Privacy Policy

Last Updated: January 2025

Overview

PocketSOC™ ("we", "our", or "the app") is a product of WeaveHub. This Privacy Policy explains how we handle information in connection with the PocketSOC™ marketing website (pocketsoc.com) and the PocketSOC™ iOS application.

Key principle: We collect minimal information and prioritize security and transparency.

Information We Collect

On This Website (pocketsoc.com)

This marketing website collects minimal information:

• Waitlist Email Addresses: If you join our waitlist, we collect the email address you provide. This is used solely to notify you about PocketSOC launch updates.
• No Analytics: We do not use third-party analytics, tracking pixels, or cookies on this website.
• Server Logs: Standard web server logs (IP addresses, user agents, timestamps) may be retained temporarily for security and operational purposes.

In the PocketSOC iOS App

The PocketSOC app is designed for secure, on-device operation:

• Authentication Credentials: OAuth2 tokens obtained from CrowdStrike Falcon APIs are stored securely in the iOS Keychain on your device. We do not transmit or store these tokens on our servers.
• Tenant Configuration: Your selected CrowdStrike cloud region and base URL are stored locally on your device.
• Push Notification Tokens: To deliver push notifications, we process device push tokens. These are used only to send you alerts based on your configured severity thresholds.
• Usage Data: We may collect anonymized, aggregated usage statistics (e.g., feature usage counts) to improve the app. This data cannot identify you personally.
• Customer CrowdStrike Data: PocketSOC retrieves detection and host data from CrowdStrike Falcon APIs in real-time for display. This data is not stored on our servers. It is fetched on-demand and cached temporarily on your device for performance.

How We Use Your Information

• Waitlist emails: To send you launch announcements and beta invitations.
• App authentication tokens: To authenticate API requests to CrowdStrike Falcon on your behalf.
• Push tokens: To deliver severity-based alert notifications to your device.
• Usage data: To analyze app performance and prioritize feature improvements.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

Data Retention

• Waitlist data: Email addresses are retained until you request removal or until the waitlist program ends.
• App data: Authentication tokens and configuration are stored on your device and can be deleted by uninstalling the app or signing out.
• Server logs: Retained for up to 90 days for security and troubleshooting, then deleted.

Your Rights

You have the right to:

• Request removal from the waitlist at any time.
• Request deletion of any personal information we hold (email us at privacy@pocketsoc.com).
• Access or export your data (where applicable).

Security

We take security seriously:

• Authentication tokens are stored using iOS Keychain with biometric (Face ID) protection.
• All communication between the app and CrowdStrike APIs uses HTTPS/TLS encryption.
• We follow industry-standard security practices for any data we process.

Third-Party Services

PocketSOC integrates with CrowdStrike Falcon APIs. Your use of those APIs is subject to CrowdStrike's own terms and privacy policy. We are not responsible for CrowdStrike's data handling practices.

The app may use Apple's Push Notification Service (APNs) to deliver alerts. Apple's privacy policy governs their handling of push tokens.

Children's Privacy

PocketSOC is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of PocketSOC after changes constitutes acceptance of the revised policy.

Contact Us

For privacy-related questions, requests, or concerns:

General inquiries: hello@pocketsoc.com