Law Enforcement Request Policy
How Haruspex handles law enforcement data requests.
Last updated July 12, 2026
1. Purpose
Haruspex (“Haruspex”, “we”, “our”, or “us”) is committed to protecting the privacy and security of our users while complying with applicable legal obligations.
This Law Enforcement Request Policy explains how Haruspex responds to requests from government agencies, law enforcement authorities, courts, and other public authorities seeking access to user information.
This policy applies to all services available through Haruspex.
2. Guiding Principles
When handling official requests, Haruspex follows these principles:
- Protect user privacy whenever legally possible.
- Require proper legal authority before disclosing information.
- Disclose only the minimum information legally required.
- Carefully review every request for validity and scope.
- Challenge requests that appear unlawful, excessive, or inconsistent with applicable law.
- Maintain transparency whenever legally permitted.
3. Information We May Possess
Depending on how a user uses Haruspex, we may possess:
- Account registration information.
- Login records.
- IP addresses.
- Device information.
- Security logs.
- Subscription information.
- User-generated prompts.
- AI-generated responses.
- Customer support communications.
- Technical diagnostics.
- Abuse investigation records.
Haruspex does not guarantee that any particular category of information exists for every user.
4. Legal Requirements
Haruspex generally requires a valid legal basis before producing user information.
Depending on the jurisdiction, this may include:
- Court orders.
- Search warrants.
- Subpoenas.
- Production orders.
- Other legally binding governmental requests.
Requests must originate from an authority with lawful jurisdiction.
5. Review Process
Every request is reviewed before any disclosure.
Our review may include:
- Identity verification of the requesting authority.
- Jurisdiction verification.
- Legal sufficiency.
- Scope review.
- Necessity.
- Proportionality.
- Potential conflicts with user rights.
- Internal legal review where appropriate.
Haruspex may reject requests that fail these standards.
6. Requests We May Reject
Haruspex may refuse requests that are:
- Legally invalid.
- Overly broad.
- Insufficiently specific.
- Unsupported by applicable law.
- Outside the requesting authority’s jurisdiction.
- Inconsistent with applicable privacy protections.
- Technically impossible to fulfill.
7. Limited Disclosure
When disclosure is legally required, Haruspex will provide only the information necessary to satisfy the lawful request.
We seek to avoid unnecessary disclosure of unrelated user information.
8. User Notification
Unless prohibited by law or court order, Haruspex may notify affected users before disclosing their information.
Notification may include:
- The requesting authority.
- The legal basis for the request.
- Categories of requested information.
- Expected disclosure date.
Haruspex may delay or withhold notification where legally required or where notification could interfere with an active investigation or create a risk of harm.
9. Emergency Requests
Haruspex may consider emergency disclosure requests involving an imminent risk of:
- Death.
- Serious bodily injury.
- Kidnapping.
- Credible threats to public safety.
Emergency requests must include sufficient factual information supporting the claimed emergency.
Haruspex reserves the right to determine whether an emergency disclosure is appropriate.
10. Preservation Requests
Where legally authorized, Haruspex may preserve available account information for a limited period while awaiting appropriate legal process.
Preservation does not guarantee that information will ultimately be disclosed.
11. Cross-Border Requests
Haruspex generally requires foreign authorities to use applicable international legal cooperation mechanisms unless another lawful basis permits direct disclosure.
We may decline requests that conflict with applicable law or user privacy protections.
12. Encrypted Information
Haruspex cannot provide information that:
- We do not possess.
- We cannot access.
- Has been permanently deleted.
- Is protected by encryption where Haruspex does not hold the necessary decryption keys.
We will not create new data to satisfy a request.
13. Confidentiality
Government requests are handled on a need-to-know basis.
Access is limited to authorized personnel responsible for legal compliance and security.
14. Recordkeeping
Haruspex may maintain internal records of:
- Requests received.
- Legal authority provided.
- Review performed.
- Information disclosed.
- Dates of disclosure.
- Correspondence with requesting authorities.
These records support accountability and compliance.
15. Transparency Reporting
Haruspex may publish periodic transparency reports describing, in aggregate form:
- Number of government requests received.
- Types of legal process.
- Categories of information requested.
- Percentage of requests fulfilled.
- Countries submitting requests.
Reports will not disclose personally identifiable information.
16. Abuse of Legal Process
Haruspex reserves the right to challenge or oppose requests that appear to:
- Violate applicable law.
- Circumvent due process.
- Seek excessive information.
- Infringe fundamental rights.
- Be issued in bad faith.
17. Changes to This Policy
Haruspex may update this Law Enforcement Request Policy from time to time.
Material updates will become effective upon publication unless otherwise stated.
Continued use of the Services after the effective date constitutes acceptance of the revised policy.
18. Contact
Questions regarding this policy or lawful government requests may be directed to the contact information published on the Haruspex website.
Official requests should clearly identify:
- Requesting authority.
- Legal basis.
- Scope of requested information.
- Relevant account identifiers.
- Contact information for follow-up.