This site is an intake tool for witnesses and sources as part of our investigation. We prioritize data minimization and avoid tracking mechanisms.
Trackers and third-party services
We do not embed ad trackers, marketing pixels, or invasive analytics. We also avoid browser-side calls to third parties that could expose your IP address.
Data you submit
When you use our contact channels, we receive what you choose to send: message content, attachments, and any information you voluntarily include. We recommend avoiding identifying details unless they are necessary.
File uploads
Files uploaded through the site are encrypted immediately upon receipt, and only encrypted files are stored on the server. Decryption is performed by our team offline with the corresponding private key.
For additional protection, you can also encrypt your files yourself before uploading.
Technical cookies
We use technical cookies for site functionality, including remembering your language choice. The language cookie may expire after about one year. A PHP session cookie may also be used to keep this choice. These cookies are not used for tracking.
The language cookie is set with options intended to reduce risk (for example HttpOnly, SameSite=Lax, and Secure when the site is accessed over HTTPS).
Technical data and logs
We do not enable access logs and we do not keep browsing history that could link a visitor to their actions. We also avoid application logs containing sensitive content (messages, file names, metadata).
In case of technical incidents, any error logs are minimized and should not include submission content.
Data sharing
We do not sell or rent your data. We do not share submission content with third parties for marketing.
If you contact us by email, we provide a public GPG key so you can encrypt your message before sending (see Send a message).
Safety tips
If it is safe for you: use Tor Browser, avoid devices or connections linked to your identity, and consider removing file metadata before uploading. See also Our project.