Privacy Policy

Last Updated: 2026-05-25

1. Data Controller

This service is operated by a pseudonymous entity ("OpSec"). Jurisdiction is intentionally decentralized. For legal inquiries, contact: Support Ticket.

2. What We Collect

Nothing tied to your identity. We operate on a strict "Death to PII" mandate. No IP logs. No analytics. No third-party trackers. Order metadata is limited to an anonymous Invoice ID and a Support OTP.

3. Cookies

We use a single session token cookie for authentication. It contains no personal information and is strictly necessary for the application to function.

4. Third-Party Processors

We interact with JAP, Trocador, and Mullvad strictly for fulfillment. Only anonymized order parameters are sent to these services. No user data leaves our isolated infrastructure.

5. Retention Periods

Ephemeral state (such as pending carts) is dropped automatically. Closed support tickets and expired invoices are actively scrubbed. Delivered credentials remain encrypted via AES-256-GCM.

6. User Rights

Given our zero-data design, rights of access and erasure are inherently satisfied. There is no personal data to retrieve or delete.