COLTRAC LTD GDPR Statement

Data Processing Statement - Coltrac Ltd

1. Nature of work –

a) Investigations in the private sector

b) Process Serving

2. Date:14/07/2023

3. Description of processing

3.1 The following is a broad description of the way this organisation processes personal information. To

understand how your own personal information is processed you may need to refer to any personal

communications you have received with the organisation, check any privacy notices that the

organisation has provided or contact the organisation to ask about your personal circumstances.

3.2 Reasons/Purposes for processing information

We Process Personal information to enable us to:

a) Provide investigatory services on the written instructions of a data controller (our client)

b) To maintain our own accounts and records

c) And to support and manage our employees and sub agents.

4. Type/Classes of information processed

4.1 We process information relating to the above reasons/purposes. This information my include:

a) Personal details

b) The investigation brief, result and related information

c) Lifestyle and social circumstances

d) Family details

e) Goods and services

f) Financial details

g) Education and employment and/or business details

4.2 We also process sensitive classes of information that may include:

a) Physical or mental health details

b) Racial or ethnic origin

c) Trade union membership

d) Religious or other beliefs

e) Criminality

5. Who the information is processed about

5.1 We process personal information about:

a) Customers and clients, including prospective clients

b) Witnesses

c) The subjects of investigations

d) Business contacts

e) Advisors and other professional experts

f) Suppliers

g) Employees

6. Who the information may be shared with

6.1 We sometimes need to share the personal information we process with the individual themselves and

also with other organisations. Where this is necessary we are required to comply with all aspects of the

General Data Protection Regulation (GDPR).What follows is a description of the types of organisation

we may need to share some of the personal information we process with for one or more reasons.

6.2 Where Necessary or required we share information with:

a) Financial organisations

b) Credit reference, debt collection and tracing agencies

c) Police forces

d) Professional investigators

e) Government

f) Business associates and other professional bodies and advisers

g) Suppliers

h) Current, past or prospective employers

i) Education and examining bodies

j) Family, associates or representatives of the person whose personal data we are processing.

7. Trading and sharing personal information

7.1 Personal information is traded and shared as a primary business function. For this reason the

information processed may include name, contact details, family details, financial details, employment

details and goods and services. This information may be about customers and clients.

7.2 The information may be traded or shared with business associates and professional advisers. Agents,

service providers, customers and clients and traders in personal data.

8. Undertaking research

8.1 Personal information is also processed in order to undertake research

8.2 For this reason the information processed may include name, contact details, family details, lifestyle

and social circumstances, financial details, goods and services.

8.3 The sensitive types of information may include physical or mental health details. Racial or ethnic origin

and religious or other beliefs.

8.4 This information is about survey respondents. Where necessary or required this information may be

shared with customers and clients, agents, service providers, survey and research organisations.

9. Consulting and advisory services

9.1 Information is processed for consultancy and advisory services that are offered.

9.2 For this reason the information processed may include name, contacts details, family details, financial

details and the goods and services provided.

9.3 This information may be about customers and clients.

9.4 Where necessary this information is shared with the data subject themselves, business associates and

other professional advisers, current, past or prospective employers and service providers.

10. Transfers

10.1 It may sometimes be necessary to transfer personal information overseas.

10.2 When this is needed information with be transferred to countries or territories around the world.

10.3 Any transfers made will be in full compliance with all aspects of GDPR.