osintx
Legal

Privacy Policy

Last updated: April 3, 2026

1. Overview

osintx_ (“we”, “us”, “our”) is an open source intelligence platform operated for educational and research purposes. This Privacy Policy describes what data we collect, why we collect it, how it is stored and your rights regarding your personal information.

By using the platform you agree to the practices described in this document. If you do not agree, please refrain from using our services.

2. Data We Collect

We collect the minimum data necessary to operate the service:

  • Account data — username, email address and hashed password when you create an account.
  • Search queries — search terms entered into the platform are logged temporarily for rate-limiting and abuse prevention.
  • Usage metadata — IP address, browser user-agent, timestamps of requests. Retained for a maximum of 30 days.
  • Payment data — we accept cryptocurrency only. We record the transaction ID, amount, currency and selected plan. No card or banking data is ever processed.
  • Cookies — a single session cookie for authentication. No third-party tracking cookies.

3. How We Use Your Data

  • To authenticate you and maintain your session.
  • To enforce rate limits and prevent abuse.
  • To activate and manage your subscription after payment confirmation.
  • To respond to support requests sent to our contact address.
  • To improve platform stability through aggregated (non-personal) analytics.

We do not sell, rent or share your personal data with third parties for marketing purposes.

4. Data Storage & Security

All data is stored on servers located within the European Union (Germany). Data at rest is encrypted using AES-256. Data in transit is protected by TLS 1.3. Access to production systems is restricted to authorized personnel only.

Despite these measures, no system is 100% secure. In the event of a breach affecting your personal data we will notify affected users within 72 hours in accordance with GDPR Article 33.

5. Data Retention

  • Account data is retained for as long as your account is active.
  • Search query logs are automatically purged after 30 days.
  • Payment receipts are retained for 7 years to satisfy tax obligations.
  • Request metadata (IP, user-agent) is deleted after 30 days.

6. Your Rights (GDPR)

If you are located in the European Economic Area you have the following rights:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate data.
  • Right to erasure — request deletion of your account and associated data.
  • Right to portability — receive your data in a machine-readable format.
  • Right to object — object to processing based on legitimate interest.

To exercise any of these rights, contact us at privacy@osintx.io. We will respond within 30 days.

7. Third-Party Services

osintx_ integrates with third-party data sources solely for OSINT research purposes. These integrations do not involve sharing your personal information. We use no third-party analytics SDKs (e.g., Google Analytics).

Payments are processed peer-to-peer via blockchain networks (Bitcoin, Ethereum, Solana, TRON, TON). No payment processor receives your personal data.

8. Children

osintx_ is not directed at individuals under 18 years of age. We do not knowingly collect data from minors. If you believe a minor has created an account please contact us immediately.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via a notice on the platform. Continued use after changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related inquiries: privacy@osintx.io
For general support: support@osintx.io