Transparency and Disclosure

Effective Date: August 20, 2024

Last Updated: August 20, 2024

We believe trust is earned. This page explains how we collect, use, and protect information; what our services can and cannot do; and how we handle potential conflicts, compensation, and compliance.

What we do

We provide open-source intelligence (OSINT), digital investigations, monitoring, and advisory services to help protect people, assets, and reputations.

How we collect information

  • Public sources only. We gather data from publicly available or lawfully accessible sources (websites, public records, social media, news, forums, breach corpuses lawfully obtained, etc.).

  • Client-provided data. We process information you supply to us under contract.

  • No covert access. We do not hack, bypass paywalls/controls, misrepresent identity (“pretexting”), or use unlawful means.

  • Terms of service. We respect source-site terms and applicable laws where we operate.

Use of automation & AI

  • We may use automated tools and AI to search, classify, summarize, and correlate data.

  • Human analysts review high-impact findings prior to delivery.

  • We apply minimization where appropriate (e.g., reduce unnecessary personal data).

  • Selected vendors may act as sub-processors under confidentiality and security commitments.

Accuracy & limitations

  • OSINT can include errors, impersonations, or outdated records. Findings are time-bound to the date of collection.

  • Our work is professional opinion based on available evidence; it is not legal, medical, or financial advice.

  • We are not a consumer reporting agency and reports must not be used for credit, employment, housing, or insurance eligibility decisions.

Client confidentiality

  • We protect client identity, scope, and results under contract and NDA.

  • Access is restricted on a need-to-know basis; data is encrypted in transit and at rest.

  • Retention: We keep project data only as long as necessary to deliver services and meet legal obligations, then securely delete or archive per policy.

Legal process & jurisdiction

  • We respond to valid legal requests (e.g., subpoenas, court orders) after verification and notice where permitted.

  • We comply with applicable privacy laws (e.g., GDPR/UK GDPR/CCPA where in scope).

  • Cross-border transfers use appropriate safeguards (e.g., SCCs) when required.

Conflicts of interest & independence

  • We do not accept fees or benefits to skew findings.

  • If a potential conflict arises, we will disclose it and, if necessary, decline or withdraw from the engagement.

Compensation & affiliation disclosures

  • We are paid by clients for services under written agreements.

  • We do not use paid endorsements. If affiliate links or sponsored content ever appear, they will be clearly labeled.

Cookies & analytics (website)

  • Our site may use necessary cookies and analytics to improve performance and security.

  • You can manage non-essential cookies via the site’s cookie banner or your browser settings.

Children’s data

Our services and site are not directed to children under 16, and we do not knowingly collect their personal data.

Vulnerability disclosure

If you believe you’ve found a security issue, please email info@proalign.com with details. We appreciate responsible disclosure.

Contact

Questions about this notice or your data rights? please contact us at:

ProAlign

Contact Us