PRE-RELEASESTANDING BYSIGNAL ACQUIRED48 8A BE 20 F8 91TIMESTAMP: CLASSIFIED3F DA B7 5F A5 D6ACCESS DENIEDC2 D7 61 6B C4 9B8D C2 09 CF CB 4FC4 4F 86 5C 90 DE42 3A 7C D7 D9 E4NOTHING TO ANNOUNCE86 AB 41 47 13 49DEKRYPT LABSIDENTITY SUPPRESSED41 D3 B8 5D 92 9838 C5 E0 75 3E 12ZERO FOOTPRINTDO NOT DISTRIBUTEF8 15 0C 8B FC E04E 4E B0 CB A9 22BE CC BB 50 F9 CFNETWORK COMPROMISEDPROTOCOL: DARKIDENTITY SUPPRESSED29 F2 42 CA 32 AD61 EB 1C D4 25 1BNETWORK COMPROMISED01 63 D6 CC FC E7C1 7A 44 07 74 60SUBSEC · 14BNETWORK COMPROMISED78 00 E2 54 7F 83STANDING BYPRE-RELEASECLEARANCE UNVERIFIED46 B5 25 91 AE 7F5C 31 5D 68 EA BDC1 C9 6E 35 63 45STANDING BYBD 47 6A FB C2 303D 68 65 9D 15 37PROTOCOL: DARK6B 7E DF BB 70 4B08 83 46 54 2C F0UNIT CONFIRMEDBC 75 0E 36 C4 CE23 4C 2F 9B E4 3ASTANDING BYMARK — D · LE7 77 BB 5B 4E F1HANDLER: UNKNOWN53 EC 45 F5 1C 4B48 F2 FA 2F 09 8E62 D2 A2 31 1F EFINTERNAL CIRCULATION ONLYEXTRACTION PENDING5B 79 5D 62 47 8286 8B 6C F1 F8 44EXTRACTION PENDINGNETWORK COMPROMISEDNETWORK COMPROMISEDNODE: OFFLINEE1 E6 3B 4B D9 8FORIGIN: REDACTEDUNIT CONFIRMED78 9B FB F7 5F C3B0 EB 88 8D B6 C931 D2 ED 80 2E 67CLEARANCE UNVERIFIEDUNIT CONFIRMEDCLEARANCE UNVERIFIEDZERO FOOTPRINTDEEP COVER INTACTDEEP COVER INTACT84 85 CA D7 43 24A9 B5 78 7F 4D AFCOMPARTMENTALIZEDEXTRACTION PENDINGDO NOT DISTRIBUTE21 4C D7 52 BF 69C7 4E 4C 77 79 CBSTANDING BY96 41 CF 13 D8 C3B3 2E B2 67 36 0AOPERATION · UNDISCLOSEDC1 B8 A3 B2 B8 C7TIMESTAMP: CLASSIFIEDMARK — D · L06 DA 6E B5 A6 D4DO NOT DISTRIBUTE7F C9 BD DD 59 DD33 97 0D 82 37 4BF3 9D 01 B5 E6 254F 75 52 83 54 D540 F9 7D CF BA 9FPRE-RELEASEA0 5E D4 41 2A F2ZERO FOOTPRINTF6 0F B4 8C 42 5073 53 79 3E AF 0ERECEIVED · STAND BYFREQUENCY LOCKEDUNIT CONFIRMEDINDEX 001 RESTRICTEDLINE 01 — ENCRYPTED36 19 DC 3C 06 6AOPERATION · UNDISCLOSEDAWAITING CLEARANCEASSET UNCONFIRMEDFREQUENCY LOCKEDE0 71 CB B8 1B 09STANDING BYNODE: OFFLINEASSET UNCONFIRMED7B E3 70 5D 56 49HANDLER: UNKNOWNNETWORK COMPROMISEDB0 13 E7 9A 8C E3BURN AFTER READINGRECEIVED · STAND BY82 8B BB A1 E9 27IDENTITY SUPPRESSEDA3 46 1E 39 0C 9654 3C 47 F8 0F ED0C 3B A2 DA F3 A9TIMESTAMP: CLASSIFIED01 7D BC 99 9F CAPRE-RELEASE08 28 E6 F1 E7 3ESTANDING BY38 5B 8F 1C C5 B2BLACKOUT ACTIVEPRE-RELEASE34 E4 EF 01 E3 FDIDENTITY SUPPRESSEDLINE 01 — ENCRYPTED6C 25 16 FC EA 8E66 6D D1 32 C9 F6STANDING BYINTERNAL CIRCULATION ONLYPRE-RELEASE9B 4F B4 01 38 32C4 73 3E BB 9B 07AWAITING CLEARANCE71 BA 0A 5B B0 4CMARK — D · LC9 80 72 F7 B2 AB50 17 B6 EC 6B 106C 44 CF 2C B8 09C7 4D 57 23 73 5F77 49 C2 36 B6 21BURN AFTER READING67 94 77 2F A9 5A16 D1 77 E2 E1 C2F6 5C 7C 25 6A 353E 4B 24 23 8D BDB7 40 5B DD BB