PART 1: ONBOARDING VERIFICATION DATA COLLECTION

Horos-18b Systems (hereinafter "Horos-18b", "we", "our", or "us") operates a sovereign intelligence delivery platform requiring verified client authentication. Prior to any service activation or report generation, we conduct mandatory verification. This phase requires collection of specific data exclusively for compliance, authentication, and service delivery purposes.

1. DATA COLLECTED DURING ONBOARDING

The information requested during automated registration via our encrypted Telegram bot is collected for the critical purposes stated herein. This includes:

2. PURPOSE & RETENTION OF ONBOARDING DATA

2.1 Exclusive Purposes: Onboarding data is used SOLELY for:

• • Verifying client eligibility and organizational legitimacy.
• • Establishing authenticated service delivery channels.
• • Binding service access to verified organizational category and jurisdiction.
• • Enforcing appropriate service tiers (Enterprise vs. Government).
• • Complying with internal security and verification protocols.

2.2 Strict Retention Rule: Identifiable client data is retained only for the duration of active service plus 15 days post-termination for security purposes.

2.3 Session Persistence: Service access utilizes SESSION UUID persistence:

• • 72-hour session persistence for Enterprise clients
• • 24-hour session persistence for Government/Military clients
• • Session data stored client-side with server-side validation tokens
• • Automatic session termination upon expiry

This process ensures secure service delivery while maintaining operational efficiency. Client data is protected as commercial and trade secrets.

PART 2: OPERATIONAL INTELLIGENCE DELIVERY - MINIMAL-DATA ARCHITECTURE

Following successful verification and onboarding, the operational EXagon Eye™ platform embodies a Minimal-Data Collection Architecture. This section governs privacy during intelligence report generation and delivery.

Core Principle: Client data is collected only as necessary for report generation and is protected as commercial/trade secrets. We do not sell, share, or analyze client data for any purpose beyond service delivery.

3. WHAT THE OPERATIONAL SERVICE COLLECTS

The Service collects ONLY DATA NECESSARY for intelligence report generation and delivery:

4. DATA PROTECTION & COMMERCIAL SECRECY

4.1 COMMERCIAL SECRECY MANDATE: All client data provided to EXagon Eye™ is protected as commercial and trade secrets. We do not:

• • Sell, trade, or monetize client data
• • Share data with third parties except as required for service delivery
• • Use client data for analytics, profiling, or machine learning
• • Retain data beyond necessary service periods

4.2 Automated Ordering System: The platform features automated ordering and report delivery. While minimal data exchange occurs with our servers, all communications are:

• • End-to-end encrypted using military-grade protocols
• • Limited to service-essential information
• • Protected by multiple layers of cryptographic security

4.3 No External Dependencies: Intelligence generation utilizes our proprietary TITAN Engine© internally. No client data is transmitted to external AI services, cloud platforms, or third-party processors.

5. WEBSITE PRIVACY PRACTICES

5.1 No Tracking Technologies: Our presentation website operates without:

• • Cookies, web beacons, or tracking pixels
• • Analytics services (Google Analytics, etc.)
• • Advertising networks or remarketing tools
• • Session recording or heat mapping
• • Social media plugins

5.2 Minimal Server Logging: Web servers maintain only essential, rotated logs (anonymized IPs after 1 hour, URLs, status codes) for security. These are NOT linked to client service data.

6. THIRD-PARTY INTEGRATIONS

6.1 No Third-Party Data Sharing: We do not share client data with third parties except:

• • Payment processors ATLOS.io (cryptocurrency networks)
• • Essential infrastructure providers (hosting for the website, https://freedns.afraid.org/, and Telegram)

All such sharing is minimized and protected by strict contractual safeguards.

6.2 End-to-End Cryptographic Architecture: Our distributed infrastructure maintains sovereign control through:

• • Sovereign server for TITAN Engine© intelligence processing
• • Key-pair authenticated encryption for all inter-component communications
• • Cryptographic protection ensuring no cleartext data transit between components
• • Telegram utilized solely as encrypted transport mechanism

The architecture guarantees that client data remains cryptographically secured throughout processing, regardless of component distribution.

7. DATA RETENTION & DESTRUCTION

7.1 Service Data Retention: Client data is retained only as long as necessary for service delivery:

• • Active clients: Data retained for service duration
• • Terminated clients: Data purged after 15-day security window
• • Report data: Retained for 30 days for client access, then anonymized
• • Financial data: Not retained.

7.2 Destruction Upon Request: Upon formal written request through established channels:

• • Service data can be scheduled for immediate destruction
• • Reports and generated intelligence can be purged
• • All associated records irreversibly destroyed

Note: This permanently terminates service access without recovery.

8. COMPLIANCE & LEGAL FRAMEWORK

8.1 Jurisdictional Application: As a Global South entity serving Global South clients exclusively:

• • We do not fall under GDPR, CCPA/CPRA, or other Western data protection regimes
• • We comply with applicable laws in our jurisdiction of operation
• • We maintain higher internal standards than required by local law
• • We recognize data sovereignty principles of client nations

8.2 Export Control Compliance: Our service delivery complies with applicable trade and technology transfer regulations through careful client vetting and geographic restrictions.

9. SECURITY MEASURES

9.1 Cryptographic Protections:

• • End-to-end encryption for all sensitive communications
• • Military-grade encryption at rest for stored data
• • Ephemeral keys for session management
• • Zero-knowledge architecture where feasible

9.2 Physical & Organizational Security:

• • Secure facilities with biometric access controls
• • Air-gapped systems for sensitive operations
• • Multi-person control for critical data access
• • Automated security audits

10. CONTACT PROTOCOLS

10.1 Official Channels Only: All privacy communications must use channels established during onboarding. No public forums, help desks, or general contact methods exist for privacy inquiries.

10.2 Formal Request Requirements: Privacy requests must be:

• • Submitted through established secure channels
• • Authenticated using pre-established protocols
• • Formally documented and acknowledged

11. POLICY UPDATES

11.1 Modification Rights: Horos-18b reserves the unilateral right to modify this Privacy Policy without prior notice. Continued use constitutes acceptance.

11.2 Core Principle Inviolability: While procedural language may be updated, these core principles remain inviolable:

• • Minimal, purpose-limited data collection
• • Commercial secrecy protection for client data
• • No data sale, sharing, or external processing
• • Geographic restriction to Global South clients

12. FINAL ACKNOWLEDGEMENT & ACCEPTANCE

BY PROCEEDING, YOU ACKNOWLEDGE AND CERTIFY:

• • You have read, understood, and accept this Privacy Policy in its entirety across both phases.
• • You consent to necessary data collection for verification and service delivery.
• • You understand and accept the COMMERCIAL SECRECY MANDATE and MINIMAL-DATA ARCHITECTURE.
• • You acknowledge that we serve only Global South clients and are not subject to Western data protection regimes.
• • You accept all communication and modification terms herein.