What Data We Collect
From passport: Photo, full name, date of birth, document number, issue/expiry dates, nationality
From selfie: Facial image
From employer: Your email address and reference number (if provided)
How We Protect It
During upload: 256-bit encryption, secure HTTPS connection, no data stored on your device
During verification: Encrypted at rest, secure UK-based servers, access controlled, ISO 27001 certified
After verification: Images deleted after 7 days automatically, reports available for 7 days, audit logs retained 6 years (legal requirement only)
Retention Periods
Passport images: 7 days by default
Selfie photos: 7 days by default
Verification reports: 7 days (you must download)
Audit logs: 6 years (compliance requirement)
DBS checks: data is retained for 2 years on behalf of the umbrella organisation (i.e. uCheck) in accordance with DBS’s requirements.
Who Can See Your Data
During process: You (applicant), employer/landlord who invited you, TrustID verification team and TrustID's sub-processors. A list of current sub-processors can be found here: Processors - TrustID (you can just use the link rather than listing them out).
We NEVER: Sell your data, use for marketing, keep longer than necessary
Your Rights (UK GDPR)
You can: Access your data, request deletion, ask how it's used, complain to ICO, withdraw consent
Contact: [email protected]