Privacy notice

We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.

Who we are

Swift Check Ltd collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

The personal information we collect and use

Information collected by us

In the course of processing criminal record checks via the Disclosure and Barring Service (DBS) and Disclosure Scotland (DS) we collect the following personal information when you provide it to us:

  • Username
  • Password
  • Name(s)
  • Email address
  • NI Number
  • Employing organisation
  • Position
  • ID Verifier
  • Manger details
  • Date of birth
  • Type of application
  • Telephone number
  • Place of birth
  • Gender
  • Title
  • Employment status
  • Employer’s address
  • Address history
  • Passport details
  • Driving licence details
  • Birth certificate details

Information collected from other sources

We also obtain personal information from other sources as follows:

  • Notification of whether or not a disclosure certificate has content from the Disclosure and Barring Service
  • Disclosure reference number
  • Disclosure issue date
  • We do not receive or hold data on any other content disclosed by the DBS, such as details of convictions or barring information

How we use your personal information

We use your personal information in order to:

  • Process requests for criminal record checks
  • Process any payments where necessary

Who we share your personal information with

We routinely share information collected by us (as listed on page 2) with our third-party suppliers, including DBS, Access NI, DS, Home Office, the Police force, Experian and Veri-fy Identity Ltd. This data sharing facilitates the processing of criminal record check applications.

We will share personal information with law enforcement or other authorities if required by applicable law.

We will not share your personal information with any other third party.

Whether information has to be provided by you, and if so why

The provision of personal data by you as set out on page 2 is required from you to enable us to facilitate the processing of criminal record check applications. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.

How long your personal information will be kept

We will only hold your information for as long as we need to and in accordance with our Retention Policy.

Reasons we can collect and use your personal information

We are a registered body with the DBS and DS and are authorised to submit criminal record checks. We provide information to the DBS in order for your criminal record check to be processed.

In order to process your criminal record check application (either Standard or Enhanced) we rely on the following reasons: –

  • Processing is based on consent from yourself, where applicable, or
  • Processing is necessary because of a legal obligation that applies to us, or
  • Processing is necessary for the purpose of the legitimate interests pursued by us or a third party (e.g. we need to process your personal data to facilitate a criminal record check which is in the legitimate interest of all parties involved – us, you as the potential candidate and our client), or
  • Processing is necessary for the performance of a task in the public interest.

We rely on your consent as the lawful basis on which we collect and use your personal data for Basic DBS Checks.

We will also rely on your consent to obtain e-Bulk standard/enhanced check electronic results.

Where we process your information on the basis of consent that you have given us, you are entitled to withdraw that consent at any time such that we can no longer rely on it as a basis for continuing to process your personal information.

If you would like further information please contact us, see ‘How to contact us’ below). We will not transfer your personal data outside of the United Kingdom or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Your rights

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

  • fair processing of information and transparency over how we use your use personal information
  • access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
  • require us to correct any mistakes in your information which we hold
  • require the erasure of personal information concerning you in certain situations
  • receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
  • object at any time to processing of personal information concerning you for direct marketing
  • object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
  • object in certain other situations to our continued processing of your personal information
  • otherwise restrict our processing of your personal information in certain circumstances

 

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email, call or write to our Data Protection Officer,
  • let us have enough information to identify you e. account number, user name, registration details
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
  • let us know the information to which your request relates, including any account or reference numbers, if you have them

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Swift Check Ltd utilises a system developed by Kent County Council for processing e-DBS applications and all information is therefore stored on their servers.  These servers containing sensitive information are stored in accordance within ISO27001 standards. They are in secure, locked areas to prevent unauthorised access.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

How to complain

We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: [0303 123 1113].

Changes to this privacy notice

This privacy notice was published on 21st May 2018 and last updated on 21st May 2018.

We may change this privacy notice from time to time, when we do we will inform you via our website.

How to contact us

Please contact our Data Protection Officer if you have any questions about this privacy notice or the information we hold about you.

If you wish to contact our Data Protection Officer please send an email to email, write to DPO, Swift Check Ltd, 41 Elm Way, Heathfield, East Sussex, TN21 8YH.