Request a demo

Privacy Policy

v1.4 updated December 2023

Synalogik Innovative Solutions Limited (Synalogik) is a private limited company, registered in England under number 11601168, our registered offices are Shell Store, Canary Drive, Skylon Park, Hereford, HR2 6SR. We are registered with the Information Commissioner’s Office under registration number ZA464486.

Synalogik takes privacy, data protection and information security matters seriously and have implemented appropriate safeguards and control measures to protect personal data and address privacy concerns. We are committed to respecting privacy and compliance with data protection laws.

This privacy policy explains how we use and process any personal information we collect about you, including when you use this website, or that we collect about individuals in the usual course of our business.

To view our employee and recruitment privacy policy please contact hr@synalogik.com.

WHO ARE WE?

SYNALOGiK is a private limited company based in the UK and is the brainchild of a number of ex-police and intelligence officers, lawyers and barristers. We work with both the public and private sectors to enable them to comply with their statutory, legal and fiduciary duties.

As a data processor*, for both our customers and the data suppliers that feed into Scout, we support our customers with a wide range of data validation services including anti-money laundering, debt and fraud detection and prevention, identity verification and prevention and detection of crime.

We do not physically collect data from data subjects but act as a data aggregator, and access data from a wide range of public and private sources. Our customers utilise our platform to perform real time searches on their customers, prospects, and persons of interest.

Synalogik’s website and Scout platform are not intended to be used by private individuals or anyone under the age of 18 years of age.

*Refer to the definition section at the end of this Privacy Notice.

HOW DOES OUR PLATFORM WORK?

We use secure software to obtain or make accessible, targeted data from various databases. Permitted access to various databases is strictly governed by contractual arrangements with the data supplier that we manage on the supplier’s behalf.

The data located is often that which can be found by using a standard search engine search on the internet or by contacting publicly accessible websites such as Companies House. The benefit of our platform offers is the integration of various data sources into one platform to enable quicker, smarter, and more efficient assessments to be undertaken. This enables the personal data to be interrogated for detection fraud, debt recovery, money laundering, and activities contrary to responsible gambling, thus enabling you to know your customers better.

Information retrieved from undertaking targeted searches against our data suppliers is returned into our platform for automated analysis and presentation to our customers. Our customers, as the controller*, can configure the platform to their own needs and ultimately determine the data to be searched, the level and proportionality of the search as well as the level of risk that is applied. Our platform simply presents information in an innovative way to enable our clients, as the controller, to make decisions based upon the information returned.

Essentially our software speeds up the process of data aggregation and analysis for our clients, but it is they who determine what personal data is accessed, to what degree it is processed and what to do with the results.

*Refer to the definition section at the end of this Privacy Notice.

WHAT INFORMATION DO WE COLLECT OR PROCESS ABOUT YOU?

 

THIRD PARTY DATA

When a customer performs a search, our platform interrogates a predetermined set of external records and returns search results to us, these are presented to our customer via the platform dashboard. The supplied information includes names, address, dates of birth, contact numbers and emails, it may also include details of third parties and geographical locations including IP Addresses.

Customers working in the crime prevention or detection arena, or national security may provide additional information such as IP addresses and more sensitive information.

Depending on the data supplier being used a wide range of intelligence may be returned. This may include information from the public domain, governmental websites including sanctions lists, information concerning adverse publicity, bankruptcies as well as financial information.

Some personal data is classified as special category, or sensitive, and includes information about sexuality or orientation, religion and ethnicity, health conditions, political opinions or actual or alleged criminal activity or records. Some data sources will reveal this type of information about individuals.

Our access to our customer’s information is strictly limited and controlled by appropriate technical security measures such as access controls.

 

WEBSITE VISITORS AND GENERAL ENQUIRIES

We collect information from you when you interact with us, such as when you use our website or make an enquiry with us.

By visiting our website, we may be able to see your IP address, approximate geographical location and the pages you visit, although your information shall remain anonymous unless you share your contact details with us.

