CASTILHO COLLECTIONS

INTERNAL COMPLIANCE POLICY

CASTILHO COLLECTIONS

KEY PRINCIPLES

At Castilho Collections, we conduct our business in accordance with the highest standards of ethics, integrity, and transparency. We believe that a strong culture of compliance is essential to earning the trust of our clients, partners, and employees, as well as to ensuring strict adherence to applicable legal and regulatory obligations. 

This document sets forth the principles and rules that guide our Internal Compliance Policy, defining the organization’s commitments to preventing risks, promoting best practices, and adopting control mechanisms that reinforce responsible and compliant conduct. 

We recommend that you read this policy carefully to understand the values, procedures, and responsibilities that underpin our way of doing business and our commitment to compliance. 

We invite you to review our Internal Compliance Policy in detail. 

INTRODUCTION

The website castilhocollections.com is the specialized platform and business unit of Castilho International Legal Corporation, dedicated to debt collection. All of its activities are carried out under the joint responsibility and management of CASTILHO INTERNATIONAL – LEGAL ASSET MANAGEMENT, LDA. and TAVARES CASTILHO, RODRIGUES & ASSOCIADOS – SOCIEDADE DE ADVOGADOS SP RL, which ensure compliance with applicable legal, regulatory, and ethical standards. 

01. POLICY OBJECTIVES

The purpose of Castilho Collections’ Internal Debt Collection Compliance Policy is:

1. Ensure that all debt collection activities comply with:

– Portuguese and Spanish law;

– Applicable European legislation;

– The rules of the Portuguese and Spanish Bar Associations;

– The CCBE Code of Conduct;

– The GDPR (General Data Protection Regulation);

– International standards of professional conduct.

2. Ensure that clients, Castilho, and clients in default are protected against legal, reputational, and operational risks.

3. Implement an operational model based on:
ethics, transparency, legality, proportionality, and respect.

 

02. SCOPE OF APPLICATION

This policy applies to:

This policy applies to all employees of CASTILHO INTERNATIONAL – LEGAL ASSET MANAGEMENT, LDA. and TAVARES CASTILHO, RODRIGUES & ASSOCIADOS – SOCIEDADE DE ADVOGADOS, SP, RL, the entities responsible for the joint management and operation of the castilhocollections.com website.

– Legal Recovery Managers;

– Business contributors;

– International partners;

– Technology and operational partners;

– Service providers and subcontractors.

03. EUROPEAN, LEGAL, AND ETHICAL PRINCIPLES

03.1 EUROPEAN LEGAL BASIS

Credit recovery in the European Union (EU) is based on:

Directive (EU) 2021/2167 – Management and Purchase of Non-Performing Loans (NPLs);

Directive 2008/48/EC – Consumer Credit;

Directive 2011/7/EU – Late Payments in Commercial Transactions;

Directive 2005/29/EC – Unfair Commercial Practices;

Charter of Fundamental Rights of the EU – Dignity, privacy, data protection.

03.2 ETHICAL PRINCIPLES (OA, CGAE, CCBE)

All professionals must respect:

a) Professional Independence (OA, CGAE, CCBE)

Our actions must never be influenced by external interests or commercial pressures.

b) Confidentiality and Privacy

Covers:

– Creditor information;

– Debtor's information;

– Terms of negotiation;

– Contractual and procedural information.

c) Civility, Respect, and Professional Dignity

– Prohibition of aggressive, humiliating, or intimidating behavior;

– Communication that is always clear, serious, and professional.

d) Loyalty and Truthfulness

– Prohibition on misleading the debtor regarding legal measures;

– Prohibition on promising consequences that are not provided for by law.

e) Prohibition of coercion or undue pressure

Enforcement should be firm and assertive, but never coercive.

f) Prohibition on contact with the represented party

If the debtor indicates that he or she has an attorney:

– All communications are directed exclusively to that attorney.
(Ethical obligation common to PT, ES, and CCBE)

04. COMMUNICATION WITH DEBTORS (EUROPEAN STANDARDS + CODE OF ETHICS)

04.1 GENERAL RULES

Hours: 8: 00 a.m.–8:00 p.m. (local time in the debtor’s country);

Repeated or persistent contact is prohibited;

The debtor has the right to be treated with dignity and without discrimination;

Castilho and the professional must provide identification.

