Data Protection & GDPR
Last updated: 7 June 2026
1. Introduction
IMEI Check Pro is committed to protecting your personal data and respecting your privacy rights. This Data Protection Policy explains how we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
This policy supplements our Privacy Policy and provides detailed information about your rights and our obligations under GDPR.
2. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contract Performance: To fulfill our contractual obligations when you use our services
- Legal Obligation: To comply with legal and regulatory requirements
- Legitimate Interests: To improve our services, prevent fraud, and ensure security
- Consent: Where you have given explicit consent for specific processing activities
3. Your Data Protection Rights
3.1 Right to Access
You have the right to request copies of your personal data. We will provide this information within one month of your request, free of charge.
How to exercise: Contact us at [email protected] with the subject "Data Access Request"
3.2 Right to Rectification
You have the right to request correction of inaccurate or incomplete personal data. You can update most information directly through your account settings.
3.3 Right to Erasure ("Right to be Forgotten")
You have the right to request deletion of your personal data in certain circumstances:
- The data is no longer necessary for the original purpose
- You withdraw consent and there is no other legal basis
- The data has been unlawfully processed
- Deletion is required to comply with a legal obligation
Note: We may retain certain data if required by law or for legitimate business purposes.
3.4 Right to Restrict Processing
You can request that we limit how we use your personal data. This applies when you contest the accuracy of data, object to processing, or when processing is unlawful but you prefer restriction over deletion.
3.5 Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
3.6 Right to Object
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
How to exercise: You can opt-out of marketing communications by clicking the unsubscribe link in our emails or contacting us directly.
4. Data We Collect and Process
We collect and process the following categories of personal data:
| Category | Examples | Legal Basis |
|---|---|---|
| Identity Data | Email address, username | Contract, Consent |
| Contact Data | Email, IP address | Contract, Legitimate Interest |
| Transaction Data | Payment information, order history | Contract, Legal Obligation |
| Technical Data | Device information, browser type | Legitimate Interest |
| Usage Data | Service usage patterns, features used | Legitimate Interest |
5. Data Security Measures
We implement comprehensive security measures to protect your personal data:
- Encryption: All data in transit is encrypted using SSL/TLS protocols
- Access Controls: Strict access controls and authentication mechanisms
- Regular Audits: Regular security audits and vulnerability assessments
- Data Minimization: We only collect data necessary for our services
- Secure Storage: Data stored in secure, encrypted databases
- Staff Training: Regular training for staff on data protection
6. Data Retention
We retain your personal data only for as long as necessary:
- Account Data: Retained while your account is active, plus 7 years for legal compliance
- Transaction Data: Retained for 7 years for tax and legal purposes
- Marketing Data: Retained until you unsubscribe or object
- Technical Logs: Retained for 90 days for security purposes
After the retention period, data is securely deleted or anonymized.
7. Data Sharing and Transfers
7.1 Third-Party Processors
We may share your data with trusted third-party service providers who act as data processors:
- Payment processors (for transaction processing)
- Cloud hosting providers (for data storage)
- Email service providers (for communications)
- Analytics providers (for service improvement)
All processors are contractually bound to protect your data and comply with GDPR requirements.
7.2 International Transfers
If we transfer data outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions by the European Commission.
8. Exercising Your Rights
To exercise any of your data protection rights:
- Contact us at [email protected]
- Clearly specify which right you wish to exercise
- Provide sufficient information to verify your identity
- Include any relevant details (e.g., order numbers, dates)
We will respond to your request within one month. If your request is complex, we may extend this by up to two additional months, and we will inform you of any delay.
9. Complaints
If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority:
UK: Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113
However, we encourage you to contact us first so we can address your concerns directly.
10. Data Protection Officer
For any data protection inquiries, please contact our Data Protection Officer:
Email: [email protected]
Subject: Data Protection Inquiry
11. Contact Us
For questions about this Data Protection Policy or to exercise your rights:
Email: [email protected]
Website: Contact Us