Specter
Last updated April 18, 2026

Privacy Policy

Specter is a privacy exposure audit platform operated by Loadstar Lab, a product of Polymath Engineering ("we", "us"). This Privacy Policy explains what data we collect, how we use it, and the choices you have.

1. Data we collect

Account information

When you create an account we store your email address, name (if provided), and billing information. Billing is processed by our payment processor; we do not store card numbers.

Audit inputs

When you run an audit, we collect the public handles you provide and fetch the publicly available posts, bios, and metadata associated with those handles. You must only submit handles that belong to you.

Audit outputs

We store the structured identity features extracted from your posts, embeddings computed from those features, cross-account reasoning results, and the final exposure report. You can delete any audit (and all associated data) from your dashboard at any time.

Technical data

Server logs (IP address, user agent, request paths), error reports, and usage metrics. We do not sell this data or share it with third parties for advertising.

2. How we use your data

  • To run the ESRC pipeline (Extract → Search → Reason → Calibrate) and produce your exposure report.
  • To authenticate you and provide the service.
  • To process payments and comply with tax and accounting obligations.
  • To prevent abuse, fraud, and violations of our Terms of Service.
  • To improve Specter — in aggregate, de-identified form only.

3. LLM providers

Specter uses large language models to extract identity features and verify account linkage. Raw post content and extracted features are transmitted to our configured LLM provider (by default, Google's Gemini API) solely to process your audit. We send only the minimum necessary content, and we do not use your data to train third-party models. You can request enterprise plans with dedicated LLM endpoints or on-premise deployment.

4. Retention and deletion

Raw scraped post content is deleted from object storage within 30 days of audit completion (and immediately on request). Extracted features, embeddings, and reports are retained until you delete the audit or your account. Closing your account deletes all audits and associated records within 30 days.

5. Sharing

We share personal data only with:

  • Our infrastructure providers (Google Cloud) who process data on our behalf under standard data protection terms.
  • Our LLM provider, as described above.
  • Our payment processor, for billing.
  • Authorities, when legally required by a valid order.

We never sell your data.

6. Security

We use HTTPS everywhere, encrypted data at rest, strict IAM scoping, and secrets management for API credentials. No system is perfectly secure — we commit to disclosing any material breach affecting your data within 72 hours of discovery.

7. Your rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data (right to be forgotten).
  • Port your data to another service.
  • Object to or restrict certain processing.

To exercise any of these rights, email privacy@loadstar.lab.

8. Defensive-use only

Specter is designed strictly for self-audit. You must only submit handles you control. Submitting someone else's handles without authorization violates our Terms of Service and may violate applicable laws. We log all audits and reserve the right to suspend accounts that abuse the service.

9. Children

Specter is not directed to children under 16. We do not knowingly collect data from minors.

10. Changes

We may update this policy. Material changes will be announced via email at least 14 days before they take effect.

11. Contact

Privacy questions: privacy@loadstar.lab