OPSEC Policy

Operational security — OPSEC — is the discipline of removing the trails that could expose you. For a service like ours, privacy is not a feature bolted on at the end; it is the architecture. This policy describes, in plain terms, the measures that protect your order from start to finish.

1. Anonymous by Payment

We accept cryptocurrency only. There is no card number, no bank-statement entry, and no billing address tied to your order. The single payment record is a transaction hash on a public ledger — a string of characters that reveals nothing about who you are.

2. Encrypted Credential Vault

Where a solo boost requires account access, any credentials you provide are encrypted at rest using authenticated AES-256 encryption. They are never stored in plain text and are decrypted only when needed to fulfil your order. We recommend changing your password once your boost is complete.

3. NDA-Bound Operators

The professionals who play your order are vetted and bound by a signed NDA — their work is contractual and accountable, not casual. Every game is played by hand at a natural human tempo, which is the single biggest factor in keeping a boosted account safe; we never use bots, scripts, or automation. Account access is scoped strictly to fulfilling your order — any credentials you provide stay in the encrypted vault described above, are decrypted only when an operator needs them to play, and are never written anywhere in plain text.

4. Hashed Security Logs

Our systems watch for abuse — repeated failed logins, unauthorised-access attempts, and anomalous activity. Security events are recorded with a one-way hashed form of the source IP, never the raw address. We can detect an attack pattern without ever retaining the identity behind it.

5. SIEM Monitoring

Security events stream into a SIEM (Wazuh) where rules flag brute-force attempts, privilege changes, and sensitive operations in real time. Monitoring protects the platform and your data without expanding what we collect about you.

6. Hardened Sessions

Sessions are protected by HttpOnly, secure, strict same-site cookies and a strict content-security policy. The platform makes no background calls to third-party trackers or analytics.

7. Minimal Footprint

The strongest privacy guarantee is the data that never exists. We do not collect identity documents, real names, or payment-card data, and we keep account data to the minimum required to run your order. What we never hold cannot be leaked, subpoenaed, or sold.

8. Contact

For questions about our operational-security practices, contact us through the support channel on the platform.