Data Protection Compliance Statement

IP Forensics (Ireland) Ltd — Company Reg No. (IRL) 461939

Introduction

This document represents IP Forensics Ltd's commitment to data protection compliance across all subsidiary companies and operations. We collect and process personal data in the course of our business, and we are committed to doing so lawfully, transparently, and in accordance with all applicable legislation.

Purpose of Data Collection

IP Forensics Ltd collects information about employees, suppliers, clients, and business contacts in order to operate effectively. The types of personal data we may hold include contact details, professional background information, and data collected in the course of lawful investigative work. All personal data is handled lawfully and correctly.

Core Principles

IP Forensics Ltd endorses and operates in accordance with the Data Protection Act 1988 (as amended), the General Data Protection Regulation (GDPR), and all related Irish and European data protection legislation. Personal information must be:

• Processed fairly, lawfully, and in a transparent manner
• Collected for specified, explicit, and legitimate purposes only
• Adequate, relevant, and not excessive in relation to its purpose
• Accurate and kept up to date
• Retained only for as long as is necessary for the stated purpose
• Processed with appropriate technical and organisational security measures
• Not transferred outside the European Economic Area without adequate protections in place

Organisational Commitments

IP Forensics Ltd ensures:

• Designated responsibility for data protection at director level
• Contractual data protection obligations for all staff and contractors
• Appropriate staff training and supervision on data handling
• Regular audits of data handling practices

Investigative Data Processing

In the course of lawful investigations, IP Forensics Ltd may profile subjects through publicly accessible databases and may conduct further enquiries including telephone traces. No personal data gathered in the course of an investigation is shared with third parties without prior client approval. No subcontracting of investigative work occurs without explicit prior consent from the client.

Data Subject Access Requests

Individuals have the right to request access to any personal data held about them by IP Forensics Ltd. Such requests should be directed in writing to paul.thomas@ipfltd.com. We will respond within one calendar month of receipt, and typically at no cost to the data subject.

Data Breach Protocol

In the event of a personal data breach, IP Forensics Ltd will report the breach to the relevant data protection supervisory authority within 72 hours of becoming aware of it, in accordance with Article 33 of the GDPR. Where the breach is likely to result in a high risk to the rights and freedoms of individuals, those individuals will also be notified without undue delay.

Contact

For any queries relating to data protection or to exercise your rights, please contact us at info@ipfltd.com.