Compliance

GDPR & Data Protection

Zayn Productions Ltd (Company No. 16892199) · Registered in England and Wales

DocsCheck is built for regulated legal professionals who process sensitive personal data on behalf of their clients. We take our data protection obligations seriously and have designed the platform to support your own GDPR compliance obligations as a data controller.

Our role under UK GDPR

The relationship between you and DocsCheck under UK GDPR depends on the type of data being processed:

  • Your organisation's data (account information, staff details, billing): Zayn Productions Ltd is the data controller.
  • Your clients' data (immigration documents, questionnaire responses, personal information): Your organisation is the data controller. Zayn Productions Ltd is the data processor, acting on your instructions.

Our Data Processing Agreement (DPA) sets out the terms under which we process personal data on your behalf. You should sign this DPA before using DocsCheck to process client personal data.

Lawful basis

We process personal data under the following lawful bases:

  • Contract performance — to provide the DocsCheck platform under your subscription agreement
  • Legitimate interests — for platform security, fraud prevention, and service improvement
  • Legal obligation — where required by applicable law (e.g. financial record retention)
  • Consent — for marketing communications (you may withdraw consent at any time)

Your rights as a data subject

Right of access

Request a copy of the personal data we hold about you within 30 days.

Right to erasure

Ask us to delete your personal data where we no longer have a lawful basis to hold it.

Right to rectification

Correct any inaccurate or incomplete personal data we hold.

Right to portability

Receive your data in a structured, machine-readable format (JSON or CSV).

Right to object

Object to processing based on legitimate interests. We will stop unless we have compelling legitimate grounds.

To exercise any of these rights, contact us at privacy@docscheck.co.uk. We will respond within 30 days. You also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by phone on 0303 123 1113.

International data transfers

Some of our sub-processors are located outside the UK. Where this is the case, we ensure appropriate safeguards are in place:

  • OpenAI, ElevenLabs, Replit (USA): Standard Contractual Clauses (SCCs) are in place under Article 46 UK GDPR.
  • Google Cloud, Neon, Brevo: EU/UK hosting where possible, with SCCs for any residual transfers.

Data breach notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you without undue delay and in any case within 72 hours of becoming aware. Where the breach is likely to result in a high risk, we will also notify affected individuals directly. We maintain an internal register of all personal data breaches in accordance with Article 33(5) UK GDPR.

Data Protection Officer

Zayn Productions Ltd does not currently meet the threshold requiring a mandatory Data Protection Officer. However, all data protection queries are handled directly by the company's data controller. Contact: privacy@docscheck.co.uk

Data Processing Agreement

If you are using DocsCheck to process personal data on behalf of your clients, you should sign our Data Processing Agreement. This is a requirement under Article 28 UK GDPR. The DPA is available on request and covers: the subject matter, duration, nature and purpose of processing; the type of personal data; the categories of data subjects; and your rights and obligations as data controller.

Contact for data protection queries:
Zayn Productions Ltd · 1 Alvin Street, Gloucester, England, GL1 3EJ
Company Number: 16892199 · privacy@docscheck.co.uk

We use essential cookies to keep the platform running. No tracking or advertising cookies. Cookie policy