So they are not, as you described them - "snake oil salesmen".
That's not exactly what I wrote, so I don't know why you put it in ""s, but if you define "snake oil salesmen" as outright fraudsters then no, they're sellers of snake oil instead, but that's really getting rather pedantic.
I'm not the one claiming that they are a bunch of dodgy ne'er do wells. Surely the onus is on the person making those claims to substantiate them?
Who other than you has ever called them "a bunch of dodgy ne'er do wells"?
Anyway, all I'm asking is that you substantiate this claim:
a reputable site such as Bike Register
Also, the bit of the ASA ruling not quoted earlier:
We acknowledged that all 45 geographic police forces in the UK held accounts with BikeRegister, and that, wherever a bike was stolen, it would be possible for the relevant force to trace the owner if the bike was registered with BikeRegister.
We understood that the complainant had had their bicycle stolen in a different neighbourhood of London from where they lived, and had been told by the local police station that they did not use BikeRegister. However, we considered that consumers were likely to understand that it would not necessarily be the case that an account was held by police in every local neighbourhood.
We therefore concluded that the claim that BikeRegister was used by every police force had been substantiated.
So all that claim "used by every UK police force" means is that someone somewhere in the force has an account - not that it can actually be used by the officers recovering - doesn't anyone think that's dodgy behaviour?
They say that they'll track their users to "understand the interests and buying behaviour" and use their details for "other functions" but neither is explicitly mentioned on the registration forms on the website or the materials handed out at police cycle security events. Instead you have to go Menu → Information → Privacy Policy to discover this. Doesn't anyone think that's dodgy behaviour, not making it clear what people are signing up to? Isn't it dodgy when it's at a police event and the materials are made to look like police ones, with the checkerboard pattern? I suspect many people might not realise that they've given their info to a private company until later.
And now I've looked at it, how about the site setting Google Analytics cookies, but the cookie policy claiming that they are cookies for bikeregister.com and not mentioning Google? Instead, to find out about Google cookies, you have to look in the Privacy Policy not the Cookie Policy. That sort of stunt is less severe than capturing personal data and not rare but still indicative of dodgy behaviour IMO.