AppCheck Privacy Policy

Who we are

AppCheck Ltd is an external and internal vulnerability scanning company that provides a cloud based scanning solution.

In browsing and interacting with our website, you may provide us with (or we may otherwise collect) certain types of personal information about you.

In addition, when we carry out vulnerability scans on our clients’ systems, it is possible that our scanning engine may have access to personal information concerning you.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation and the Data Protection Act 2018 (Data Protection Law”), the “controller” is AppCheck Ltd of Unit 19, Pavilion Business Park, Royds Hall Road, Leeds, LS12 6AJ.

Our nominated representative for the purpose of Data Protection Law is our Data Protection Officer, Graham Bacon.

Information we may collect

We may collect and process the following data about you:

Information you provide by filling out forms on our website(s), which may be amended from time to time, for example subscribing to our newsletter, making an enquiry or signing up to a webinar. We may also capture information when you report problems to our website

• Information you provide to third party website that is made publicly available
• If you contact us, a record of this correspondence may be kept
• Any surveys you respond to may store data submitted for research purposes
• Details of your visits to our website including but not limited to traffic data, location data, weblogs and any communication data. This may include the use of cookies in accordance with our cookie policy.
• Information which is held on our client’s systems which our scanning engine has access to in the course of performing a scan

Information about you may be collected in the following ways:

• Directly – when you subscribe or provide information to us on the website
• Indirectly – using website technology and/or use of cookies (outlined in our cookie policy)
• Through your device – for example where you have enabled location services
• Through social media
• Through publicly available data sources
• Through performing a scan on a client’s system

How your personal data will be used

Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).

This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, operating system, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this. You should be aware that your details may also be used in our CRM. The system is designed to consider contact preferences. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

We may use information held about you in the following ways:

• To ensure that content from our site is presented in the most effective manner for you and for your device/browser. We do this because it is in our legitimate interests to provide a positive user experience and improve and increase usage of our website.
• To provide you with information, products or services from within the AppCheck portfolio which we feel may interest you. We do this because it is in our legitimate interests to market our products and services to you or alternatively because you have consented by expressly opting in to receive these communications.
• To carry out our obligations arising from any contracts entered into between us and a client. We do this because it is in our legitimate interests and those of the client that the contract can be properly performed.
• To allow you to participate in interactive features of our service, when you choose to do so, to enable us to provide those interactive features to you.
• To notify you about changes to our service. This is in our legitimate interests to ensure that important information is communicated to you.
• For the purposes of carrying out vulnerability scans on our clients’ systems. This is in the legitimate interests of clients to allow them to identify any vulnerabilities and address these to prevent their systems being compromised. We will never use personal information accessed in this way for our own purposes.

Your data may be used for automated decision making, including profiling, to offer you a tailored experience and provide you with the most relevant information.

Disclosure of your information

We may disclose your personal information to any relevant part of our business.

We may disclose your personal information to third parties:

• In the event we may buy or sell any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets
• If AppCheck Ltd or substantially all of its assets are acquired by a third party, in which case personal data held about its customers will be one of the transferred assets.
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of AppCheck Ltd, our clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction
• If you have indicated permissions for AppCheck Ltd to share your data with such third parties or in the event of joint marketing campaigns with AppCheck partners
• To allow third-party analytics sites to function correctly

If our scanning engine accesses personal information about you stored on a client’s system, this will never be disclosed to any third party.

Should there be any change to your personal details in the future (i.e. change of name, email address, telephone number etc) you are asked to notify us promptly. This will ensure we maintain accurate personal details and that we are able to contact you or another designated person in case we need to.

Your rights

You have a number of rights with regards to how your data is protected.

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (when collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by at any time by contacting us at marketing@appcheck-ng.com

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Access to information

Data Protection Laws give you the right to access information held about you. We will normally be required to provide this to you within one month of your request, but in some cases it may be necessary to extend this period for a further two months (we will let you know if this is the case).

By providing us with your information you will have the right to access and rectify your personal details. If you did wish to access your data, you shall have the right to view or receive a copy of the information in a commonly used format such as a pdf document or an e-mail. You may also have the right to ask for the processing of your personal data to be restricted or even erased. Whether or not you exercise the right to erasure, the company will erase your personal data in certain situations and particularly when the data is no longer required.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom (“UK”) or European Economic Area (“EEA”). It may also be processed by staff operating outside the UK or EEA working for us or for one of our suppliers. Where we transfer your personal data to a country which is outside of the UK or EEA, we will take all steps required by law to ensure sufficient protections are in place to safeguard your personal information, including where appropriate putting in place contractual terms approved by the relevant regulatory authorities.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.

How long we will store your personal information for

Where you provide (or we collect) your personal information through our website, we will retain your personal information retained for as long as AppCheck Ltd deems this information to be useful for the purpose in which it was acquired. We do not stipulate a minimum or maximum period for retaining personal data but shall periodically review data and the purposes for holding such data. If information is deemed to be no longer needed it shall be updated, archived or securely deleted.

We do not retain a copy of personal information which we access as a result of performing a scan.

Objections

Where your personal information is processed for the benefit of our or another party’s legitimate interests, you have the right to object to the processing of your personal data. If you exercise this right, then unless we have compelling reasons not to, we shall cease to process your data wherever Data Protection Laws require us to do so.

Under Data Protection Laws you also have the right to:

• Access a copy of the information comprised of your personal data
• Object to processing that is likely to cause or is causing damage or distress
• To prevent processing for direct marketing
• To object to decisions being taken by automated means
• To have inaccurate personal data rectified, blocked or erased
• To withdraw consent at any time
• To lodge a complaint with a supervisory authority

You may also have a right to claim compensation for damages caused by a breach of Data Protection Laws.

More information

If you have any queries or you wish to speak to us about how your information will be used, then please contact us at AppCheck Ltd Unit 19, Pavilion Business Park, Royds Hall Road, Leeds LS12 6AJ and / or marketing@appcheck.com and / or 0113 887 8380.

In the event that you should have a complaint about how your data has been processed by us, we would like to hear from you so that we may put it right. However, you will always have the right to lodge a complaint with the Information Commissioner’s Office.

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back regularly for updates.

This policy version is dated 07.06.2022