Privacy Policy

1. Introduction

Specter Point Intelligence ("we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website and use our services, including our client portal, cybersecurity assessment platform, and digital investigation services.

2. Information We Collect

We collect information in the following ways:

Information You Provide

• Account registration details (name, email address, organization name, industry)
• Service request information submitted through our portal
• Documents, files, and evidence uploaded to our secure document sharing system
• Contact form submissions and correspondence
• Payment information processed through our payment provider
• HIPAA security assessment responses and related organizational data

Information Collected Automatically

• Browser type, IP address, and device information
• Pages visited, time spent, and navigation patterns
• Authentication tokens and session data necessary for portal access

3. How We Use Your Information

• Providing and maintaining our cybersecurity assessment and investigation services
• Processing service requests, generating quotes, and managing invoices
• Generating security posture reports and recommendations
• Facilitating secure document and evidence sharing
• Processing payments and managing subscriptions
• Communicating with you about your account, services, and support requests
• Improving our services, security measures, and user experience
• Complying with legal obligations and protecting our rights

4. Cookies and Tracking

We use essential cookies required for authentication and session management within our client portal. These cookies are strictly necessary for the operation of our services. We do not use advertising or non-essential tracking cookies.

5. Third-Party Services

We use the following third-party services to operate our platform:

• Supabase — Authentication, database hosting, and secure file storage
• Stripe — Payment processing for subscriptions and invoices. We do not store credit card numbers on our servers.

Each third-party service operates under its own privacy policy and terms. We encourage you to review their respective policies.

6. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS), encrypted storage, row-level security policies, and access controls. As a cybersecurity firm, we hold ourselves to the highest standards of data protection. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Assessment data, reports, and investigation case files are retained in accordance with applicable legal requirements and professional obligations. You may request deletion of your account and associated data at any time by contacting us.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate or incomplete data
• Deletion — Request deletion of your personal data, subject to legal retention requirements
• Portability — Request a portable copy of your data

To exercise any of these rights, please contact us at contact@specterpoint.com.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a revised "Last updated" date. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: