Privacy Policy

Last updated: April 11, 2026

Dark Matter operates as an independent verification and endpoint monitoring research platform. This Privacy Policy describes our data handling practices — which are, by design, minimal. Our platform architecture is built around the principle that security research resources should collect no personal data from users.

This document applies to all visitors of darkmatter-dnm.com and any associated subdomains. By using this platform, you acknowledge the practices described below.

1. Data We Collect

This platform is designed to collect no personally identifiable information (PII) from visitors. We do not operate user accounts, registration forms, or any mechanism that would associate browsing activity with an individual identity.

Standard web server logs may capture anonymous technical data including: anonymized IP addresses (truncated), browser type and version, operating system, referring URL, and pages visited with timestamps. This data is retained for no longer than 7 days and is used exclusively for security monitoring — detecting DDoS attacks, crawl abuse, and similar threats to platform availability.

We do not use cookies for tracking purposes. Any cookies placed are strictly functional and session-scoped, expiring when the browser session ends. No advertising networks, behavioral tracking scripts, or third-party analytics are deployed on this platform.

2. Tor Network Usage

Our platform is a clearnet resource designed to complement Tor-native security practices. We document dark matter market onion addresses and related darknet endpoint verification records for security research purposes. We do not operate or control any .onion services — we only catalog and authenticate publicly documented endpoint data.

Users who prefer enhanced anonymity are strongly encouraged to access this platform via the Tor Browser. Using Tor when accessing verification databases is a recognized operational security best practice consistent with NIST SP 800-63 digital identity guidelines.

We do not log exit node information, Tor circuit data, or any data that would allow de-anonymization of users accessing this platform via the Tor network.

3. Cryptographic Data Handling

The verification records published on this platform — including dark matter onion addresses, dark matter URL entries, PGP signatures, and endpoint status data — are derived from publicly available cryptographic attestations and automated network monitoring. This data is not sourced from private communications or confidential material.

PGP public keys displayed on this platform are sourced from official platform announcements and are reproduced for verification reference purposes only. We do not store, transmit, or process private cryptographic keys under any circumstances.

All connections to darkmatter-dnm.com are served over HTTPS with TLS 1.2+ encryption. We enforce HSTS (HTTP Strict Transport Security) to prevent protocol downgrade attacks.

4. Third-Party References

This platform references external resources including The Tor Project, NIST cybersecurity frameworks, and academic security research. These external links are provided for informational context. We are not responsible for the privacy practices of external websites.

The dark matter darknet market endpoints documented in our verification database are external platforms operating independently. We have no affiliation with, control over, or responsibility for the privacy practices of any documented external platform. Our role is strictly observational and analytical — providing verified security data for research purposes.

5. Legal Basis & Compliance

This platform processes no personal data that would trigger GDPR, CCPA, or similar data protection obligations. Our minimal data collection practices are designed to ensure compliance by default. We do not transfer data across borders, sell data to third parties, or use data for profiling or automated decision-making.

Users in the European Economic Area retain all rights under GDPR Article 17 (right to erasure) and Article 15 (right of access), though in practice our data minimization architecture means there is typically no personal data to erase or access.