Collection Statement & Privacy Policy

Collection Statement

This document details your rights with respect to the collection, use, and management of your Personal Data by GDPR Forensic Limited. Personal Data is information about you which (we collect and) may include (any) information like email address, name, home or work address, Identification numbers and such.

GDPR Forensic Limited will provide the information set out below without cost to you within one month and in a professional courteous manner. If, however, we cannot complete your request within one month, we will inform you together with a reason why.


Our 10-Point pledge to you:

We (GDPR Forensic Limited) will only collect personal data about you in accordance with this Policy, as such we offer the following pledge to you;

  1. We will always ask for your permission when we are collecting your Personal Data.

  2. We will tell you what the Personal Data is going to be used for and how long we will use it.

  3. We assure you that the Personal Data collected is securely stored and maintained to the highest security levels using the most advanced security, firewall and encryption technologies available.

  4. Upon your request, we will provide details of the personal data that we are storing about you. If the data we are storing is wrong, let us know and we will correct it.

  5. We assure you that staff with access to your Personal Data are appropriately trained and will
    only access your Personal Data to perform the Processing that we have told you about.

  6. If you no longer want us to use your Personal Data, we will stop using it upon your request.

  7. We have provided a fully qualified Data Protection Officer for you to talk to if you are in any way dissatisfied with the way we use, store or maintain your Personal Data.

  8. If we can’t resolve an issue to your satisfaction, you may talk to the Supervisory Authority.

  9. We will only store your Personal Data with reputable organizations, which meet the EU Data 
    Privacy requirements and tell you who is storing it and where it is stored.

  10. We will keep you informed about the things that we do with your Personal Data.

Personal Data Collection Facts

We respect your data protection and privacy rights. If you are not satisfied with our management of your Personal Data please contact the GDPR Forensic Limited Data Protection Officer (DPO) at or by calling any of the following numbers or writing to us at this address:

For issues WITHIN the EU

Telephone: +44 20 7442-5785
by writing to:
GDPR Forensic Limited

Attention: DPO

71-75 Shelton Street

Covent Garden

London WC2H 9JQ England

For issues OUTSIDE the EU

USA/Canada: +1 85 5577-8682
Australia: +61 4 6621-2726
by writing to:
GDPR Forensic Limited

Attention: DPO


NSW 2057 Australia

The Personal Data that is collected (or used) by GDPR Forensic Limited in this specific data collection is only for the following purposes and this processing campaign is known as Captisium Universal File Handler.

  • To evaluate and consider offering a contract for the provision of a service offered by GDPR Forensic Limited.

  • To maintain your details for the purpose of billing a service offered by GDPR Forensic Limited.

GDPR Forensic Limited shall if it is not able to offer you an agreement, destroy the Personal Data pertaining to this Collection Statement within 30-days. If the Personal Data has also been approved for use in other prior circumstances, that Personal Data shall be retained for those other purposes.

GDPR Forensic Limited provides Data Protection and Data Privacy services to other companies that are located both inside and outside the EU. In the event that we require access to your Personal Data which is managed by a Controller or Processor that has engaged us as their DPO or EU Representative, we are doing so based on the consent that you have already given to the Controller or Processor that has contractually engaged our services. If you make a request for us to investigate aspects of your Personal Data with a Controller or Processor that we act for, that request from you shall be considered consent for us to access your Personal Data and use it to resolve the issue you have raised.

If you engage an advocate to represent you or assist you in resolving an issue with your Personal Data, we will require your consent to work with your advocate in writing, which can be sent to the email or postal addresses above. Once received, we will work with your advocate to resolve your issues.  You may withdraw your advocacy appointment at any time during the process.

Personal Data that is Collected or Processed by GDPR Forensic Limited is stored on GDPR Forensic Limited servers in secure locations in Florida (USA) and Sydney (Australia). We also utilize global computing and storage services from Amazon, Microsoft Corporation and Google. GDPR Forensic Limited has binding agreements with these providers in the USA. Information about their data security policies is available on their respective web sites. When your Personal Data is transferred to a third country, under GDPR law, you are assured that it is treated with the same level of security as if it were stored and processed locally.

We will retain the Personal Data that we collect for the minimum mandated period as determined by the International Administrators and Record Managers Association (ARMA) for compliance to record-keeping for the region in which the records are kept. Once we have completed processing your Personal Data, it shall be assigned “limited use” status and become a matter of record only and no longer subject to any further Processing.


If you decide that you don’t want to provide us your Personal Data, we may not be able to assist you or provide you a service that you have requested. In the event that you fail to provide the necessary or required Personal Data in our capacity as DPO or EU Representative for a Controller or Processor that we represent, such failure may render us (being the DPO, the Controller and/or the Processor) unable to further assist you or satisfy your request.

If you are at any time not satisfied with the way or manner that we deal with your Personal Data or resolve issues with you regarding your Personal Data, you are encouraged to lodge a complaint with the Supervisory Authority in your region. GDPR Forensic Limited doesn’t use automated decision-making software in dealing with EU residents.

Issued By: Ian Smith – Chief Privacy Officer and Senior DPO

Date Issued: 1st. of January 2020