What We Collect
From your passport:
• Photo from passport page
• Full name
• Date of birth
• Document number
• Issue and expiry dates
• Nationality
Extras
• Postal address (if requested to enter your post code)
From your selfie:
• Facial image
• Biometric data
From employer:
• Your email address
How We Protect It
During upload:
• 256-bit bank-level encryption
• Secure HTTPS connection (same as online banking)
• Data encrypted in transit
• No data stored on your device
During verification:
• Encrypted at rest on secure servers
• UK or EU based servers only
• Access strictly controlled
• ISO 27001 certified processes
After verification:
• Images automatically deleted after 7 days by default
• Reports available for employer download by default
• Audit logs retained for 6 years (legal requirement only)
Who Can See Your Data
ONLY these people:
• You (the applicant)
• The employer or landlord who invited you
• TrustID verification team (for verification only)
•TrustID's sub-processors. A list of current sub-processors can be found here: Processors - TrustID (you can just use the link rather than listing them out).
We NEVER:
❌ Sell your data to anyone
❌ Share with third parties for marketing
❌ Use for any purpose other than verification
❌ Keep data longer than necessary
Your Rights (UK GDPR)
You have the right to:
• Access your data (request copy)
• Request deletion (after verification complete)
• Ask how your data is used
• Complain to ICO (data protection authority)
• Withdraw consent (before verification starts)
To exercise rights: [email protected]
Data Retention
• Passport images: 7 days as default, then deleted
• Selfie photos: 7 days as default, then deleted
• Verification reports: Available 7 days as default, for employer download
• DBS retention requirement: 2 years
• Audit logs: 6 years (legal/compliance requirement only)