DABURN AFTER READING4C 54 77 63 1A 31D6 AA 08 67 63 3BEC 6C 36 24 14 C03B 38 88 49 A8 8FPRE-RELEASETIMESTAMP: CLASSIFIED8D C4 7D 7E 79 1F16 93 2F 14 4E 07HANDLER: UNKNOWN42 39 46 9D 2D AEMARK — D · LSIGNAL NOMINAL70 A6 AE CF D0 9125 B2 32 72 45 6125 C1 9B E0 4D 579A 88 1C 1C BB 19DEKRYPT LABSSTANDING BYSTANDING BYASSET UNCONFIRMEDD7 35 12 69 51 3ACHANNEL ENCRYPTEDCOMPARTMENTALIZEDTRANSMISSION SECUREDB8 4F 3F 6C 98 0CEXTRACTION PENDINGIDENTITY SUPPRESSEDD4 92 91 CD 99 67AE 9D 6E 95 1C 57MEMORY WIPE PENDING82 BA CA 83 91 83BURN AFTER READINGNOTHING TO ANNOUNCEEE 77 84 04 43 4ELINE 01 — ENCRYPTED52 6F D5 63 D9 0DNODE: OFFLINESTANDING BYC7 0B 38 35 67 D584 D8 83 1F EE 0141 AF 93 F6 20 7FSTANDING BYFC F6 94 2B 3A 65ASSET UNCONFIRMED7D DA A7 62 CF CDC5 78 C1 D0 67 B732 95 C8 5A A0 BED3 FF 22 9D C5 B5AE 45 2F 29 E0 32NODE: OFFLINE5A A8 F9 4A 35 FCBD 4D A5 A2 06 98B8 B5 1C AC FE 4BOBSERVER 04 · ENGAGEDNODE: OFFLINE16 D0 32 B6 89 ECSTAGE 00 CONSTRUCTIONORIGIN: REDACTEDAA E2 35 BF 09 DFTIMESTAMP: CLASSIFIEDDEKRYPT LABSDEKRYPT LABSBLACKOUT ACTIVEZERO FOOTPRINTSTAGE 00 CONSTRUCTION1C ED D3 4E 5B D6DEKRYPT LABSDA A7 D5 4E 75 50OPERATION · UNDISCLOSEDSTANDING BYDC 50 A4 58 B7 F7C0 B4 B2 D3 A0 01OPERATION · UNDISCLOSEDMARK — D · LSIGNAL NOMINALPROTOCOL: DARK6F 70 66 E3 F7 0BAWAITING CLEARANCEFC 0C 49 7B E2 051B 08 AB B0 D5 F40A F6 FB 7A 1E F5F2 17 A1 B2 29 A7UNIT CONFIRMEDTRANSMISSION SECURED6D 36 4D 43 F7 9EC7 B0 6A 1C 03 6550 FD E0 4F BA D785 A9 D0 62 8E 7DHANDLER: UNKNOWNZERO FOOTPRINT07 A8 CD 6E AE B0C9 98 7E 37 EE 1F73 E6 2A 7C A2 2FUNIT CONFIRMED12 3A 04 91 C1 9CFF 49 39 8E B0 2AHANDLER: UNKNOWN12 38 96 F2 8E CETRANSMISSION SECUREDINTERNAL CIRCULATION ONLY6C 0E E2 47 86 F743 7F A0 D0 14 FB93 D3 17 31 2B C2E0 87 2B 79 00 9DC4 5A 8A B1 CD AC3E 30 A3 DF D8 BC4C 70 2D 3E 90 A5ASSET UNCONFIRMED5C E2 9A 84 68 BFOBSERVER 04 · ENGAGED15 8C C6 17 5C A5SIGNAL ACQUIRED75 8C 1A D4 2E 51STAGE 00 CONSTRUCTIONDO NOT DISTRIBUTEUNIT CONFIRMEDED E5 89 42 08 A17F A1 BB F5 7F 044F 89 76 77 06 E5INDEX 001 RESTRICTEDEYES ONLYCOMPARTMENTALIZEDNODE: OFFLINEPROTOCOL: DARKSIGNAL ACQUIRED68 6B C9 06 B4 15IDENTITY SUPPRESSEDPROTOCOL: DARKSIGNAL ACQUIREDNODE: OFFLINE21 3E 88 47 89 5FF1 E0 E0 22 19 61C8 5B 4C 8A 2E BACLEARANCE UNVERIFIEDEXTRACTION PENDINGNOTHING TO ANNOUNCEF1 30 B6 2F 1E 8BORIGIN: REDACTEDOPERATION · UNDISCLOSEDLINE 01 — ENCRYPTEDMARK — D · L02 63 37 E7 44 17FE 08 AF 8A 5D CENETWORK COMPROMISEDEYES ONLYFA 71 FF 3C AA 7F3D FE 7D 17 2E 3AOPERATION · UNDISCLOSED0F 6D 13 63 42 DEINDEX 001 RESTRICTED66 31 9B DF 00 98NODE: OFFLINEDEEP COVER INTACTZERO FOOTPRINTTIMESTAMP: CLASSIFIEDSTAGE 00 CONSTRUCTION

