Privacy Policy

Checkify (“we”, “us”, “our”) — Last updated: 2026-02-06

Plain-English summary

We aim to minimize data. Checkify is designed to work without storing personal identity data on our servers.
We store operational logs keyed to random identifiers (UUIDs) to run the service, prevent abuse, and troubleshoot issues.
Identity/verification data is intended to stay on your device unless you explicitly choose to share something as part of a verification flow.

This summary is not a legal substitute for the full policy below.

1) Who we are

Checkify provides a privacy-first identity and trust verification experience. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

Controller contact: Checkify
Email: privacy@checkify.me
Website: checkify.me

2) What information we collect

A. Operational identifiers and logs (server-side)

To operate the service, we collect and store limited operational data such as:

UUIDs (random identifiers) associated with app sessions, devices, or requests
Event logs such as timestamps, request type, success/failure codes, and performance metrics
Security logs such as rate-limit triggers, abuse prevention signals, and audit events

We design these logs to avoid storing direct personal information (like your name, address, or document number) unless you explicitly provide it for a specific feature and it is necessary to deliver that feature.

B. Device information (limited)

The app and our backend may process limited device and network information (e.g., OS version, app version, locale, and IP address at time of request) for security, fraud prevention, and service reliability.

C. User-provided content (only if you choose to use certain features)

Some features may involve you capturing or using content such as photos or scanned documents (for example, identity verification). Our intention is that sensitive identity data remains on your device unless a feature explicitly requires server processing and you initiate that action.

If you are unsure whether a feature sends data to our servers, please contact us at privacy@checkify.me.

3) How we use information

Provide and maintain the service (e.g., process requests, show trust/verification results)
Security and fraud prevention (e.g., detect abuse, enforce rate limits, maintain audit trails)
Troubleshooting and reliability (e.g., diagnose errors, improve performance)
Compliance where required by law (e.g., responding to lawful requests)

4) Legal bases (UK/EU GDPR)

Where applicable, we process information under one or more of these legal bases:

Performance of a contract (to provide the service you request)
Legitimate interests (security, preventing abuse, service improvement)
Legal obligation (where we must comply with applicable laws)
Consent (where we ask you, e.g., for optional features)

5) Sharing and disclosures

We do not sell your personal information. We may share limited data in these cases:

Service providers that help us run the app (e.g., hosting, monitoring) under contractual confidentiality and security obligations
Legal and safety where required to comply with law or protect users and the service
Business transfers if the company is involved in a merger, acquisition, or sale (with appropriate safeguards)

We can provide a list of key subprocessors on request.

6) Data retention

We retain operational logs for as long as necessary to: (a) keep the service secure and reliable, (b) investigate abuse or incidents, and (c) meet legal obligations. We aim to retain logs only for a limited period and periodically delete or anonymize them.

Typical retention: 90 days for standard operational logs, longer for security/audit incidents where justified.

7) Security

We use appropriate technical and organizational measures to protect data, including access controls, encryption in transit, and least-privilege practices. No method of transmission or storage is 100% secure, but we work to protect your information.

8) Your rights

Depending on your location, you may have rights to access, correct, delete, or restrict processing of your information, and to object or withdraw consent. Because we primarily store operational logs linked to UUIDs (not direct identity details), we may need additional information to locate relevant records.

To exercise rights, contact: privacy@checkify.me

9) Children

Checkify is not intended for children under the age where parental consent is required in your jurisdiction. If you believe a child has used the service without appropriate consent, contact us.

10) International transfers

If we transfer data internationally, we use appropriate safeguards (such as contractual protections) to help ensure a similar level of protection.

11) Changes to this policy

We may update this policy from time to time. We will update the “Last updated” date above. If changes are material, we will provide additional notice where appropriate.