Indra-Core
Log InSign Up
Legal Compliance Architecture

Privacy Policy

Effective Date: April 10, 2026

1. Architectural Definitions and Liability

Indra-Core ("The Platform") operates exclusively as a B2B intelligence engine and Data Processor. The registered user initiating the reconnaissance scan is the designated Data Controller. Indra-Core provides forensic data extraction and psychological modeling; all liability regarding the execution, outreach, and utilization of this data falls strictly on the Data Controller.

2. Target Data Extraction (OSINT Methodology)

The Platform utilizes automated Asynchronous DOM Extraction to parse publicly available corporate data. Our operational boundaries are strictly defined:

  • Zero Perimeter Breach: We do not bypass login walls, CAPTCHAs, or authenticated corporate networks.
  • Social Media WAF Compliance: The Platform explicitly restricts direct scraping of social media citadels (LinkedIn, X, Meta) to prevent Terms of Service violations and adhere to the Computer Fraud and Abuse Act (CFAA).
  • SMTP Verification: Executive email identification is achieved via mathematical permutation and standard SMTP server handshakes (pinging). The Platform does not dispatch email payloads and therefore operates entirely outside the jurisdiction of CAN-SPAM sending regulations.

3. Legal Basis for Processing (GDPR & CCPA)

The processing of corporate metadata and executive contact information is conducted under the Legitimate Interest framework. The data extracted is strictly Business-to-Business (B2B) and is processed for the explicit purpose of corporate intelligence and professional networking. We do not aggregate, process, or sell Business-to-Consumer (B2C) Personally Identifiable Information (PII) or sensitive personal data.

4. Operator Data Collection

To maintain Platform security and process billing, we collect necessary Operator data:

  • Authentication: Email addresses and securely hashed passwords (managed via Supabase Auth).
  • Telemetry: IP addresses, usage limits, and request metadata to prevent API abuse and DDoS vectors.
  • Financial: Capital capture is routed through Lemon Squeezy (Merchant of Record). Indra-Core does not store raw credit card data on its own servers.

5. Data Persistence and Third-Party Sub-Processors

Tactical dossiers and extracted schemas are stored in encrypted PostgreSQL vaults. To process the intelligence, data is routed through strict, non-training API endpoints:

  • Groq / Llama LPUs: For heuristic text analysis. Data passed to this API is explicitly restricted from being used to train base models.
  • Serper API: For public search engine aggregation.

We do not sell, rent, or trade Operator or Target data to third-party data brokers.

6. The Right to be Forgotten

Data Controllers (Operators) can instantly permanently delete generated dossiers via their Command Dashboard.

If you are an executive or corporate entity whose public data has been indexed by our engine and you wish to invoke your Right to Erasure under GDPR/CCPA, submit a removal directive to legal@indra-core.com. Your corporate domain and associated permutations will be blacklisted from future extraction sweeps within 72 hours.

7. Acceptable Use and Termination (Anti-Spam Mandate)

Indra-Core provides reconnaissance data. It is not a cold-email sending infrastructure. By utilizing the Platform, the Data Controller agrees to comply with all applicable electronic communication laws, including but not limited to the CAN-SPAM Act of 2003, the Telephone Consumer Protection Act (TCPA), and the ePrivacy Directive.

Any use of the Platform's extracted intelligence to facilitate phishing, malicious exploitation, or mass unsolicited spam campaigns will result in immediate account termination without refund. Indra-Core reserves the right to revoke system access at its sole discretion if anomalous or abusive API velocity is detected.

8. Disclaimer of Warranties

THE PLATFORM AND ALL EXTRACTED INTELLIGENCE ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. INDRA-CORE EXPLICITLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

Indra-Core utilizes heuristic LLM parsing and OSINT web scraping. We do not guarantee the absolute accuracy, completeness, or deliverability of the generated dossiers, psychographic profiles, or verified emails. The Data Controller assumes all risk associated with utilizing the intelligence.

9. Limitation of Liability (The Capital Shield)

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL INDRA-CORE, ITS FOUNDERS, EMPLOYEES, OR AFFILIATES BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES, ARISING OUT OF OR RELATING TO THE USE OF, OR INABILITY TO USE, THE PLATFORM.

Under no circumstances will Indra-Core's total cumulative liability to any Data Controller or third party exceed the exact capital amount paid by the user to Indra-Core for the specific service tier during the one (1) month immediately preceding the event giving rise to the claim.

10. Indemnification (Total Liability Transfer)

The Data Controller agrees to defend, indemnify, and hold harmless Indra-Core and its affiliates from and against any and all claims, damages, obligations, losses, liabilities, costs, or debt, and expenses (including but not limited to attorney's fees) arising from:

  • Your violation of any term of this Master Service Agreement.
  • Your violation of any third-party right, including without limitation any copyright, property, or privacy right.
  • Any claim that your specific outreach or utilization of a Warlord Dossier caused damage to a third party.
  • Your failure to comply with local, federal, or international spam and electronic communication laws.

11. Governing Law and Arbitration

This Agreement shall be governed by the internal substantive laws of the jurisdiction in which Indra-Core operates, without respect to its conflict of laws principles. Any claim or dispute between you and Indra-Core that arises in whole or in part from the Platform shall be decided exclusively by binding, individual arbitration, and you explicitly waive your right to participate in a class-action lawsuit or class-wide arbitration.