Confiri is operated by Global Talent Leaders LTD, a company registered in England and Wales. We are committed to full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page explains how GDPR applies to Confiri and what it means for recruiters and candidates who use our platform.
GDPR distinguishes between two key roles — data controllers and data processors. Understanding which role applies to whom matters for your compliance obligations.
Recruiting Organisation — Data Controller
The company using Confiri to verify candidates determines the purpose of the verification (hiring). They are the data controller and are responsible for having a lawful basis to process candidate data and for informing candidates that verification will take place.
Global Talent Leaders LTD — Data Processor
We process candidate data on behalf of the recruiting organisation, acting only on their instructions. We do not determine the purpose of the processing and do not use candidate data for our own ends.
Under UK GDPR, all data processing must have a lawful basis. Confiri relies on the following:
Under UK GDPR, individuals whose data we process have the following rights:
Right of Access
You can request a copy of the personal data we hold about you.
Right to Rectification
You can ask us to correct inaccurate or incomplete data.
Right to Erasure
You can ask us to delete your data. We will comply unless we have a legal obligation to retain it.
Right to Restriction
You can ask us to limit how we process your data in certain circumstances.
Right to Data Portability
You can request your data in a structured, machine-readable format.
Right to Object
You can object to processing based on legitimate interests. We will stop unless we have compelling grounds to continue.
Right to Withdraw Consent
Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, email privacy@confiri.com. We will respond within 30 days. If you are unsatisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.
Some of our third-party processors are based outside the UK. Where personal data is transferred to countries not deemed adequate by the UK ICO, we rely on Standard Contractual Clauses (SCCs) approved by the UK ICO to ensure your data receives an equivalent level of protection.
Transfers to the EU are covered by the UK's adequacy decision for EEA countries. Our full list of third-party processors and their locations is set out in our Privacy Policy.
We do not keep personal data longer than necessary. Verification session data is retained for 12 months from the interview date. Facial images captured during liveness checks are deleted immediately after processing by AWS Rekognition. Full retention periods are set out in our Privacy Policy.
Confiri is built with data minimisation and privacy by design principles:
In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, we will notify the ICO within 72 hours of becoming aware of the breach, as required by UK GDPR Article 33. Where the breach is likely to result in a high risk, we will also notify affected individuals without undue delay.
Data Protection contact: privacy@confiri.com
Company: Global Talent Leaders LTD
Company number: 14557865
Registered address: Summit House, Horsecroft Road, Harlow, Essex, CM19 5BN
If you wish to make a complaint about how we handle your data, please contact us at the address above. If you remain unsatisfied, you may contact the ICO at ico.org.uk or by post at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.