SENSERITY — Legitimate Interest Assessment (LIA)

Version 1.0 | February 2026

Data Controller: Blueloop Limited Company No: 03981322 Registered Office: Blueloop House, Ilchester Road, Yeovil, Somerset BA21 3AA Data Protection Lead: Robin Barker ICO Registration: [Registration number to be inserted]

Date of Assessment: February 2026 Processing Start Date: November 2025 Next Review Date: February 2027

1. Purpose of This Assessment

This Legitimate Interest Assessment (LIA) has been conducted by Blueloop Limited ("Blueloop") in accordance with Article 6(1)(f) of the UK General Data Protection Regulation (UK GDPR) and the guidance issued by the Information Commissioner's Office (ICO).

The assessment relates to the processing of personal data within the Senserity platform, a supply chain risk intelligence service that aggregates, analyses, and presents business data from multiple sources to help UK businesses assess risk in their commercial relationships.

This LIA follows the three-part test recommended by the ICO:

Purpose test — Is there a legitimate interest behind the processing?
Necessity test — Is the processing necessary for that purpose?
Balancing test — Do the individual's interests override the legitimate interest?

2. Description of Processing

2.1 What Personal Data Is Processed

The Senserity platform processes personal data about the following categories of data subjects:

Company Directors and Officers

Full name
Date of birth (month and year only, as provided by Companies House)
Nationality
Country of residence
Correspondence/service address (as filed at Companies House)
Date of appointment and resignation
Occupation
Officer role (director, secretary, LLP member)
Identity verification status (where available under Money Laundering regulations)

Approximate volume: 28.9 million director records across all UK companies (active and historical).

Persons with Significant Control (PSCs)

Full name
Date of birth (month and year only, as provided by Companies House)
Nationality
Country of residence
Correspondence address
Natures of control
Date notified and ceased
Identity verification status

Approximate volume: 13.1 million PSC individual records.

Charity Trustees

Full name
Trustee role
Date of appointment

Volume: Dependent on Charity Commission register; covers registered charities in England and Wales plus Scotland (OSCR).

Individuals Appearing in Sanctions Records

Full name (including aliases and variant spellings)
Date of birth (where available)
Nationality
Regime and designation details
Reasons for designation

Source: HM Treasury Office of Financial Sanctions Implementation (OFSI) consolidated list.

Individuals Appearing in Disqualification Records

Full name
Disqualification start and end dates
Reason for disqualification
Case reference
Associated company details

Source: Companies House Register of Disqualified Directors.

Individuals Appearing in Adverse Media Screening

Full name
Date of birth (where available for matching)
Categories of adverse media (financial crime, organised crime, regulatory, terrorism, violent crime, political)
Article summaries and source references
Risk scores and confidence levels

Source: Dilisense adverse media screening API.

Individuals Appearing in Court Records

Party names (as published in court judgments)
Role in proceedings (claimant, defendant)
Court and case details

Source: National Archives Find Case Law service (Open Justice Licence).

2.2 Sources of Personal Data

All personal data processed within Senserity is obtained from the following sources. No personal data is collected directly from the data subjects themselves.

Source	Data Type	Licence/Basis
Companies House (bulk data and API)	Directors, PSCs, company records	Crown copyright, Open Government Licence v3.0
Charity Commission for England & Wales	Charity trustees, charity details	Open Government Licence v3.0
Office of the Scottish Charity Regulator (OSCR)	Scottish charity trustees	Open Government Licence
HM Treasury OFSI	Sanctions designations	Crown copyright, freely available for compliance
Companies House	Disqualified directors	Crown copyright, Open Government Licence v3.0
Dilisense	Adverse media screening results	Commercial API licence
Creditsafe	Credit reports, CCJ data	Commercial API licence
National Archives	Court judgments	Open Justice Licence
Health & Safety Executive	Enforcement notices, convictions	Open Government Licence v3.0
Environment Agency	Environmental enforcement	Open Government Licence v3.0
ICO	Data controller registrations	Open Government Licence v3.0
Gender Pay Gap Service	Gender pay gap reports	Open Government Licence v3.0

2.3 How Personal Data Is Processed

Personal data is processed in the following ways within the Senserity platform:

