3. What data does Creditsafe collect and for which purposes?
We save and process personal identifiable information for our internal marketing purposes.
Data on Individuals associated with businesses for example name, given name, date of birth, place of birth, residential address, previous addresses, business address, business email-addresses and phone/fax numbers
Related business information for example industry, business type, financial status, payment behaviour and settlement of claims
In order to ensure the effectiveness of our marketing campaigns we may segment our customers and prospects based on metrics such as purchasing history, product usage, industry sector and sections of the website visited. This segmentation attempts to ensure that we present relevant products and services to companies.
Special categories of personal data as specified in Article 9 GDPR (e.g. ethnic origin, health data, or data on political or religious attitudes) are not processed for this purpose.
The personal data may be held and processed with customer relationship management systems operated by Creditsafe for prospect and customer management purposes.
4. Where does Creditsafe data originate from?
The data comes from public sources such as the commercial register and third party data suppliers, who will have obtained the data from you in the course of their business. We also collect personal data via our website; for example when you submit a request for information, a free report or trial, or otherwise contact us.
We also collect usage information on our website via cookies and analytics providers. More information regarding this is available in our Website Privacy Notice and Cookies Policy, accessible via our website.
5. What is the legal basis for Creditsafe to process data?
The legal basis for the processing of personal data is Art. 6 (1) (f) GDPR, which permits processing for the protection of the legitimate interests of the controller or third parties, unless there is an outweighing interest of the person concerned which prohibits such processing. In particular, we rely on legitimate interests on the basis that a business has made its details available and it is for the benefit of all businesses that marketing is facilitated, as envisaged by Recital 47 of the GDPR.
For businesses that do not wish to receive marketing, there are legitimate means to prevent it, including unsubscribing to any marketing emails sent out by Creditsafe, not supplying the details for inclusion in business registers, objecting to direct marketing under the GDPR, and/or registering with the TPS/CTPS and Creditsafe is fully compliant with such requirements.
6. Who does Creditsafe share data with?
Creditsafe may share personal data with third party suppliers of Creditsafe in order to provide services in connection with Creditsafe’s marketing and advertising activities, including marketing due diligence, data enhancement, and marketing analytics. All such suppliers will be subject to contractual obligations which meet data protection requirements.
Personal data may also be transmitted to other members of the Creditsafe group of companies for their own marketing purposes, for example in the case of a prospect which is outside of the UK.
7. Where is personal data stored
Personal data is stored on servers located in the UK and EU.
8. Is data transferred to a recipient outside of the UK, European Union, or the European Economic Area?
Where personal data is provided to contractors or group companies outside the UK, European Union or the European Economic Area, i.e. to so-called third countries, this takes place taking into account the requirements of the GDPR to recipients in countries with adequate data protection levels (Art. 45 GDPR), or to those recipients with whom EU Standard Contractual Clauses and the UK International Data Transfer Agreement Addendum have been executed (Art. 46 (2) (c) GDPR) and once Transfer Impact Assessments have been concluded.
9. How long does Creditsafe store data?
We store personal data only for as long as necessary to achieve the purposes described above. We will archive personal data after 6 years unless there is a business justification for continued use. We may hold data in an archived form for research and development, analytics and analysis, for audit purposes, and as appropriate for establishment, exercise or defence or legal claims. The criteria used to determine the storage period will include the legal limitation of liability period, agreed contractual provisions, applicable regulatory requirements and industry standards.
10. What are your rights as a data subject?
According to Art. 15 GDPR you have the right to obtain information regarding all data we stored about you.
In the event that you discover outdated or incorrect information about yourself, you have the right in accordance with Art. 16 GDPR to have it updated and corrected by us at any time.
Furthermore, in accordance with Art. 17 GDPR, you may also have the right to have your personal data deleted provided that we have no right or authority to further process the data.
Under the conditions set out in Art. 18 GDPR, you have the right to restrict the processing of your personal data.
You are entitled to the right of objection pursuant to Art. 21 GDPR in the following circumstances.
1. Right to object on grounds relating to the particular situation:
According to Art. 21 (1) GDPR you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms (e.g. to assert or defend ourselves against legal claims)
2. Right to object against marketing:
In addition, pursuant to Art. 21 (2) GDPR, you may also object against the use of your data for direct marketing purposes. In this case, we will no longer use your personal information for advertising purposes.
Please direct all data subject rights requests to the contact address mentioned at the top of this page.
11. Where can you raise a complaint?
You have the right to contact our supervisory authority, the Information Commissioners Office.
12. Do you have an obligation to share or update data?
You do not have to provide any data when we ask you, except for the data required to administer any contracts between you and Creditsafe.
13. Is your data used for automated decision making?
We do not make any automated decisions within the meaning of Art. 22 GDPR.
14. Is your data used for profiling and/or scoring?
Not for the purposes set out in this Transparency Notice. Please see our ‘Business Information Transparency Notice for more information on our profiling/scoring activities.
This Transparency Notice was updated in April 2024.