ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™Insider Threat Matrix™

Privacy Policy

Forscie Limited ("we," "our," or "us") respects the privacy of users of the Insider Threat Matrix™ platform ("Platform").

This Privacy Policy outlines the types of information we collect from Platform visitors ("User"). It also explains how we use, share, protect, and retain that information. By visiting the Site, you agree to the terms outlined in this Privacy Policy.

Information Collected from Cookies on Web Traffic Reporting and Content Tools
"Cookies" are data sent to your web browser and stored on your computer. Most web browsers can be configured to not accept cookies or to notify you if a cookie is sent to you. If you do not want cookies set during your visit to this Site, you can disable them in your web browser settings. We use a free third-party software service called Google Analytics® to capture and analyze non-personally identifiable website usage information.

We log all accesses and record the following information for each Site user: IP address, date and time of access, the requested URL, the referring URL (if provided by the web browser), and the browser type (if provided by the web browser). The IP address and its associated domain name (if any) are used to determine broad demographic information. The IP address may also be used to track how users navigate through the Site.

Due Diligence for Intrusion Detection, Prevention, and Reporting
We perform due diligence to preserve the integrity of the information on the Site. We use various logging and tracking mechanisms to support the detection, reporting, or recovery from attempted intrusions into insiderthreatmatrix.org. We reserve the right to use all available technologies without notice to protect our networks from unauthorized use, and to report attempted intrusions to the appropriate authorities.

Information Collected from Third-Party Software and Media Sites
When Users visit the Site, they may link to third-party software and/or media sites. We do not collect any information that may be collected by those third parties; however, information you supply to such third-party software may be collected and/or used by them. For information about their respective privacy policies, please refer to their websites.

Information Collected and Processed Through AI-Assisted Insider Threat Matrix™ Mapping

The Insider Threat Matrix™ platform includes an optional feature that allows Users to submit a free-text description of an insider-related scenario in order to identify relevant Articles, Sections, and Sub-sections within the Matrix.

When a User submits a description through this feature, the content is transmitted securely to a third-party artificial intelligence service provider (OpenAI) via application programming interface (API) for the purpose of analyzing the text and returning relevant Insider Threat Matrix™ knowledge objects. This functionality is designed solely to assist Users in navigating the Matrix and does not constitute investigative advice, legal analysis, or automated decision-making.

Forscie Limited retains submitted descriptions and related technical metadata (including timestamp, IP address, and system-generated identifiers) for monitoring, abuse prevention, security analysis, system diagnostics, research and service improvement purposes. Submissions may be reviewed internally to evaluate feature performance, detect misuse, and improve system accuracy.

Retained submissions may also be used, in anonymized and aggregated form where appropriate, to develop, test, refine, or train Forscie-owned artificial intelligence models and related systems. Such use is limited to improving Forscie services and does not involve the sale of data or disclosure to unrelated third parties.

Users should not submit personally identifiable information (PII) or confidential organizational data when using this feature. The Platform is a public knowledge resource and is not intended to function as a case management, investigative documentation, or evidence storage system.

Forscie Limited does not use submitted descriptions to train third-party foundation models. OpenAI processes submitted content in accordance with its own privacy policy and applicable API data usage terms.

Use of this feature is voluntary. If you do not wish for content to be processed and retained as described above, you should refrain from using the AI-assisted mapping functionality.

Changes to Our Privacy Policy
The Site may change from time to time. As a result, it may be necessary for us to update this Privacy Policy. Accordingly, we reserve the right to update or modify this Privacy Policy at any time without prior notice. Please review this policy periodically, and especially before providing any information. Your continued use of the Site after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of the revised Privacy Policy.