Privacy

 Effective Date: 22 April 2025 

Last Updated: 1 May 2025

Applies to: Business operations, client portal, mobile web app, and related services. 

​

1. Introduction

​

Finspection Ltd (“we”, “our”, “us”) respects your privacy and is committed to protecting the personal data of individuals who interact with our services.

This Privacy Policy explains how we collect, use, and protect your personal data across our business, website, and inspection platform.

We align our data handling practices with regulatory standards to ensure responsible data protection and security.

​

2. Who We Are

​

Finspection Ltd

Company Number: 15804404

Registered Address:  Monomark House, 27 Old Gloucester Street, London. WC1N 3AX

Email: enquiries@finspection.co.uk

We are the data controller for personal data collected through our business, website, and platform.

​

Our ICO Registration reference: ZB796958

​

3. How We Collect Your Data

We collect personal data through:

• Our website (e.g. contact forms)

• Tally forms for inspection requests and submissions

• Direct communications and emails

• Use of our inspection platform iNSPEXO ™

We only collect data that is necessary for providing services, managing user accounts, and complying with legal obligations.

​

4. What Personal Data We Collect

​

Depending on your interaction, we may collect:

​

a. Website Visitors

​

• Name, email, mobile number, and organisation (via contact forms)

• Technical data (IP address, browser, device info)

• Cookie usage data

​

b. Clients, Funders, and Admins (Portal Users)

​

• Name, role, business email and phone number

• Organisation name

• User ID and login details (including OTP/2FA tracking)

• Records of inspection requests and job activity

​

c. Inspectors (Mobile App Users)

​

• Name, unique User ID, and session data

• Uploaded inspection reports and photos

• Location data (GPS metadata during photo capture)

• Device/IP logs for security monitoring

​

d. Tally Form Users

• Inspection request and submission details

• Uploaded files and related inspection data

• Contact details provided in the forms

• Location or time-based metadata, where applicable

​

This data is securely transmitted and stored in alignment with UK GDPR through our form provider, Tally.

​

We do not knowingly collect special category data (e.g. health or biometric data).

​

5. How We Use Your Data

​

We use personal data to:

• Provide inspection services and job coordination

• Manage user access and authentication

• Communicate with clients, inspectors, and funders

• Monitor and improve platform security and usage

• Maintain business records and meet regulatory obligations

​

6. Lawful Bases for Processing

​

We rely on the following legal grounds under the UK GDPR:

• Contractual necessity – to deliver services to clients and users

• Legitimate interests – for platform functionality, security, and user support

• Consent – where required for marketing or optional communications

• Legal obligation – to comply with tax, audit, or regulatory requirements

​

7. Sharing Your Data

​

We only share data when necessary to deliver our services or meet legal duties. We share data with:

​

a. Authorised Users

​

Clients and inspectors, for inspection coordination

​​

b. Third-Party Processors (Vetted for GDPR alignment)

​

Processor                              Purpose

​

Tally                                       Form submissions and data collection

Bubble                                  Platform infrastructure (portal/app)

Make (Integromat)              Automation integration

Microsoft Outlook                Business email communications

AWS                                       Secure data hosting and backups

​

We do not sell your data or share it with third parties for advertising.

​

8. Security Measures

​

We apply strong technical and organisational controls aligned with regulatory standards, including:

• Encryption of data in transit and at rest

• Role-based access and session timeouts

• Multi-factor authentication (OTP, 2FA)

• Brute-force login protection and access logs

• Secure vendor selection and oversight

​

9. Data Retention

​

We retain personal data only as long as necessary for:

• Service delivery and contract management

• Legal and audit obligations

• Dispute resolution or incident investigation

​

When no longer required, data is securely deleted or anonymised.

​

10. Your Rights

​

You have the following rights under UK GDPR:

​

• Access – Request a copy of your personal data

• Rectification – Correct inaccurate or incomplete data

• Erasure – Request deletion when appropriate

• Restriction – Ask us to limit how your data is used

• Objection – Object to data processing under certain conditions

• Portability – Request your data in a portable format

​

You can exercise these rights by contacting us at enquiries@finspection.co.uk. We aim to respond within 2 business days.

​

11. Cookies

​

Our website uses cookies for essential functionality and minimal analytics. You can manage preferences via the cookie banner. For more detail, please see our Cookie Policy.

​

12. International Data Transfers

​

All data is stored and processed in the UK or European Economic Area (EEA). If data is ever transferred internationally, appropriate legal safeguards (e.g. Standard Contractual Clauses) will be applied.

​

13. Children’s Data

​

Our services are not directed to individuals under 18, and we do not knowingly process children’s personal data.

​

14. Changes to This Policy

​

We may update this policy periodically to reflect changes in our operations or legal obligations. The latest version will always be available on our website with a “Last Updated” date.

​

15. Contact Us

​

If you have any questions or would like to exercise your data rights, please contact:

enquiries@finspection.co.uk