Privacy Policy

Privacy Policy

Last updated: January 02, 2026

This Privacy Policy explains how Bird 2 Bird (“Company”, “We”, “Us”, “Our”) collects, uses, shares, stores, protects, and otherwise processes your personal data when you:

  • visit our Website at friendly-peach-chicken.89-34-99-49.cpanel.site (the “Website”),
  • submit a potential claim or recovery enquiry,
  • upload documents or evidence,
  • communicate with us (email, phone, chat, forms),
  • register an account, or
  • otherwise engage our services for money recovery assistance, claims management, asset tracing, compensation pursuit, refund claims, unclaimed funds recovery, mis-selling investigations, or related advisory support (collectively, the “Service”).

We are committed to safeguarding your privacy and handling your personal data responsibly and transparently in full compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended), and guidance issued by the Information Commissioner’s Office (ICO).

We act as the data controller for the personal data we collect and process in connection with the Service.

By using the Website or Service, submitting any personal or financial information, or continuing to engage with us, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this Policy, please do not provide us with your information or use the Service.

This Policy uses a layered approach: key summaries appear first, followed by detailed explanations. We review and may update this Policy periodically to reflect changes in law, technology, or our practices. Material changes will be communicated via a prominent notice on the Website and/or by email (where we hold your contact details) at least 30 days before they take effect, unless a shorter period is required by law.

1. Key Information at a Glance

  • Who controls your data? Bird 2 Bird (the Company)
  • What data do we collect? Identity & contact details, financial & claim-specific information, uploaded documents, usage & device data, communications
  • Why do we process it? To deliver claims/recovery assistance, verify identity & comply with anti-money laundering laws, communicate progress, prevent fraud, improve our Service, defend legal rights
  • Legal bases Contract performance, legal obligations (AML/CTF), legitimate interests, consent (e.g. marketing)
  • Who do we share it with? Service providers (IT, analytics), professional advisers (solicitors/accountants when authorised), third parties involved in your claim (banks, insurers, ombudsmen), regulators/authorities when required
  • International transfers? Limited; protected by UK-approved mechanisms (e.g. IDTA, adequacy decisions)
  • How long do we keep it? Usually duration of active claim + 6–7 years (legal/tax/AML minimums); shorter for some usage data
  • Your rights Access, rectification, erasure, restriction, objection, portability, withdraw consent, complain to ICO
  • Contact privacy@friendly-peach-chicken.89-34-99-49.cpanel.site

2. Personal Data We Collect

We collect only the data necessary to provide the Service, verify claims, comply with law, and protect against fraud.

2.1 Data You Provide Directly

  • Identity & contact — full name, postal address, email address(es), telephone/mobile numbers, date of birth, nationality/residency status
  • Financial & claim-specific — bank account/sort code/IBAN details (for recovery payments), policy/contract/reference numbers, claim amounts, details of alleged loss/mis-selling/debt, payment/transaction history, evidence of entitlement (e.g. statements, letters, agreements)
  • Supporting evidence — scanned/uploaded documents (IDs, passports, driving licences, utility bills, bank statements, correspondence with third parties, court judgments, pension details, insurance policies, etc.)
  • Communications — content of emails, messages, support tickets, call notes/recordings (where permitted and notified), enquiry forms
  • Preferences & consents — marketing opt-ins/opt-outs, cookie preferences, accessibility needs

2.2 Data Collected Automatically

  • Technical/usage data — IP address, browser type & version, operating system, device type/model, screen resolution, pages visited, time/date of access, duration on pages, referral source/URL, search terms used to find us
  • Cookies & similar technologies — see section 10 below

2.3 Data Obtained from Third Parties

  • Public registers (e.g. Companies House, Land Registry, electoral roll — for identity/asset verification where relevant)
  • Credit reference agencies & fraud prevention databases (limited checks for AML/compliance)
  • Third parties you authorise us to contact (banks, insurers, previous advisers, ombudsmen)

We do not seek or process special category data (e.g. health, race, religion) unless it is directly relevant to a specific claim you submit (e.g. personal injury compensation) and you have explicitly provided it.

3. Purposes of Processing & Lawful Bases (UK GDPR Art. 6 & 9)

We only process personal data where we have a valid legal basis.

 
 
Purpose of ProcessingTypical Data CategoriesPrimary Lawful Basis(es)Legitimate Interests (where relied upon)
Assess, manage, pursue & report on your claim/recoveryIdentity, contact, financial, documentsPerformance of contract / pre-contractual stepsN/A
Verify identity, conduct due diligence & comply with AML/CTF lawsIdentity, financial, source of funds/wealthLegal obligation + Legitimate interestsCrime prevention, regulatory compliance, protecting the financial system
Communicate claim progress, request further evidence, respond to enquiriesContact, claim detailsContract + Legitimate interestsEfficient, accurate service delivery
Prevent/detect fraud, money laundering, sanctions breachIdentity, financial, usage, third-party dataLegal obligation + Legitimate interestsProtecting our business, clients & public from financial crime
Improve Service, website functionality, security & analyticsUsage/technical data, aggregated statisticsLegitimate interestsUnderstanding user behaviour, enhancing user experience, detecting threats
Direct marketing (news, similar services, tips)Contact, preferencesConsent (opt-in only)N/A — we never rely on legitimate interests for marketing
Exercise/defend legal claims, enforce agreementsAll relevant dataLegitimate interests + Legal claims (Art 9(2)(f))Protecting our legal position & rights
Business planning, audits, corporate transactionsLimited identity & financial dataLegitimate interestsDue diligence in mergers, sales, reorganisations
 

We do not carry out automated decision-making (including profiling) that produces legal effects or similarly significantly affects you.