Collection and storage: Personal data is collected through scheduled ETL (Extract, Transform, Load) processes from the sources listed above and stored in a PostgreSQL database hosted on UK infrastructure owned and operated by Blueloop Limited.
Normalisation and linking: Records from different sources are normalised and linked to create a unified view of each UK company and its associated individuals. For example, a director record from Companies House may be linked to a sanctions designation record if name matching indicates a potential match.
Automated risk analysis: The platform runs automated Insight Tests — over 660 analytical checks — that assess companies across categories including financial health, governance, compliance, cyber security, legal proceedings, media exposure, and ESG. Some of these tests process personal data (e.g., checking whether a director is disqualified or sanctioned).
Network graph analysis: Personal data is used to build a network graph of relationships between companies through shared directors and PSCs. This enables analysis of corporate networks, risk propagation, and indirect exposure to sanctions or other risk indicators.
Sanctions screening: Director and PSC names are matched against the OFSI consolidated sanctions list using fuzzy name matching algorithms. Matches are classified by confidence level and flagged for review.
Adverse media screening: Director and PSC names are screened against a global adverse media database via the Dilisense API. Results are categorised and scored.
Presentation to Senserity users: Personal data is presented to authorised users of the Senserity platform as part of company risk profiles, due diligence reports, and alert notifications. Access is controlled through role-based access control and subscription tier gating.
Report generation: Personal data may be included in PDF due diligence reports generated by users for their internal business purposes or for sharing with identified third parties.

2.4 Data Retention

Personal data within the Senserity platform is retained as follows:

Active records: Retained for as long as the associated company remains on the Companies House register (or equivalent register for other sources). Data is updated through regular processing cycles.
Historical records: When a director resigns, a PSC ceases, or a company is dissolved, the records are soft-deleted (marked as inactive) but retained for historical analysis purposes. Historical data from 2020 onwards is held.
Adverse media and sanctions matches: Retained for as long as the associated company record is active and refreshed according to enrichment schedules.
Customer-generated content: Notes and attestation data are retained for 30 days following account termination, then deleted.

3. Purpose Test — Is There a Legitimate Interest?

3.1 Blueloop's Commercial Legitimate Interest

Blueloop has a legitimate commercial interest in processing personal data within the Senserity platform for the following reasons:

Provision of a commercial service: Senserity is a subscription-based B2B SaaS platform that provides supply chain risk intelligence to UK businesses. Processing personal data about company directors, officers, and persons with significant control is essential to providing this service. Without this data, the platform cannot fulfil its core function of risk assessment.
Revenue generation: The platform operates on a tiered subscription model (Free through Enterprise, from £0 to £799 per month). Blueloop's ability to aggregate, analyse, and present company data in a meaningful way is the commercial basis for the service.
Product development and improvement: Processing data enables Blueloop to develop and refine its risk scoring algorithms, analytical methodologies, and user experience to better serve its customers.

3.2 Broader Societal Legitimate Interest

Beyond Blueloop's commercial interests, the processing serves broader legitimate interests:

Supply chain transparency: UK businesses have a legitimate need to understand the governance, financial health, and compliance status of their suppliers and business partners. The 2023 Economic Crime and Corporate Transparency Act reflects Parliament's intent to increase transparency in UK corporate structures.
Financial crime prevention: Sanctions screening, adverse media monitoring, and disqualified director checks contribute to the prevention of financial crime, money laundering, and sanctions evasion. Businesses have both a moral and in many cases legal obligation to conduct due diligence on their commercial relationships.
Public interest in corporate accountability: The existence of public registers (Companies House, Charity Commission, disqualified directors register) reflects a deliberate policy decision that corporate governance information should be available for public scrutiny. Senserity makes this information more accessible and actionable.
Procurement integrity: Public sector and larger private sector organisations increasingly require supply chain due diligence. Senserity supports this by enabling efficient risk assessment that would otherwise require significant manual effort.

3.3 Senserity Users' Legitimate Interest

The businesses that subscribe to Senserity also have their own legitimate interests in the processing:

Vendor risk management: Procurement professionals need to assess the risk of engaging with suppliers and partners. This includes understanding governance quality, financial stability, compliance status, and any sanctions or adverse media exposure.
Legal and regulatory compliance: Businesses operating under the Proceeds of Crime Act, the Sanctions and Anti-Money Laundering Act, and sector-specific regulations have a legal obligation to conduct due diligence. Senserity facilitates this.
Protection of business interests: Understanding whether a potential supplier has directors with disqualification orders, sanctions exposure, or adverse media coverage protects businesses from reputational and financial harm.

