Privacy Policy

Introduction

Welcome to Validient Ltd’s Privacy Policy (“Validient; We; Us; Our”)

Validient LTD
Company Number:
13452265
Registered Office Address: 
      Wesley Clover Innovation Centre, 
      Coldra Woods,
      Chepstow Road,
      Newport,
      Wales, 
      NP18 2YB

Website: https://www.validient.com/

Validient is a Digital Onboarding and Compliance Management platform, specialising in services that streamline and simplify compliance processes for law firms and regulated businesses. We are committed to maintaining the highest standards of data protection and privacy which is integral to our service offerings, which include client onboarding, ongoing monitoring, and compliance management.

We respect the privacy of all users and are committed to protecting your personal data as we operate our business. The scope of this Privacy Policy applies to users of the Validient website, platform, and partnerships who we conduct business with.

Each use case is different, and as such, the data we collect. The purpose of this policy is to inform you as to how we look after your data and our reasoning for using that information whilst using Validient, which include:
- The information we collect
- The purposes for which we use that information
- The lawful basis for keeping that information
- Who we share that information with
- How long we retain the information


If you have any further questions about this privacy notice, please contact: info@validient.com

Website Users

When you use our website, you may provide, or we may collect the following:
Data Category Purpose Lawful Basis
Full name Personal To contact you regarding a demo Consent,
Legitimate Interest
Email Personal To contact you regarding a demo Consent,
Legitimate Interest
Company Name Personal To better understand the location of potential clients Legitimate Interest
Job Title Personal To better understand the location of potential clients Legitimate Interest
IP Address Personal For user analytics Legitimate Interest
Cookies Personal For user analytics Legitimate Interest
Device Personal For user analytics Legitimate Interest
System Personal For user analytics Legitimate Interest
Location Personal To better understand the general location of potential clients Legitimate Interest
Legitimate Interest
Legitimate interest is used when we use your data in a way you would reasonably expect.
Such an example would be when you have visited our site and we contact you to discuss a possible trial of the platform. Other data such as location, is used for analytical purposes to better understand where our potential clients are based.

Additional information on the lawful basis can be found here.

Data Sharing
Collected data is processed using our sub-processors. This enables us to better understand our visitors and identify those who may be interested in our services.
Third Party Purpose
Google Analytics To analyse interest in our services
Hubspot To capture contact information of visitors who have actively shown an interest in our services
Dealfront To better understand our visitors and their respective industries
RetentionData is kept as long as it serves a business need, this would include, details of a potential client to contact to discuss our services. Additional data collected would then be removed within 30 days once no longer needed.
International Transfers
All information retained remains within the EU / UK. If there is an instance where data is transferred, it will be to an adequate standard expected for protecting data.

Users of The Application

This section is for users of the Validient platform who have been asked to provide personal information on behalf of a firm such as a law firm, financial service provider e.g. accountant etc. In order for us to fulfil our contractual obligations to provide our services, Validient captures the following information:
Data Category Purpose Source Lawful Basis
Full name Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Address Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Email Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Date Of Birth Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Photo Personal, Special Category To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
IP Address Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Cookies Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Device Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
System Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Location Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Special Category Data
For liveness images, we will retain the selfie(s) (but not the biometric information) for as long as required by our partner, the Data Controller, so that they might identify you, as their client.
Data Sharing / Disclosures
We may share your personal information with our providers for the following purposes:
Provider Purpose
AWS Handle requests and data storage
Credas To perform politically exposed person status checks, sanctioned person status checks, identity fraud checks, biometric facial checks, and mortality checks
Twilio Inc To issue email and/or SMS verification check invitations
Truelayer Ltd To perform open banking checks
Data Transfers
All collected data is stored within the UK.
Data Security
We have put in place procedures to monitor and secure collected data. We endeavour to meet the highest standards of physical and virtual security which involve reviews and application of best practices, for example, Personal Data is encrypted both at rest and in transit. Our partners will be notified of any suspected breaches when we are legally required to do so.
Data Retention
Our partner is considered the data controller and as such, decides the retention period for data we process on their behalf. We shall retain the data until we are told to erase or anonymise the data; whether that be by explicit instruction by our partner or contractual obligation. In the event our partner requires us to remove data or no longer use our services, data shall be removed from our systems within 30 days unless there is a legal obligation to keep that information.

Our Partners or Potential Partners

As a partner or potential partner, we may need to process personal information as part of our business relationship. This could be information such as your name and contact details which can be used to identify you.
Data Category Purpose Source Lawful Basis
Full name Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Company Name Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
Email Personal To perform our contractual obligation to identify and verify individuals User Input Contract, Consent
IP Address Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Cookies Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Device Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
System Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Location Personal For the development team to conduct troubleshooting, data analysis, system testing, and security monitoring Third Party Legitimate Interest
Legitimate Interest
Legitimate interest is appropriate when we use your data in a way you would reasonably expect. Such an example would be to sign an agreement to use the platform.

Data Sharing / Disclosures
We may share your personal information with our providers for the following purposes:
Provider Purpose
Microsoft Store contact information
RetentionData is kept as long as it serves a business need, this would include, details of our clients to contact to discuss our services. Additional data collected would then be removed within 30 days once no longer needed.

Your data protection rights

Under data protection law, you have rights including: Your right of access - You have the right to ask us for copies of your personal data.

Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
Your right to withdraw consent – When consent is used as our lawful basis you have the right to withdraw your consent.

If you make a request, we will respond within one calendar month.

To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.
Changes to our Privacy Notice
We reserve the right to amend this Privacy Notice to ensure continued compliance with legal requirements or to reflect changes to our services in the Privacy Notice.
How to complain
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice. If you are still unhappy with the handling of your data after raising a complaint with us, you can also complain to the ICO.

The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

Last updated

Version: 2
Updated By: Thomas Elliott
15/05/2024
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram