UK Archives

Privacy Policy

Privacy Policy for UK Archives

UK Archives is committed to protecting and respecting your privacy. 

This privacy policy explains how personal data is collected and used when you engage with our UK Archives by using our website, ordering any services from us or via any other means. It also explains how we process any data that you supply to us when using our services.

It is important that you read this policy and any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them. If, for any reason, you do not agree to the terms of this policy, please stop using our services and/or website.

Please note that our services are not directed at children under the age of 13 and we do not knowingly collect personal information about children.

What is Personal Data?
Where this Policy refers to ‘personal data’ it is referring to data about you from which you could be identified – such as your name, your date of birth, your contact details and even your IP address.
What personal data do we collect and how?
The personal data collected depends on how you interact with us and our services. We may collect and hold the following personal data (these will not always be personal data, depending on the context in which they are collected, the actual data collected, and whether the data collected allows us to directly or indirectly identify you):
  • full legal name
  • email address
  • address
  • date of birth and place of birth
  • IP address
  • login data, operating system, browser type and version (which may not always be personal data)
  • location (which may not always be personal data) and
  • your marketing and communication preferences. We use different methods to collect data from and about you including:
  • when you voluntarily supply personal data to us, for example:
  • if you use our services and provide us with personal data (by signing up to our services or similar activities in which you volunteer data about yourself)
  • and
  • if you contact us by post, telephone or email
  • when we obtain a certificate or other document that you have asked us to obtain for you, and in doing so we obtain further personal data about you
  • we may also collect information about you when you use our website through the use of technologies such as cookies
  • through publicly available sources, for example Companies House and other government authorities.
How do we use your personal data?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in accordance with your instructions, or in the following circumstances:
  • where we need to perform the contract we are about to enter into or have entered into with you
  • where you have given your consent
  • where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests and/or
  • where we need to do so in order to comply with a legal or regulatory obligation.
The following table sets out examples of how we handle your personal data, the purposes for which we use it, and our legal basis for doing so under the General Data Protection Regulation and Data Protection Act 2018.

What We Do

  • Use your personal information to register you as a new user.
  • Use your contact details and name to respond to any queries or discussions, and to contact you, in relation to our services.
  • Use your contact details to send you email marketing about similar services to those that we have already provided to you.
  • Use your personal data as required to fulfil any obligations arising from any contracts entered into between us and you, including obtaining certificates or other records from the relevant public registries.
  • To send you periodic email or notifications about our services and any updates or changes to them.
  • To create and analyse usage of our services and our website, data on the devices used to access our services and our website, including to monitor and improve performance.

Our Legal Basis for Processing

  • We need to do this in order to fulfil our contract to set you up as a user and to provide our services to you, and it is in our legitimate interests to allow you access the services.
  • We do this on the basis that it is necessary for our legitimate interests to provide a high service level to you, and to develop our services and grow our business. Such legitimate interests are not overridden by your rights and freedoms, as we will only contact you on a limited and appropriate basis.
  • We do this on the basis that it is necessary for the purposes of our legitimate interests so that we can provide you with relevant information as to our services.
    You will always have the option to opt-out of these marketing emails.
  • We do this on the basis that it is necessary for the performance of our contract with you.
  • We do this on the basis that it is in our legitimate interest to keep you up to date on our services.
  • We do this on the basis that it is necessary in our legitimate interests to constantly monitor and seek to improve our performance.
We may review your personal data if we have reason to believe that our services have been used unlawfully or illegally, or if any services provided to you have resulted in an unlawful or illegal act. We do this on the bases that:
  • it is necessary in our legitimate interest to ensure that our services are being used appropriately and lawfully; and
  • where relevant, it is necessary to protect your or any third party’s vital interests – this will only be the basis where we have reason to believe that you or any third party have or may come to harm.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Marketing:

From time to time, we may send you information regarding that which we perceive may be of interest to you or your business, provided such information is similar to the services you have already purchased from us and you have not opted out of such marketing. You may receive this information by letter, telephone or email. We send this marketing on the basis that it is necessary for the purposes of our legitimate interests so that we can provide you with relevant information as to our products and services. You will always have the option to opt-out of these marketing emails by emailing us.
Will we share your data?

Depending on how and why you provide us with your personal data we may share it in the following ways: 

    • with government authorities and other third parties who hold the certificates or other records that we are obtaining for you as part of our provision of services;
    • we may share your personal information with any member of our company group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006;
    • with selected third parties, such as law enforcement, regulatory authorities or where we are legally obliged to share the information, or service providers, such as professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services, and with analytics and search engine providers that assist us in the improvement and optimisation of our services; and

We may also disclose your personal information to third parties in the following events:

      • if we were to sell or buy any business or assets, in which case we might disclose your personal information to the prospective seller or buyer of such business or assets as part of that sale;
      • if UK Archives or substantially all of our assets are acquired by a third party, in which case personal information held by us about our customers will be one of the transferred assets;
      • if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or to protect the rights, property, or safety of us, you or any third party or if we are asked to provide your details to a lawful authority in order to aid in the investigation of crime or disorder; this includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction; and/or
      • in order to enforce or apply the our terms of use or other terms and conditions.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

We do not sell, trade, or otherwise transfer your personal identifiable information to outside parties other than as set out in this privacy policy.

Please note that some of our service providers may be based outside of the European Economic Area (the “EEA”). By submitting your personal information, you agree to this transfer, storing or processing. Where we transfer your data to a service provider that is outside of the EEA we seek to ensure that appropriate safeguards are in place to make sure that your personal data is held securely and that your rights as a data subject are upheld. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

    • we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
    • where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or
    • where another method accepted by the European Commission as providing adequate protection to personal data shared between Europe and another country exists and is implemented.
How long do we keep your personal data?
We will hold your personal information on our systems only for as long as required to provide you with the services you have requested or to perform the purpose for which that data was collected. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Where we hold your personal data for the purposes of obtaining a certificate or other record, we will normally hold any personal data we hold about you for three months after providing you with your certificate or other record.

In some circumstances you can ask us to delete your data: see ‘Your Rights’ below for further information.

Data Security

We take the protection of your information very seriously. We use encryption (SSL) to protect your personal data when appropriate, and all the information provided to us is stored on secure servers once we receive it. We prioritise your security by using a database backed up by our private blockchain. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. h4>Your Rights You have the following rights in relation to the personal data held on you by us:

  • right to be informed about how the personal data is used (this notice);
  • right to access a copy of the personal data that we hold about you;
  • right to correction of any errors in personal data held by us;
  • right to erasure of any personal data;
  • right to restrict processing;
  • right to data portability;
  • object to or restrict the processing of your personal data in certain circumstances; and
  • right to object to direct marketing communications at any time.

If you wish to learn more about these rights please contact us on the address below.

Changes

If we decide to change this privacy policy, any changes will be posted on this page. Last updated June 2022.

Other Websites

Our website and services may contain links to other sites. This privacy policy only applies to our website and services, so when you link to other websites or services you should read their privacy policy.