4. Necessity Test — Is the Processing Necessary?

4.1 Could the Purpose Be Achieved Without Processing Personal Data?

No. The core function of Senserity is to provide intelligence about the governance and risk profile of UK companies. This inherently requires processing personal data about the individuals who direct and control those companies. It would not be possible to assess governance quality, sanctions exposure, disqualification risk, or adverse media concerns without processing the names and identifying details of directors and PSCs.

4.2 Could the Purpose Be Achieved by Processing Less Personal Data?

The platform already applies data minimisation principles:

Date of birth: Only month and year are stored, as provided by Companies House. Full dates of birth are not held.
Addresses: Only service/correspondence addresses as filed at Companies House are stored. Residential addresses protected by the Companies House service address scheme are not separately obtained.
Data as provided: Records are stored exactly as provided by the original data source. No additional personal data is derived or inferred beyond what is necessary for matching and analysis.
Adverse media and sanctions screening: Individual screening is only triggered when company-level analysis indicates a reason for concern (i.e., the company has adverse media hits in concerning categories, or the individual's name matches a sanctions designation). Not all directors and PSCs are screened against all sources.

4.3 Is the Processing Proportionate to the Purpose?

Yes, for the following reasons:

The personal data processed is overwhelmingly data that is already publicly available on official registers specifically designed for public access.
The processing mirrors what a diligent procurement professional would do manually — checking Companies House, the sanctions list, the disqualified directors register, and court records. Senserity automates this process at scale.
The volume of data processed (approximately 42 million director and PSC records) is proportionate to the scope of the service (covering all UK companies) and reflects the data that Companies House itself makes available.
Access to the processed data is controlled through subscription tiers, role-based access control, and requires users to accept terms of service that restrict how the data may be used.

4.4 Network Graph Analysis — Specific Necessity Assessment

The network graph analysis feature deserves specific consideration. This processing activity maps relationships between companies through shared directors and PSCs, enabling users to identify:

Companies that share directors with a target company.
Indirect sanctions exposure through director networks (e.g., a target company shares a director with another company that has a sanctioned PSC).
Risk propagation patterns across corporate networks.

Why this is necessary: Network analysis goes beyond simply displaying individual records from Companies House. It creates derived insights about relationships and associations. However, this is a natural and expected consequence of the public availability of director and PSC data. Companies House itself publishes the data with the explicit purpose of enabling public scrutiny of corporate governance. The Economic Crime and Corporate Transparency Act 2023 specifically aims to increase transparency about who controls UK companies, and network analysis directly supports this legislative intent.

Proportionality: The graph analysis does not reveal private associations — it maps only relationships that exist through public company records. An individual who serves as director of multiple companies has voluntarily placed that information on the public register. The analysis simply makes existing public connections more visible and actionable.

5. Balancing Test — Do Individuals' Interests Override?

5.1 Nature of the Personal Data

The personal data processed is predominantly:

Publicly available information voluntarily filed on public registers by the data subjects themselves (or on their behalf by the companies they serve). Directors and PSCs consent to their details being placed on the Companies House register as a condition of holding those roles.
Limited in sensitivity. Names, partial dates of birth, nationalities, and service addresses are not special category data. The data does not reveal racial or ethnic origin, political opinions, religious beliefs, health data, or sexual orientation.
Professional rather than private. The data relates to individuals in their capacity as company officers and controllers — a professional and public-facing role — not in their personal or domestic lives.

Exception — adverse media data: Adverse media screening may surface information about individuals' involvement in financial crime, organised crime, or other concerning categories. This data is more sensitive than register data. However, it is sourced from published news articles and public records, and is presented in the context of business risk assessment rather than personal profiling.

Exception — sanctions designations: Sanctions data identifies individuals designated under international sanctions regimes. Being designated is a matter of public record and legal consequence, not private information. However, false positive matches (where a director shares a name with a sanctioned individual) could cause reputational harm if not handled carefully.

5.2 Reasonable Expectations of Data Subjects

Directors and PSCs have a reasonable expectation that their publicly filed information will be accessed and used by businesses, credit agencies, and the public. This is the explicit purpose of the Companies House register. The Companies House website itself states that it places "no restriction on how the information is used."