 

BUSINESS DATA

In order to promote our organisation, we research and process corporate and public sector information which will include personal contact details, but this will be limited to only that information necessary to build or maintain a business relationship. We do engage external companies to assist us in data enhancement, for example to add a missing telephone number, and all calls in and outbound by our sales team are recorded for quality and training purposes.

 

OUR LAWFUL BASIS FOR PROCESSING?

Our data suppliers will ensure that any personal data shared with us has been lawfully obtained, and where this is from governmental sources the lawful basis will usually be to fulfil a public function, comply with a legal obligation or it is in the substantial public interest.

Information from the public domain and from private sector organisations will be processed under the lawful basis of legitimate interests.

Information provided by our customers will be processed according to their instructions and it is they, as controller*, who will determine that processing remains lawful at all times.

When you visit our website, we shall rely on consent to process non-essential cookies, and to manage any enquires you make of us we shall rely on legitimate interests or contractual obligations.

We can only rely on “legitimate interest” to process personal data (or those of a third party), if our interests do not override your fundamental rights and freedoms.

We will only use your personal information for the purpose(s) for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose(s), and we may process your personal information without your knowledge or consent, but only when instructed to do so by our client, or where this is required or permitted by law.

*Refer to the definition section at the end of this Privacy Notice.

WHO ELSE DO WE SHARE INFORMATION WITH?

 

CUSTOMER SEARCHES AND THIRD PARTY DATA

Customer information is only shared with those third-party data providers whom the customer is permitted to access and is requested for a given search. Information retrieved from suppliers as a result of the search is presented back to customers and a copy held within our platform, subject to our customers defined retention period; at all times our customer remains responsible for any personal data processed.

In the course of delivering services to our customer we may be required to provide data to third party data controllers such as the police. This would only occur when we had a legal obligation to do so, for example, under a police warrant, and subject to our Data Protection Officer’s (DPO) advice.

 

BUSINESS ACTIVITIES

We utilise third party processors to support our service delivery, such as our cloud-based CRM provider and web hosting company. Our third party processors only process personal data under our instruction, subject to contractual safeguards and after we have performed appropriate due diligence on them.

On occasion we will provide personal data to our professional advisors, be that our accountants, legal advisors or others, but you can be assured that this will only take place when necessary for the smooth management of the business. It is highly unlikely that we will need to share data from external parties, for example data supplied from a customer, or retrieved from a data Supplier.

We carry out our own internal IT support, but in the rare event that external IT support were required we may need to grant them access to your personal data. Any such third-party service provider would be contractually required by us to maintain appropriate security measures, including confidentiality, so as to protect all personal data to which they have access. We would not grant access to external support workers without written confirmation that their data security requirements are of an appropriate standard to carry out the tasks which we wish them to do.

HOW WILL WE USE THE INFORMATION ABOUT YOU?

 

CUSTOMER SEARCHES AND THIRD PARTY DATA

We will only process data on the instructions of the customer and the data supplier, we only use the information provided from both parties to facilitate a search and collate responses. Our platform uses risk scores which are determined by the customer, automated data analysis does take place to identify common points of interest between datasets, and thereby reveal hidden intelligence that may not immediately be visible from a single set of data alone, however, all computer generated results are viewed by a customer’s analyst, and no artificial intelligence is used in the processing.

We train our clients on the most efficient way to utilise the service and will provide all of the search and analytical tools to enable them to achieve the best out of the platform, but we process no data without their instruction. When test data is used, we use personal data of individuals who have given consent to the processing.

 

BUSINESS ACTIVITIES

When your organisation enters into an agreement with Synalogik, we will collect additional information which is necessary for the performance of the contract we have with your organisation, for example, billing information and providing service updates related to the product/service Synalogik are providing to you.

We never sell, exchange or otherwise share any personal data obtained from business relationships or concerning visitors to our website, our customers or authorised users of our technology.

HOW IS YOUR DATA SECURED?

Our system uses cloud-based technology, meaning that rather than being stored upon servers at our offices, your information is kept and processed in an extremely secure environment “on the cloud”. The strength of our environment is regularly “penetration tested” and we have made all reasonable endeavours to comply with recommendations of those testers to ensure that our data is kept in a secure way.

We have stringent procedures in place to deal with any known or suspected data breaches.

