GDPR Statement

Legal Disclaimer: Compliance with the EU General Data Protection Regulation (GDPR)

The EU General Data Protection Regulation (GDPR) stands as a pivotal piece of legislation within the European privacy framework, representing a significant advancement in data protection law over the past two decades. As of its enforcement date on 25th May 2018, the GDPR supersedes the 1995 EU Data Protection Directive (European Directive 95/46/EC), fortifying the rights of individuals within the European Union (EU) regarding their personal data and establishing a consistent data protection framework throughout Europe.

Find UK People® / Pavilion Digital Marketing Ltd (hereinafter referred to as “the Company”) acknowledges its obligation to adhere to the GDPR provisions applicable to data processors. As such, the Company is committed to ensuring compliance with these regulations in effect from 25th May 2018 onwards.

The GDPR entails a comprehensive set of rules and requirements aimed at safeguarding the privacy and data rights of EU individuals. By becoming a data processor, the Company assumes the responsibility of handling personal data on behalf of its clients while respecting the principles and obligations set forth by the GDPR.

In accordance with the GDPR, the Company shall implement appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures will be designed to ensure the confidentiality, integrity, and availability of the personal data processed by the Company.

Furthermore, the Company acknowledges the importance of obtaining appropriate consent, where necessary, for the collection, processing, and transfer of personal data. The Company shall diligently address data subjects’ requests to exercise their rights under the GDPR, such as access, rectification, erasure, and restriction of processing.

The Company recognizes the significance of data protection impact assessments and commits to conducting such assessments when required under the GDPR. These assessments will evaluate the potential risks associated with processing personal data and implement appropriate safeguards to mitigate these risks.

While the GDPR establishes a unified data protection regime across the EU, it also acknowledges the need for variations and additional provisions at the member state level. Therefore, the Company shall comply with any supplemental obligations imposed by relevant national data protection laws to ensure full adherence to the GDPR requirements.

This legal disclaimer serves as a commitment by the Company to comply with the applicable provisions of the GDPR. However, it is important to note that this disclaimer does not constitute legal advice or create any rights or obligations beyond those stipulated by the GDPR and related data protection laws.

By engaging with the Company’s services, clients acknowledge their awareness of the GDPR’s requirements and consent to the Company acting as a data processor in compliance with the GDPR’s provisions as of 25th May 2018. Clients are advised to seek independent legal counsel to ensure compliance with their respective obligations as data controllers under the GDPR and applicable data protection laws.

This legal disclaimer shall be governed by and construed in accordance with the laws of the United Kingdom, specifically addressing the GDPR and related data protection legislation in effect as of 2023.

Legal Disclaimer: Compliance with EU Data Protection Requirements as a Data Processor

Find UK People® / Pavilion Digital Marketing Ltd (hereinafter referred to as “the Company”) acknowledges its commitment to addressing the data protection requirements applicable to data processors under EU law. The Company recognizes the significance of the General Data Protection Regulation (GDPR) in shaping its data processing practices, and has taken necessary steps to ensure compliance with the GDPR:

Data Processing: As a data processor, the Company fulfills its obligations to its customers, who act as data controllers, by processing personal data on their behalf. This processing is carried out in compliance with the provisions of the GDPR.

Third-Party Audits and Certifications: The Company takes pride in its adherence to industry-leading security measures. It has implemented end-to-end encryption using SSL encryption up to 256-bit standards. Customer data acquired for marketing purposes, such as email marketing, is double opt-in data, and the Company ensures that customers who have opted in always have the option to remove themselves from any marketing communications.

The Company securely stores all data within encrypted systems and grants access only to authorized individuals with password-protected credentials. Access to the system is strictly controlled and limited to selected and authorized partners, solely for the purpose of conducting investigation research for the submitted request and obtaining relevant search information to complete the request. Databases containing information related to tracing requests are also password protected and encrypted. The Company prohibits the sale or transfer of data for any purpose other than the requested investigative action, such as utilizing a third party to obtain additional information to complete a request and obtain updated details.

The Company conducts an annual audit to evaluate its internal controls and processes. The audit encompasses various aspects, including internal governance, production operations, change management, data backups, and software development processes. It ensures that appropriate controls and processes are in place and effectively functioning in accordance with relevant standards.

The Company’s security practices adhere to recognized standards and encompass key elements of data processing and integrity. These practices are integrated into the organization’s operating procedures and span across teams or functions that provide service or support to clients on the platform. The core components of the control environment include corporate governance, change management, access control and management, data redundancy and backup, and software architecture and development oversight.

