GenealogyUK® are genealogists and our tasks are tracing people for the purposes of family history and construction of genealogies and family trees for our Clients who look to use that information for personal family history, locating beneficiaries and identifying relatives of deceased persons. We operate within the jurisdiction of the Data Protection Act (1998) and the GDPR (2018) hereinafter referred to as The Act which govern how we and our associated companies will collect, store and use your personal details.
In order to achieve the above we need to process personal data in support of our legitimate interests only and to fulfil the contract we have with our Clients.
We are registered as a data controller with the Information Commissioner’s Office (ref: Z9920354)
The Data we hold
For the purpose of operating our legitimate business as genealogists we may hold information such as names, addresses, dates of birth and other life event dates, publicly available statutory records (eg: birth, marriage and death certificates), telephone numbers, email addresses and payment history.
How we obtain this data
We obtain data from you and/or family relatives, publicly available records, legal firms, insurance companies, personal representatives, administrators and executors.
Who do we share your data with?
Information you supply to us will be held and used in accordance with The Act. We never disclose the information you provide to us without your express authorisation. We do not sell or pass on your details to any third parties unless required to do so by law enforcement agencies. We may share data obtained by the methods above with legal firms and other instructing agents, personal representatives, administrators and executors for the purpose of fulfilling our contractual obligations.
Historical research can be of value to some of our clients, in most cases historical data will not hold details of living persons other than their name and relationship with other relatives in the context of a family tree. We do therefore retain this type of data for its historical value. We only keep data about our Clients or living persons for our prescribed retention period.
Our company keeps its records on our secure servers which are based within the EU as prescribed by The Act and this is only accessible by authorised persons within the company. You have the right to request erasure of your data, except where we are obligated by law to keep that data. Note that where we are performing a contract with you as a Client erasure of data might frustrate that contract and cause early termination before that contract has been fulfilled. You have the right to request us to supply details of any information we hold about you. We are not responsible for updating or removing information that we have supplied to third parties at your request and where a breach may occur through the negligence of that third party. If information designated as confidential can be obtained by other parties from other sources (including public records or by means of independent research), no agreement we make can guarantee such information will not be revealed by other parties through other sources and we shall not be held liable for such disclosure. Transmission of communications via the internet is not completely secure so we shall not be responsible for any misuse, distribution, damage or destruction of your information whilst being transmitted by this method, except to the extent we are required to accept such responsibility by The Act.
For more information on your rights under the GDPR see https://ico.org.uk/for-the-public