TrustOnline is the interactive website for Registry Trust Limited.
The office address is:
Registry Trust Limited
153-157 Cleveland Street
- questions, queries or feedback you leave, including your email address if you contact us
- your email address and subscription preferences when you sign up for our email alerts, and how you use our emails - for example, whether you open them and which links you click on
- information on how you use the site, using cookies. (See below)
- we use a separate company to process payments for any searches carried out. We do not have access to your card or bank account details.
- we may use demographic information, and anonymised or pseudonymised data to understand the types of searches and numbers of searches made.
- you remain able to opt into any e-mail reminders you may receive.
The data we collect from TrustOnline users can be viewed by authorised people employed by Registry Trust and our suppliers, to:
- improve the website by monitoring how you use it
- gather feedback to improve our services, (i.e.: our email alerts)
- respond to any feedback you send us if you’ve asked us to
- send email alerts to users who request them
- allow you to access registry services and make transactions
- provide you with information about our other services if you want it
We want to make your experience of using TrustOnline easy, useful and reliable. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide general information to the owners of the site. They cannot be used to identify you personally and we do not share this information with any third parties.
Google Analytics cookies
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, the pages they visit on the site and where visitors have come to the site from.
To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout
Online search session cookie
This cookie is essential for the completion of an online search. It is set only for those people who progress through the site and who enter details to make a search. This cookie is deleted when you close your browser. If your browser has cookies completely disabled this will also disable this session cookie and the site will not work.
This cookie is set by our content management system on various browsers upon arrival to the TrustOnline site. It is not used by TrustOnline for any purpose. Work is underway on our site to prevent this cookie from being created.
Most web browsers allow some control of most cookies through the browser settings although disabling cookies could impact the functionality of the website you are visiting. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
The data we collect from the court service is a matter of public record. Registry Trust publishes this information on the Register. This information relates to judgments, orders, fines and decrees. This data is also passed to other parties for use with credit activities including credit reference agencies; companies offering financial services; companies offering financial advice and their agents.
How long do we keep data for?
We retain personal data for a maximum of 8 years.
• Judgments, orders and decrees are retained on a public Register for 6 years before being removed automatically.
• Fines are retained for 5 years before being removed automatically.
Any other alteration to the Register must be instructed by the courts.
You can find more detail on the court regulations here: www.legislation.gov.uk/uksi/2005/3595/contents/made
All Register information is retained internally, and accessible to authorised Registry Trust personnel up to 8 years after the initial recording of the information. Registry Trust retain this information for a limited period for internal auditing purposes only, and it is not shared with any other organisations or individuals,
Where your data is stored
Data is stored on the Microsoft Azure cloud platform. All of the servers including back-ups are based in UK.
We store your data on secure servers in the European Economic Area (EEA)
None of our suppliers are based outside the EEA. We have strict controls over how and why your data can be accessed.
By submitting your personal data, you agree to this.When you sign up to our email alerts
As a subscriber to our email alerts, we may contact you from time to time to ask for your feedback on how to improve our email alert service.
Keeping your data secure
If you’ve signed up for email alerts, you can unsubscribe or change your settings at any time.
Sending information over the internet is generally not completely secure, and we can’t guarantee the security of your data while it’s in transit. Any data you do send is at your own risk.
Disclosing your information
We have procedures and security features in place to keep your data secure once we receive it. Registry Trust are ISO27001:2017 compliant. Registry Trust maintains various security measures to meet the standards of ISO27001:2017, including firewalls, anti-virus software, encryption, password protection, building security and regular staff training.
Registry Trust publishes personal data on the Register - which is a matter of public record - relating to judgments, orders, fines and decrees. This information is obtained from the UK court service. This data is also passed to other parties for use with credit activities including credit reference agencies; companies offering financial services; companies offering financial advice and their agents.
Other parties are bound by specific contracts to use the data in line with UK law.
You can find a complete listing of all the companies we provide data to here.
Under UK data protection laws, you have certain key rights, which are summarised below. There are some exceptions to the data protection laws which relate to the information added to the Register. You can also obtain more information on data protection and your rights by visiting the ICO website - https://ico.org.uk/The right to be informed
Registry Trust complies in full with your right to be informed when your information is used. Users of TrustOnline will be able to see how their information is collected, used and stored elsewhere within this policy.
