Privacy Policy

Welcome to YELFiN Ltd (“we,” “our,” “us”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website yelfin.com and yelfin.co.uk and our consulting services, including mobile forensic investigations, data extraction, and analysis.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Police and Criminal Evidence Act (PACE) 1984, and other applicable UK data protection and forensic regulations.

We collect and process the following categories of personal data:

2.1 Information You Provide to Us

• Name, email address, phone number, and billing information when you contact us or purchase a service.
• Business details if you engage with us for consulting services.
• Device information when engaging in forensic data extraction and analysis.
• Any additional information you provide when using our services.

2.2 Information We Collect Automatically

• IP address, device type, and browser information for analytics.
• Cookies and tracking technologies to enhance user experience (see Section 7 for details).

2.3 Information from Third Parties

• Payment providers (e.g., Stripe, PayPal) for processing transactions securely.
• Public sources or business referrals.
• Law enforcement or legal professionals where applicable.

We use your personal data for the following purposes:

• To provide forensic and consulting services – including data extraction, analysis, reporting, and expert witness testimony.
• To process transactions – handling payments and invoicing.
• To improve our website and services – via analytics and user feedback.
• To communicate with you – responding to inquiries, sending updates, and service notifications.
• For legal compliance – ensuring adherence to applicable laws and regulations.

Under UK GDPR, we rely on the following legal bases to process your data:

• Performance of a Contract – when we provide consulting or forensic services to you.
• Legitimate Interests – for service improvement, fraud prevention, and ensuring data integrity.
• Consent – where required for marketing communications.
• Legal Obligation – compliance with UK law, law enforcement requests, or court orders.

We do not sell or rent your personal data. However, we may share your data with:

• Service providers – IT support, payment processors, and analytics tools.
• Legal authorities – when required by law or as part of legal proceedings.
• Business partners – where necessary for service delivery (e.g., subcontracted forensic specialists).

All third parties comply with UK GDPR and contractual obligations to protect your data.

We implement strict security measures to safeguard your data, including encryption, secure servers, and access controls.

• Retention Periods:
  • Forensic reports and extracted data are retained only as long as necessary for legal and contractual obligations.
  • Financial records are retained for at least 6 years in compliance with UK tax laws.
  • Law enforcement or legal case data is securely stored and retained only as required by court orders or legal agreements.
• Deletion Policy:
  • Upon case completion, extracted forensic data is securely deleted within 30-90 days, unless a longer retention period is legally required.
  • Clients may request immediate deletion where legally permissible (see Section 8).

Our forensic investigations adhere to the following UK legal and forensic best practices:

• PACE 1984 (Police and Criminal Evidence Act): Ensures proper handling of forensic evidence for legal admissibility.
• ACPO Digital Evidence Principles: Maintains integrity of digital evidence, ensuring no alteration occurs.
• ISO 27037 (Digital Evidence Identification & Collection): Guidelines for preserving and collecting digital evidence.
• Forensic Soundness: All data extractions are conducted in a way that prevents contamination or tampering.
• Expert Witness Standards: Forensic reports are written to be admissible in court, following UK forensic best practices.

We use cookies and tracking technologies for website analytics and user experience enhancements.

• Essential Cookies – required for site functionality.
• Analytics Cookies – to track visitor interactions (Google Analytics, etc.).
• Marketing Cookies – for targeted advertising (only with user consent).

You can control or disable cookies via your browser settings.

Under UK GDPR, you have the right to:

• Access – request a copy of your personal data.
• Correction – request corrections to inaccurate data.
• Erasure – request deletion of your personal data (subject to legal constraints).
• Restrict Processing – limit how we process your data.
• Data Portability – receive your data in a structured format.
• Object to Processing – where we rely on legitimate interests.

To exercise these rights, email us at [Your Contact Email].

We store and process data within the UK. If we transfer data outside the UK (e.g., cloud storage services in the EU/US), we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place.

Our website may contain links to third-party sites. We are not responsible for their privacy policies and encourage you to review their policies separately.

We may update this policy from time to time. Any changes will be posted on this page with an updated revision date. If significant changes occur, we will notify you via email.

For any privacy-related concerns, contact us at:

help@yelfin.com
20 Wenlock Road, London, England, N1 7GU 

This Privacy Policy is governed by UK law