IntelBase

Privacy Policy

Last updated: March 26, 2026.

1. Introduction

IntelBase respects the privacy of our users and is committed to protecting it through our compliance with this Privacy Policy. This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our website, IntelBase, and our practices for collecting, using, maintaining, protecting, and disclosing that information.

2. Information We Collect

We collect the following categories of information:

Account information

  • Email address and hashed password (Argon2)
  • Company name (if provided)
  • Google account identifier (if you sign in via Google)
  • IntelBase API key assigned to your account
  • IP address whitelists you configure for API access

Search and lookup data

  • Search queries you submit (such as email addresses)
  • Full lookup results returned by the Service, including linked social accounts, data-breach information, and related metadata
  • Date, time, and daily count of each lookup

Network and device information

  • IP address at registration and at each login
  • IP address associated with each request (used for rate limiting)

Billing information

  • Stripe customer and subscription identifiers, invoice records (payment method, status, price, coupon codes, and invoice download URLs). Full payment card details are handled exclusively by Stripe and are never stored on our servers.

Communications

  • Name, email, and message content submitted through our contact or enterprise inquiry forms

Authentication tokens

  • A signed JWT session cookie containing your user ID and expiration time, set on login and cleared on logout

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, operate, and maintain the Service and its features
  • To authenticate your identity and manage your account
  • To process lookups and return search results
  • To store your search history so you can review past lookups
  • To enforce plan limits, rate limits, and usage quotas
  • To process payments, manage subscriptions, and generate invoices
  • To detect and prevent fraud, abuse, and unauthorized access
  • To send transactional emails such as account verification, password resets, and important service notices
  • To respond to contact and enterprise inquiries
  • To improve, analyze, and secure the Service
  • To comply with legal obligations and enforce our Terms of Service

4. Accessing, Updating, or Deleting Your Information

You may access and update your personal information through your account settings. You may delete your account at any time from your account settings or by contacting us at [email protected].

When you delete your account, your personal account information (such as email, password, and IP addresses) and your user-linked search history are removed. However, lookup results may be retained separately in a de-identified form that is not linked to you as a user. These de-identified results may be kept indefinitely to operate and improve the Service.

5. Third-Party Service Providers

We do not sell your personal information. We share limited data with the following categories of third-party providers solely to operate the Service:

  • Payment processing: Stripe receives your email and payment details to process transactions and manage subscriptions
  • Email delivery: Resend receives your email address to deliver transactional messages such as verification codes and password resets
  • Authentication: Google receives an authorization code during OAuth sign-in and returns your email and account identifier
  • Bot protection: Cloudflare Turnstile processes captcha tokens to verify that requests originate from humans
  • Customer support: Freshdesk receives your name, email, and message when you submit a contact form
  • Data-breach lookups: third-party data providers receive the email address you search in order to return breach results

Each provider is bound by its own terms and privacy policy. We require providers to use your data only for the purposes described above.

6. Data Security

We employ technical and organizational measures to protect your data, including VPN-protected infrastructure, TLS/SSL encryption in transit, Argon2 password hashing, and firewall and network-level access restrictions. While we strive to protect your information, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal data for as long as your account is active or as reasonably necessary to provide the Service, comply with legal obligations, enforce our Terms, and resolve disputes. Lookup results may be stored separately in de-identified form, unlinked from your account, and retained indefinitely even after account deletion. You may delete your account at any time through your account settings or by contacting us at [email protected].

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at [email protected].

9. Contact Information

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us at [email protected].

This Privacy Policy is incorporated into and subject to our Terms of Service. By creating an account or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.