Security & trust

You’re trusting us with sensitive identifiers.

Privacy ops only work if the operator is careful with what you hand over. We design for least exposure, verified identity scope, clear approval gates, and an audit trail of what agents did—and why.

Identity verification with Stripe Identity

Before Ghost Suite runs deep research on personal information, we verify who you are with Stripe Identity. That check confirms you are the person associated with the identifiers you want to investigate—so the product is used for your own footprint, not someone else’s.

Verification is handled by Stripe’s identity flow. We use the result to bind your account to a verified identity profile; we don’t turn Ghost Suite into an open search engine for arbitrary people.

Locked after you validate

Once your identity information is validated, that section of your profile becomes locked. You can’t freely re-edit verified identity fields to pivot the account onto a different person.

From that point, research and removal workflows are scoped to your verified information only—you can only search for, map, and act on data that corresponds to you. That lock is a core part of the security model: automation stays powerful inside your case, not portable across identities.

What the lock means in practice

  • Stripe Identity validates who you are before full research access
  • Verified identity fields lock after successful validation
  • You can only search for and operate on information about yourself
  • Agents and automation inherit that same scope—no free-roam lookups on others
  • High-impact removal steps still require your approval

Principles

  • Least exposure: collect only what’s needed to research and act
  • Verified scope: research is bound to your locked identity profile
  • Human approval gates before high-impact removal steps
  • Auditable agent runs—sources found, actions taken, outcomes logged
  • No selling personal data as a business model

How agents stay on a leash

Automation is powerful and easy to overreach. Our workflows separate discovery from action: research runs inside your verified scope; execution is intentional.

Where a site requires judgment—ambiguous matches, or irreversible steps—we route to a human rather than guessing.

What you control

You choose when to complete Stripe Identity verification and which findings become active removal work inside your locked profile.

You can review status and history for accountability—especially important for counsel and teams coordinating client matters on your behalf.

Honest limits

We work on the public web and through published privacy/opt-out channels. We don’t break into systems, social-engineer staff under false pretenses, or claim law-enforcement powers.

Identity verification reduces misuse; it doesn’t guarantee every public copy of your data can be removed. Security is continuous work—we’ll keep tightening controls as Ghost Suite hardens in beta.

Questions about security?

For diligence, counsel review, or enterprise-style questions, talk to us directly.

Security & trust resources