Privacy Policy

1. Information We Collect

1.1 Information You Provide

• Contact information: name, email, phone, organisation
• Documents submitted for verification: board packs, memos, reports, presentations, and other materials you upload or forward
• Project information: industry, use case, deadlines, compliance requirements
• Payment information: billing details, transaction records

1.2 Information Collected Automatically

• IP address and approximate location
• Browser type and version
• Pages visited and time spent
• Referring website

2. How We Use Your Information

• Performing document verification and delivering reports
• Communicating about verification status and deliverables
• Providing customer support
• Processing payments
• Improving our verification methodology

Your documents are never used to train any language model. This is a contractual commitment, not a setting.

3. How We Protect Your Information

• Encrypted data transmission (HTTPS/TLS)
• Secure file storage with access controls
• Regular security assessments
• Two-factor authentication for team access
• Documents processed for verification only, then securely deleted

For on-premise deployments, no document data leaves your network. All processing occurs within your infrastructure.

4. Information Sharing

We do not sell your data.

We may share information with:

• Service providers: payment processors, cloud hosting (bound by data protection agreements)
• Professional advisors: legal, accounting (as necessary)
• Legal requirements: if required by law, court order, or government authority

5. Data Retention

• Documents submitted for verification: securely deleted within 30 days of report delivery unless retention is explicitly requested
• Verification reports: retained for 12 months for audit trail purposes
• Contact and project records: retained during active engagement and for 12 months after
• Payment records: 7 years (legal and tax requirements)

6. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access: request a copy of your personal data
• Correction: request correction of inaccurate data
• Deletion: request deletion of your data
• Portability: request your data in a portable format
• Objection: object to certain processing activities

To exercise these rights, contact philip@brfcase.com.

7. Cookies and Tracking

We use essential cookies for website functionality and privacy-respecting analytics to understand website usage. We do not use third-party advertising trackers or sell data to advertisers.

8. Jurisdiction-Specific Notices

South Africa (POPIA)

We comply with the Protection of Personal Information Act. Our Information Officer can be reached at philip@brfcase.com.

European Union (GDPR)

For EU residents, we process data under legitimate interests and contract performance. You have additional rights under GDPR.

9. Contact Us

For privacy questions or to exercise your rights:

• Email: philip@brfcase.com