Who can give authority
- The owner or lawful user of the device or account.
- A parent or legal guardian for a minor's device, where lawful.
- A director or authorised officer of a company, for company-owned devices.
- A solicitor or barrister acting on instructions from the lawful authority holder.
- A court, tribunal, regulator or police agency acting under order, warrant or subpoena.
What we ask you to confirm
- You are entitled to provide the device or account to us.
- You authorise the scope of work set out in our engagement letter.
- You are not asking us to access another person's device or account without their consent or proper legal authority.
- You will tell us promptly if circumstances change (e.g. ownership disputes, court orders).
What we will not do
- Bypass account security, steal passwords or otherwise access an account without consent or lawful authority.
- Unlock physically damaged phones.
- Examine a device or account where authority is unclear, withdrawn or disputed.
- Use techniques that would be unlawful in the jurisdiction the data sits in.
If authority is withdrawn
If consent or authority is withdrawn during an engagement, we will pause work and hold the device or data pending instructions, a court order or destruction in line with our Data Retention and Destruction Policy.