Privacy Policy

EU Privacy Policy | Kingfisher

Effective Date: 15 November 2025
Controller: Kingfisher Intel
Controller Address: 11 Wynnefield Road, Rathmines, Dublin 6, D06 F9C1, Ireland
Contact: privacy@kingfisherintel.ie


Introduction

Kingfisher Intel (“we,” “our,” “us”) provides private intelligence and security advisory services across Europe and the United States. We respect your privacy and are committed to protecting the confidentiality, integrity, and security of the personal data we process.

This Privacy Policy explains how we collect, use, share, store, and protect personal data when you visit our website, contact us, or engage our services. It also outlines your rights under the General Data Protection Regulation (“GDPR”).

This Policy applies to:

  • visitors to our website

  • individuals who contact us by email, phone, or other channels

  • representatives of corporate clients

  • individuals whose information is processed in the course of our services

1. Personal Data We Collect

1.1 Information You Provide Directly

You may provide personal data when you:

  • contact us via the website

  • email or telephone us

  • request a consultation

  • engage us for services

This may include:

  • name

  • email address

  • phone number

  • professional or organisational details

  • information relevant to your inquiry

  • any additional information you choose to provide

Please do not submit sensitive information through the website contact form. For sensitive matters, we establish a secure channel following initial contact.

1.2 Information Collected Automatically

Our website may process:

  • IP address

  • browser type and version

  • device information

  • time zone and language settings

  • pages visited and referring URLs

We process this information to maintain security, detect misuse, and improve website performance.

We do not use cookies for advertising or profiling. Any analytics tools we use are privacy-focused and do not create behavioural profiles.

1.3 Information Processed During Client Work

During advisory and intelligence engagements, we may process personal data such as:

  • professional background information

  • corporate or organisational affiliations

  • public records and regulatory filings

  • information provided by the client

  • data obtained from lawful open-source intelligence (OSINT)

  • data obtained with consent or from publicly accessible sources

We process only the minimum data necessary for the engagement.

We do not purchase personal data. We do not scrape social media platforms in breach of their terms.

2. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contract performance: responding to inquiries, preparing proposals, and delivering contracted services.

  • Legitimate interests: providing intelligence and risk advisory services, ensuring security, and operating our business.

  • Legal obligations: complying with regulatory, licensing, and statutory requirements.

  • Consent: where you voluntarily opt in to optional communications or provide certain information.

We balance legitimate interests with your rights and freedoms at all times.

3. How We Use Personal Data

We use personal data to:

  • respond to inquiries and consultation requests

  • evaluate and manage potential engagements

  • provide advisory, investigative, and analytical services

  • communicate securely during an engagement

  • protect confidentiality and prevent unauthorised access

  • comply with legal or regulatory requirements

  • improve our website and business operations

We do not use your data for marketing without explicit consent. We do not sell or rent personal data.

4. Confidentiality

All communications with clients or prospective clients are handled with strict confidentiality.

Our confidentiality standards align with:

  • professional norms for intelligence and investigative work

  • GDPR requirements, including Articles 5 and 32

  • proportionality and need-to-know principles

5. Cross-Border Transfers

We operate across Europe and the United States; personal data may therefore be transferred outside the EEA, primarily to the United States.

Transfers occur only when necessary and are protected by:

  • Standard Contractual Clauses (SCCs)

  • encryption

  • strict access controls

  • secure communication protocols

  • data minimisation practices

You may request further information about these safeguards.

6. Information Sharing

We may share personal data with:

  • trusted service providers (e.g., secure file-storage providers)

  • legal or regulatory authorities when required by law

  • professional advisers supporting our compliance obligations

We do not share information with third parties for marketing or lead generation. We do not subcontract investigative work.

7. Data Retention

We retain personal data only as long as necessary for:

  • the purpose for which it was collected

  • legal, regulatory, or licensing requirements

  • defence against legal claims

General inquiries that do not lead to an engagement are deleted after twelve months unless further communication occurs.

Retention for client engagements depends on professional, legal, and insurance requirements.

8. Your Rights Under GDPR

You have the right to:

  • access your personal data

  • request correction of inaccurate data

  • request erasure (where applicable)

  • restrict processing

  • object to processing

  • request data portability

  • withdraw consent at any time (where consent applies)

  • lodge a complaint with a supervisory authority

To exercise your rights, contact: privacy@kingfisherintel.ie

We may require identity verification to protect confidentiality.

9. Security Measures

We use multiple layers of protection, including:

  • encrypted communication platforms

  • secure file-transfer systems

  • restricted-access storage

  • monitoring for unauthorised access

  • data-minimisation practices

  • secure erasure protocols

Given the sensitive nature of our work, we continually review and strengthen our security measures.

10. External Links

Our website may contain links to external sites. We are not responsible for their privacy practices.

11. Updates to This Policy

We may update this Policy to reflect operational or regulatory changes. Updates will be posted with a revised effective date.

12. Contact Us

For privacy enquiries or to exercise your GDPR rights: privacy@kingfisherintel.ie