Binary Forensic - Your Partner for Expert Witness, E-discovery and Litigation

Privacy Policy for Binary Forensic LLC (www.binaryforensic.com)

Effective Date: January 1st, 2025

This Privacy Policy describes how Binary Forensic LLC (“Binary Forensic,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal data in connection with our website located at www.binaryforensic.com and any related communications and services, including text communications facilitated via Zoom. We are committed to handling personal data in a lawful, fair, and transparent manner and to complying with the General Data Protection Regulation (“GDPR”), the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, “CCPA/CPRA”), and applicable requirements related to Zoom’s texting services.

By accessing or using our website or communicating with us, you acknowledge that you have read and understood this Privacy Policy.

Scope and Role

This Privacy Policy applies to personal data processed by Binary Forensic as a controller when you visit our website, contact us, or interact with our communications channels, including any texting functionality enabled through Zoom. For texting services provided via Zoom, Zoom may act as our service provider/processor, processing personal data on our behalf.

Our Data Collection Philosophy

We design our website and services with privacy by default and by design. For general website browsing, we do not collect, retain, or sell personal data beyond what is necessary for essential operations and security, and we do not “share” personal data for cross-context behavioral advertising under the CPRA. When you actively engage with us (for example, via forms, checkout, support, or enrollment in our SMS programs), we may process the additional categories described below solely for the purposes you request or reasonably expect.

Categories of Personal Data We Process

Because our goal is to minimize data collection, we generally limit processing. However, when you interact with our services or SMS programs, the following categories may be processed:

Data you voluntarily provide. If you contact us (e.g., by email, webform, checkout, support, or text) or subscribe to updates, you may provide identifiers such as your name, email address, mobile number, billing/shipping address, or the content of your message. We use this data to respond to your request, fulfill transactions, and manage the communications you initiate.
Technical and network data from website usage. Our website may automatically log limited technical information necessary for basic website operations and security, such as IP address, browser type/version, device identifiers, pages viewed, referring/exit pages, timestamps, and diagnostic data. If we use cookies or similar technologies, they are limited to essential functionality and security unless we expressly disclose otherwise and, where required, obtain your consent. We do not sell or share this information for advertising purposes.
Commercial and interaction data. If you make purchases or otherwise transact with us, we may process order and purchase history, account settings, marketing preferences, and interaction data (e.g., website/app interactions and message engagement such as delivery status or replies).
SMS metadata and preferences (Zoom). If you engage with us using text messaging supported by Zoom Phone (10DLC), we may process your phone number, message content, timestamps, originating number, carrier responses, delivery/receipt metadata, opt-in/opt-out logs, and applicable 10DLC brand/campaign identifiers.
Inferences. We may derive limited inferences from your interactions (e.g., communication preferences) to improve service relevance, but not for targeted advertising.
Sensitive personal information. We do not seek to collect sensitive personal information. If you choose to provide it or if it is legally required for a specific purpose, we apply heightened protections consistent with applicable law.

If at any time we propose to collect additional categories of personal data or use data for new purposes, we will provide appropriate notice and, where required, obtain consent. If our sale/sharing practices ever change, we will update this policy and provide required opt-out mechanisms in advance.

Purposes and Legal Bases for Processing

We process personal data only for limited, specified purposes:

To operate, secure, and maintain our website and services, including detecting and preventing fraud, abuse, and security incidents.
To respond to your inquiries, requests, or instructions and to provide support.
To provide and manage text communications that you request or consent to receive (e.g., alerts, updates, service messages, and—if you opt in—promotions).
To process transactions you initiate, maintain records (including 10DLC and carrier-required records), and manage your preferences.
To perform analytics and service improvement that do not involve selling or sharing personal data for cross-context behavioral advertising.
To comply with legal obligations and to establish, exercise, or defend legal claims.

Under the GDPR, our legal bases include performance of a contract or pre-contractual steps at your request, our legitimate interests in operating a secure and effective website and communications channel (balanced against your rights and expectations), compliance with legal obligations, and, where applicable, your consent (e.g., for marketing SMS/email). You may withdraw consent at any time without affecting prior processing.

Data Minimization, Retention, and Deletion

We strive to collect and retain the minimum amount of personal data necessary for the stated purposes. For general browsing, we do not retain personal data beyond what is needed to operate our website securely or to fulfill a request you initiate. We retain text messages and related metadata only for as long as needed to provide the service, maintain records required by law and carrier rules (including 10DLC record-keeping), ensure security and fraud prevention, and honor opt-out preferences (including STOP requests). When data is no longer needed, we securely delete or de-identify it in accordance with our retention practices and applicable law.

No Sale or Sharing of Personal Data

We do not sell personal data and we do not “share” personal data for cross-context behavioral advertising as those terms are defined under the CPRA. We also do not use or disclose sensitive personal information for purposes other than those allowed by law.