The processing by Senserity is consistent with these expectations. A director would reasonably expect that:

Their name and role would be visible to businesses considering a commercial relationship with their company.
Their details might be cross-referenced against sanctions lists and disqualified directors registers.
Their connection to other companies through concurrent directorships would be noted.

A director would have a less strong expectation that:

Their name would be automatically screened against adverse media databases.
Their directorship connections would be mapped into a network graph and analysed for risk propagation.

However, both of these processing activities are consistent with the growing expectation of corporate due diligence in the UK business environment, as reflected in legislation such as the Economic Crime and Corporate Transparency Act 2023 and the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017.

5.3 Likely Impact on Data Subjects

Low impact (majority of cases): For the vast majority of the approximately 42 million individuals whose data is processed, the impact is negligible. Their data is stored, included in automated analysis, and may be viewed by Senserity users who are assessing their company. This is no different from a procurement professional manually searching Companies House.

Moderate impact (sanctions and adverse media matches): Where an individual is flagged as a potential sanctions match or has adverse media results, the impact is greater. A Senserity user might decide not to do business with the individual's company based on this information. However:

Sanctions matches are flagged with confidence levels (low, medium, high, auto-confirmed) and users are informed that matches are indicators for further investigation, not determinations.
Adverse media results include source references so users can verify the information.
The platform includes a mechanism for users to query the validity of data classified as less than 100% confidence, which triggers manual review and correction.

Potential for harm: The most significant risk is that a false positive sanctions match or inaccurate adverse media result could lead a Senserity user to make an adverse business decision about a company, indirectly harming the individual. This risk is mitigated by the safeguards described in Section 5.5.

5.4 Vulnerability of Data Subjects

The data subjects are company directors, officers, and persons with significant control. These are individuals who have voluntarily assumed public-facing corporate governance roles. They are not, as a category, vulnerable individuals. The processing does not target children, patients, employees, or other groups where a power imbalance or vulnerability might exist.

5.5 Safeguards in Place

Blueloop has implemented the following safeguards to protect the rights and interests of data subjects:

Access controls and restrictions:

Access to the Senserity platform is restricted to registered, authenticated users who have accepted the Terms of Service.
The Terms of Service prohibit using the platform to harass, stalk, or intimidate individuals; to make solely automated decisions with legal effects on individuals; or to facilitate sanctions evasion.
Role-based access control (Owner, Admin, Member, Viewer) limits what actions different users can take.
Subscription tier gating restricts access to enriched data (including adverse media and credit data) to paying customers, reducing the risk of casual or trivial access.

Data quality and transparency:

Sanctions matches are presented with confidence levels, making clear that a match is not a determination.
Adverse media results are categorised and scored, with source references enabling users to verify the information.
The platform includes a mechanism for users to query the validity of data with less than 100% confidence, triggering manual review and correction by Blueloop.
Risk scores and Insight Tests are explicitly described as informational indicators, not definitive assessments.

Technical and organisational security:

All data is hosted on UK infrastructure owned and operated by Blueloop Limited. No sub-processors are used.
Blueloop holds Cyber Essentials, ISO 9001, and ISO 27001 certifications, each including Senserity within scope.
Data breach notification procedures are in place in compliance with Articles 33 and 34 of the UK GDPR.

Transparency:

This Legitimate Interest Assessment is published on the Senserity website.
A comprehensive Privacy Policy is published explaining what data is processed, why, and individuals' rights.
Contact details for the Data Protection Lead are provided for any enquiries or concerns.

Data subject rights:

Right of access: Individuals may submit a Subject Access Request to understand what data Senserity holds about them. Automated lookup will be used where practicable given the volume of data subjects.
Right to rectification: Individuals can request correction of inaccurate data. Where data originates from a public register, Blueloop will direct the individual to the source (e.g., Companies House) for correction, and will update its records when the source is corrected.
Right to object: Individuals have the right to object to processing under Article 21 of the UK GDPR. Blueloop will consider each objection on its merits. However, given that the data is sourced from public registers specifically intended for public access and that the processing serves both commercial and broader societal legitimate interests including financial crime prevention, Blueloop considers that it will generally have compelling legitimate grounds for continuing processing that override the individual's interests. Each objection will be assessed individually, and the individual will be informed of the outcome and their right to complain to the ICO.
Right to erasure: Requests for erasure will be considered on a case-by-case basis. Where data is sourced from public registers and the individual remains an active director or PSC, erasure would be inappropriate as it would compromise the integrity of the risk intelligence service and potentially undermine financial crime prevention objectives. Where an individual has resigned or ceased to be a PSC, and the data is no longer necessary for historical analysis, erasure requests may be granted.

