Types of Personal Data We Collect
We may collect the following types of personal data about you:
- Identity verification data: this includes your name, date of birth, and other identifying information that we may collect when you submit your personal data to us or when we receive your personal data from our Clients;
- Age assurance data: this includes information about your age and whether you meet the legal age requirements for certain products or services;
- Watchlist data: this includes information about your presence on watchlists or other databases that our Clients may use to verify your identity or assess potential risks associated with their business activities.
In addition to the personal data described above, we may also collect certain technical data about your use of our services. This may include your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technical information about the device you use to access our services.
We use this technical data to analyze how our services are used, to improve our website and services, and to diagnose technical problems. We may also use this information to personalize your experience of our services, such as by recommending content or services that may be of interest to you based on your browsing history or preferences.
How We Use Your Personal Data
We use your personal data for the following purposes:
- To provide our age assurance, identity verification, and watchlist services to our Clients;
- To comply with legal or regulatory obligations that apply to us or our Clients;
- To improve our services and develop new products and features;
- To communicate with you about our services or respond to your inquiries.
Legal Basis for Processing Your Personal Data
Our legal basis for processing your personal data is typically based on the performance of our contract with our Clients, or our legitimate interests in providing our services and improving our business operations. In some cases, we may also process your personal data based on your consent, where required by law.
Sharing Your Personal Data
We may share your personal data with the following types of third parties:
- Our Clients, who may use your personal data to verify your identity or assess potential risks associated with their business activities;
- Service providers, who help us provide our services or support our business operations, such as IT providers or payment processors;
- Legal or regulatory authorities, where we are required to do so by law or in response to legal process;
- Third parties in connection with a merger, acquisition, or other business transaction involving AgeChecked Ltd.
Automated Decision Making and Profiling
We use automated decision-making processes to analyse your personal data and make decisions about your eligibility for certain services. These processes may involve profiling, which means that we may analyse your personal data to understand your behaviour.
We use automated decision-making and profiling to improve our services and to provide a better experience for our users. For example, we may use profiling to personalise the services we offer you, such as presenting content in a familiar language based on your browser settings.
Please note that you have the right to object to automated decision-making and profiling. If you wish to exercise this right, please contact us using the contact details provided below.
We will not use automated decision-making and profiling for any purposes that are incompatible with the purposes for which we collected your personal data, or for any purposes that are unlawful or unauthorized. We will also ensure that our automated decision-making processes are transparent and fair, and that you have the right to obtain human intervention and to express your views on the decision-making process.
International Transfers of Personal Data
We may transfer your personal data to third parties located in countries outside of the European Economic Area (“EEA”), including the United States. When we transfer your personal data to such third parties, we will take appropriate measures to ensure that your personal data is adequately protected in accordance with applicable data protection laws.
You have certain rights under GDPR with respect to your personal data, including:
- The right to access your personal data and receive certain information about how we process it;
- The right to request the rectification of inaccurate personal data concerning you and to have incomplete personal data completed;
- The right to request the erasure of your personal data in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected;
- The right to object to the processing of your personal data in certain circumstances, such as where we are relying on our legitimate interests as the legal basis for processing;
- The right to request the restriction of the processing of your personal data in certain circumstances;
- The right to data portability, which allows you to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller; and
- The right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data infringes applicable data protection laws.
To exercise your rights under GDPR, please contact us using the contact details provided below.
Retention of Personal Data
We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws or regulations. We may also retain your personal data to resolve disputes, enforce our agreements, or for other legitimate business purposes.
Security of Personal Data
We have implemented appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.