Skip to content
[ LEGAL ] — PRIVACY POLICY

Privacy Policy

Last updated: February 12, 2026  |  Effective: February 12, 2026

Summary: We collect minimal personal data necessary to provide our services. We do not sell your data. We do not require KYC/KYB documentation for standard services. Your order details and report contents are treated as confidential. We use essential cookies and optional analytics. You have the right to access, correct, and delete your data.

1. Introduction

1.1. SimplySINT ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform and services.

1.2. This policy applies to all users of the SimplySINT platform, including visitors, registered clients, and API users. By using our services, you consent to the data practices described in this policy.

1.3. We operate on a principle of data minimization — we collect only the information necessary to provide our services effectively and securely.

2. Information We Collect

2.1. Account Information

When you create an account, we collect:

  • Email address: Used for account authentication, order notifications, and essential communications.
  • Display name: Optional. Used for personalizing your dashboard experience.
  • Password: Stored using industry-standard bcrypt hashing. We never store or have access to your plaintext password.

2.2. Order Information

When you place an order, we collect:

  • Target entity name, jurisdiction, and website (as provided by you).
  • Service tier selection and any additional investigation instructions.
  • Payment transaction identifiers (we do not store full payment credentials).

2.3. Technical Information

We automatically collect:

  • IP address: Used for security monitoring, rate limiting, and fraud prevention.
  • Browser type and version: Used for compatibility and troubleshooting.
  • Device information: Operating system and screen resolution for responsive design optimization.
  • Access timestamps: Used for security auditing and session management.

2.4. Information We Do NOT Collect

  • Government-issued identification documents (KYC).
  • Corporate registration documents (KYB).
  • Physical addresses or phone numbers (unless voluntarily provided).
  • Social media profiles or behavioral tracking data.
  • Financial account details (payments are processed by third-party providers).

3. How We Use Your Information

  • Service Delivery: Processing orders, conducting investigations, and delivering reports.
  • Account Management: Authentication, session management, and account security.
  • Communication: Order status updates, delivery notifications, and essential service announcements.
  • Security: Fraud prevention, abuse detection, rate limiting, and platform integrity.
  • Improvement: Analyzing aggregate usage patterns to improve service quality (no individual tracking).
  • Legal Compliance: Meeting applicable legal and regulatory obligations.

We do not use your information for advertising, profiling, or any purpose unrelated to the delivery of our services.

4. Data Sharing and Disclosure

4.1. We do not sell your personal data. Under no circumstances do we sell, rent, or trade your personal information to third parties.

4.2. We may share limited information with:

  • Payment Processors: Transaction identifiers shared with Plisio for payment processing.
  • Infrastructure Providers: Hosting and cloud service providers under strict data processing agreements.
  • Legal Authorities: When required by law, court order, or governmental regulation.

4.3. We do not share your order details, target information, or report contents with any third party except as required by law.

5. Data Storage and Security

5.1. Encryption: All data in transit is encrypted using TLS 1.2 or higher. Sensitive data at rest is encrypted using AES-256 encryption.

5.2. Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis. All access is logged and audited.

5.3. Password Security: Passwords are hashed using bcrypt with appropriate salt rounds.

5.4. Incident Response: In the event of a data breach affecting your personal information, we will notify you within 72 hours of becoming aware of the breach.

6. Data Retention

  • Account Data: Retained for the duration of your account plus 30 days following deletion.
  • Order Records: Retained for a minimum of 365 days from order completion.
  • Report Content: Retained for a minimum of 365 days from delivery.
  • Security Logs: Access logs and security audit trails retained for 90 days.
  • Analytics Data: Aggregate, anonymized analytics data may be retained indefinitely.

7. Cookies and Tracking

7.1. Essential Cookies: Required for authentication, session management, and security. Cannot be disabled.

7.2. Analytics Cookies: Optional cookies to understand aggregate usage patterns. Set only with your explicit consent.

7.3. No Third-Party Tracking: We do not use advertising cookies, social media trackers, or cross-site tracking technologies.

7.4. You can manage cookie preferences at any time through the cookie settings accessible from any page.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data.
  • Right to Restriction: Request that we limit processing of your data.
  • Right to Data Portability: Request your data in a machine-readable format.
  • Right to Object: Object to processing for certain purposes.
  • Right to Withdraw Consent: Withdraw consent for optional processing at any time.

To exercise these rights, contact us through the contact page or dashboard support form. We will respond within 30 days.

9. International Data Transfers

Your data may be processed in jurisdictions other than your country of residence. Where data is transferred internationally, we ensure appropriate safeguards are in place, including standard contractual clauses or equivalent mechanisms.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

Material changes will be communicated via email at least fourteen (14) days before they take effect. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy inquiries, contact us through the contact page or the support form in your account dashboard. We respond within 30 days.