ICO Due Diligence Summary

Corpdata Limited. Companies House registration 02690712. ICO registration Z5404661. Founded 1992, registered office Teignmouth, Devon. Both numbers verifiable on the respective public registers.

Public UK business sources — Companies House filings, corporate websites, published trade directories, and other structured public records — enriched by technical validation and cross-reference. Named decision-maker information is limited to individuals’ professional roles, gathered in a business context, not personal.

Corpdata processes personal data on the legal basis of legitimate interest, supported by a documented Legitimate Interest Assessment. A Fair Processing Notice (FPN) is issued to data subjects and is available on request. The LIA and an FPN template are supplied as part of every licence, so the licensee can incorporate them into their own compliance documentation.

Continually, not at a single point in time. Records are re-verified on a rolling basis, with new records added and existing records refreshed as their provenance sources are re-checked. The average age of a record across the database is 94 days.

By technical verification: software-driven validation, cross-referencing against public sources, web analysis, and AI-assisted enrichment. Records are tested for internal consistency and external corroboration before being released for licensing.

Historical note: in its early decades Corpdata used telephone research as the primary collection method. Market preferences shifted toward lower-cost data, and the verification methodology shifted with them. Today’s method is technical, and the 2-for-1 Goneaway Guarantee (see Q8) is the commercial standing behind record accuracy.

Not applicable — Corpdata does not process on the basis of consent. The legal basis is legitimate interest, supported by a documented LIA provided on licence. If you are comparing us to a consent-based supplier, the material question is whether their consent scripts specifically named your organisation at the point of collection; generic consent does not transfer.

All telephone data is screened against the Telephone Preference Service (TPS) and the Corporate Telephone Preference Service (CTPS). Screening records are retained and available on request.

Note on MPS: the Mailing Preference Service is a consumer-only register and does not cover business-to-business postal mail. Screening B2B postal data against MPS would neither reduce your compliance risk nor improve targeting accuracy, so it is not part of our process.

Rights requests received directly by Corpdata — access, rectification, erasure, or objection to direct marketing — are handled in line with UK GDPR timelines.

On request, Corpdata can supply twice-monthly update files reflecting objections and erasures against your licensed data, so you can propagate them into your own records. In practice, most licensees prefer to manage suppression and rights requests through their own established processes: as the controller for data in your possession, you are responsible for handling rights requests addressed to you and for maintaining your own suppression file. The update-file service is available to any licensee who wants it built into their workflow.

The 2-for-1 Goneaway Guarantee is the standing commercial mechanism for accuracy over time: where a licensed contact has moved on, Corpdata replaces them with two valid contacts in the same segment, at no additional cost.