idPersona | Client Privacy

Client Privacy.

idPersona is committed to protecting your privacy. We provide Open Source Intelligence (OSINT) services with a strict no-cloud, no-tracking, no-cookies policy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information in compliance with the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

Scope

This policy applies to all users, clients, and visitors residing in the State of California and all other States (U.S.) and territories. We do not knowingly collect or store personal data from anyone unless explicitly and voluntarily provided as part of a professional engagement.

What We Do Not Do

To preserve your privacy and security, we affirm the following:
❌ No cloud storage: All data is processed and stored locally on encrypted devices under our control.
❌ No cookies: Our website does not use session or persistent cookies.
❌ No analytics or tracking tools: We do not use tools like Google Analytics, Facebook Pixel, or browser fingerprinting.
❌ No profiling or behavioral advertising: We do not build user profiles, serve personalized ads, or sell any user data.
❌ We do not sell data to anyone. This will ALWAYS be a company policy.

Information We Collect

We only collect personal information you voluntarily provide to us, typically during:
• A service inquiry via email or contact form.
• A signed engagement or statement of work.
• Communications during a client engagement.

This may include:
• Name, email address, or contact information.
• Files or data you share for investigative or intelligence purposes.

We will NEVER ask for the following information:
• Social Security Number.
• State or License ID Number.
• Passport or Federal ID Number.

How We Use Information

Any personal information you voluntarily provide is used strictly for:
• Delivering the requested OSINT or consulting service.
• Communicating with you during the engagement.
• Comply with legal obligations.

Security Measures

We use industry-standard security practices including:
• Local encrypted storage (AES-256 or equivalent).
• No use of public/private cloud or third-party storage for client materials.
• Controlled internal access on a need-to-know basis.
• Secure file deletion and media sanitation practices.

Do Not Track (DNT) Signals

Since our website does not use tracking technologies, we fully honor Do Not Track (DNT) signals sent by your browser.