Binautopsy Labs handles personal data with the same evidence-led discipline applied to client artefacts. This page describes what data this website collects, why, and how long it is retained.
What we collect through this site
- Contact-form submissions (name, work email, organisation, the artefact context you share, decision deadline). Stored in our WordPress database via the Flamingo plugin and emailed to a Binautopsy Labs analyst via Amazon SES.
- Server access logs (IP address, request URL, user agent, timestamp). Retained 30 days for fail2ban, abuse mitigation, and SSL diagnostics. Not shared with third parties.
- No analytics, no marketing trackers, no third-party tags. The site sets no analytics cookies. The only cookies set are short-lived session cookies if you log into the WordPress admin (which is not a public function).
How long we keep it
Form submissions are kept indefinitely as part of the engagement record unless you ask us in writing to remove them. Server access logs roll off after 30 days. Newsletter subscriptions are kept until you unsubscribe.
Where data lives
This website runs on AWS infrastructure in the eu-west / us-east-1 regions. Email delivery uses Amazon SES (us-east-1). Both regions are governed by AWS data-processing terms.
Your rights
You can request access, correction, deletion, or export of your data at any time by emailing privacy@binautopsy.com. We aim to respond within five business days.
Engagement-level data
This page covers the website only. Data shared as part of an active engagement (artefacts, hashes, sample submissions, dossier output) is governed by the engagement-specific NDA and Data Processing Agreement, not by this page.
Last updated 2026-04-25.