Open Credo

Welcome to Open Credo Limited’s website privacy policy


Open Credo Limited (company registration number 03943999) is the controller and responsible for your personal data.

Company Contact Details:
Address: 5-11 Lavington Street, London, SE1 0NZ,
Telephone number: (0) 207 928 9200
Email address:

We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you and it explains how we comply with the Data Protection Act 2018 (DPA), the General Data Protection Regulation (GDPR) which came into effect in May 2018, and the PECR (Privacy and Electronic Communications Regulations). We will update this policy if necessary after the completion of the UK’s exit from the European Union.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. Please keep us informed if your personal data changes during your relationship with us.

We keep our privacy policy under regular review. This version was last updated on 19 October 2020

  1. The data we collect about you
  2. We collect data from and about you as you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We only share data within the Open Credo or Trifork Group acting as joint controllers or processors. We will only use your personal data for the purposes for which we collected it or for another compatible reason.
    We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

    • Identity Data such as names, username or similar identifier.
    • Contact Data and Company Data we use analytic tools to track more information about who is visiting our website, to improve our advertising and marketing activities. These products use contact data such as names, company, email address and telephone numbers.
    • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
    • Profile Data includes, preferences, feedback and survey responses.
    • Usage Data includes information about how you use our website
    • Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.

    We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose which does not directly reveal your identity.

  3. How we use your personal data
  4. We will only use your personal data when the law allows us to and following an enquiry by you via our website, at which point your personal data is sent to our CRM system for our review to determine the nature of your enquiry and for us to provide a response, which may include sending you marketing communications if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing. We regard this process as necessary for our legitimate interests (the interest of our business to enable us to perform the best services, the most secure experience and to develop our services and grow our business).
    We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

  5. Disclosures of your personal data
  6. We may share your personal data only with third parties who require reporting of processing activities in certain circumstances, or third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

    We do not transfer your personal data outside the European Economic Area (EEA).

    To find out information about what cookies we use please refer to our cookie policy here.

  7. Data security
  8. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

    We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  9. Your legal rights
  10. Under certain circumstances, you have rights under data protection laws in relation to your personal data including the following:

    • Request access to your personal data.
    • Request correction of your personal data.
    • Request erasure of your personal data.
    • Object to processing of your personal data.
    • Request restriction of processing your personal data.
    • Request transfer of your personal data.
    • Right to withdraw consent.

If you would like to contact us about our privacy policy or your data please use the contact details provided above.