Privacy Policy

Last Updated: 02/04/22

VendorCheck Pro (“we”, “us”, “our”) is committed to protecting personal data and respecting privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you use our services.

1. Who We Are

VendorCheck Pro is a cloud-based vendor compliance management platform for schools and organisations.

Contact: support@vendorcheckpro.com
Website: www.vendorcheckpro.com

2. Roles & Responsibilities

• The school/organisation using VendorCheck Pro is the Data Controller

• VendorCheck Pro acts as the Data Processor, processing data on behalf of the organisation

The Data Controller is responsible for determining:

• What personal data is collected

• The purpose of processing

• How long data is retained

• Compliance with applicable data protection laws

VendorCheck Pro processes personal data only in accordance with the instructions of the Data Controller.

3. Data Protection Principles (GDPR Alignment)

VendorCheck Pro processes personal data in line with internationally recognised data protection principles, including those set out in the General Data Protection Regulation (GDPR).

We ensure that personal data is:

• Processed lawfully, fairly, and transparently

• Collected for specified, explicit purposes

• Limited to what is necessary (data minimisation)

• Accurate and kept up to date

• Retained only as long as necessary

• Protected using appropriate security measures

4. Data We Process

We may process the following categories of personal data:

User Account Data

• Name

• Email address

• Role (admin/vendor user)

Vendor & Personnel Data

• Names of individuals linked to vendors

• Job roles (e.g. driver, contractor)

• Tags and classifications

Document Data

• Uploaded compliance documents (e.g. licenses, certifications)

• Expiry dates and compliance status

System & Usage Data

• Login activity

• Actions within the platform (audit logs)

• Basic technical information (IP address, browser type)

5. How We Use Data

We process personal data solely to provide and operate the VendorCheck Pro service, including:

• Managing vendor compliance records

• Enabling document uploads and approvals

• Generating reports and audit logs

• Sending system notifications (e.g. reminders, approvals)

We do not use personal data for marketing without consent.

6. Data Sharing

We do not sell or rent personal data.

Data may be shared with trusted third-party providers only where necessary to operate the service, such as:

• Cloud hosting providers

• Email delivery services

• Infrastructure and security providers

All providers are selected based on appropriate security and data protection standards.

7. Data Storage & Security

We implement appropriate technical and organisational measures to protect data, including:

• Encrypted data transmission (HTTPS/TLS)

• Secure cloud storage

• Role-based access controls

• System monitoring and audit logging

These measures are designed to prevent unauthorised access, loss, or misuse of data.

8. Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes defined by the Data Controller.

• Data is retained while the organisation maintains an active account

• The organisation (Data Controller) is responsible for determining appropriate retention periods

• Upon termination, data can be exported upon request

• Data is securely deleted within 30 days, unless retention is required for legal or regulatory purposes

9. Data Subject Rights

Where applicable under GDPR or similar regulations, individuals have the right to:

• Access their personal data

• Request correction of inaccurate data

• Request deletion of data

• Restrict or object to processing

• Request data portability

Requests should typically be directed to the organisation (Data Controller).
VendorCheck Pro will assist the Data Controller in responding to such requests where required.

For enquiries, contact:

support@vendorcheckpro.com

10. International Data Transfers

Data may be processed using cloud infrastructure that operates in multiple regions.

VendorCheck Pro ensures that appropriate safeguards are in place to protect personal data in accordance with applicable data protection laws, including GDPR principles where relevant.

11. Cookies & Tracking

VendorCheck Pro uses essential cookies required for:

• Authentication

• Session management

• Core platform functionality

We do not use cookies for advertising or third-party tracking.

12. Incident Response

VendorCheck Pro maintains procedures to manage and respond to data security incidents.

In the event of a data-related issue:

• Affected organisations will be notified

• The issue will be investigated promptly

• Appropriate corrective actions will be taken

13. Updates to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be available at:

www.vendorcheckpro.com/privacy

14. Contact

For any privacy or data protection enquiries:

VendorCheck Pro
Email: support@vendorcheckpro.com
Website:www.vendorcheckpro.comwww.vendorcheck.ae