Privacy Policy

1.1 Information You Provide

When you use our services, you may provide:

• Contact Information: Name, email address, phone number
• Account Information: Username/handle of the compromised account, platform name
• Incident Details: When the compromise occurred, description of what happened
• Identity Verification: Government-issued ID (when required for platform verification)
• Payment Information: Credit card details (processed securely by Stripe)

1.2 Information Collected Automatically

When you access our platform, we automatically collect:

• Device Information: Browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent, actions taken
• Log Data: IP address, access times, referring URLs
• Cookies: Session cookies for authentication and preferences

1.3 Information We Do NOT Collect

We use your information to:

• Provide Services: Process your recovery case and escalate to platforms
• Communicate: Send case updates, respond to inquiries, provide support
• Process Payments: Charge service fees and process refunds
• Verify Identity: Confirm you are the legitimate account owner
• Improve Services: Analyze usage patterns to enhance our platform
• Legal Compliance: Comply with applicable laws and regulations
• Fraud Prevention: Detect and prevent fraudulent use of our services

We may share your information with:

3.1 Service Providers

• Stripe: Payment processing
• AWS: Cloud infrastructure and data storage
• Email Services: Sending transactional emails

3.2 Required for Recovery

To pursue your account recovery, we must share relevant case information with:

• Social media platforms (Instagram, TikTok, Facebook, etc.) as needed for escalation
• Email providers (Google, Microsoft) for email account recovery

3.3 Legal Requirements

We may disclose information when required by:

• Court orders or legal process
• Government requests
• To protect our rights, privacy, safety, or property

We implement industry-standard security measures including:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access with multi-factor authentication
• Secure Infrastructure: Hosted on AWS with SOC 2 compliance
• Regular Audits: Security assessments and vulnerability testing
• No Password Storage: We never ask for or store your account passwords

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

We use cookies to:

• Essential Cookies: Enable core functionality like authentication
• Analytics Cookies: Understand how you use our platform (via AWS CloudWatch RUM)
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling cookies may affect functionality.

We retain your information for:

• Active Cases: Duration of your case plus 1 year for reference
• Completed Cases: 3 years from case closure (for potential follow-up issues)
• Account Data: Until you request deletion
• Analytics Data: 2 years in aggregated, anonymized form

Depending on your location, you may have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Receive your data in a portable format
• Opt-Out: Opt out of marketing communications
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us through our website. We will respond within 30 days.

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected information from a child under 18, we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through our platform. The "Last updated" date at the top indicates when the policy was last revised.