Terms & Privacy

1               PRIVACY POLICY

1.1          Introduction

At Identity Experts, we respect the privacy of our staff, clients and visitors to our website(s). This policy is concerned with how we collect information, what we do with it and what controls you have over the information we collect.

1.2          Your Privacy

We take our duty to process your personal data very seriously. This policy explains how we collect, manage, use and protect your personal data.

We may change this policy from time to time to reflect the latest view of what we do with your information. Please check back frequently; you will be able to see if changes have been made by the date it was last updated.

1.2.1       Who are we?

In this policy, references to Identity Experts, or to ‘we’ or ‘us’ are to Identity Experts Limited which is a company registered in England and Wales, Company No 9002786. Identity Experts office registered at 22 The Village Square, Bramhall, Stockport, SK7 1AW.

1.2.2       What personal data we collect and how we use it

What we need

Identity Experts are what is known as the ‘controller’ of the personal data you provide to us. We may collect basic personal data about you such as your name, postal address, telephone number, email address or your bank details if you are purchasing a product, service or event registration from us.

Sometimes we will collect other information about you if it’s relevant for the purpose, such as dietary requirements for an event. We will be very clear with you that we wished to collect such information, our reason for collecting such information, and we would only do so with your specific consent and permission.

We also use Snitcher and Google Analytics to gather insights on the IP addresses of those visiting the website, for the purposes of legitimate interest. To achieve this, we use a SNID cookie.

We also use cookies associated with Microsoft Clarity and Hotjar to monitor behaviour on the website, however this information does not make visitors individually identifiable.

Why we need it

We collect your personal data in connection with specific activities, such as campaign updates, newsletter requests, registration, product purchases, feedback, information you provide in public forums, at third party events or on our website(s) and social media.

The information is either needed to fulfil your request or to enable us to provide you with a more personalised service. You don’t have to disclose any of this information to browse our sites. However, if you choose to withhold requested information, we may not be able to provide you with certain services.

When can we use it

Any information collected by Identity Experts will only be processed lawfully in accordance to GDPR’s Article 6(1). Typically, of the 6 points under Article 6(1), Identity Experts will only process data based on:

  • the data subject giving explicit consent to Identity Experts (point a)
  • it being necessary for the performance of a contract in which the client has signed up to (point b)
  • it being necessary for the purposes of the legitimate interests pursued by the controller or by a third party (point f)

1.2.3       Our marketing

Sometimes, with your consent, we will process your personal data to provide you with information about our work or our activities that you have requested or are expecting.

On other occasions, we may process personal data when we need to do this to fulfil a contract (for example, if you have purchased something from our web store) or where we are required to do this by law or other regulations.

Identity Experts also processes your data when it is in our legitimate interests to do this and when these interests do not override your rights. Please see the section on ‘Legitimate Interest’ for more information.

1.2.4       How we obtain your details

We will also hold information about your details so that we can respect your preferences for being contacted by us.

We collect your personal information in several ways:

  • When you provide it to us directly;
  • When you provide permission to other organisations to share it with us (including social media platforms such as Facebook or Twitter);
  • When we collect it as you use our website;
  • When you have given it to a third party and you have provided permission to pass your information on to us;
  • Through the use of third party software, Snitcher, and its associated SNID cookie;
  • Through the us of third party software, Microsoft Clarity and Hotjar, through their associated cookies;
  • From publicly available sources (where possible) to keep your information up to date (e.g. the Post Office’s National Change of Address database);

We combine the information from these sources with the information you provide to us directly.

When providing permission for 3rd party organisations to share your data you should check their Privacy Policies carefully to understand fully how they will process your data.

1.2.5       Building profiles of contacts

The Company may make use of profiling and screening methods to produce relevant communications and provide a better experience for our contacts. Profiling can help us target our resources more effectively through gaining an insight into the background of our contacts and helping us to build relationships that are appropriate to their interests and requirements.

To do this we may use additional external sources of data to increase and enhance the information we hold about you. This may include obtaining details of changes of role, telephone numbers and other contact details, and consumption and demographic data generated through publicly available resources. It may include information from public registers and other publicly available sources such as Companies House, newspapers and magazines.

If you do not wish your data to be used in any of the ways listed above or have questions about this, then use the contact form on our ‘Contact Us’ page.

1.2.6       Transferring your personal information outside the EEA

All the personal data we control is processed by our staff based in the UK, however for the purposes of IT hosting and maintenance your information may be situated outside of the European Economic Area (EEA). These systems have policies in place to comply with GDPR and are listed below, but more information on each can be found on their website:

  • Salesforce (USA): Provides our CRM platform and has certified their agreement with the EU-U.S. Privacy Shield Framework
  • Mailchimp (USA): Provides our email communication platform and has certified their agreement with both the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
  • Survey Monkey (USA): Provides our survey platform and has certified their agreement with both the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.

