Privacy Policy

1. Overview

Find My DNA ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, process, and protect your information when you use our OSINT platform and services.

2. Information We Collect

Personal Information You Provide

• Account Information: Name, email address, phone number, company details
• Professional Credentials: Job title, professional licenses, certifications
• Payment Information: Billing address, payment method details (processed by third-party providers)
• Communication Data: Support tickets, feedback, and correspondence

Information Collected Automatically

• Usage Data: Search queries, platform interactions, feature usage
• Technical Data: IP addresses, browser type, device information
• Performance Data: Session duration, error reports, performance metrics
• Security Data: Login attempts, access logs, security events

Third-Party Information

We may collect information from publicly available sources and authorized third-party databases as part of our OSINT services. This information is processed in accordance with applicable laws and our Terms of Service.

3. How We Use Information

Service Provision

• Providing and maintaining our OSINT platform
• Processing search requests and delivering results
• Authenticating users and preventing unauthorized access
• Providing customer support and technical assistance

Platform Improvement

• Analyzing usage patterns to improve our services
• Developing new features and capabilities
• Conducting research and analytics
• Testing and optimization

Legal and Security

• Complying with legal obligations and regulations
• Detecting and preventing fraud and abuse
• Protecting our systems and users from security threats
• Responding to law enforcement requests

4. Information Sharing

We do not sell, rent, or trade your personal information. We may share information in the following circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our platform, including:

• Cloud hosting and infrastructure providers
• Payment processing services
• Analytics and monitoring tools
• Customer support platforms

Legal Requirements

We may disclose information when required by law, including:

• Compliance with subpoenas, court orders, or legal processes
• Response to government investigations
• Protection of our rights and property
• Prevention of fraud or illegal activities

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Storage & Security

Security Measures

• Encryption: Data encrypted in transit and at rest using AES-256
• Access Controls: Multi-factor authentication and role-based access
• Network Security: Firewalls, intrusion detection, and monitoring
• Regular Audits: Security assessments and penetration testing

Data Centers

Our data is stored in secure, SOC 2 Type II certified data centers with:

• 24/7 physical security and monitoring
• Redundant power and cooling systems
• Regular backups and disaster recovery procedures
• Compliance with international security standards

6. Data Retention

Retention Periods

• Account Data: Retained while your account is active plus 7 years
• Search Logs: Retained for 3 years for security and compliance
• Communication Records: Retained for 5 years
• Security Logs: Retained for 7 years as required by law

Deletion Process

When data is no longer needed, we securely delete it using:

• Cryptographic erasure for encrypted data
• Multi-pass overwriting for physical storage
• Certificate of destruction for hardware disposal

7. Your Privacy Rights

GDPR Rights (EU Residents)

• Access: Request copies of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Restriction: Limit how we process your data
• Objection: Object to certain types of processing

CCPA Rights (California Residents)

• Know: Information about data collection and use
• Delete: Request deletion of personal information
• Opt-Out: Opt-out of sale of personal information
• Non-Discrimination: Equal service regardless of privacy choices

8. Cookies & Tracking Technologies

Types of Cookies We Use

• Essential Cookies: Required for platform functionality
• Performance Cookies: Help us improve our services
• Functional Cookies: Remember your preferences
• Analytics Cookies: Understand how you use our platform

Managing Cookies

You can control cookies through:

• Your browser settings
• Our cookie preference center
• Third-party opt-out tools

9. International Data Transfers

We may transfer your personal data to countries outside your residence for processing. We ensure adequate protection through:

• Adequacy Decisions: Transfers to countries with adequate protection
• Standard Contractual Clauses: EU-approved contract terms
• Binding Corporate Rules: Internal data protection standards
• Certification Programs: Privacy Shield and similar frameworks

10. Children's Privacy

Our services are designed for professional use and are not intended for children under 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 18, we will delete it immediately.

11. Policy Changes

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will:

• Notify you of material changes via email or platform notification
• Post the updated policy on our website
• Provide 30 days notice for significant changes
• Maintain previous versions for reference

12. Contact Information

Data Protection Officer

International Representatives