OsintX.IOOsintX.IOv2.0.0
Back to legal notice & imprint

Privacy Policy

This Policy explains how OsintX.IO handles personal data when you visit our site, create an account, or use our services.

Last updated: May 4, 2026

1. Who we are

OsintX.IO (“we”, “us”) operates the website and related services. This Policy applies to personal data processed in connection with those services.

2. Data we collect

Depending on how you use OsintX.IO, we may process:

  • Account data: email address, username or display name, authentication identifiers, and billing-related information if you subscribe to a paid plan.
  • Usage data: log and security events, approximate location derived from IP, device and browser type, pages viewed, and timestamps.
  • Support communications: messages you send us and metadata needed to respond.
  • Search inputs: identifiers you submit to the platform to run lookups, as required to deliver the service.

3. Purposes and legal bases (GDPR)

Where the GDPR applies, we rely on appropriate bases such as:

  • Contract — to provide the service you request and manage your account.
  • Legitimate interests — to secure the platform, prevent abuse, improve features, and analyze aggregated usage, balanced against your rights.
  • Legal obligation — where we must retain or disclose information to comply with law.
  • Consent — where we ask for it (for example non-essential cookies or marketing), which you may withdraw at any time.

4. Cookies and similar technologies

We use cookies and local storage where necessary for authentication, preferences, and security. Optional analytics or marketing cookies, if used, will be disclosed in a cookie notice or banner where required.

5. Sharing and processors

We use infrastructure and tooling providers (e.g. hosting, email, analytics, payment) who process data on our instructions. We do not sell your personal data. We may disclose information if required by law or to protect rights, safety, and integrity of users and the public.

6. International transfers

If data is processed outside your country, we implement appropriate safeguards (such as Standard Contractual Clauses) where required by applicable law.

7. Retention

We retain personal data only as long as needed for the purposes above, including legal, accounting, and security requirements. Search logs may be retained for a limited period for abuse prevention and service improvement unless a shorter period is configured for your workspace.

8. Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict processing, object, portability, and to lodge a complaint with a supervisory authority. Contact us to exercise these rights; we will respond within the timelines required by law.

9. Security

We implement technical and organizational measures designed to protect personal data. No method of transmission or storage is completely secure; we encourage strong passwords and two-factor authentication where available.

10. Children

OsintX.IO is not directed at children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal data from children.

11. Changes

We may update this Policy and will revise the “Last updated” date. Material changes may be communicated by email or in-product notice where appropriate.

12. Contact

For privacy requests or questions, use the contact or support options published on OsintX.IO (for example the Support page).