5.6 Balancing Conclusion

Having considered the nature of the legitimate interest, the necessity and proportionality of the processing, the reasonable expectations of data subjects, the likely impact on those individuals, and the safeguards in place, Blueloop concludes that:

The legitimate interests of Blueloop, its customers, and the broader public interest in supply chain transparency and financial crime prevention are not overridden by the rights and interests of the data subjects.

This conclusion is based on the following key factors:

The personal data is overwhelmingly sourced from public registers designed for public access, and data subjects have voluntarily assumed public-facing corporate roles.
The processing is consistent with the reasonable expectations of individuals who hold directorships and PSC roles.
The impact on the vast majority of data subjects is negligible, and where impact is greater (sanctions/adverse media matches), proportionate safeguards are in place.
The processing serves not only Blueloop's commercial interests but also broader societal interests in supply chain transparency, corporate accountability, and financial crime prevention, as reflected in recent UK legislation.
Comprehensive technical, organisational, and contractual safeguards are in place to protect data subjects' rights.

6. Special Processing Activities

6.1 Sanctions Screening

Sanctions screening involves matching the names of directors and PSCs against the OFSI consolidated sanctions list. This processing is specifically addressed because:

It may produce false positive matches that could harm an individual's reputation if acted upon without verification.
It involves data about individuals designated under sanctions regimes, which is inherently sensitive in context.

Additional safeguards for sanctions screening:

Matches are classified by method (exact name, fuzzy name, name with DOB confirmation) and confidence level (low, medium, high, auto-confirmed).
The platform explicitly informs users that a sanctions match is an indicator for further investigation and not a determination.
Users can flag matches for review, and Blueloop maintains a manual review process for disputed matches.
The Terms of Service prohibit users from using the platform to facilitate sanctions evasion.

6.2 Adverse Media Screening

Adverse media screening involves searching the names of directors and PSCs against a database of news articles and public records to identify mentions in categories including financial crime, organised crime, terrorism, and violent crime. This processing is specifically addressed because:

It surfaces potentially damaging information about named individuals.
Results may include articles about different individuals with the same name (false positives).
The categories (terrorism, organised crime) are inherently sensitive.

Additional safeguards for adverse media screening:

Individual screening is only triggered when company-level screening indicates concerning results. Not all directors and PSCs are screened.
Results include source references enabling verification of the information.
Results are scored with confidence levels and name uniqueness scores.
A review mechanism allows users to query results, with manual checking and correction by Blueloop.

6.3 Network Graph Analysis

Network graph analysis maps relationships between companies through shared directors and PSCs, creating derived insights about corporate networks. This processing is specifically addressed because:

It reveals associations between individuals and companies that may not be immediately apparent from viewing individual Companies House records.
Risk propagation analysis (e.g., identifying that a company is two hops from a sanctioned entity through shared directors) creates new information about individuals' network exposure.

Additional safeguards for network graph analysis:

Network analysis is based solely on publicly filed directorship and PSC data. No private relationship data is used.
Network risk propagation indicators are explicitly described as identifying connections for investigative purposes, not implying wrongdoing.
Access to network analysis features is gated by subscription tier, restricting it to users with a demonstrable business need.

7. Review and Updates

This assessment will be reviewed:

Annually (next review: February 2027).
When new data sources are added to the Senserity platform that involve processing personal data.
When new processing activities are introduced that materially change how personal data is used.
When relevant legislation changes (e.g., further amendments to the UK GDPR, new ICO guidance on legitimate interest).
If a data subject objection or complaint raises issues not previously considered.

Version	Date	Changes	Reviewer
1.0	February 2026	Initial assessment	Robin Barker

8. Contact

For questions about this assessment or to exercise your data protection rights:

Data Protection Lead: Robin Barker Email: legal@senserity.co.uk Post: Blueloop Limited, Blueloop House, Ilchester Road, Yeovil, Somerset BA21 3AA

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office:

ICO: https://ico.org.uk/make-a-complaint/ Telephone: 0303 123 1113