Who We Are
Strand Intelligence Ltd ("Strand", "we", "our", "us") is an AI-native digital forensics and incident response platform. We are a company registered in England and Wales (Company No. 16505027) with our registered office at GM Digital Security Hub (DISH), 47 Lloyd St, Manchester M2 5LE, United Kingdom.
We are committed to protecting your privacy and handling your data in an open and transparent manner. This privacy policy explains how we collect, use, disclose, and safeguard your personal data when you use our platform, agents, APIs, and related services.
Data We Process
Account & Organization Data (We are Controller)
When you create an account or join an organization:
- • Full name and business email address
- • Organization name, size, and industry sector
- • Billing information (processed by Stripe)
- • IP addresses, browser type, and device information
- • Usage analytics and feature interaction data
- • Support tickets and communication history
Investigation Data (We are Processor)
When you conduct investigations, you may upload:
- • Email messages, attachments, and headers
- • System logs, event logs, and forensic artifacts
- • Memory dumps and disk images
- • Network traffic captures and firewall logs
- • User activity logs and authentication records
You remain the data controller for all investigation data. We process it solely on your instructions.
Automatically Collected Data
- • System performance metrics and error logs
- • Feature usage patterns and workflow analytics
- • API call logs and integration data
- • Session duration and interaction metrics
Legal Basis for Processing
Contractual Necessity
To provide the Strand platform and services you've requested
Legitimate Interests
Platform security, fraud prevention, and service improvements
Legal Obligations
Financial record keeping, tax reporting, and law enforcement requests
Consent
Marketing communications and optional analytics
Data Sharing & Transfers
We do not, and will never, sell your personal data or investigation data to third parties. Your data is not our product.
Service Providers
Data Security
Technical Safeguards
Encryption in transit and at rest, row-level security for data isolation between organizations.
Access Management
Access restricted based on business need, with regular reviews and prompt revocation.
Infrastructure Security
Reputable cloud providers with physical security and compliance certifications.
Incident Response
Procedures in place with 72-hour breach notification as required by law.
Data Retention
Your Rights
Right to Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your data
Right to Restriction
Limit how we process your data
Right to Portability
Receive your data in a portable format
Right to Object
Object to certain types of processing
Right to Withdraw Consent
Withdraw consent where we rely on it
Right to Complain
Lodge a complaint with supervisory authorities
To exercise any of these rights, email [email protected]. We'll respond within 30 days.
Contact Us
Postal Address
Strand Intelligence Ltd
GM Digital Security Hub (DISH)
47 Lloyd St, Manchester M2 5LE
United Kingdom