Legal

Privacy Policy

Sherlock Forensics collects personal data through contact forms, recon tool queries and payment processing. We do not sell your data. All data is handled in compliance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

Effective April 8, 2026

How we handle your information

Sherlock Forensics ("we", "us" or "our") operates the website www.sherlockforensics.com. This privacy policy explains what personal information we collect, how we use it, who we share it with and what rights you have under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

1. Information We Collect

We collect personal information through the following channels on our website:

Contact Form Submissions
Name, email address and company name. Submitted voluntarily when you reach out to us for inquiries or consultations.
Recon Tool Queries
Target domain name or IP address that you enter into our free reconnaissance tool. This tool performs passive lookups only using publicly available data through DNS queries, HTTP header inspection and public port connections. No active exploitation or intrusive scanning is performed.
Lead Capture Forms
Name, email address, company name and the resource you requested. Collected when you download guides, checklists or other materials from our website.
Payment Information
Payment processing is handled entirely by Stripe. We do not store your credit card number, CVV or full payment credentials on our servers. We retain order details such as your name, email, engagement type, amount paid and transaction reference for our business records.

2. How We Use Your Information

We use your personal information for the following purposes:

  • Responding to your inquiries and providing requested services
  • Processing payments and fulfilling service engagements
  • Delivering resources you have requested through lead capture forms
  • Communicating with you about your engagement or account
  • Improving our website and services

3. How We Store Your Data

Contact form submissions and lead capture form data are emailed to info@sherlockforensics.com and stored as JSON files on our secure servers. Payment data is processed and stored by Stripe in accordance with PCI DSS standards. We do not store full payment card details on our infrastructure.

4. Who We Share Data With

We share personal information with the following third parties only as necessary to deliver our services:

Stripe
Payment processing for service purchases. Stripe processes your payment data under their own privacy policy.
BaitAndPhish.com
When you purchase a phishing simulation campaign, we share relevant engagement details with BaitAndPhish.com to execute the campaign on your behalf. This sharing occurs only when you have purchased this specific service.

We do not sell, rent or trade your personal information to any third party for marketing or any other purpose.

5. Data Retention

Contact form submissions, lead capture data and engagement records are retained for legitimate business purposes including legal compliance and ongoing client relationships. You may request deletion of your personal data at any time by contacting us (see Section 8 below).

6. Cookies and Tracking

Our website uses the following analytics, advertising and third-party cookies to measure site performance, track conversions and improve our service:

  • Google Analytics 4: Sets first-party cookies (_ga, _gid, _gat_*) to measure aggregate site usage. Data is reported in anonymized form and helps us improve site navigation and content.
  • Google Ads conversion tracking: Sets cookies (_gcl_au, _gac_*) to attribute purchases and consultations to specific advertising campaigns. Used only for marketing attribution reporting.
  • Stripe: May set cookies when you interact with our payment forms for fraud prevention and session management.
  • Google Fonts: May set cookies when loading web fonts from Google servers.

We use anonymous A/B testing to improve our website experience. Variant assignments are stored in your browser's localStorage only and are not transmitted to our servers or linked to any personal information.

You can manage or block cookies through your browser settings. Blocking analytics or advertising cookies will not affect site functionality or your ability to purchase services.

7. Recon Tool Data

Our free reconnaissance tool queries publicly available data sources only. It performs DNS lookups, HTTP header inspection and public port connections against the domain or IP address you provide. No active exploitation, vulnerability scanning or intrusive testing is performed. The tool accesses only information that is already publicly available on the internet. Query data may be logged for rate limiting and abuse prevention purposes.

8. Your Rights Under PIPEDA

Under Canada's Personal Information Protection and Electronic Documents Act, you have the right to:

  • Access the personal information we hold about you
  • Request correction of any inaccurate or incomplete information
  • Request deletion of your personal information
  • Withdraw consent for the collection and use of your information going forward

To exercise any of these rights, contact us at info@sherlockforensics.com or call 888.883.4550. We will respond to your request within 30 days.

9. Security

We implement reasonable technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure or destruction. These measures include HTTPS encryption for all data in transit, secure server infrastructure and access controls limiting data access to authorized personnel only.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party website you visit.

11. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of our website after changes are posted constitutes your acceptance of the revised policy.

13. Contact Us

If you have questions or concerns about this privacy policy or our data practices, please contact us:

Phone
888.883.4550
Company
Sherlock Forensics, Vancouver, British Columbia, Canada

14. Governing Law

This privacy policy is governed by and construed in accordance with the laws of the Province of British Columbia, Canada and the federal laws of Canada applicable therein.

Your choices

Sherlock Forensics uses cookies in 3 categories. Necessary cookies are always active so the site can function. Analytics cookies (Google Analytics 4) help us measure how visitors use the site. Marketing cookies (Google Ads) measure the effectiveness of advertising campaigns. You can accept or reject analytics and marketing cookies at any time.

Change your preferences

Click the button below to reopen the cookie consent banner and update your choices.

Your consent decisions are stored locally in your browser and expire after 12 months. We also keep an anonymized server-side audit log (region category, decision categories and timestamp) so we can demonstrate compliance to regulators on request.

Questions

Need more information?

If you have questions about how we handle your personal information, contact our team directly.