International Data Transfers: The Company complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework, as established by the U.S. Department of Commerce, concerning the collection, use, and retention of personal information transferred from the European Union, Switzerland, or European Economic Area member states to the United States. The Company commits to adhering to the applicable Privacy Shield Principles for all personal data received from data exporters in these regions. Further information on the Privacy Shield programs can be found at https://www.privacyshield.gov.

Data Portability: The GDPR includes provisions on data portability, requiring data controllers to facilitate the transfer of personal data. The data stored by our customers within Find UK People® / Pavilion Digital Marketing Ltd remains their own. The Company provides for data portability and continually strives to enhance the robustness of its data export capabilities.

This legal disclaimer serves as a commitment by the Company to comply with applicable EU data protection requirements, including the GDPR, as of the year 2023. However, it is important to note that this disclaimer does not constitute legal advice or create any rights or obligations beyond those stipulated by the GDPR and relevant data protection laws.

By engaging with the Company’s services, clients acknowledge their awareness of the GDPR’s requirements and consent to the Company acting as a data processor in compliance with the GDPR’s provisions. Clients are advised to seek independent legal counsel to ensure compliance with their respective obligations as data controllers under the GDPR and applicable data protection laws.

This legal disclaimer shall be governed by and construed in accordance with the laws of the United Kingdom, specifically addressing the GDPR and related data protection legislation in effect as of 2023.

Legal Disclaimer: GDPR Preparation Tips for Clients of Find UK People® / Pavilion Digital Marketing Ltd

As a current or prospective client of Find UK People® / Pavilion Digital Marketing Ltd, it is essential for you to proactively prepare for compliance with the General Data Protection Regulation (GDPR) as a data controller. In order to assist you in this endeavor, we provide the following tips:

Familiarize Yourself with the GDPR: Take the time to become acquainted with the provisions of the GDPR, paying particular attention to any variations from your current data protection obligations. It is important to consider how the GDPR may impact your relationships with your clients. Furthermore, be mindful of local provisions that may be superseded by the GDPR when it becomes enforceable EU law in May 2018. Recognize that the new requirements may necessitate new solutions that meet the rigorous demands of the GDPR.

Conduct a Data and Process Audit: Undertake a comprehensive review of your data collection practices. Develop an updated and accurate inventory of the personal information under your control. Evaluate your existing controls and processes to ensure their adequacy in complying with the GDPR. Identify any gaps or areas that require improvement. Establish a strategic plan to address these shortcomings and align your operations with the GDPR’s requirements.

These tips are provided solely for informational purposes and should not be construed as legal advice. It is crucial for you, as a data controller, to consult with legal professionals to fully understand your obligations and responsibilities under the GDPR. Compliance with the GDPR requires a tailored approach that considers the specific characteristics of your business and the personal data you handle.

Find UK People® / Pavilion Digital Marketing Ltd cannot assume any liability for the actions or decisions taken by clients in response to these tips. Each client is responsible for independently assessing their GDPR compliance readiness and implementing appropriate measures to meet the requirements of the GDPR and relevant data protection laws.

This legal disclaimer shall be governed by and construed in accordance with the laws of the United Kingdom, with specific reference to the GDPR and applicable data protection legislation in effect as of 2023.

Legal Disclaimer: GDPR Compliance Recommendations for Clients of Find UK People® / Pavilion Digital Marketing Ltd

As a valued client of Find UK People® / Pavilion Digital Marketing Ltd, it is imperative that you prioritize your compliance with the General Data Protection Regulation (GDPR) as a data controller. To assist you in this process, we offer the following recommendations:

Review Data Opt-Ins: Conduct a thorough assessment of your data opt-ins to ensure that you have obtained relevant and compliant consent from individuals whose data you intend to trace. Consider incorporating appropriate consent language within your terms and conditions or contractual agreements to align with the requirements of the GDPR.

Review Process Documentation: Evaluate your existing process documentation to ensure that it reflects the lawful basis for processing personal data as required by the GDPR. Verify that your processes are clearly documented, transparent, and adhere to the principles of data protection.

Ensure a Lawful Basis for Processing: Verify that you have identified a lawful basis for processing the personal data you collect and process. It is essential to establish a legal justification, such as consent, legitimate interests, contractual necessity, legal obligation, or vital interests, as outlined in the GDPR.