Furthermore, we are certified to appropriate industry standards including ISO27001, CyberEssentials & CyberEssentials+.

FOR HOW LONG WILL WE RETAIN YOUR INFORMATION?

How long your information will be retained will be determined by the customer, or the supplier. They will only retain personal information for as long as necessary to fulfil the purpose for which it was obtained and processed it. There are legal and accounting reasons why this period can be increased, but in essence the retention period is based upon the amount of data, sensitivity, potential risk of harm if compromised and the nature of the personal data.

In deciding upon the period of retention the controller will also review the purpose for which the information was processed and whether the purpose can be achieved in some other way, beyond simply retaining the data. In some circumstances there are legal constraints which require controllers to retain the personal information obtained for indefinite periods.

In our commercial and employment relationships we usually retain the information for 7 years after the relationship has ended.

COOKIES

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of our website and to compile statistical reports on website activity.

We use cookies to monitor and manage those using our website and our software applications.

For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

YOUR RIGHTS

The Data Protection Act 2018 and UK GDPR affords individuals whose personal data is processed certain rights, and these are listed below for your convenience. Please note we may have to verify your identity before we can proceed and any rights request will be processed in accordance with data protection laws and regulatory guidance issued by the Information Commissioner’s Office (ICO):-

  • You have the right to access a copy of the personal information we hold about you by making a Data Subject Access Request (DSAR), you can do this by using the contact details at the end of this policy.
    • You have the right of rectification to amend or update your personal information and ensure we maintain accurate and up to date records and or data about you.
    • You have the right to erasure, also known as ‘the right to be forgotten’.
    The broad principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
    • You have the right to ‘block’ or suppress the processing of your personal data.
    • Processing of your personal information may be restricted in the event it is no longer essential to support the use of services provided to you and is no longer needed for any contractual, legal or financial reasons. In those cases, SYNALOGiK is permitted to store the personal data, but not further process it.
    We may retain just enough information about you to ensure that any restriction is respected in the future.
    • You have the right to data portability which allows individuals to obtain and or reuse their personal data for their own purposes across different services. It allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. This right does not apply to SYNALOGiK, Customer or Supplier data.
    • You have the right to object to the processing of your personal information based on consent, our legitimate interests, a task in the public interest or exercise of official authority including direct marketing or profiling activities, and processing for purposes of scientific and or historical research and statistics.
    • You have right to be made aware of any automated decision-making, that made without any human involvement, and/or profiling of your personal information by SYNALOGiK. We use an automated process to score risks and match datasets but automated decisions are not made on you which will affect you in a legal way
    • You have an absolute right to ask us to stop sending you direct mail or marketing emails.
    For some processing you will have given permission to process your information, and in these cases you can withdraw your consent at any time however, any records already captured may need to be kept, in full or part, for legal reasons.

In certain situations, the above rights may not apply, for example if you entered into a minimum term contract, and we need to notify you about an alteration, even if you asked us previously not to, but in this case we would not send you any further direct marketing communications.

CONTACT US

If you have any questions, do not hesitate to contact us.
The Data Protection Officer
Synalogik Innovative Solutions Limited
Shell Store,
Canary Drive,
Skylon Park,
Hereford,
HR2 6SR
Email: compliance@synalogik.com
Phone: 01684 274716

INFORMATION COMMISSIONER’S OFFICE

Finally, if you are unhappy with how we have processed your information, you have the right to lodge a complaint with the Office of the Information Commissioner, contact details below.

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire, SK9 5AF
Helpline: 0303 123 1113 (local rate) or +44 1625 545 745
https://ico.org.uk/concerns/

 

CHANGES TO OUR PRIVACY POLICY

We keep our privacy policy under regular review, and we will place any updates on this web page. This privacy policy was last updated on December 2023.

 

DEFINITIONS

Processor: means that we ‘process personal data on behalf of the controller’.

Controller: means the organisation that ‘determines the purpose and means of processing your personal data’. (e.g our customer)

Personal data: means any information relating to an identified or identifiable natural person.

Data Protection Officer (DPO): Monitors internal compliance, informs and advises on data protection obligations.