Privacy Policy

This policy explains what personal data PreCheck collects, how we use it, and what rights you have under UK data protection law.

Last updated: 21 April 2026

1. Overview

PreCheck ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect personal data when you use our website and services.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data controller

PreCheck is the data controller for personal data processed through this website and our services.

You can contact us regarding privacy at [email protected].

3. What data we collect

We collect the following categories of personal data:

  • Account data: name, email address, phone number, organisation name, and login credentials.
  • Service data: property addresses, survey content, photos, measurements, and related evidence submitted for review.
  • Billing data: billing address and limited payment metadata (we do not store full card numbers; payments are handled by Stripe).
  • Technical data: IP address, browser type, device information, and pages visited.
  • Communications: messages you send us via email, forms, or the Platform.

4. How we use personal data

We process personal data to:

  • Provide, operate, and improve our Services.
  • Authenticate users and secure Accounts.
  • Deliver pre-audit reviews and produce reports.
  • Process payments and issue invoices.
  • Respond to enquiries and provide customer support.
  • Send service-related communications (e.g. audit outcomes, account notices).
  • Comply with legal, regulatory, and contractual obligations.
  • Detect, prevent, and respond to fraud, misuse, or security incidents.

Our lawful bases under UK GDPR are:

  • Contract: to perform our obligations under the agreement we have with you.
  • Legitimate interests: to operate our business, secure our systems, and communicate with customers.
  • Legal obligation: to comply with law (e.g. accounting, tax, regulator requests).
  • Consent: where specifically requested (e.g. marketing communications or non-essential cookies). You may withdraw consent at any time.

6. Who we share data with

We share personal data with:

  • Quality Mark Protection, where required to support IBG certification linked to a PreCheck review.
  • Trustmark and other certification bodies, as required to verify compliance.
  • Service providers that help us operate the Platform, including hosting, email delivery, payment processing (Stripe), and analytics.
  • Professional advisers, such as accountants and lawyers, where necessary.
  • Regulators or law enforcement, where we are required to do so by law.

We do not sell personal data to third parties.

7. International transfers

Where personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place, such as the UK International Data Transfer Agreement, Standard Contractual Clauses, or adequacy decisions.

8. How long we keep data

We retain personal data for as long as necessary to provide the Services and meet our legal obligations. In particular:

  • Account data is kept while your Account is active and for up to 7 years after closure for accounting and audit trail purposes.
  • Service/survey data is retained for the statutory period required for insulation installations and associated guarantees.
  • Marketing preferences are kept until you withdraw consent.

9. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request erasure of your data in certain circumstances.
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the Information Commissioner's Office (ico.org.uk).

To exercise any of these rights, email us at [email protected].

10. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, secure password storage, and audit logging. No system is completely secure, and we cannot guarantee absolute security.

11. Cookies

Our use of cookies and similar technologies is described in our Cookie Policy.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date indicates the most recent revision. Material changes will be communicated via email or a notice on the Platform.

13. Contact us

For privacy-related enquiries:

Related documents

Terms & Conditions Privacy Policy GDPR Policy Cookie Policy