1. Introduction
CaseForge ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security use case lifecycle management platform.
2. Information We Collect
Personal Information
We may collect personal information that you provide directly to us, such as:
- Name and contact information (email address)
- Account credentials
- Professional information (job title, company)
- Communication preferences
Usage Information
We automatically collect certain information when you use our Service:
- Log data (IP address, browser type, access times)
- Device information
- Usage patterns and preferences
- Performance data
Security Use Case Data
Information you create and manage within the platform:
- Security use cases and detection rules
- MITRE ATT&CK mappings
- Audit logs and change history
- Collaboration data
3. How We Use Your Information
We use the collected information for:
- Providing and maintaining our Service
- Processing your transactions and managing your account
- Sending administrative information and updates
- Responding to your comments and questions
- Monitoring and analysing usage patterns to improve our Service
- Detecting, preventing, and addressing technical issues
- Protecting against fraudulent or illegal activity
4. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), our legal basis for processing your personal information includes:
- Consent: You have given consent for specific purposes
- Contract: Processing is necessary for our contract with you
- Legal obligations: Processing is necessary for compliance with legal obligations
- Legitimate interests: Processing is necessary for our legitimate interests
5. Data Sharing and Disclosure
We may share your information in the following circumstances:
- Service Providers: With third-party vendors who perform services on our behalf
- Legal Requirements: If required by law or in response to valid legal requests
- Business Transfers: In connection with any merger, sale, or acquisition
- Consent: With your consent or at your direction
We do not sell, trade, or rent your personal information to third parties for marketing purposes.
6. Data Security
We implement appropriate technical and organisational security measures to protect your information, including:
- Encryption of data in transit and at rest
- Regular security assessments and audits
- Access controls and authentication mechanisms
- Employee training on data protection
- Incident response procedures
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. When we no longer need your information, we will securely delete or anonymise it.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request access to your personal information
- Rectification: Request correction of inaccurate information
- Erasure: Request deletion of your information
- Restriction: Request restriction of processing
- Portability: Request transfer of your information
- Objection: Object to certain processing activities
- Withdraw Consent: Withdraw previously given consent
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
10. Children's Privacy
Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information.
11. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track activity on our Service and hold certain information. For detailed information about our use of cookies, please see our Cookie Policy.
12. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.
13. Contact Us
If you have any questions about this Privacy Policy, please contact us:
For EU residents: You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.