Ethics Policy

Our commitment to ethical standards and practices.

Open-Source Intelligence (OSINT) is a powerful capability. At Osintly, we believe it must be used responsibly and professionally.
This Ethics Charter outlines the acceptable boundaries of our platform and provides best practices for conducting effective OSINT. By using our tools, you commit to adhering to these principles.
While Osintly provides access to extensive public and leaked data, certain behaviors are fundamentally incompatible with our service.
Osintly must never be used to intimidate, harass, or endanger individuals.
  • Doxxing is strictly banned: You may not use our platform to uncover and publicly broadcast a person's private information (e.g., home address, phone numbers, family members) with malicious intent.
  • Stalking is strictly banned: Systematic tracking or monitoring of an individual for harassment or without a legitimate investigative purpose is prohibited.
Osintly is designed for defensive security, threat intelligence, auditing, and legitimate research.
Using our tools to conduct reconnaissance with the explicit intent of planning, executing, or facilitating a cyberattack, unauthorized intrusion, or malicious social engineering campaign against any target is a violation of this charter.
We expect all Osintly users to follow professional OSINT standards during their investigations.
Even if data is publicly accessible, it should be handled with care.
  • Collect only what you need: Do not gather irrelevant, highly sensitive personal data if it does not serve the direct purpose of your legitimate investigation.
  • Respect boundaries: Recognize the difference between public interest reporting/security auditing and unnecessary intrusion into private lives.
In OSINT, a single piece of data is rarely a definitive proof.
  • Corroborate your findings: Always verify information across multiple, independent sources before drawing final conclusions.
  • Fact vs. Inference: Clearly distinguish between hard facts (e.g., an email present in a data breach) and inferences (e.g., assuming the email owner is the perpetrator).
The credibility of an OSINT investigation relies entirely on facts and context.
  • No falsification: You must never manipulate, forge, or selectively omit data retrieved from Osintly to frame an individual or misrepresent a situation.
  • Respect the context: Data removed from its original context can be highly misleading. Ensure your analysis reflects the complete picture.
  • Recognize bias: AI-generated summaries and human analysis are both prone to bias. Remain objective.
Conducting OSINT requires a clear understanding of operational boundaries.
OSINT relies on passive collection of publicly available or leaked information. Osintly provides a passive search interface.
Engaging actively with targets (e.g., sending phishing emails, calling targets, social engineering) is strictly outside the scope of OSINT and must not be conducted using data obtained from our platform for malicious purposes.
OSINT only utilizes data that can be legally collected implicitly or explicitly.
Bypassing authentication, cracking passwords gathered from leaks to access live accounts, or exploiting vulnerabilities to retrieve closed data is not OSINT—it is hacking, and it is strictly illegal.
Protect yourself and the integrity of your investigation.
  • Avoid unintended exposure: Be aware that interacting directly with target infrastructure outside of Osintly (e.g., clicking raw links found in leaks) may expose your IP and identity.
  • Secure your workspace: Keep your Osintly account secure and utilize Team features responsibly.
Responsible OSINT relies on sound data management practices.
Information gathered during an investigation should only be retained for as long as strictly necessary.
Once your mission, audit, or research is complete, you are strongly required to delete all related data concerning your targets from your personal devices and external storage.
While Osintly does not restrict the republication of public data, users remain entirely responsible for ensuring that their dissemination of such data complies with local laws and does not directly facilitate harm.
Before publishing OSINT findings, always ask yourself if the release serves the public interest or security awareness, versus simply causing reputational damage.
If you encounter a violation of this Ethics Charter, suspect an account of malicious behavior, or need to report abusive use of our platform, please contact us immediately.

contact@osint.ly