← Back to Home

Privacy Policy

Last updated: March 26, 2026

1. Overview

PrufAgent ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard information when you use PrufAgent at prufagent.com.

2. What We Collect

• Account data: Email address and hashed password (if you create an account).
• Lookup queries: The names, emails, phone numbers, usernames, or other clues you submit for review.
• Usage data: IP address, browser type, scan count, and timestamps for rate limiting and abuse prevention.
• Payment data: Processed by Stripe. We never store credit card numbers.
• Support data: Messages, receipt email, order context, and screenshots you choose to send for billing, privacy, removal, or abuse reports.

3. How We Use Your Data

We use your data solely to:

• Perform public-source lookups and return reports
• Attach paid report access, lookup credits, and receipt records
• Prevent abuse and maintain platform security
• Improve report quality, source coverage, and confidence labeling

We do not sell your personal information. We share data only with service providers needed to operate the product, process payments, deliver transactional email, prevent abuse, or comply with law.

4. Data Retention & Deletion

• Lookup queries: Retained only as long as needed for report delivery, abuse prevention, billing support, and legal compliance.
• Report results: Stored for account access, receipt-linked delivery, support, and abuse-prevention needs, then removed or anonymized when no longer required.
• Account data: Retained until you delete your account.
• Guest checkout records: Receipt email and order records are retained so you can claim paid access and receive support.

5. Private Lookup Flow

PrufAgent is designed for discreet public-source review. We do not notify the person or profile being reviewed. We do not ask you to provide passwords for third-party accounts, and we do not access private accounts or bypass logins.

6. GDPR Compliance

For users in the EU/EEA:

• You have the right to access, correct, or delete your personal data.
• You can request a portable copy of your data.
• You can object to processing or request restriction.
• Contact us at support@prufagent.com for any GDPR requests.

7. Security

• All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
• Passwords are hashed with bcrypt. We never see your plaintext password.
• We review security-sensitive changes and monitor production health.
• Security reports can be sent through the contact path listed in our security policy.

8. Cookies

We use limited cookies and browser storage:

• Session token: For authenticated users (httpOnly, secure, sameSite).
• Lookup and funnel state: LocalStorage/sessionStorage and server-side events used for product flow, abuse prevention, and checkout recovery.

We do not use third-party advertising cookies. We may use privacy-focused analytics to understand site performance and conversion flow.

9. Third Parties

We use the following services:

• Stripe: Payment processing (PCI DSS compliant)
• Resend: Transactional email delivery for receipts, account, support, and recovery messages
• Plausible: Privacy-focused site analytics
• Let's Encrypt: SSL certificates

Service providers may process limited data needed to perform their role. We do not sell your personal information to advertisers.

10. Children

PrufAgent is not intended for users under 18. We do not knowingly collect data from minors.

11. Changes

We may update this policy. Material changes will be announced on the platform. Continued use constitutes acceptance.

12. Contact

Questions, deletion requests, privacy requests, and abuse reports can be sent to support@prufagent.com. Include the receipt email or account email if your request relates to a paid report.