We aim to collect only what is needed, use it for clear purposes, protect it appropriately and retain it only as long as necessary.
1. Who we are and how to contact us
ProxeWave provides asset recovery consultancy services from 301 Deansgate, Manchester M3 4LQ, United Kingdom.
For privacy questions or to exercise a data protection right, email [email protected], call +44 7533 047528, or write to the address above with “Privacy” marked on the correspondence.
2. Who this policy covers
This policy may apply to website visitors, people making enquiries, current and former clients, testimonial contributors, complainants, professional contacts, counterparties and other people whose information is relevant to a legitimate recovery assessment or instruction.
3. Personal information we may collect
Depending on your interaction with us, we may collect:
- identity and contact details, such as name, address, email, telephone number and preferred contact method;
- enquiry and case information, including your account of events, parties involved, assets, transactions, correspondence, contracts and relevant dates;
- identity, ownership and authority evidence needed to confirm who you are and your right to request work;
- financial and transaction information relevant to an enquiry or agreed instruction;
- communications, including emails, form submissions, call notes, messages, complaints and feedback;
- testimonial information, including the chosen display name, location, service, rating and review text;
- technical and security information, such as IP address, session identifiers, timestamps, rate-limit records, browser/device information and server logs; and
- professional and corporate information about businesses, officers, advisers, counterparties and connected entities.
Please do not send passwords, private keys, full payment-card details or complete online-banking credentials. We will explain a suitable route before requesting highly sensitive documents.
4. Where information comes from
We obtain information directly from you when you use a form, communicate with us or provide case material. Where relevant and lawful, information may also come from a person authorised by you, public registers, official records, open sources, professional advisers, counterparties, service providers or authorities.
If information about another person is provided to us, the person supplying it should have a legitimate reason and appropriate authority to do so. We provide privacy information to other people where required and reasonably practicable, subject to applicable exemptions.
5. Why we use information and our lawful bases
| Purpose | Typical lawful basis |
|---|---|
| Responding to enquiries and assessing whether we can assist | Steps before entering a contract and legitimate interests in managing genuine enquiries |
| Providing, administering and communicating about agreed services | Performance of a contract and legitimate interests |
| Identity, authority, conflict, fraud-prevention and security checks | Legal obligation where applicable and legitimate interests in safe, lawful services |
| Researching and coordinating a legitimate recovery matter | Contract, legitimate interests and legal claims where applicable |
| Managing complaints, disputes and legal rights | Contract, legal obligation, legitimate interests and establishment, exercise or defence of legal claims |
| Moderating and publishing testimonials | Consent for publication and legitimate interests in service feedback |
| Protecting the website, preventing spam and maintaining records | Legitimate interests in security, continuity and accountability |
| Complying with law, court orders and lawful authority requests | Legal obligation and legal claims |
Where consent is the basis, it may be withdrawn at any time. Withdrawal does not make earlier processing unlawful. Where we rely on legitimate interests, we balance those interests against the rights and reasonable expectations of affected people.
6. Sensitive information
A recovery matter may occasionally involve special-category information or information about alleged offences. We use such information only where it is relevant and where an additional lawful condition applies, for example explicit consent, legal claims, substantial public interest or another condition permitted by law.
7. Who we may share information with
Information is shared only where reasonably necessary and subject to appropriate duties or safeguards. Recipients may include:
- hosting, website security, email and IT service providers acting on our instructions;
- solicitors, barristers, insolvency practitioners, accountants, investigators, tracing specialists and other independent professionals;
- banks, payment providers, registrars, administrators, counterparties and relevant organisations involved in an agreed recovery route;
- overseas professionals where a cross-border instruction requires local support;
- insurers, auditors and professional advisers;
- courts, regulators, law-enforcement bodies and public authorities where disclosure is lawful and appropriate; and
- a prospective purchaser or successor if the business is reorganised or transferred, subject to confidentiality and data protection requirements.
We do not sell personal information.
8. International transfers
Website technology or a cross-border case may involve access to personal information from outside the United Kingdom. Where required, we use an applicable UK adequacy regulation, approved contractual safeguards, or another lawful transfer mechanism. You may contact us for information about the safeguards relevant to your data.
9. How long we keep information
We apply the following general retention approach, unless law, a dispute, an insurer, a safeguarding concern or the needs of a particular instruction justify a different period:
- enquiries not accepted: normally up to 12 months after the last meaningful contact;
- client and case records: normally six years after the instruction ends;
- complaint and dispute records: normally six years after closure;
- approved testimonials: while published and for a reasonable period afterwards, or until withdrawal where consent is the basis;
- unsuccessful testimonial submissions: removed when no longer needed for moderation or dispute handling;
- rate-limit records: automatically pruned after the configured anti-spam window; and
- technical logs: according to the security and retention settings of our hosting and IT providers.
When information is no longer required, it is deleted, anonymised or securely destroyed.
10. Security
We use proportionate technical and organisational measures designed to protect information against unauthorised access, alteration, loss or disclosure. Measures include access restriction, session and CSRF protection, CAPTCHA, submission rate limiting, secure configuration and controlled professional sharing.
No internet transmission or storage system can be guaranteed completely secure. Please contact us promptly if you believe information has been sent to the wrong person or an account connected with us has been compromised.
11. Your data protection rights
Depending on the circumstances, you may have rights to:
- be informed about how your information is used;
- request access to personal information held about you;
- ask for inaccurate or incomplete information to be corrected;
- request erasure in circumstances where the right applies;
- request restriction of processing;
- object to processing based on legitimate interests or to direct marketing;
- receive certain information in a portable format; and
- withdraw consent where processing relies on consent.
These rights are not absolute and exemptions may apply, including where information must be retained for legal obligations, another person’s rights or legal claims. We may ask for information needed to verify identity and authority before responding.
12. Automated decisions and marketing
We do not use website or case information to make solely automated decisions that produce legal or similarly significant effects. We do not currently operate an email marketing list through this website. If that changes, appropriate choices and notices will be provided.
13. Complaints to us or the ICO
Please contact us first so we can try to resolve a privacy concern. You also have the right to complain to the UK Information Commissioner’s Office. Information about making a complaint is available at ico.org.uk/make-a-complaint.
14. Cookies and similar technologies
The website uses an essential PHP session cookie and local browser storage to remember acknowledgement of the cookie notice. Details are provided in our Cookie Policy.
15. Changes to this policy
We review this policy when our services, technology or legal obligations change. Material changes will be reflected by updating the effective date and, where appropriate, providing an additional notice.
