CheckD Privacy Policy

Date Modified: 19th October 2025

1. Who we are and contact details

CheckD is provided by Dataswyft Global Ltd (“Dataswyft”), a company registered at Kalymnou 1, Q MERITO 4th floor, Agios Nikolaos, Kamares, 6037 Larnaca, Cyprus, company registration number HE 473004, with a a mailing address of Suite 101 shop 9, Antonescos Plaza, 111 Leoforos Chlorakas, 8220 Chloraka, Cyprus.

If you want to get in touch about any privacy issues, please contact us at privacy@checkd.io.

2. Our relationship

CheckD uses the Dataswyft Wallet to store your badge data as self sovereign data.  You are the controller for the sovereign data stored in your wallet, and Dataswyft acts as your processor for this data, as per the CheckD Data Processing Agreement.

Dataswyft acts as a controller for data it holds on you required to run the CheckD service and for other legitimate purposes described in this privacy policy.

3. What information Dataswyft collects

Dataswyft is the data controller for the following information:

• Authentication credentials: Information you have given us in order to authenticate your access to your account.

• Wallet ID: When you create your data wallet, it is automatically given a unique ID number (“Wallet ID”). This identifies your wallet on the Dataswyft system but can only identify you if you give someone your identity details as well as your Wallet ID number. We do not share your Wallet ID number. 

• Your usage activity: how you use our website, app, products, and services.

• Your computer and internet settings: your IP address, login data, browser type and version, browser plug-ins, operating system and platform, and time zone.

• Your content data: the data you generate when you create communities, badges, offers and quests.

• Contact data: first name, last name, email address and telephone numbers.

• Your marketing preferences: whether you have chosen to receive our marketing communications and if so, whether you prefer emails, text messages or calls.

• Correspondence history: Records relating to any communication you have sent to us, or we have sent to you.

We collect the above data for our legitimate purposes (see below) and don’t unfairly affect your privacy.

4. How we collect your personal information

We collect information directly from you when you register and use our website and the app, and when you answer surveys, send us feedback, or any other messages.  Our tech collects non-identifying information in the background while you use our app.

Cookies are used in the CheckD app to uniquely identify you to the application when you use the website (to allow the application to continue to authenticate you after you have logged in, and to allow us to track how users use the website and product in order to make improvements and for our other legitimate business interests).  Cookies may also be used to store preferences about how you want the application to function (for example, if you want a light or dark theme).

5. What we do with your information and how it is lawful

We use your personal information, including your Wallet ID, to enable you to use the app.

We aggregate usage of communities, badges, offers and quests and all non-identifying information to our data lake with that of all our other users to generate anonymized audiences. You cannot be identified from this information and it is not personal data. If you choose to create communities, badges, offers and quests, you (and users like you) have the option to retrieve the analytics from us to view the analytics and build tools for the anonymized audiences you generated from the communities, badges and offers you created. 

We use your contact details so that we can contact you to inform you of any system level updates to our services, and for the purpose of marketing correspondences if you have expressed a preference to receive such correspondence. You have the right to opt out of our marketing correspondences.  We keep records of any correspondence with you in order to provide customer service to you and for the purposes of making improvements to our products and the way we do business.  We may aggregate information from correspondence in order to better understand common issues, feature demand, and for other legitimate business interests.

6. Who we share your information with, and why

We share your non-identifying information with Dataswyft as the provider of data wallet account infrastructure, and specific third parties, either those who provide us with other IT infrastructure and services or those who provide us with consultancy, banking, legal, insurance, and accounting services.

We have agreements in place to require all third parties to respect the security of your information. They are not allowed to use your information for their purposes but only to use it for specified purposes and in accordance with our instructions.

Your data may be transferred internationally for processing, including possible transfers to countries inside the EEA, to Malaysia, or to the United States, meaning that Dataswyft may transfer data it collects inside the EEA and inside Malaysia to other jurisdictions.  When data is transferred outside of these jurisdictions Dataswyft ensures, either by equivalent local law or through contractual terms, that the data is processed in accordance with comparable privacy protections as where the data was collected.

If we sell, transfer, or merge parts of our business or our assets or if we acquire or merge with other businesses, then we will share your information with the new owner. They will use it in accordance with this privacy policy.

We share badge information when you explicitly instruct us to do so and only to data wallet accounts you authorize and not to any other external system. We check that the information in your data wallet account has not been tampered with nor modified from its source. Where we believe the badge information is not secure, safe, legal, correct, or in violation of our Terms of Service or a breach of applicable laws, we retain the right not to execute on the instruction. 

7. How long we keep your information

We only keep your info for as long as we need it - either for the purpose for which we collected it or where we need it to comply with any legal, regulatory, tax, accounting or reporting requirements.

Details of how long we keep distinct aspects of your information are available in our retention policy which you can read in Figure 2 below.

8. Data Security

Dataswyft takes the security of your information very seriously, and has defined security policies in place to ensure that both technical and procedural safeguards are maintained.  By following industry best practice with respect to access controls, data encryption, and software practices Dataswyft can ensure the utmost is done to protect your data. 

9. Additional information

What we do with your information and how it is lawful

Our legitimate interests include the following activities so long as we do them in a way that doesn’t unfairly affect your privacy:

• Supplying services to you

• Protecting website and app users, employees, and other individuals and maintaining their safety, health, and welfare

• Promoting, marketing, and advertising our products and services

• Personalising communications or content within emails, on the website and in the app

• Understanding users’ behaviour, activities, preferences, and needs

• Improving existing and developing new products and services

• Complying with legal and regulatory obligations

• Preventing, investigating, and detecting crime, fraud, bullying, harassment, discriminatory or other anti-social behaviour and taking action against perpetrators, including working with law enforcement agencies

• Protecting CheckD, its users, and partners, by taking appropriate legal action against third parties who have committed criminal acts, or breach their legal obligations to databonds

• Fulfilling our duties to our users, partners, colleagues, shareholders, and other stakeholders.

Details of how long we keep distinct aspects of your information are available in our retention policy which you can read in Figure 1 below. 

10. Your legal rights

You have the right to:

• Access – ask us for and receive a copy of the personal data we hold about you.

• Correction - ask us to correct any incomplete or inaccurate data we hold about you, though we may need to verify the accuracy of the new data you provide to us.

• Erasure - you can ask us to delete or remove personal data where there is no good reason for us continuing to use it.

• Object to our use - where we are relying on a legitimate interest and there is something about your particular situation which makes you feel it unfairly affects your privacy.

• Request restriction of our use – you can ask us to suspend the use of your personal data in the following scenarios:

• If you want us to establish the data’s accuracy.

• Where our use of the data is unlawful, but you do not want us to erase it.

• Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.

• You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

• Request transfer - you can ask us to provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to personal information which you initially provided consent for us to use or where we used the information to perform a contract with you.

• Withdraw consent - you can do this at any time where we are relying on consent to use your personal data. This will not affect the lawfulness of anything we did before you withdraw your consent. If you do so, we may not be able to provide certain products or services to you. We will tell you if this is the case at the time.

If you want to do any of these things, please contact us via email at: support@checkd.io. More information on account deletion can also be found at https://www.checkd.io/forget-me.

If you have any queries, please contact us at: privacy@checkd.io

UK residents may also contact the Information Commissioner’s Office for assistance with data privacy protections.