ProveChain Watermark
ProveChain
ProveChain
Home

Privacy Policy

Last updated: November 12, 2025

Privacy by Design — We don't store your source code

KEY PRIVACY PRINCIPLE

We do NOT store your source code. We only store file hashes (SHA-256 fingerprints), metadata, and account information. Your code stays on your machine.

1. Information We Collect

1.1 Free Tier (CLI + Web UI)

✅ ZERO Data Collection

  • CLI Tool: 100% local processing. No data sent to our servers.
  • Web UI: Client-side hashing only. Files never leave your browser.

1.2 Paid Tiers (Founding Member, Pro)

When you subscribe to a paid tier, we collect:

  • Account Information: Email address, name
  • Payment Information: Processed by Stripe (we don't store card details)
  • Proof Metadata: File paths, hashes, timestamps, descriptions
  • Usage Analytics: Number of proofs created, subscription status

What We DON'T Collect:

  • ❌ Your source code
  • ❌ File contents
  • ❌ Browsing history
  • ❌ IP addresses (unless required for fraud prevention)

2. Your Responsibility: File Preservation

⚠️ IMPORTANT: ProveChain Stores Hashes, Not Files

This is a privacy feature - we never have access to your files. But it means file preservation is entirely your responsibility.

You are solely responsible for:

  • Preserving the original file versions used to create each proof
  • Storing files securely with restricted access
  • Maintaining separate copies for each proof version

Without the original files, proofs cannot be verified and have no legal value. See our Terms of Service (Section 7) for detailed file preservation requirements.

3. How We Use Your Information

We use collected data only to:

  • Provide and improve the Service
  • Process payments via Stripe
  • Send important account updates (e.g., subscription expiry)
  • Respond to support requests
  • Comply with legal obligations

We will NEVER: Sell your data, use it for advertising, or share it with third parties (except payment processors like Stripe).

4. Data Storage and Security

4.1 Encryption

  • In Transit: All data transmitted via HTTPS (TLS encryption)
  • At Rest: Proof storage uses AES-256-GCM encryption

4.2 Data Location

Data is stored on servers within the European Union (EU) to comply with GDPR requirements.

4.3 Data Retention

  • Active Accounts: Data retained while subscription is active
  • Cancelled Accounts: Proof data deleted after 90 days
  • Blockchain Data: Immutable (hashes remain on-chain forever)

5. Your GDPR Rights

If you're in the EU, you have the following rights:

  • Right to Access: Request a copy of your data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Data Portability: Export your data in JSON format
  • Right to Object: Opt-out of certain data processing

To exercise any of these rights, email: support@aramantos.dev

6. Third-Party Services

We use the following third-party services:

  • Stripe: Payment processing (see Stripe Privacy Policy)
  • Ethereum Blockchain: Timestamping (hashes are public on-chain)

7. Cookies and Tracking

✅ NO Tracking Cookies

We do not use analytics, advertising, or tracking cookies. The only cookies we use are essential session cookies for authentication (if you're logged in).

8. Children's Privacy

ProveChain is not intended for users under 18 years old. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy with 30 days' notice. Material changes will be emailed to all users. Continued use of the Service after changes constitutes acceptance.

10. Contact Us

Data Controller: Aramantos Digital

Email: support@aramantos.dev

Terms of ServiceFAQ