What data does Pescheck collect about me?
Only the data that's necessary for the specific checks you've consented to. Here is what we collect, why, and how long we keep it.
In short: Pescheck collects only the personal data necessary for the specific checks an organisation has asked you to complete. We do not collect extras “just in case”. When the screening is finished, supporting documents are anonymised so they can no longer be traced back to you.
What we always need
For any screening, regardless of checks:
- Your legal full name as it appears on your ID
- Your date of birth
- Your email address (to send you the secure link)
- Your explicit consent to each check
What we need for specific checks
Each check requires its own minimum data:
| Check | Data we need |
|---|---|
| ID verification | A clear photo or scan of a government-issued ID; sometimes a selfie for liveness (processed by a specialised provider) |
| Dutch criminal record (VOG) | Your full name and date of birth. You sign with DigiD via the Justis portal; we never see your BSN |
| Employment verification | Employer names, dates, and reference contact details for each role |
| Qualification check | Institution name, course or degree name, year of completion |
| Reference check | Names, roles, and contact details of referees |
| Credit check | Name and recent address history |
| PEPs and sanctions | Full name, date of birth, nationality |
| Adverse media | Full name, date of birth, recent address |
We never ask for medical records, religious beliefs, political beliefs, sexual orientation, or trade union membership unless this is legally required for a specific check (rare).
What we do not collect
- Your salary at previous roles
- Your reasons for leaving previous roles
- Personal opinions of former employers
- Anything not necessary for the requested checks
How long we keep it
Per our privacy policy:
- Personal data processed by Pescheck as data controller for screening services is deleted within 60 days of the assignment completing
- General retention is up to 24 months, and may be extended due to legal obligations or at the request of the client
- Identity documents and supporting uploads are processed by a specialised provider and anonymised on a defined schedule after the screening completes
- Audit logs are retained as required by our screening licence
You can always ask us to anonymise your data sooner; see your GDPR rights.
Where it lives
Screening data is processed within the European Economic Area only, per our standard processing agreement. Pescheck is ISO/IEC 27001:2022 certified and operates under POB licence #1551 from the Dutch Ministry of Justice. The current list of sub-processors is published in the Trust Centre.
Related articles
Your rights under GDPR
As the person being screened, you have specific legal rights over your data: access, correction, deletion, and the right to object. Here is how to use them.
How does Pescheck protect my data?
We process your data under a Dutch Ministry of Justice POB licence and ISO 27001 certification, with encryption in transit and at rest and EU-only storage.
Giving consent as a candidate
You've been asked to complete a Pescheck screening. Here is exactly what consent means, what we will ask you for, and your rights at every step.