Client Confidentiality for Current and Future Customers

We treat all client information—whether provided by a current customer, a prospective customer, or generated by us in the course of an engagement—as strictly confidential. This includes, without limitation, reports, findings, work papers, forensic images and extractions, case files, discovery materials, chain-of-custody records, communications (email, text/SMS, voice, video), billing and engagement information, and any other information relating to your matter (collectively, “Client Information”). We do not disclose Client Information to other clients or to any unauthorized party.

We will disclose or permit access to Client Information only in the following limited circumstances: (a) with your explicit authorization or instructions; (b) to your authorized representatives (e.g., your legal counsel, experts, or vendors you designate) as directed by you; (c) to our service providers and subprocessors strictly as necessary to perform the services, under written confidentiality and data protection obligations no less protective than ours; or (d) as required to comply with applicable law, regulation, subpoena, court order, or other legal process. Where legally permissible, we will provide you with notice of any compelled disclosure and cooperate to seek protective orders or other appropriate safeguards.

We maintain organizational, technical, and physical safeguards to protect Client Information, including data segregation by client/matter; role-based and least-privilege access controls; encryption in transit and at rest (where applicable); multi-factor authentication for administrative access; secure evidence handling and documented chain of custody; logging and monitoring; secure file transfer; and confidentiality obligations for personnel and vendors. We do not commingle Client Information across matters, and we do not reuse client data, artifacts, or work product for the benefit of any other client absent your written authorization.

We endeavor to preserve applicable legal privileges and work-product protections associated with your matter and will not waive such protections without your direction or a legal requirement. We use subcontractors or expert resources only where necessary for the engagement and only under written agreements that impose confidentiality and data protection obligations at least as stringent as our own.

We retain Client Information only for as long as necessary to perform the engagement, meet legal, regulatory, carrier, or professional obligations, maintain required records (including chain-of-custody documentation), and enforce our rights; thereafter, we securely delete or return Client Information in accordance with our retention practices, your instructions, and applicable law. If a security incident affecting Client Information occurs, we will investigate, mitigate, and provide notices as required by law and applicable contract terms.
Nothing in this section limits your statutory rights under GDPR, CCPA/CPRA, or other applicable laws, nor does it limit any obligations we owe to you under our engagement terms.

Text Communications via Zoom (TCPA/CTIA/10DLC)

We use Zoom’s texting functionality (Zoom Phone) to deliver and receive text communications. We comply with applicable requirements under the Telephone Consumer Protection Act (TCPA), CTIA Messaging Principles, and carrier 10DLC rules. The following principles govern our handling of text communications:

Consent and opt-in. We obtain clear, documented consent before sending marketing texts and send informational/service texts where permitted or requested. At enrollment, we disclose our name, message type/purpose, message frequency, “Msg & Data rates may apply,” links to this Privacy Policy and Terms, and opt-out instructions.
Message content and purpose. Text messages are limited to the purpose you requested or reasonably expect (e.g., responding to your inquiry, alerts, confirmations, service updates, and—if you opted in—promotions).
Message frequency. Program details (to be tailored to your program): [1–6 msgs/month].
Opt-out and help. You may opt out at any time by replying STOP. For assistance, reply HELP. We promptly honor STOP requests and maintain opt-out logs.
Consent not a condition of purchase. Your consent to receive marketing texts is not a condition of purchasing any goods or services.
List practices. We do not buy, sell, or share SMS opt-in lists.
10DLC registration. Our numbers are registered to approved brands and campaigns; unregistered sending is not permitted.
Data security. Zoom acts as our service provider/processor and processes text contents and metadata to route and deliver messages. We employ appropriate technical and organizational measures to protect text data in transit and at rest.
Data retention. We retain text communications only as long as necessary for the purposes described above or as required by law and carrier rules.
Costs. Message and data rates may apply depending on your carrier and plan.

For more information on Zoom’s privacy practices, please consult Zoom’s public documentation and privacy notices. Zoom processes text data to provide its services to us and is contractually restricted from using such data for purposes other than providing the service, in accordance with applicable law.

Disclosures to Service Providers and Other Third Parties

We may disclose personal data to:

Service providers and processors who assist with website hosting, security, communications and SMS delivery (including Zoom), analytics, payments, and other operational functions. These providers are contractually bound to process personal data only on our instructions and to implement appropriate security measures.
Legal and regulatory authorities, or other parties, when required to comply with law, enforce our terms, protect our rights, or respond to lawful requests.
Successors in interest in the event of a corporate transaction, subject to appropriate safeguards and continued compliance with this Privacy Policy.

We do not allow third parties to use your personal data for their own marketing or advertising purposes.

International Data Transfers

If we transfer personal data outside your jurisdiction, we implement appropriate safeguards as required by law, which may include Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms. We will take steps to ensure that your personal data continues to benefit from a level of protection essentially equivalent to that afforded by applicable law, and we require our processors (including Zoom) to protect your data.

