Privacy Policy

DATA PROTECTION PRIVACY NOTICE

Fast Track Services Ltd

BACKGROUND:

Fast Track Services Ltd understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our clients and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

1.Information About Us

Fast Track Services Ltd, trading as Fast Track Apostille, is a limited company registered in England and Wales under company number 11420107 with registered address at 5a Falkland Road, London, NW5 2PS, United Kingdom and main trading address 59 Leighton Road, London NW5 2QH, United Kingdom.

2.What Does This Notice Cover?

This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

3.What is Personal Data?

Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, the “Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

The personal data that we use is set out in Section 5, below.

4.Your Data Protection Rights

Under the Data Protection Legislation, you have the following rights:

a) The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Section 13.
b) The right to access the personal data we hold about you. Section 12 will tell you how to do this.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Section 13 to find out more.
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Section 13 to find out more. Please note that we are required to retain certain personal information for set periods to comply with our legal obligations. We will not be able to delete that information until we are discharged of our legal obligations to retain them.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
h) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

    For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Section 13.

    Fast Track Services Ltd is registered with the Information Commissioner’s Office under n˚ ZB538586 and further information about your rights can also be obtained from the Information Commissioner’s Office directly or your local Citizens Advice Bureau.

    If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office directly.

    5.What Personal Data Do You Collect and How?

    We may collect some or all of the following personal data (this may vary according to your relationship with us):

    • Name;
    • Date of birth;
    • Gender;
    • Colour of the eyes;
    • Personal Height;
    • Current address and past addresses;
    • Billing address;
    • National Insurance Number;
    • Passport information;
    • Email address;
    • Telephone number;
    • Personal details of ancestors and descendants;
    • Passport details of household members.

    In some cases, to perform our duties and with your consent, your personal data might be obtained from the following third party:

    General Register Office: In the case of obtaining Birth / Adoption / Marriage / Civil Partnership / Wedding Anniversary / Death certificate / replacement certificate.

    NPCC Certificate: UK ACRO Criminal Records certificate.

    Higher Education Degree Datacheck: In case of obtaining degree verification for educational documents.

    For us to request any of the documents listed above, you would have given us agent authorisation.

    We may collect certain documents and information provided by you via various communication channels such as phone, email, post.

    6.How Do You Use My Personal Data?

    Under the Data Protection Legislation, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to the use of your personal data, or because it is in our legitimate business interests to use it.

    In general terms, in addition to the processing of your data necessary for us to perform the services you have engaged us to provide, and depending on which services you engage us to deliver, as part of providing our agreed services we may use your information to:

    • contact you by post, email or telephone;
    • verify your identity where this is required by law;
    • understand your needs and how they may be met;
    • maintain our records in accordance with applicable legal and regulatory obligations;
    • process financial transactions;
    • prevent and detect crime, fraud or corruption where permitted by law.

    7.How Long Will You Keep My Personal Data?

    In compliance with applicable legislation and regulatory obligations, we are obligated to retain your data even after our engagement with you has concluded. Your personal data will be kept in a format enabling identification of individuals for a duration no longer than necessary. To adhere to these requirements, our company policy dictates the retention of all data for a period ranging from one to five years following the relevant period's conclusion. Subsequent to this timeframe, your personal data will be securely disposed of, unless extended retention is mandated by legal, regulatory, or legitimate business considerations.

    We do not keep your physical documents unless we have express instructions to retain them on our premises for a specified period by you. If you wish to use our electronic services, we do not retain any of the documents on our system as the process is conducted only via email.

    For more details on how we store and dispose of your personal data, please see Section 11.

    8.How and Where Do You Store or Transfer My Personal Data?

    Although we will only store, process or transfer your personal data in the UK, third parties we use to provide the services you have engaged us for, might sometimes transfer your data outside the EU for the purpose of providing of such services. When that is the case, at least one of the following safeguards is implemented:

    • your personal data will only be transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
    • specific contracts approved by the European Commission are used which give personal data the same protection it has in Europe with our services providers;
    • data might be transferred to US based service providers under the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

    The security of your personal data is essential to us, and to protect your data, we take several important measures, including the following:

    • limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
    • procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.