DEKRYPT LABS

INDEX 001

◇ Legal · Privacy

Privacy Policy

Effective 16 June 2026 · Version 1.0

This Privacy Policy explains how Dekrypt Labs (“Dekrypt Labs”, “we”, “us”) collects, uses, stores, shares and protects your personal data when you use BIOS — the Business Intelligence Operating System and related websites and services (the “Service”). We process personal data in accordance with the Digital Personal Data Protection Act, 2023 (“DPDP Act”), the Information Technology Act, 2000 and the SPDI Rules, 2011. By creating an account and giving your consent, you agree to the practices described here.

01Who we are (Data Fiduciary)

Dekrypt Labs is the Data Fiduciary responsible for deciding the purpose and means of processing your personal data through BIOS. For any privacy question, or to exercise your rights, contact our Grievance Officer (see §11).

02Personal data we collect

We collect only what we need to run the Service:

Identity & account data — full name, email address, and, where you sign in with Google, your Google account identifier and profile name.
Verification data — date of birth (to confirm you are 18 or older) and mobile number (verified via a one-time code).
Usage data — the research queries you run, reports generated, credit balance and activity logs.
Technical data — IP address, device/browser information and session cookies necessary to keep you signed in and to secure the Service.

We do not knowingly collect special-category or financial-account data through these flows. Please do not submit sensitive personal information in free-text research queries.

03Why we process it (purposes)

To create and secure your account and verify your identity and age.
To provide, operate and improve BIOS and its intelligence outputs.
To communicate service, security and account notices to you.
To prevent fraud and abuse and maintain the integrity of the Service.
To comply with applicable law and respond to lawful requests.

04Legal basis — your consent

We process your personal data on the basis of the consent you give at sign-up, and for the certain legitimate uses permitted under the DPDP Act. Your consent is free, specific, informed, unconditional and unambiguous, given through a clear affirmative action (ticking the consent box). You may withdraw your consent at any time — see §6 and §7. Withdrawal is as easy as giving consent and does not affect the lawfulness of processing carried out before withdrawal.

05Who we share data with (Data Processors)

We do not sell your personal data. We share it only with processors who help us run the Service, under contractual safeguards:

Supabase — authentication and database (primary data hosted in the Mumbai, India region).
Amazon Web Services (AWS) — transactional email (SES) and SMS one-time codes (SNS), Asia Pacific (Mumbai) region.
Google — Google Sign-In (OAuth), if you choose it.
Vercel — hosting and delivery of the web application.
Research providers (e.g. DeepSeek, Exa, Firecrawl, Jina) — process your research queries to generate intelligence outputs.

We may also disclose data where required by law or to protect our rights and users.

06Cross-border transfer & retention

Some processors operate outside India; any such transfer is made in accordance with Section 16 of the DPDP Act. We retain your personal data only as long as your account is active or as needed for the purposes above and to meet legal obligations, after which it is deleted or anonymised. You may request earlier deletion (see §7).

07Your rights as a Data Principal

Under the DPDP Act you have the right to:

Access a summary of the personal data we process about you.
Correction, completion and updating of your data.
Erasure of your data, subject to legal retention needs.
Grievance redressal — a readily available means to raise concerns (see §11).
Nominate another individual to exercise your rights in case of death or incapacity.
Withdraw consent at any time.

To exercise any right, email our Grievance Officer (§11). We will respond within the timelines required by law.

08Children (18+ only)

BIOS is intended only for individuals aged 18 and above. We collect date of birth to enforce this and do not knowingly process the personal data of children. If you believe a minor has provided us data, contact the Grievance Officer and we will delete it.

09Security

We follow reasonable security practices and procedures as required under the IT Act and the SPDI Rules, including encryption in transit, access controls, role-segregated database privileges and least-privilege service credentials. No method of transmission or storage is fully secure; we work continuously to protect your data.

10Cookies

We use only the cookies strictly necessary to keep you signed in and to secure your session. We do not use third-party advertising or cross-site tracking cookies.

11Grievance Officer & Data Protection Board

In line with the IT Act and DPDP Act, our Grievance Officer can answer your questions about how your personal data is processed and handle complaints:

Grievance Officer: Abhishek Gupta, Dekrypt Labs
Email: abhishek@dekryptlabs.com

If your concern is not resolved, you may complain to the Data Protection Board of India as provided under the DPDP Act.

12Changes to this policy

We may update this Policy from time to time. Material changes will be notified in-app or by email, and where required we will seek fresh consent. The “Version” and “Effective” date above indicate the current version.