Privacy Policy

... a statement that discloses the ways a party gathers, uses, discloses, and manages a customer or client's data ...

Castle Private Investigators

Head Office, 38-40 North Gate, Newark on Trent, Nottinghamshire, NG24 1EZ.

These Terms are for the Provision of Investigative, Surveillance Activities and Litigation Support Services.

New legislation introduced namely the General Data Protection Regulations (GDPR) came into force on 25 May 2018. The regulations are intended to ensure that data is controlled, and the sharing of data is regulated. The nature of our business is that ALL the information we hold is and has always been treated as highly confidential consequently we do not share data with other parties except as specifically instructed by clients. This will not change. GDPR does afford rights to individuals whose data we might hold placing an obligation under the legislation for us to provide information to those applying for data to provide it to them. To protect client confidentiality, we have adopted a policy not to keep investigation data beyond the conclusion of investigations. In this policy we will state how we will erase all but current ongoing investigation data except that required for accounting purposes which we have constructed to keep to the absolute minimum required information. The principal is simple. If we do not store the data, we cannot share it, or have it breached in anyway. This change of policy fulfils the requirement of law and ensures that increased rights of individuals to data held do not breach client confidentiality.

This Privacy Policy describes the way in which Castle Private Investigators deal with the information and data we hold.

We will process any personal information provided to us or otherwise held by us relating to you in the manner set out in this Privacy Policy. Information may be provided via the Castle Private Investigators website (the “Website”), telephone calls or any other means.

In the case of clients who accept this Privacy Policy you agree that you understand and accept the use of your personal information as set out in this policy. If you do not agree with the terms of this Privacy Policy, please do not use the Website or otherwise provide us with your personal information.

References in this Privacy Policy to “Castle Private Investigators”, “Castle”, “we”, “us” or “our” relate to Castle Private Investigators, 38-40 North Gate, Newark, NG24 1EZ, a Company who carry out private and commercial investigations and are Data Protection Registered with the Information Commissioners Office number ZA337806 and hold Professional Indemnity Insurance.

If you have any concerns or would like more detail about how we process your Personal Data, you can contact us via email at dataprivacy@castlepi.co.uk, by mail at Data Controller, Castle Private Investigators, 38-40 North Gate, Newark, NG24 1EZ or via telephone +44 1636 362101.

Your Personal Data isn’t just protected by the quality, commitment and high standards of Castle Private Investigators, it’s also protected by law. The law states that we can only process your Personal Data when there is a genuine reason to do so.

When we have a business or commercial reason to process your Personal Data this is referred to as a legitimate interest. Your Personal Data is still protected, and we must not process it in a way that would be unfair to you or your interests.

If we do use legitimate interests as a reason to process your Personal Data, you have the right to object. However, compelling grounds for processing such information may override your right to object.

Whenever your data is kept by Castle Private Investigators, we will ensure that it is appropriately protected and only used for acceptable purposes.

We will keep your data for the period that you are a customer of Castle Private Investigators and unless otherwise instructed by you, on the 1st day of the month after we have completed your instruction we will erase any reports we have provided or any information we have upon you or the subject(s) we are instructed to investigate. We will retain however your name and the subject’s name or company on our daybook spreadsheet for our accounting records.

If you are no longer a client of Castle Private Investigators, we will keep your data for the minimum length of time required to comply with the purposes set out in this policy and relevant legal or regulatory obligations. Your Personal Data may be kept longer if we cannot delete it for technical reasons.

The information and data about you which we may collect, use and process includes the following:

Telephone conversations, completed webforms, emails, letters other digital communications such as SMS and WhatsApp messages, verbal communication face to face and any other communication method of your choosing.

Where it is reasonable for us to do so and not detrimental to your rights and freedoms, we also collect Personal Data from publicly available sources such as internet searches, Companies House, and broadcast media.

Information we have may have been obtained from information you have chosen to share publicly on social media or otherwise on the internet etc. We have no control over this and except no responsibility for it.

We will only share data as per the explicit instructions of clients or as required to do so by a requirement of law.

We will only transfer your Personal Data outside of the EEA where:

• We have the explicit instruction to do so from clients

• To comply with a legal duty or obligation

If we do transfer your Personal Data outside of the EEA, within Pegasus, we will take measures to ensure it is protected to the same standards as it would be within the EEA by relying on one of the following:

• The country that is receiving your Personal Data has been found by the European Commission to offer the same level of protection as the EEA. More information can be found on the European Commission Justice website

• We will use contracts that require the recipient to protect your Personal Data to the same standards as it would be within the EEA

• Where the transfer is to the USA and the recipient is registered with Privacy Shield. Privacy Shield is a framework that ensures Personal Data is protected to a level approved by the EU. Read more about Privacy Shield on the European Commission Justice website

In some instances, we may be compelled by law to disclose your Personal Data to a third party and may have limited control over how it is protected by that party.

We will assist you if you choose to exercise any of your rights over your Personal Data, including:

• Withdrawing your previously granted consent; however, this will not invalidate any previously consented processing

• Lodging a complaint with any relevant Data Protection Authority

• Access to your Personal Data that we hold or process

• Correction of any Personal Data that is incorrect or out of date

• Erasure of any Personal Data that we process

• Restrict processing of your Personal Data in certain circumstances

• Asking us to provide you or another company you nominate with certain aspects of your Personal Data, often referred to as ‘the right to portability’

• The ability to object to any processing data where we are doing it for our legitimate interests

• The ability to contest a decision made entirely by automated processing, to express your point of view and to request that a human review the decision

For more information on these rights you can contact us via the methods in the contacting us section above.

We may update this policy from time to time, so please review it frequently.