Security Measures

We implement administrative, technical, and physical measures designed to protect personal data from unauthorized access, disclosure, alteration, and destruction. These measures include access controls, encryption in transit (HTTPS) and at rest where applicable, secure configuration and patching, data minimization, least-privilege access, monitoring, and vendor due diligence. While no security controls can guarantee absolute security, we continuously evaluate and improve our safeguards.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access, correction, and deletion. You may request access to the personal data we hold about you and ask that we correct or delete it, subject to legal exceptions.
Portability. Where applicable, you may request a copy of your personal data in a structured, commonly used, machine-readable format.
Restriction and objection. Under the GDPR, you may request that we restrict certain processing or object to processing based on our legitimate interests.
Consent withdrawal. Where we rely on consent (e.g., for marketing SMS/email), you may withdraw it at any time without affecting prior processing.
Opt-out of sale/sharing. Under the CPRA, you have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell or share personal information, and we honor applicable opt-out signals, including Global Privacy Control, consistent with our practices.
Limit use/disclosure of sensitive data. Where applicable, you may request limits on the use and disclosure of sensitive personal information.
Non-discrimination. We will not discriminate against you for exercising your rights.

To exercise your rights or submit a request, contact us as described in the “Contact Us” section or via any available privacy request channels. We will verify your identity before fulfilling your request and respond within the timeframes required by law. Authorized agents may submit requests on your behalf, subject to verification and proof of authorization.

Children’s Privacy

Our website and services are not directed to children under the age of 13 (or as otherwise defined by local law). We do not knowingly collect children’s personal data without appropriate consent. If you believe a child has provided personal data to us, please contact us so that we can take appropriate action.

Do Not Track and Global Privacy Control

Our website does not track users over time for targeted advertising purposes. We do not sell or share personal information and therefore do not offer a “Do Not Sell or Share” link. Where applicable, we will honor Global Privacy Control signals as an opt-out of sale/sharing.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated version with a revised effective date and, where required, provide notice of material changes. Your continued use of our website or SMS programs after any update constitutes your acknowledgment of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy, our data practices, or your rights, or if you wish to exercise your privacy rights, please contact:

Binary Forensic LLC
625 South 8th Street
Las Vegas, NV 89101
Phone: 702.759.7900
Email: [email protected]

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you also have the right to lodge a complaint with your local data protection authority. California residents may contact the California Attorney General regarding privacy complaints.

California-Specific Notice (CCPA/CPRA)

Categories collected: identifiers and contact data (name, email, mobile number, billing/shipping address, IP), internet or other electronic network activity information (site logs and diagnostics), commercial/interaction data (purchase history, preferences, message engagement), approximate geolocation (derived from IP), inferences (e.g., communication preferences), and—if provided—sensitive personal information.
Sources: directly from you (forms/checkout/support/SMS opt-in), automatically from your device for basic operations and security, and from service providers strictly to deliver our services (including Zoom for SMS delivery).
Business purposes: to provide and secure our website and communications; to process transactions and provide support; to perform non-targeted analytics and improvement; to comply with law and carrier rules (including 10DLC record-keeping).
Sale/Sharing: we do not sell or share personal information as defined by California law and therefore do not offer a “Do Not Sell or Share” link. We also do not exchange personal information for targeted advertising purposes or share SMS program data with third parties for their own marketing.
Retention: personal information is retained only as long as necessary for the purposes described above and as required by law and carrier rules; opt-in/opt-out logs (including STOP requests) are retained consistent with legal and compliance requirements.
Rights: access/know, deletion (with exceptions), correction, portability (where applicable), limit use/disclosure of sensitive personal information, and non-discrimination.
Verification and authorized agents: we will verify your identity and accept requests from authorized agents subject to verification and proof of authorization.

GDPR-Specific Information

Controller: Binary Forensic LLC is the controller of personal data collected via our website, services, and communications channels (including SMS).
Legal bases: Performance of a contract; legitimate interests (e.g., site security, service improvement, responding to inquiries), compliance with legal obligations (including record-keeping), and consent where applicable (e.g., marketing SMS/email).
Data transfers: Where personal data is transferred outside the EEA/UK/Switzerland, we implement appropriate safeguards (e.g., Standard Contractual Clauses or other lawful transfer mechanisms) and require processors to protect your data.
Rights: Access, rectification, erasure, restriction, objection, portability, withdrawal of consent, and the right to lodge a complaint with a supervisory authority.

Summary of Key Commitments

We do not sell or share personal information, including for cross-context behavioral advertising, and we do not buy, sell, or share SMS opt-in lists.
We collect and retain only what is necessary to operate our website and services, respond to your requests, process transactions you initiate, and manage SMS programs in compliance with TCPA/CTIA/10DLC.
We do not use personal data for targeted advertising.
We employ appropriate security safeguards and data minimization practices.
We honor applicable user rights and provide simple opt-out mechanisms for text communications (reply STOP; HELP for help). Please review this Privacy Policy periodically and contact us with any questions or to exercise your privacy rights.