1. Case intake starts with a safe summary
Every case starts with a short summary: case type, general city or area, basic chronology, initial evidence lawfully held by the client, and the verification goal. At this stage, clients do not need to share passwords, OTPs, account access, full identity documents, or complete sensitive files.
The goal of intake is to understand context and risk, not to collect as much data as possible.
2. Lawful screening and conflict check
The team reviews whether the case objective is legitimate, whether there is a risk of misuse, and whether the request involves hacking, illegal interception, doxing, intimidation, or unauthorized access. Unsafe requests are declined or redirected to formal routes such as a lawyer, police, or mediation.
3. Written work scope
Before work starts, scope must be clear: verification objective, area, timeline, report output, permitted methods, declined methods, and cost. A clear scope prevents unrealistic expectations and keeps the work proportional.
Clear objective
Every verification must have a specific and explainable purpose.
Bounded methods
Only lawful and proportional methods are used; hacking and illegal interception are declined.
Measurable output
The result is structured as a summary, chronology, supporting evidence, and safe next steps.
4. Data minimization and privacy protection
The principle is simple: collect only what is needed. Identity details, documents, photos, screenshots, links, phone numbers, or emails are processed only when relevant and lawfully provided by the client.
Sensitive information should not be shared with team members who are not directly involved in the case.
5. Evidence handling and simple chain-of-custody
Digital evidence and documents should be logged with source, time received, file format, context, and limitations. A screenshot without context is not automatically a final fact; it may need supporting links, dates, conversation context, or explanation of how it was obtained.
6. Reporting and recommendations
Findings are written in calm, non-provocative language. A good report helps clients make decisions, not escalate conflict. If a case may enter a formal legal route, the recommendation should point the client to a lawyer or competent authority.
Automatically declined requests
- WhatsApp interception, account hacking, email compromise, spyware, or unauthorized device access.
- Requests for bank data, private medical data, or records not lawfully held by the client.
- Doxing, intimidation, extortion, entrapment, threats, or actions that could endanger safety.
- Field work that involves entering private areas, harassment, or physical confrontation.