Privacy Policy

2.1 This policy applies to:

• Employers, clients, and candidates using the GuardCheck screening service.
• Users of the GuardPass job board, including job seekers and recruiters.

2.2 GuardCheck is wholly owned and operated by GuardPass Limited and functions as a background screening subcontractor under BS7858 and NSI Code of Practice NCP 119.

3.1 Personal Information

We may collect:

• Name, contact details, job history, and supporting documentation from candidates.
• Company and contact details from employers
• Candidate consent forms and ID documents.

3.2 Usage Information

We collect technical data such as IP addresses, device info, and site activity to enhance platform security and performance.

4.1 We use personal data to:

• Deliver GuardPass and GuardCheck services (e.g., job matching, candidate vetting).
• Verify identity and background information for BS7858 compliance.
• Communicate with users and provide reports to employers.
• Maintain audit trails as required by NSI and regulatory frameworks.
• Improve our services through usage monitoring and analytics.

Note: Employers are the data controllers when initiating a vetting request through GuardCheck. GuardPass acts as a data processor.

5.1 For Employers:

• Employers must obtain written consent from candidates before initiating vetting.
• Vetting requests must be submitted through approved channels (online portal or support).
• Employers must download reports within 30 days of completion.

For Candidates:

• Consent is required before we begin processing your information.
• You must provide accurate and timely data to prevent vetting delays.

6.1 We share data only with authorised third-party vendors for identity, criminal record, and employment history verification.

6.2 All vendors are subject to strict confidentiality and data protection agreements.

6.3 We do not sell or rent your data to third parties.

7.1 Personal data is retained only for the duration required to fulfil the purpose of processing.

7.2 Candidate records and documents are permanently deleted within 30 days of report completion.

7.3 Early deletion requests may be considered where legally required but are generally not permitted.

8.1 We implement robust technical and organisational security measures, including:

• Role-based access control.
• Encrypted file storage and secure transmission.
• Staff training and ongoing compliance audits.

8.2 Although no system is 100% secure, we continually monitor and upgrade our protections.

9.1 You have the right to:

• Access your personal data
• Rectify incorrect or incomplete data.
• Request data deletion (subject to legal limitations).
• Object to or restrict processing.
• Request a copy of your data (data portability).

9.2 To exercise these rights, contact: support@guardpass.com or guardcheck@guardpass.com

10.1 As part of a global operational model, data may be stored or processed outside the UK (e.g., in secure cloud infrastructure). All data transfers comply with UK GDPR safeguards, including the use of Standard Contractual Clauses (SCCs) where applicable.

11.1 We use cookies and similar tracking tools for:

• Improving user experience.
• Monitoring system performance.
• Ensuring platform integrity.

11.2 You may manage cookie preferences through your browser settings.

12.1 GuardPass and GuardCheck do not target users under the age of 16. We do not knowingly collect personal data from minors. If notified, we will delete such data promptly.

13.1 This Privacy Policy may be updated to reflect legal or service changes. Material changes will be communicated via our website or directly to registered users.

14.1 For all privacy-related inquiries, please contact:

• info@guardpass.com (general support)

• guardcheck@guardpass.com (screening inquiries)

14.2 We are committed to resolving all issues promptly, transparently, and in compliance with applicable regulations.