Privacy Policy

Last updated: July 18, 2025

At CertifyRights, your privacy is a top priority. This Privacy Policy explains how we collect, use, store, and protect your personal information, in compliance with the GDPR, CCPA, and other relevant privacy laws.

1. Information We Collect

• Account Information: When you sign in with Google, we collect your name, email address, profile photo, and Google ID. We do not store your password.
• Certification Data: Files you upload (e.g. images, PDFs, videos), SHA256 file hashes, filenames, sizes, types, and optional descriptions. We only store the file permanently if you explicitly make it public.
• Usage Data: We may collect your IP address, browser type, device information, and interaction logs for performance, security, and analytics.
• Payment Data: If you make a purchase, your payment is processed securely via Stripe or PayPal. We never store credit card numbers.

2. How We Use Your Information

• To provide timestamping and certification services
• To generate and store verifiable ownership records
• To personalize your experience and maintain your session
• To communicate with you regarding updates, support, or security issues
• To analyze platform usage and improve our services
• To comply with legal obligations

3. Data Sharing & Security

• No sale of data: We do not sell your personal or certificate data to third parties.
• Secure infrastructure: Your data is encrypted in transit and at rest. We implement access controls and use secure hosting environments.
• Trusted third-party services: We rely on Google (OAuth login), Cloudinary (media hosting), Stripe/PayPal (payments), and analytics tools under GDPR/CCPA-compliant agreements.

4. Public Certificates

Certificates marked as public are accessible via a unique public URL and may appear in search engines. You may revoke, unlist, or delete any certificate you own from your dashboard at any time.

5. Your Rights

Depending on your region, you have the right to:

• Access a copy of your personal data
• Export your certificate history
• Update or correct your profile information
• Delete your account and all associated data
• Withdraw consent for analytics or tracking
• Opt out of the sale of personal data (California residents)

You can exercise your rights by using your dashboard or contacting our support team.

Do Not Sell My Personal Information

CertifyRights does not sell your personal information. We do not share, exchange, or trade your data — including email, account details, file hashes, or certification metadata — with any third party for monetary gain or advertising purposes.

If our policy ever changes, we will notify you and provide a clear opt-out mechanism in accordance with CCPA and other laws.

6. Cookies & Tracking

We use cookies to manage secure login, sessions, and anonymous analytics. You can control or delete cookies via your browser settings. Optional tracking cookies (e.g., Google Analytics) are only activated with your explicit consent.

7. Data Retention

We retain certification data as long as your account is active. You may delete your data or your entire account at any time. Some information may be kept temporarily to comply with legal or financial obligations.

8. Policy Updates

We may revise this Privacy Policy to reflect changes in the law, platform features, or data practices. Significant updates will be announced prominently, and we encourage you to review this page regularly.

9. Contact Us

If you have any questions, feedback, or data requests, please contact our privacy team at privacy@certifyrights.com.

© 2025 CertifyRights. All rights reserved.