Skip to content
/ Legal

Privacy Policy.

Last updated 9 July 2026

This Privacy Policy explains how White Intel LLC (a Delaware limited liability company; “White Intel,” “we,” “us”) collects, uses and discloses information in connection with WhiteIntel — the website at whiteintel.dev, the public API, the MCP server and related applications (the “Service”). Contact us any time at intel@whiteintel.dev.

1. Categories of information we process

a. The intelligence corpus. WhiteIntel aggregates information from public and open sources. This may include identifiers and professional information about individuals in their business capacity — as company officers, directors, shareholders, beneficial owners or sanctioned parties (e.g., name, role, jurisdiction, associated companies, and sanctions or leak appearances). We do not intentionally collect Social Security numbers, financial-account numbers, precise geolocation, or special-category/sensitive data, and we do not use the corpus for automated decisions producing legal or similarly significant effects about individuals.

b. Account information. Email, optional display name and avatar, authentication data, plan and billing status, and product- and API-usage logs.

c. Documents you upload. The contents of documents you add to the workspace, which we process to parse, index and answer your questions about them. They are stored privately, scoped to your account by Row-Level Security, and are not used to train models.

d. Payment information. Processed by Stripe. We do not receive or store full card numbers — only a customer/subscription identifier and plan status.

e. Device/usage data. Standard log data (IP, user-agent, timestamps) and privacy-preserving, aggregate analytics used to operate and secure the Service.

2. Sources

Corpus data comes from official company registries, the Global LEI system (GLEIF), beneficial- ownership disclosures (e.g., OpenOwnership), government sanctions lists, and investigative leak datasets (e.g., ICIJ). Account, document, payment and usage data come from you and from your use of the Service. See our Trust & Methodology page for the full source list and licenses.

3. How we use information

  • to provide, secure, maintain and improve the Service and its search, graph and document features;
  • to make public-record ownership and risk information discoverable for anti-fraud, AML/KYC, due-diligence, compliance, journalism and research;
  • to create and manage accounts, process subscriptions, and provide support;
  • to enforce our Terms, prevent abuse, and comply with law.

4. Disclosures — and “sale” / “sharing”

We disclose information to vetted service providers that process it on our instructions: Supabase (database, authentication, storage), Vercel (hosting/CDN), Stripe (payments), and an AI gateway provider that routes prompts to a large-language-model provider to generate document-grounded answers (prompt content is processed to produce a response and is not used to train third-party models). We may disclose information to comply with law or lawful requests, to enforce our Terms, or in a corporate transaction.

We do not exchange your account data for money. Because WhiteIntel makes public-record information (which can include personal identifiers) available to subscribers, some of that activity may be considered a “sale” or “sharing” of personal information under certain U.S. state laws. We do not use cross-context behavioral advertising and do not share data for targeted advertising. You may exercise the opt-out and other rights described in §5.

5. Your U.S. privacy rights

Depending on your state of residence (e.g., California under the CCPA/CPRA, and Virginia, Colorado, Connecticut, Texas, Oregon and others under comparable laws), you may have the right to:

  • Know / access the categories and specific pieces of personal information we hold about you and how we use and disclose it;
  • Delete personal information, subject to legal exceptions;
  • Correct inaccurate personal information;
  • Opt out of any “sale” or “sharing” of personal information and of targeted advertising;
  • Not be discriminated against for exercising your rights, and to appeal a denied request.

To exercise any right — including as an individual who appears in the corpus — email intel@whiteintel.dev with enough detail to locate the record (for corpus records, include the entity id or dossier URL). You may use an authorized agent. We verify requests before acting and respond within the timeframes the applicable law requires. Because much of the corpus mirrors official public registers, some records may also need to be corrected at the source registry, and we may retain information where a legal exception (such as fraud prevention, legal compliance, or a journalistic/public-interest basis) applies.

6. Account data controls

From your account settings you can edit your profile and notification preferences, manage API keys, and manage or cancel your subscription through the Stripe billing portal. Self-serve data export and account deletion are being rolled out; meanwhile, email us to export or delete your account — deleting it removes your profile, uploaded documents, watchlists and keys.

7. Cookies

We use strictly-necessary cookies to keep you signed in (a secure, http-only session cookie). We do not use advertising or cross-site tracking cookies, and we do not respond to differing “Do Not Track” signals except as described for opt-out preference signals under applicable law.

8. Retention

We keep account and billing data while your account is active and as needed for legal, accounting and dispute purposes, then delete or de-identify it. Uploaded documents are kept until you delete them or close your account. Corpus records are retained while they remain relevant public information, subject to §5.

9. Security

We enforce Row-Level Security on every table, serve the public API through a locked-down role with input validation and rate limiting, revoke write access from anonymous callers, keep secrets server-side, and transmit data over TLS. No system is perfectly secure, but we work to protect your data and to notify you of material incidents as required by law.

10. Data location & international users

We are based in the United States and process data on U.S.-based cloud infrastructure. If you access the Service from outside the U.S., you understand your information will be processed in the U.S.

11. Children

The Service is not directed to children and we do not knowingly collect data from anyone under 18.

12. Changes

We may update this policy; material changes will be posted here with a new “last updated” date and, where appropriate, notified to account holders.

13. Contact

White Intel LLC · 1111B S. Governors Ave, STE 7520, Dover, DE 19904, USA · intel@whiteintel.dev · +1 (816) 624-3833.