Going forward, our internal policy for IT hosting and maintenance is to ensure data is stored within the UK or the EEA, and data will only be stored outside the EEA where a requirement cannot be fulfilled within the EEA. In these cases, GDPR compliance through mechanisms such as Privacy Shield will be mandatory for the hosted solutions.

If you would like to know more about the EU-US Privacy Shield, please visit:

1.3          Sharing your information

We only disclose information to third parties or individuals when obliged to by law, for purposes of national security, taxation and criminal investigations and the following:

  • If you have agreed that we may do so
  • When we use other companies to provide services on our behalf, e.g. processing, mailing or delivering orders, answering customers’ questions about products or services, sending mail and emails, customer analysis, assessment and profiling, when using auditors/advisors or processing credit/debit card payments
  • To our subsidiaries or partners (i.e. Identity Experts Software Limited).
  • If we receive a complaint about any content you have posted or transmitted to or from one of our sites, to enforce or apply our Terms & Conditions or if we believe that we need to do so to protect and defend the rights, property or personal safety of Identity Experts, our websites and for other lawful purposes.
  • If we merge with another organisation to form a new entity, information may be transferred to the new entity.
  • We may disclose aggregate statistics about our site visitors, contacts, customers and sales to describe our services and operations to prospective partners, customers, advertisers and other reputable third parties and for other lawful purposes, but these statistics won’t include any personally identifying information.
  • If we run an event in partnership with other named organisations your details may need to be shared. We will be very clear what will happen to your data when you register.

And, we will never sell or rent your personal information to other organisations.

1.4          Retaining your information

We hold your information only as long as necessary for each purpose we use it, and we will provide examples of some of our retentions in this paragraph to give you an idea of how long we hold your information for.

  • The SNID cookie utilised by Snitcher on this website has a lifetime of 2 years, but consent can be withdrawn at any time following a visit
  • If you are a customer and we require your information to contact you about projects underway, we will need to retain your details

If you decide not to follow Identity Experts anymore or request that we have no further contact with you, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we don’t accidentally duplicate information.

1.5          What are your rights?

A new data protection law, starting in May 2018, gives everyone a number of very important rights. These are:

  • Transparency over how we use your personal information (right to be informed).
  • Request a copy of the information we hold about you, which will be provided to you within one month (right of access).
  • Update or amend the information we hold about you if it is wrong (right of rectification).
  • Ask us to stop using your information (right to restrict processing).
  • Ask us to remove your personal information from our records (right to be ‘forgotten’).
  • Object to the processing of your information for marketing purposes (right to object).
  • Obtain and reuse your personal data for your own purposes (right to data portability).
  • Not be subject to a decision when it is based on automated processing (automated decision making and profiling).

If you would like to know more about your rights under the data protection law, see the Information Commissioners Office (ICO) website.

Remember, you can change the way you hear from us or withdraw your permission for us to processing your personal data at any time by using the form on our ‘Contact Us’ page or unsubscribing to email notification.

1.6          How to contact us

If you wish to talk through anything in our privacy policy, find out more about your rights or obtain a copy of the information we hold about you, please contact our team (details at the bottom of this page) who will be happy to help. If you wish to raise a complaint on how we have handled your personal data, you can contact our data protection officer who will investigate the matter. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to the ICO.

Our data protection lead can be contacted by:

  • Post: Data Protection Lead

Identity Experts

22 The Village Square




  • Email: dataprotectionlead@identityexperts.co.uk
  • Phone: 033 33 444950

Please note that calls may be monitored or recorded.

2               Legitimate interests

Under the new data protection law starting in May 2018 we have a number of lawful reasons that we can use (or ‘process’) your personal information. One of the lawful reasons is called ‘legitimate interests’.

Broadly speaking Legitimate Interests means that we can process your personal information if:

  • We have a genuine and legitimate reason and we are not harming any of your rights and interests

So, what does this mean? When you provide your personal details to us, we use your information for our legitimate business interests to carry out our work. Before doing this, though, we will also carefully consider and balance any potential impact on you and your rights.

Some typical examples of when we might use the approach are for preventing fraud, direct marketing, maintaining the security of our system and enhancing, modifying or improving our services. We also use Snitcher under ‘legitimate interests’, to identify individuals visiting the site and providing a personalised experience for them.

2.1          Your interests

When we process your personal information for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

For more information about your rights, please see ‘Your Rights’ in our Privacy Policy.

Remember, you can change the way you hear from us or withdraw your permission for us to processing your personal data at any time by using the form on our Contact Us page or unsubscribing to email notification.

Our Consultancy Approach

While every project we deliver is different, the approach we take stems from the same three steps.

Arrange a Workshop
Terms & Privacy icon


First, we’ll sit down with you to understand your problem and specific requirements.

Terms & Privacy icon


After learning your requirements we’ll develop a high-level design that sits well with your infrastructure.

Terms & Privacy icon


This is our favourite part of the process, where we get into the nitty-gritty of configuring your system to work perfectly.

A few people we've already done it for