PRIVACY POLICY

1.Introduction

1. Deploi Technologies Ltd is committed to ensuring that your privacy is protected, and we comply with the General Data Protection Regulation as it forms part of UK law (“UK GDPR”) and other applicable data protection rules (including the Data Protection Act 2018 and marketing and cookies laws, together with associated guidance) (the "Data Protection Laws").

1.2 This policy explains how we use, store and share the information we collect about you, how you can exercise your rights in respect of that information and the procedures that we have in place to safeguard your privacy. This policy supplements any other fair processing or privacy notice that may be provided to you from time to time.

1.3 The Deploi mobile app (the "App") is run by Deploi Technologies Ltd (company no. 15530150 with registered office at Department, Campfields, Liverpool Road, Manchester, England, M3 4FP) ("we" and "us"). For the purposes of the Data Protection Laws, we act as an independent controller of personal data processed for the purposes set out below in connection with your use of the App or any Services provided in connection with the App. In some circumstances we may also act as a processor on behalf of our business customers, as described in our Terms of Service.

1.4 This privacy notice sets out how we handle the personal data of our business clients (“Company”), suppliers, end users and other third parties for the purposes of our business.

1.5 A Company may ask you to download our App and use our Services for us to assist them in carrying out background screening checks, reference and documentation checks, identity verification and employment verification (“Background Check(s)”) for employment or other lawful purposes.

1.6 You will be asked to provide specific information depending on the Background Check requested. This information may be shared with authorised third-party verification providers (“Data Sources”) who verify the information you provide.

1.7 The outcome of Background Checks is used to generate a compliance report (the “Report”) which is provided to our business customer. We maintain a secure digital compliance record associated with you to support lawful portability of your compliance history and future verification requests. Employer access to records is restricted to information relevant to their employment relationship and, where appropriate, notified to you by email. Please check back regularly to review updates.

1.9 Please contact us at info@deploi.uk if you have any questions, comments or concerns about this policy or how we handle your personal data.or lawful audit obligations.

1.8 Any changes to this policy will be posted on this page

2. What personal data we collect and why we collect it

2.1 Under Data Protection Laws we must explain what information we collect and why we process it.

We process personal data in order to:

• perform background and compliance checks
• support employer safeguarding and regulatory duties
• maintain portable compliance records
• operate ongoing monitoring where legally required
• prevent fraud or misuse
• maintain audit logs and system security

We rely on lawful bases including:

• legal obligations
• legitimate interests in safeguarding and compliance
• contractual necessity
• consent where required by law

Where we rely on legitimate interests, processing is proportionate, minimal and not unfairly intrusive.

3. Sensitive Data

Certain personal data requires enhanced protection (“Sensitive Data”) including special category and criminal record information.

This may include:

• race or ethnicity
• religion
• political or trade union membership
• biometric identifiers
• health or medical data
• criminal record history (e.g. DBS checks)

We only process Sensitive Data where permitted under Data Protection Laws, including where necessary for:

• safeguarding and regulatory compliance
• legal claims or investigations
• prevention of crime
• vital interests
• explicit consent where required

4. Marketing and promotional material

We may use limited personal data for service communications or marketing where permitted by law.

You may opt out at any time via:

• unsubscribe links
• in-app preferences
• email request to info@deploi.uk

We do not sell personal data.

5. Sharing your personal data and background reports

5.1 Data Sources

We use authorised sources such as:

• identity verification providers
• credit agencies
• sanctions databases
• criminal record bodies
• referees and employers
• regulatory registers
• fraud databases

Only relevant checks are performed.

5.2 Recipients

We share data only with:

• authorised employer customers
• regulated verification partners
• infrastructure providers
• professional advisors
• regulators and law enforcement where required

Employer access is limited to:

• their employment period
• services paid for
• lawful audit needs

Employers cannot access unrelated future employment records.

5.3 Sub-processors

We use vetted partners including:

Creditsafe – credit checks
CBS Screening – DBS checks
Yoti – identity / RTW verification

All partners are contractually bound by data protection safeguards.

6. Retention periods

We retain personal data only as long as necessary for:

• safeguarding
• audit defence
• fraud prevention
• legal compliance
• passport portability

Retention periods are based on regulatory necessity and internal governance.

When no longer required, data is securely deleted or anonymised.

A retention schedule is available on request.

7. International transfers

Where data is transferred outside the UK/EEA we apply approved safeguards including:

• Standard Contractual Clauses
• adequacy decisions
• supplementary security measures

We ensure transferred data receives equivalent protection.

8. Monitoring

Ongoing monitoring only occurs where necessary for lawful employment, safeguarding or audit purposes. Monitoring stops when no longer justified.

9. Individual rights

You may:

• request access
• request correction
• restrict processing
• request portability
• object where lawful
• complain to the ICO

Some rights may be limited where safeguarding or legal duties apply.

Requests: info@deploi.uk

10. Security

We implement appropriate technical and organisational safeguards including encryption, access controls and audit monitoring.

Only authorised personnel may access personal data.

11. Complaints

You may complain to:

Information Commissioner’s Office
www.ico.org.uk

We encourage contacting us first so we can resolve concerns.

12. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always appear on our website.