains a data sharing agreement that complies with UK GDPR with its group of companies.

You can withdraw your consent at any time to our processing of your Personal Data for any purpose at any time, by contacting us by email or at the postal address set out above. By submitting an order, you understand that we use Sub-Processors for the purpose of providing Our Products and Services and by submitting an order you give consent to use Sub-Processors for the purpose of providing Our Products and Services.

In the event we engage another Sub-Processor after you have placed your order for Our Products and Services and before the order for Our Products and Services is completed, we will give you prior written notice. If you object to any new Sub-Processor, you may, despite anything to the contrary in the Terms, terminate your order and your right to access and use Our Products and Services will cease without penalty on receipt of written notice.

InfoTrack will only use suppliers that meet the requirements of the Data Protection Laws.

 

7. How we use Credit Reference Agencies

For some of the services we provide to you that require credit and identity checks such as our Bank Account Verification Search, we will use a Credit Reference Agency (“CRA’’) to help us to deliver you with the best services.

If you use these services, from time to time we will also search information that the CRA has. The Personal Data we may exchange with the CRA is:  

  • name, address and date of birth;
  • credit application;
  • details of any shared credit;
  • financial situation and history; and/or
  • public information, from sources such as Companies House and the electoral register.

This Personal Data will then be used to:

  • make sure what you have told is factually correct;
  • help detect and prevent financial crime;
  • help meet obligations under anti-money laundering rules and guidance.

When we use the CRA, this is called a credit search and the CRA will make note of this on your Consumer’s credit file. This is visible to lenders and other companies who perform a credit check on your Consumer in the future. It is your responsibility as the user of this service to make this check clear with your Consumer.

Please follow the link below for further information on how the Credit Reference Agency, Equifax, uses your data, your Consumer’s and your Consumer’s data protection rights.

Equifax; https://www.equifax.co.uk/crain.html

 

8. Marketing

Where you are a Supplier or an existing client, we may wish to send you details regarding:

  • new services and products offered by us;
  • details of meetings, events and seminars that may be of interest to InfoTrack customers and clients;
  • our newsletters and other marketing.

We may contact you inviting you to opt-in to receive this information. This means that you will be given the choice as to whether you want to receive these messages and will be able to select how you want to receive them (email, telephone or post).

You may opt-out of receiving direct marketing or the disclosure of your Personal Data for the purpose of direct marketing by:

  • contacting our Data Privacy Officer at DPO@infotrack.co.uk;
  • by using any unsubscribe facility contained in email communications that you receive from us;
  • writing to us InfoTrack Limited, Level 11, 91 Waterloo Road, London, SE1 8RT.

The information we hold is never used for marketing purposes and is never marketed, rented or sold to any third parties.

 

9. Where we store your Personal Data

The data that we collect from you will be transferred, stored and processed using Amazon Web Servers (AWS) which are held at a destination within the European Economic Area (“EEA”). AWS servers offer the highest level of security and are ISO 27001 compliant. If we transfer any data outside the EEA, we will take steps to make sure adequate levels of privacy protection, in line with Data Protection Law, are in place. This shall include as specifically set out in the Privacy Notice- Consent for Digital Identity Verification.

The Personal Data we collect will be stored and kept for as long as is necessary.

The duration of processing is limited to the duration in which we provide Our Products and Services to you.

If you wish to opt out of communications from us or withdraw your consent, your Personal Data will be deleted without undue delay. We continually review the Personal Data we hold and delete what is no longer required.

 

10. How to access your Personal Data

We want to ensure you remain in control of your Personal Data. Part of this is making sure you understand your legal rights and that of your Consumers which are as follows:

  • the right to erasure of Personal Data (although this will not apply where it is necessary for us to continue to use the data for a lawful reason);
  • the right to have inaccurate data rectified;
  • the right to object to your data being used for marketing or profiling;
  • where technically feasible, you have the right to see any Personal Data you have provided to us which we process automatically based on your consent to the performance of a contract. This information will be provided in a common electronic format;
  • the right to make a subject access request (“SAR”) at any time to find out more about the Personal Data which InfoTrack holds about you (and obtain a copy of it). InfoTrack will usually respond to SARs within one month of receipt (however this may be extended by up to two months in the case of complex and/or numerous requests, and in such cases, you shall be informed of the need for the extension);
  • Your right to be notified immediately if InfoTrack becomes aware of any form of Personal Data breach, including any unauthorised or unlawful processing, loss of, damage to, or destruction of any of the Personal Data.

InfoTrack will, on one months’ prior written notice, submit to audits and inspections and provide you with any information reasonably required in order to assess and verify compliance with the provisions of the Terms and both parties’ compliance with the requirements of the UK GDPR.

If you would like further information on your rights or you wish to exercise them, please write to us at DPO@infotrack.co.uk or InfoTrack Limited, Level 11, 91 Waterloo Road, London, SE1 8RT.

Please bear in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so. If you are not happy with our response, or you believe that your data protection or privacy rights have been affected, you should contact the UK Information Commissioner’s Office, which oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk

 

11. How to contact us or make a complaint

If you have any questions about this Privacy Policy or if you wish to make a complaint about the way we have collected, disclosed, or used your Personal Data, please contact:

Jon Buckle - InfoTrack Data Privacy Officer

  • email: DPO@infotrack.co.uk
  • post: InfoTrack Limited, Level 11, 91 Waterloo Road, London, SE1 8RT

We will acknowledge and investigate any complaint about the way we manage Personal Data as soon as practicable. We will take reasonable steps to remedy any failure to comply with our privacy obligations. We are not responsible for the privacy policies or privacy practices of the organisations we provide links to from Our Website. We suggest that you check the privacy policies and practices of those organisations.

 

12. Cookies

Our Website uses cookies to distinguish you from other users of the InfoTrack website. This helps us to provide users with a good experience when users browse Our Website, and it helps us to improve the quality and content of Our Website.

Cookies are text files containing small amounts of information and are placed on your electronic device. They are set when you visit a website that utilises cookies and may be used to keep track of the pages you have visited within any given site and are sent back to the originating website on each subsequent visit. We also use third-party cookies which are those cookies from a domain different than the domain of the website being visited including for advertising and marketing reasons. Cookies are important in helping us to provide a quicker and more efficient user experience, tailored to your individual needs. 

Each cookie is unique to your web browser and only the server it is stored upon has the ability to retrieve and read the contents of that individual cookie. It will contain anonymous information including a unique identifier, the site name, and a combination of digits. A cookie will be allocated each time you use Our Website. The cookie does not identify you as a user in our data collection process. It does identify your internet server provider.

You can configure your web browser to refuse cookies, but you then may not be able to use all or part of Our Website.

 

13. Updating our Privacy Policy

This Privacy Policy was last updated in May 2024. It may be updated from time to time, so we recommend that you review the information on Our Website on a regular basis.

 

 

InfoTrack acting as an agent of TrueLayer, which is providing the regulated Account Information Service, and is Authorised and Regulated by the Financial Conduct Authority under the Payment Services Regulations 2017 and the Electronic Money Regulations 2011 (Firm Reference Number: 901096)

0 Brochures Selected
Download Brochures