    9.Do You Share My Personal Data?

    We will not sell or rent your information to third parties.

    We will not share your information with third parties for marketing purposes.

    Any staff with access to your information have a duty of confidentiality under the ethical standards that this company is required to follow and has signed a confidentiality agreement as part of their employment contract.

    If any of your personal data is shared with a third party, as described in Section 10, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Section 8.

    If any personal data is transferred outside of the UK, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation, as explained above in Section 8.

    If we sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Policy.

    In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

    10.Third Party Service Providers and Your Personal Data

    We may share your information with third-party service providers, agents, subcontractors, and affiliated organisations to facilitate the completion of tasks and provision of services to you on our behalf. This includes tasks such as processing document legalisation, translation, certification, and submissions to relevant government bodies. However, when engaging third-party service providers, we only disclose the personal information essential for service delivery. We ensure that these providers have signed contracts obligating them to maintain the security of your information and refrain from using it for their own purposes.

    For the provision of our services we use software provided by the following third parties:

    • Sage Accounts for invoicing purposes;
    • Square for card payment processing;
    • DHL for international shipment;
    • Adobe for storage of files within our company devices;
    • Shopify for order processing;
    • 123 Reg for order processing.

    The above third parties’ privacy policies are available on request.

    Other than for the necessary provision of services, please be assured that we will not release your information to third parties unless you have requested that we do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention and detection of crime, fraud, or corruption. In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

    11.How do you Store and Dispose of my Personal Data?

    Here's a revised version of the provided paragraph:

    Our services and the regulatory framework surrounding them necessitate the retention of your personal data beyond the completion of service provision. However, any documents containing data not mandated for retention post-service provision will be promptly returned to you. Your personal data is stored in one of the following ways:

    • Hard copies of documents are securely stored in locked filing cabinets at our office located in London NW5 2QH. Access to these cabinets is restricted to authorised personnel, including directors and employees who have signed confidentiality agreements. Keys to the cabinets are securely managed and retrieved upon the termination of an employee's contract. Our office is further secured with access card readers, standard keys, and CCTV cameras;
    • Electronic copies are stored on our computers within password-protected folders. Our systems are regularly updated with antivirus software to ensure data security;
    • Electronic scans of your document for the purposes of order allocation. As indicated in Section 10, we use Adobe to scan the first page of your document for the purposes of order allocation in the processing period of your order;
    • Some personal data may be stored by our third-party suppliers, as outlined in Section 9, either to facilitate service provision or to meet regulatory requirements. Details of our third parties' privacy policies are available upon request.

    To safeguard your privacy, all documents containing personal data are securely shredded, both physically and electronically, to ensure complete removal of sensitive information. The Adobe scans on our mobile device are duly deleted immediately upon fulfilment of your order.

    12.How Can I Access My Personal Data?

    If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal addresses shown in Section 13.

    All subject access requests should be made in writing and sent to the email or postal addresses shown in Section 13.

    There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

    We will respond to your subject access request within 3 weeks and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

    13.How Do I Contact You?

    To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

    Email address: legal@fasttrackapostille.co.uk

    Telephone number: 02039579801

    Postal Address: 59 Leighton Road, London NW5 2QH

    13.How To Complain?

    If you have any concerns about our use of your personal information, you can make a complaint to us at legal@fasttrackapostille.co.uk

    You can also complain to the ICO if you are unhappy with how we have used your data.

    The ICO’s address:           

    Information Commissioner’s Office

    Wycliffe House

    Water Lane

    Wilmslow

    Cheshire

    SK9 5AF

    Helpline number: 0303 123 1113

    ICO website: https://www.ico.org.uk

    14.Changes to this Privacy Notice

    We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

    Any changes will be made available on our website: www.fasttrackapostille.co.uk