Stay Informed: Stay updated on the latest regulatory guidance issued by relevant authorities as it becomes available. We recommend regularly reviewing the Information Commissioner’s website, as it serves as the UK representative within the EU working group: Article 29. Additionally, consider seeking guidance from legal experts who can provide advice specific to your circumstances and ensure compliance with applicable laws and regulations.

These recommendations are provided for informational purposes only and should not be considered as legal advice. Each client must independently assess their GDPR compliance obligations and take appropriate measures tailored to their specific situation. Find UK People® / Pavilion Digital Marketing Ltd assumes no liability for the actions or decisions taken by clients based on these recommendations.

This legal disclaimer shall be governed by and construed in accordance with the laws of the United Kingdom, with specific reference to the GDPR and applicable data protection legislation in effect as of 2023.

Legal Disclaimer: Commitment to Customer Experience and GDPR Compliance at Find UK People® / Pavilion Digital Marketing Ltd

At Find UK People® / Pavilion Digital Marketing Ltd, we are dedicated to providing our valued customers with an exceptional experience, fostering trust among our global user base. As we navigate the requirements imposed by new legislation, we remain committed to making necessary operational adjustments. Throughout this process, we will keep our clients, partners, and regulatory authorities informed about the measures we undertake.

We have established an internal cross-functional team dedicated to monitoring the General Data Protection Regulation (GDPR) as it evolves and becomes more precisely defined in the coming months. This team will actively inform our GDPR strategy, ensuring our continued compliance with the regulation.

It is important to note that while we strive to maintain the highest standards of customer experience and comply with applicable regulations, the information provided in this disclaimer is for general informational purposes only. It should not be interpreted as legal advice or create any legal rights or obligations beyond those prescribed by the GDPR and related data protection laws.

Clients and stakeholders are advised to seek independent legal counsel to understand their specific obligations and responsibilities under the GDPR. Find UK People® / Pavilion Digital Marketing Ltd does not assume liability for any actions, decisions, or consequences arising from reliance on the information contained in this disclaimer.

This legal disclaimer shall be governed by and construed in accordance with the laws of the United Kingdom, with specific reference to the GDPR and relevant data protection legislation in effect as of 2023.

Legal Disclaimer: Terms and Conditions for Using Our Service in Compliance with GDPR

By utilizing our service, you acknowledge and agree that you possess a compliant legal basis to request an investigation from us in adherence to the General Data Protection Regulation (GDPR). To ensure GDPR compliance, we recommend consulting the website of the Information Commissioner’s Office (ICO) for verification.

Acceptable legal bases for requesting an investigation include, but are not limited to:

• Legal claims
• Consent
• Contractual necessity
• Compliance with legal obligations
• Vital interests
• Public interest

Upon using our service, you consent to receiving your investigation results via email. We will deliver order status updates, reports, and results to the email address you provide. Consent for receiving marketing update emails will be obtained at the point of purchase.

To facilitate the tracing process, you agree that we may share your people trace data with authorized and preferred investigation suppliers who hold supplier status. These suppliers may include Credit Reference Agencies like Equifax, Experian, or Callcredit, for obtaining address link data. All suppliers will be registered with the ICO, and we or our partners will have conducted an audit of their policies and procedures for data handling. We will only share details relevant to the subject of the search to achieve a successful tracing outcome. Our data sharing practices will be proportionate to the request and in your best interests.

By utilizing our service, you confirm that you and the subject of the instruction are over 18 years of age. Our services are not intended for use by individuals under the age of 18. We do not investigate cases involving persons under the age of 18.

Furthermore, you confirm that there are no legal or other compelling reasons that prohibit you from instructing us to trace a person or act on your behalf in the instructed matter.

For family, ex-partner, or friend tracing, we require your consent as well as the consent of the subject of the search to release their data to you. We obtain your consent through our online order form system, initiating the procedure automatically. This allows us to proceed, if appropriate, without further contact with you.

When requesting a family, ex-partner, or friend trace, you will select the appropriate consent option at the time of ordering. We will then send a letter to the subject’s current address, stating that you (your name) are requesting contact. The letter will provide your full name, email address, and telephone number for the subject to reach out to you, should they choose to do so.

If the subject declines to make contact after receiving the letter, there is one final option available. You, as the client, may appoint a UK-based registered mediation solicitor, to whom we will provide details for official mediation contact.

These terms and conditions govern the use of our service and create a legal agreement between you and Find UK People® / Pavilion Digital Marketing Ltd. Please carefully read and understand these terms before using our service. Please also read our full terms of service as you will also be bound by those conditions and terms that are more expanse than this summary for GDPR.