“Transparency and operational security are at the core of Ferret. We built this tool to empower investigators while strictly adhering to privacy-first principles. Your investigations belong to you, and our architecture reflects that commitment.”
1. Introduction
Welcome to Ferret OSINT. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and associated services. We are committed to protecting your personal information and your right to privacy.
2. Data controller and contact details
For the purposes of applicable data protection laws, Ferret OSINT acts as the data controller for your account and subscription-related information. If you have any questions or concerns about this privacy policy or our practices regarding your personal information, please contact our Data Protection Officer at privacy@ferret-osint.com.
3. Principles of data processing
Our data processing practices are built on the principle of data minimization. We only collect what is absolutely necessary to maintain your account and ensure the application functions correctly. We do not sell, rent, or trade your personal information to third parties.
4. Types of data we collect
We collect minimal information necessary to provide our services:
- Account Information: Email address and securely hashed passwords used for authentication.
- Subscription Data: License keys, subscription status, and billing history (processed securely via our third-party payment providers; we do not store full credit card numbers).
- Support Communications: Information you provide when contacting our support team for troubleshooting or inquiries.
5. How we use your data
5.1 OSINT-related data handled by the app
Ferret is built on a local-first architecture. All Open Source Intelligence (OSINT) queries, target profiles, relationship graphs, notes, and collected artifacts are stored locally on your device.
Ferret does not transmit your investigation data, search terms, or target information to our servers. When the application queries external APIs (e.g., public databases, social media endpoints, or domain registries), these requests are made directly from your device or routed through anonymizing proxies if configured by the user. We have zero visibility into who or what you are investigating.
5.2 Telemetry and analytics
To improve application stability and performance, we collect strictly anonymized, opt-in crash reports and basic usage telemetry. This data includes device type, OS version, and error stack traces. This telemetry never includes investigation targets, search terms, or user-generated content. You can opt out of all telemetry collection at any time within the application settings.
6. Data storage and security
We implement industry-standard security measures to protect your account information on our servers. For the investigation data stored on your device, Ferret utilizes AES-256 encryption for its local databases, ensuring that your operational data remains secure even if the physical device is compromised, provided your device is secured with a strong passcode.
7. User rights
Depending on your jurisdiction (such as under the GDPR or CCPA), you have the right to access, correct, export, or delete your personal data. You can manage your account information directly through the Ferret dashboard. Since your investigation data is stored locally, you have complete control over its deletion by simply uninstalling the application or using the in-app “Wipe Database” feature.
8. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date. We encourage you to review this policy periodically.