Who we are
AppCheck Ltd is an external and internal vulnerability scanning company that provides a cloud based scanning solution.
In browsing and interacting with our website, you may provide us with (or we may otherwise collect) certain types of personal information about you.
You may also provide us with personal data about you when you communicate with us, for example by email, phone or post.
In addition, when we carry out vulnerability scans on our clients’ systems, it is possible that our scanning engine may have access to personal information concerning you.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the UK General Data Protection Regulation and the Data Protection Act 2018 (Data Protection Law”), the “controller” is AppCheck Ltd of Unit 1, Centre 27 Business Park Bankwood Way, Birstall, Batley, WF17 9TB.
Our nominated representative for the purpose of Data Protection Law is our Data Protection Officer, Graham Bacon.
Information we may collect
Information about you may be collected in the following ways:
Directly – when you subscribe or provide information to us on the website or when you communicate with us by other means such as email, phone or post
Through your device – for example where you have enabled location services
Through social media
Through publicly available data sources
Through performing a scan on a client’s system
How your personal data will be used
Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”).
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, operating system, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this. You should be aware that your details may also be used in our CRM. The system is designed to consider contact preferences. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We may use information held about you in the following ways:
To ensure that content from our site is presented in the most effective manner for you and for your device/browser. We do this because it is in our legitimate interests to provide a positive user experience and improve and increase usage of our website.
To provide you with information, products or services from within the AppCheck portfolio which we feel may interest you. We do this because it is in our legitimate interests to market our products and services to you or alternatively because you have consented by expressly opting in to receive these communications.
To carry out our obligations arising from any contracts entered into between us and a client. We do this because it is in our legitimate interests and those of the client that the contract can be properly performed.
To allow you to participate in interactive features of our service, when you choose to do so, to enable us to provide those interactive features to you.
To notify you about changes to our service. This is in our legitimate interests to ensure that important information is communicated to you.
To deal with any correspondence you send to us or any call you make to us or receive from us. It is in our legitimate interests to efficiently deal with any queries and communications.
To monitor our telecommunications system for quality and training purposes. We do this because it is in our legitimate interests to train and develop our staff and to ensure that we are maintaining a consistently high standard of service.
To keep a record of communications through our telecommunications system. We do this because it is in our legitimate interest to be able to clearly identify what has been discussed and to be able to objectively demonstrate this where required.
For the purposes of carrying out vulnerability scans on our clients’ systems. This is in the legitimate interests of clients to allow them to identify any vulnerabilities and address these to prevent their systems being compromised. We will never use personal information accessed in this way for our own purposes.
Your data may be used for automated decision making, including profiling, to offer you a tailored experience and provide you with the most relevant information.
Disclosure of your information
We may disclose your personal information to any relevant part of our business.
We may disclose your personal information to third parties:
In the event we may buy or sell any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets
If AppCheck Ltd or substantially all of its assets are acquired by a third party, in which case personal data held about its customers will be one of the transferred assets.
Some activities, such as recording phone calls, may be carried out on our behalf by third party service providers. All our third-party service providers are required to take appropriate security measures to protect your personal information
If you have indicated permissions for AppCheck Ltd to share your data with such third parties or in the event of joint marketing campaigns with AppCheck partners
To allow third-party analytics sites to function correctly
If our scanning engine accesses personal information about you stored on a client’s system, this will never be disclosed to any third party.
Should there be any change to your personal details in the future (i.e. change of name, email address, telephone number etc) you are asked to notify us promptly. This will ensure we maintain accurate personal details and that we are able to contact you or another designated person in case we need to.
You have a number of rights with regards to how your data is protected.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (when collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by at any time by contacting us at firstname.lastname@example.org
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
Data Protection Laws give you the right to access information held about you. We will normally be required to provide this to you within one month of your request, but in some cases it may be necessary to extend this period for a further two months (we will let you know if this is the case).
By providing us with your information you will have the right to access and rectify your personal details. If you did wish to access your data, you shall have the right to view or receive a copy of the information in a commonly used format such as a pdf document or an e-mail. You may also have the right to ask for the processing of your personal data to be restricted or even erased. Whether or not you exercise the right to erasure, the company will erase your personal data in certain situations and particularly when the data is no longer required.
Where we store your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom (“UK”) or European Economic Area (“EEA”). It may also be processed by staff operating outside the UK or EEA working for us or for one of our suppliers. Where we transfer your personal data to a country which is outside of the UK or EEA, we will take all steps required by law to ensure sufficient protections are in place to safeguard your personal information, including where appropriate putting in place contractual terms approved by the relevant regulatory authorities.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.
How long we will store your personal information for
Where you provide (or we collect) your personal information through our website, we will retain your personal information retained for as long as AppCheck Ltd deems this information to be useful for the purpose in which it was acquired. We do not stipulate a minimum or maximum period for retaining personal data but shall periodically review data and the purposes for holding such data. If information is deemed to be no longer needed it shall be updated, archived or securely deleted.
Where your personal information is processed for the benefit of our or another party’s legitimate interests, you have the right to object to the processing of your personal data. If you exercise this right, then unless we have compelling reasons not to, we shall cease to process your data wherever Data Protection Laws require us to do so.
Under Data Protection Laws you also have the right to:
Access a copy of the information comprised of your personal data
Object to processing that is likely to cause or is causing damage or distress
To prevent processing for direct marketing
To object to decisions being taken by automated means
To have inaccurate personal data rectified, blocked or erased
To withdraw consent at any time
To lodge a complaint with a supervisory authority
You may also have a right to claim compensation for damages caused by a breach of Data Protection Laws.
If you have any queries or you wish to speak to us about how your information will be used, then please contact us at AppCheck Ltd Unit 1, Centre 27 Business Park Bankwood Way, Birstall, Batley, WF17 9TB and / or email@example.com and / or 0113 887 8380.
In the event that you should have a complaint about how your data has been processed by us, we would like to hear from you so that we may put it right. However, you will always have the right to lodge a complaint with the Information Commissioner’s Office.
This policy version is dated 30.03.2023