The right of access
Those who have their data recorded in the public Register are notified via a Fair Processing Notice. This notice appears on the judgment notices provided by the courts in England and Wales. For all other jurisdictions, the notice is provided in a letter sent direct from Registry Trust.
You have the right to know what personal information Registry Trust store, and to understand which elements of the data protection laws allow for this. As the data we deal with is a matter of public record, you can search the register (www.trustonline.org.uk) to find out what information Registry Trust holds as part of its remit.
Should you believe that Registry Trust has other information held outside of the public records (i.e.: as a result of correspondence with you) you can ask for this through a Subject Access Request. Please note – unless you have had separate correspondence with Registry Trust, it is likely that an online search of the Register will provide the information you need.
If your request relates solely to information on the public Register for England and Wales, you must make your subject access request directly to the Ministry of Justice. You can find details of how to do so here
If you still wish to make a subject access request to Registry Trust, please send it in writing to the Data Protection Officer at:
153-157 Cleveland Street
Lawful processing of data
The subject access request will be responded to within 30 days, and there will be no charge for the information provided.
You can obtain more information on subject access requests, and the rules around providing them by visiting the information commissioner’s website. https://ico.org.uk/
Registry Trust Limited (RTL) processes data in compliance with the conditions listed in Article 6 (1) of the GDPR.
GDPR Article 6(1) states that “processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of the controller’s official authority includes processing of personal data that is necessary for—
• the administration of justice,
• the exercise of a function of either House of Parliament,
• the exercise of a function conferred on a person by an enactment, or
• the exercise of a function of the Crown, a Minister of the Crown or a
Registry Trust Limited also processes data under 6(1) where processing is considered “necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject”.
The right to rectification
GDPR also allows for data processing where it “is necessary for the performance of a contract with the data subject or to take steps to enter into a contract”.
The Register of Judgments, Orders and Fines Regulations 2005 state how the Register is to be kept. The regulations place responsibility on the courts on when to notify the appointed Registrar, what cases are included, and what information is provided. As Registrar our responsibility is to take this output from the courts and add it to the Register.
Registry Trust has processes to challenge the accuracy of court records where a record appears illogical or incomplete. If this record is confirmed by the relevant court, we are still obliged to add it to the Register.
The right to erasure
Where an error is discovered, Registry Trust can only act on court instructions to amend or delete the record as appropriate. Once that instruction is received from the court, we amend the record immediately and advise all of the organisations that we provide data to.
Under data protection laws, the right to erasure (also known as ‘the right to be forgotten’) enables an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
Registry Trust maintains the Register on behalf of the Government (Ministry of Justice). As such Registry Trust Limited has a legal requirement and a public duty to make this information available. For Registry Trust data, the underlying processing condition is the overriding legitimate and public interest for doing so.
The right to erasure does not provide an absolute ‘right to be forgotten’ and processing by Registry Trust complies with data protection laws. As such it is very unlikely that the right to erasure will apply to information held on the public Register.
For any other information Registry Trust hold, outside of the official Register, you can request the removal of that information, and we will comply where there are no overriding reasons for retaining the information. Where we are unable to comply with a request, we will inform you in writing.
The right to restrict processing
Registry Trust publishes data they receive from the court service. As such they are obliged to maintain that data on the Register until the court advises them of any amendment. This is because the legitimate grounds for processing the Register data override individual interest.
Where an error is identified and advised by the court service, Registry Trust automatically notifies recipients of the correction or removal.
The right to data portability
Data portability can be requested where certain conditions are met. Specifically, where an individual has supplied their information to the data controller, and the data controller is reliant on the individual’s consent to deal with their information and where the processing is automated.
Information maintained on the public Register does not meet those conditions. For more information on this, you can refer to the information commissioner’s website. https://ico.org.uk/
The right to object
In line with our stance on the right to be forgotten, or to prevent processing, Registry Trust have a legal requirement and a public duty to make the Register information available. It is unlikely that the right to object will apply to information held on the public Register.
Rights related to automated decision making
Registry Trust does not use your data to make any decisions. The information is published solely as a matter of public record.
Links to other websites
Following a link to another website
Following a link to Registry Trust Limited or TrustOnline from another website
Data Protection Officer
You can contact the Data Protection Officer by writing to:
153-157 Cleveland Street
Information Commissioners Office
If you have any concerns about how your personal information has been handled you can refer the matter to the Information Commissioner’s Office. You will find details of how to contact them here. https://ico.org.uk/concerns/handling/