← Back to home

Privacy & Cookie Policy

Last updated: 10 July 2026 · Version 1.0 · UK GDPR / Data Protection Act 2018 / PECR

This policy explains how CipherHunt Ltd ("we", "us", "our", "CipherHunt") collects, uses, shares and protects personal data when you visit our website or get in touch about our services, and your rights under UK data protection law.

It covers visitors to our website and people who enquire about our services. If you go on to become a client, we will give you additional privacy information relevant to the investigation or recovery work we carry out for you (including how we handle identity-verification and due-diligence information).

Who we are

CipherHunt Ltd is the data controller for the personal data described in this policy.

Having assessed our processing, we are not required to appoint a statutory Data Protection Officer; the contact above handles all data protection matters. This policy is governed by UK data protection law, principally the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR) for cookies and marketing.

What data we collect

Please never include wallet seed phrases, private keys, PINs or passwords in a form message or email — we do not need them to assess an enquiry and will never ask for them by email. Please also avoid including sensitive personal information (such as health details); the website is not intended to collect special category data.

How we use your data and our lawful bases

PurposeLawful basis (UK GDPR)
Respond to your enquiry and assess whether we can helpTaking steps at your request before entering a contract (Art. 6(1)(b)), and our legitimate interests in responding to enquiries (Art. 6(1)(f))
Manage our relationship with you and keep business recordsLegitimate interests; legal obligation
Carry out identity verification and due diligence before accepting an engagementLegal obligation (anti-money-laundering law); legitimate interests
Send you marketing (occasional updates on crypto fraud trends and our services)Consent (Art. 6(1)(a)) — only if you opt in; you can withdraw at any time
Measure and improve the websiteConsent (for non-essential analytics cookies)
Provide investigation and recovery services and meet our legal and regulatory duties (if you become a client)Contract; legal obligation (including anti-money-laundering law)

We will only send you marketing if you have opted in, and every marketing email includes an unsubscribe link. We do not sell your data or share it with third parties for their own marketing.

Cookies and similar technologies

When you first visit our site we show a cookie banner that lets you accept or reject non-essential cookies. Non-essential cookies are not set until you consent, and you can change your choice at any time by clearing the site data in your browser. We use the following categories:

CategoryExamplesPurposeConsent needed?
Strictly necessaryA record of your cookie choice, stored in your browserRemembers your consent decision so we don't ask again, and keeps the site workingNo — required for the service
Analytics / performanceGoogle Analytics (_ga, _ga_*)Measures how the site is used so we can improve itYes

Google Analytics loads only after you accept analytics cookies. We enable IP anonymisation and do not use it for advertising. Google Analytics cookies last up to 2 years; we retain the analytics data for up to 14 months. You can also block or delete cookies through your browser settings, though some parts of the site may not work properly without strictly necessary cookies.

Who we share your data with

We do not sell your data. We share it only with providers who help us run our business, each under a contract that requires them to protect it and use it only on our instructions:

We may also disclose data where required by law, by a regulator or law-enforcement body, or to establish, exercise or defend legal claims. If you become a client, we may share data with exchanges, legal partners and authorities as needed to deliver our services — this is covered in your engagement information.

International transfers

Some of our providers process data outside the UK. Where they do, an appropriate safeguard is in place:

ProviderRoleLocationSafeguard
FasthostsHostingUnited KingdomNo overseas transfer
Zoho (ZeptoMail)Transactional emailEuropean UnionUK adequacy regulations for the EEA
Zoho (CRM / Campaigns)CRM & marketingInternationalInternational Data Transfer Agreement (IDTA) / UK Addendum to the EU Standard Contractual Clauses
GoogleAnalyticsUnited States / globalUK Extension to the EU–US Data Privacy Framework and/or the IDTA

Details of the specific safeguards are available on request from our data protection contact.

How long we keep your data

We keep personal data no longer than necessary for the purpose it was collected, unless the law requires us to keep it for longer.

How we protect your data

We use technical and organisational measures proportionate to the data we hold: encryption in transit (HTTPS/TLS), reputable service providers, access limited to those who need it, and protections on our forms against spam and abuse. No system is completely secure, but we take reasonable steps to safeguard your information.

Your rights

Under UK GDPR you have the right to access, rectify, erase, restrict or object to our processing of your personal data, to data portability, and to withdraw consent at any time where processing is based on consent. To exercise any of these, email privacy@cipherhunt.co.uk. We will respond within one month, and there is normally no charge.

Complaints

If you have concerns about how we handle your data, please contact us first so we can try to put things right. You also have the right to complain to the UK supervisory authority: the Information Commissioner's Office (ICO) — ico.org.uk, helpline 0303 123 1113.

Changes to this policy

We may update this policy from time to time. We will post the updated version here and change the "last updated" date above. Where changes are significant, we will take reasonable steps to highlight them.

Contact us

Cipher Hunt Ltd
Origin Workspace, 40 Berkeley Square, Bristol, BS8 1HP
Data protection: privacy@cipherhunt.co.uk

← Back to home