AuditShield

Legal

Privacy Policy

Last updated: May 2026 · AuditShield Limited · Company No. 17227437

Who we are

AuditShield Limited (Company No. 17227437) provides sponsor licence compliance review, monitoring and support services for UK employers. Our registered address is Office 17, Claremont Business Centre, Surbiton KT6 4QU. Immigration advice is provided separately where formally instructed. Data controller: AuditShield Limited Contact: info@theauditshield.com

What data we collect

We collect and process the following categories of personal data: • Contact information: name, email address, phone number, business address • Business information: company name, Companies House number, sponsor licence reference • Worker data (where provided for compliance review): full name, date of birth, nationality, visa details, employment details, right to work evidence • Communications: messages sent through the AuditShield platform, emails and phone records • Usage data: how you use the AuditShield client portal

Why we collect it (legal basis)

We process your personal data under the following legal bases: • Contract performance: to deliver compliance review, monitoring and advisory services you have engaged us to provide • Legitimate interests: to maintain our records, communicate about services and improve the platform • Legal obligation: where we are required to keep records for regulatory or professional purposes • Consent: for marketing communications (which you may withdraw at any time)

How we use your data

We use your data to: • Deliver mock audit, compliance review and monitoring services • Maintain your compliance dashboard and worker file records • Send compliance reminders, visa expiry alerts and action items • Respond to enquiries and support requests • Comply with our professional and legal obligations

Who we share data with

We do not sell your personal data. We share data only where necessary: • Supabase (database and authentication hosting, EU/UK data residency) • Vercel (hosting infrastructure) • Professional advisers where instructed by you All processors are subject to data processing agreements and comply with UK GDPR.

How long we keep data

We retain personal data for as long as necessary for the purpose it was collected and to comply with legal obligations. • Client records: 7 years after the end of our engagement (for professional indemnity and legal purposes) • Worker data: as directed by the client or for the duration of the sponsorship licence monitoring service • Marketing data: until consent is withdrawn or you unsubscribe

Your rights

Under UK GDPR, you have the right to: • Access your personal data • Correct inaccurate data • Request erasure (subject to legal retention obligations) • Object to processing • Data portability • Withdraw consent at any time To exercise any right, contact us at info@theauditshield.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Security

We implement appropriate technical and organisational measures to protect your personal data, including encrypted data storage, access controls and secure communications. Our client portal uses Supabase row-level security to ensure clients can only access their own data.

Cookies

AuditShield uses only strictly necessary cookies for authentication and session management. We do not currently use analytics or advertising cookies. If this changes, we will update this policy and seek consent where required.

Contact

For any privacy query, to exercise your rights, or to make a complaint: Roman Tabassum AuditShield Limited Office 17, Claremont Business Centre, Surbiton KT6 4QU Email: info@theauditshield.com Phone: +44 7585 508863