Privacy Policy
Contents
1. Who We Are
Prometheus Insights ("we", "us", "our") is a specialist digital asset investigation and recovery consultancy. We provide blockchain forensics, intelligence-led analysis, expert witness services and compliance support to legal teams, law enforcement, financial institutions and corporate clients.
This Privacy Policy explains how we collect, use, store and protect personal information when you visit our website at www.prometheus-insights.com or contact us regarding our services.
For the purposes of applicable data protection legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Prometheus Insights is the data controller responsible for your personal data.
2. Information We Collect
Information you provide directly
When you complete our contact form or communicate with us by email, we may collect:
- Your full name
- Your email address
- Your organisation or company name
- The nature of your enquiry and any details you choose to share
- Any other information you voluntarily provide in correspondence
Information collected automatically
When you visit our website, our server may automatically collect certain technical information including:
- Your IP address
- Browser type and version
- Operating system
- Pages visited and time spent on each page
- Referring website or URL
- Date and time of your visit
This technical data is used solely for the purposes of maintaining website security, performance monitoring and diagnosing technical issues. It is not used to identify individuals.
3. How We Use Your Information
We use the personal information we collect for the following purposes:
- To respond to your enquiry and communicate with you about our services
- To assess whether and how we may be able to assist you
- To manage our client relationships and maintain accurate records
- To comply with our legal and regulatory obligations
- To protect the security and integrity of our systems and website
- To improve the quality of our website and services
We do not use your personal information for automated decision-making or profiling. We do not use your information for marketing purposes without your explicit consent.
4. Legal Basis for Processing
We process your personal data on the following legal bases under UK GDPR:
- Legitimate interests
- To respond to your enquiries, manage our business operations and maintain the security of our website.
- Contract
- Where processing is necessary to perform a contract with you or take steps at your request before entering into a contract.
- Legal obligation
- Where we are required to process your data to comply with a legal or regulatory obligation.
- Consent
- Where you have given us specific consent to process your data for a particular purpose.
5. Sharing Your Information
We treat all information received with strict confidentiality. We do not sell, rent or trade your personal information to third parties.
We may share your information in limited circumstances:
- Service providers
- Trusted third-party suppliers who assist us in operating our website or delivering our services (such as our hosting provider), under appropriate data processing agreements.
- Legal compliance
- Where we are required to disclose information by law, court order or regulatory authority.
- Protection of rights
- Where disclosure is necessary to protect the rights, property or safety of Prometheus Insights, our clients or others.
- Professional advisers
- Lawyers, auditors and insurers who provide professional services to us, subject to duties of confidentiality.
Any third parties with whom we share your data are required to handle it in accordance with applicable data protection law.
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, accounting or reporting requirements.
Enquiry and correspondence records are typically retained for a period of six years from the date of last contact, in line with standard limitation periods under English law. Where a matter progresses to an engagement, data may be retained for longer periods as required by law or professional obligations.
You may request deletion of your data at any time (subject to any overriding legal obligations) by contacting us using the details below.
7. Security
We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, destruction or damage.
These measures include encryption of data in transit, restricted access to personal data within our organisation, and regular review of our information security practices.
While we take all reasonable steps to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we are committed to responding promptly to any suspected data breach in accordance with our legal obligations.
8. Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access
- To request a copy of the personal data we hold about you.
- Right to rectification
- To request correction of inaccurate or incomplete personal data.
- Right to erasure
- To request deletion of your personal data in certain circumstances.
- Right to restrict processing
- To request that we limit how we use your data.
- Right to data portability
- To receive your data in a structured, commonly used, machine-readable format.
- Right to object
- To object to processing carried out on the basis of legitimate interests.
- Rights related to automated decision-making
- We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.
To exercise any of these rights, please contact us at info@prometheus-insights.com. We will respond to all legitimate requests within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
9. Cookies
Our website uses minimal cookies necessary for its basic operation. We do not use tracking cookies, advertising cookies or third-party analytics cookies without your consent.
Essential cookies may include those that remember your preferences during a single browsing session. These expire when you close your browser and do not collect personal data.
You can control and delete cookies through your browser settings. Disabling cookies may affect the functionality of certain features of our website.
10. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any external sites you visit.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal obligations. The updated policy will be posted on this page with a revised effective date. We encourage you to review this page periodically.
Material changes will be communicated to clients where we have contact details on file.
12. Contact Us
If you have any questions, concerns or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:
Prometheus Insights
Email: info@prometheus-insights.com
Website: www.prometheus-insights.com