DEMO ENVIRONMENT - This is a security simulation. Ledger data is periodically reset at administrative discretion.

Back to Home
Effective Jan 2026

Privacy Policy

Our commitment to Zero-Knowledge Architecture.
We can't compel what we don't hold.

Core Principle: Zero-Knowledge

BitSeal is architected so that we are technically incapable of seeing your files. All cryptographic hashing happens locally on your device. Only the hash fingerprint is sent to our servers.

1. Data We DO NOT Collect

Unlike traditional cloud storage, we do not want your data. Minimization is our security model.

We NEVER receive your actual files (PDFs, Images, etc).
We NEVER access your private signing keys.
We DO NOT track PII (Personally Identifiable Information) for API usage.

2. Data We DO Collect

To create an immutable public ledger, certain metadata must be permanently recorded.

Public Ledger Entry

  • Cryptographic Hash
    BLAKE3 / SHA-256 fingerprint. Irreversible.
  • File Size & MIME Type
    Used for format identification.
  • Timestamp (UTC)
    Proof of existence time.

3. How We Use Data

The metadata we collect is used strictly for the operation of the verification protocol.

  • Verification: Allowing anyone to check if a hash exists in the ledger.
  • Proof Generation: Creating the downloadable PDF certificates.
  • Security: IP addresses are logged ephemerally (48h) solely to prevent API abuse/DDoS.

4. Third-Party Sharing

BitSeal is a Public Ledger service. The hashes you submit are public by default. This is a feature, enabling decentralized verification without relying on our private servers.

We do not sell user data, analytics, or behavioral profiles. Our business model is utility, not surveillance.

Privacy Officer

Direct Contact
daniel@orygn.tech