Privacy

What we do NOT collect

• No file contents (bytes). Hash-only sealing.
• No user accounts.
• No analytics trackers, fingerprinting, or session replay.
• No user-level logs. Aggregated daily counters only.

What we store (minimal)

• Receipt ID (UUID)
• File hash (SHA-256 hex)
• Timestamp + status + seal level
• Signature metadata (key id + public key)
• Delete token hash (token is shown once to you)
• Private label (optional) stored privately; not public by default
• Aggregated daily counters (no per-user data)

Deletion

Deletion removes our server metadata for a receipt. External anchors (e.g., Bitcoin) are immutable.