4. Sharing & Disclosure of Your Personal Data

We share personal data only when necessary and under strict controls:

  • Processors / service providers — cloud hosting, email providers, analytics tools, payment gateways, secure document management platforms (all bound by UK GDPR Art 28 processor contracts)
  • Professional advisers — solicitors, barristers, forensic accountants, tracing agents (only with your explicit authorisation or when required for legitimate pursuit of claim)
  • Claim-related third parties — banks, building societies, insurers, pension providers, Financial Ombudsman Service, courts, HMRC, counterparties/debtors (with your consent/authorisation)
  • Regulatory & law enforcement bodies — National Crime Agency, HM Revenue & Customs, Financial Conduct Authority (where applicable), police, courts — when required by law
  • Fraud prevention & credit agencies — limited data for AML/compliance checks
  • Corporate transactions — in the event of merger, acquisition, asset sale, or reorganisation (with notice where practicable)

We never sell your personal data to third parties for their own marketing purposes.

5. International Transfers of Personal Data

Most processing occurs within the United Kingdom. Where data is transferred outside the UK (e.g. to US-based cloud providers), we ensure an equivalent level of protection using:

  • UK adequacy regulations (for EEA countries)
  • UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU SCCs
  • Binding corporate rules (where applicable)
  • Transfer risk assessments & supplementary measures

You may request details of safeguards via privacy@friendly-peach-chicken.89-34-99-49.cpanel.site.

6. How Long We Keep Your Personal Data (Retention)

We retain personal data only for as long as necessary:

  • Active claims & client relationships — duration of engagement + up to 7 years after closure (standard UK limitation period for contract claims + tax record-keeping)
  • AML/CTF compliance records — minimum 5 years after end of business relationship (Money Laundering Regulations 2017)
  • Support tickets & communications — up to 2–3 years for quality, training & dispute resolution
  • Website usage & analytics data — up to 26 months (Google Analytics default; shorter where possible)
  • Marketing consent records — until consent withdrawn + reasonable evidence period

After these periods, data is securely deleted, destroyed, or irreversibly anonymised (for statistical/research use). Encrypted backups follow similar retention logic.

7. Your Data Protection Rights

Under UK GDPR you have the following rights (subject to exemptions):

  • Right to be informed (this Policy)
  • Right of access — request a copy of your data (Subject Access Request)
  • Right to rectification — correct inaccurate/incomplete data
  • Right to erasure (“right to be forgotten”) — in certain circumstances
  • Right to restrict processing
  • Right to object — to legitimate interests processing or direct marketing
  • Right to data portability — receive your data in structured, machine-readable format
  • Right to withdraw consent — where processing is consent-based (does not affect prior lawfulness)
  • Right to lodge a complaint with the ICO (www.ico.org.uk)

To exercise any right: email privacy@friendly-peach-chicken.89-34-99-49.cpanel.site. We usually respond within one month (extendable in complex cases). Most requests are free; we may charge for manifestly unfounded/excessive requests.

8. Security of Your Personal Data

We implement appropriate technical and organisational measures (Art 32 UK GDPR), including but not limited to:

  • Encryption of data in transit (TLS 1.3+) and at rest
  • Access controls & multi-factor authentication
  • Regular security testing & vulnerability scanning
  • Staff training on data protection & confidentiality
  • Incident response & breach notification procedures

Despite these measures, no internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Children’s Privacy

The Service is not directed at children under 18. We do not knowingly collect personal data from anyone under 16. If we become aware that we have collected such data without verifiable parental consent, we will delete it promptly.

10. Cookies and Similar Technologies

We use:

  • Essential cookies — for core site functionality (no consent required)
  • Analytics & preference cookies — only with your consent via our cookie banner/tool

You can manage preferences at any time via the banner or browser settings. For full details see our Cookies Policy [link if separate page exists].

11. Links to Other Websites

The Website may contain links to third-party sites (e.g. regulators, banks). We are not responsible for their privacy practices. Review their policies before providing information.

12. Changes to This Privacy Policy

We may update this Policy to reflect legal, operational, or service changes. The “Last updated” date indicates the most recent version. Continued use after material changes constitutes acceptance.

13. Contact Us & Complaints

For privacy questions, rights requests, or concerns: Email: privacy@friendly-peach-chicken.89-34-99-49.cpanel.site

Thank you for trusting us with your information. We are committed to handling it responsibly and transparently at every stage of your recovery journey.