Privacy Policy
Effective Date: July 7th, 2025
1. Introduction
Minerva ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, store, and safeguard your information when you interact with our OSINT platform. By using our service, you consent to the data practices described in this policy.
2. Information We Collect
Personal Information
- Username and authentication credentials
- Payment information (processed securely through third-party payment processors)
- API keys and usage statistics for API subscribers
Technical Information
- IP addresses and geographic location data
- Session data and authentication tokens
- Usage analytics and performance metrics
Search Data
- Search queries and parameters (temporarily stored for processing)
- Search results metadata (not the actual results content)
3. How We Use Your Information
- To provide, maintain, and improve our OSINT services
- To authenticate users and ensure platform security
- To process payments and manage subscription services
- To communicate important updates, security notifications, or service announcements
- To analyze usage patterns and optimize platform performance
- To comply with legal obligations and prevent fraud or abuse
- To provide customer support and respond to inquiries
4. Legal Basis for Processing (GDPR)
- Contractual necessity: To provide services you've requested
- Legitimate interests: Platform security, fraud prevention, and service improvement
- Legal compliance: To meet regulatory and legal requirements
- Consent: For marketing communications (where applicable)
5. Data Sharing and Third Parties
We May Share Data With:
- Payment processors (PayPal, SellAuth) for transaction processing
- Security services for fraud detection and prevention
- Analytics providers for anonymized usage statistics
- Legal authorities when required by law or to protect our rights
We Do NOT:
- Sell personal information to third parties
- Share search queries or results with external parties
- Use your data for advertising or marketing to third parties
6. Data Security and Protection
- All passwords are securely hashed using industry-standard encryption
- Access to personal data is restricted to authorized personnel only
- Search results are processed in memory and not permanently stored
- We implement appropriate technical and organizational measures to protect your data
- For any security vulnerabilities or incidents, please contact us immediately through our contact page
7. Data Retention
- Account information: Retained until account deletion is requested
- Search queries: Temporarily stored for processing (maximum 30 minutes)
- Usage logs: Retained for up to 12 months for security and analytics
- Payment records: Retained as required by law (typically 7 years)
- Deleted data is permanently removed from our systems within 30 days
8. Your Rights and Choices
Under GDPR and CCPA, you have the right to:
- Access: Request a copy of your personal data we hold
- Rectification: Correct inaccurate or incomplete personal data
- Erasure: Request deletion of your personal data ('right to be forgotten')
- Portability: Receive your data in a structured, machine-readable format
- Restriction: Limit how we process your personal data
- Objection: Object to processing based on legitimate interests
To Exercise Your Rights:
- Contact us through our contact page with your request
- We will respond within 30 days of receiving your request
- Identity verification may be required for security purposes
9. Cookies and Tracking
- Essential cookies: Required for basic platform functionality and security
- Session cookies: Temporary cookies for user authentication
- Preference cookies: Store language and user interface preferences
- Analytics cookies: Anonymized data for usage statistics
10. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and adequacy decisions where applicable.
11. Children's Privacy
Minerva is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately.
12. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users within 72 hours of becoming aware of the breach, as required by applicable law.
13. California Privacy Rights (CCPA)
- Right to know what personal information is collected and how it's used
- Right to delete personal information (subject to certain exceptions)
- Right to opt-out of the sale of personal information (we do not sell data)
- Right to non-discrimination for exercising CCPA rights
14. Updates to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated through Telegram or prominent notice on our platform. Continued use after changes indicates acceptance of the updated policy.
15. Contact Information
For privacy-related inquiries, data subject requests, or concerns about this policy, please contact us through our
contact page
or reach out to our Data Protection Officer if you are in the European Union.