04.2 EXPRESS PROHIBITIONS

Based on the CCBE, the OA, and European legislation:

– Insulting or offensive language;

– Psychological pressure;

– Threats of imprisonment (illegal in the EU);

– Threats of seizure without legal proceedings;

– Providing misleading information;

– Imply that we are government officials, courts, or authorities.

04.3 CONTACT AT THE WORKPLACE

It is permitted only when:

– It does not cause problems for the debtor;

– Does not violate privacy or reputation;

– It is not prohibited by the employer.

04.4 RIGHT TO OPT OUT OF COMMUNICATIONS

If the debtor states in writing that they do not wish to be contacted:

– We fully respect this, except to: confirm the termination; and notify you of necessary legal steps.

05. COMMUNICATION WITH THIRD PARTIES

According to the EU, OA, and CCBE:

– You are prohibited from contacting family members, neighbors, coworkers, or third parties.

– You may only contact: the debtor; the debtor’s attorney; the creditor; or authorities when required by law.

06. DEBT VALIDATION AND TRANSPARENCY

Castilho states:

– Clear information regarding the amount, source, and calculation of the debt;

– Delivery of documents (contract, invoice, statements) upon request;

– Temporary suspension of collection in the event of a substantiated challenge;

– Formal written communication at all key stages.

07. DATA PROTECTION (GDPR)

In line with the document you attached:

– Processing based on the creditor’s legitimate interest;

– Data minimization;

– Activity Log (ROPA);

– Encryption and audited access;

– Prohibition on unauthorized transmission;

– Procedure for responding to requests from data subjects (access, objection, rectification, erasure).

08. INTERNAL STRUCTURE OF THE COLLECTION PROCESS

In line with the document you attached:

– Processing based on the creditor’s legitimate interest;

– Data minimization;

– Activity Log (ROPA);

– Encryption and audited access;

– Prohibition on unauthorized transmission;

– Procedure for responding to requests from data subjects (access, objection, rectification, erasure).

08.1 FRIENDLY PHASE

– Initial formal letter;

– Professional phone etiquette;

– Debt validation;

– Settlement proposals or payment plans;

– Complete record of interactions;

08.2 PRE-LITIGATION PHASE

– Formal notice by certified mail;

– Final reasonable deadline;

– Preparation of the legal dossier;

– Mandatory ethical review before proceeding;

08.3 JUDICIAL PHASE

In accordance with the bylaws of the OA, CGAE, and CCBE:

– It proceeds only upon the client's approval;

– Mandatory preliminary legal review;

– Complete transparency regarding costs and risks;

– Providing clients with ongoing updates on the status of their cases;

09. FILING, RECORDS, AND AUDITING

All contacts and documents must be recorded in the CRM.

Semiannual internal audits verify:

– Legal compliance;

– Ethical compliance;

– Data protection;

– Communication skills;

10. MANDATORY TRAINING

All employees have training in:

– GDPR and data protection;

– European collection standards;

– Code of Ethics of the OA, CGAE, and CCBE;

– Ethical management of disputes with debtors;

– Professional communication and negotiation;

11. INTERNAL CONSEQUENCES OF A VIOLATION

– Formal warning;

– Suspension from duty;

– Disciplinary proceedings;

– Membership in the Bar Association or the Spanish Bar Council, where applicable;

– Civil and criminal liability;

12. INSTITUTIONAL COMMITMENT

Castilho Collections is committed to:

– Maintain European standards of excellence;

– To protect creditors and debtors;

– Act with integrity, transparency, and loyalty;

– To be a European leader in Credit Management & Legal Recovery.

13. PREVENTION OF MONEY LAUNDERING

Under Portuguese Law No. 83/2017, law firms are required to report any suspected cases of money laundering to the authorities. Furthermore, attorneys are strictly prohibited from disclosing to clients the existence of investigations, inquiries, or documents related to these crimes. This reporting obligation must be fulfilled with the Central Department of Investigation and Criminal Prosecution (DCIAP) and the Financial Intelligence Unit (UIF) of the Judicial Police by sharing all available information.

14. MONITORING AND REVIEW

This policy was last updated on June 3, 2026, and will be monitored and reviewed regularly, at least every two years.