OriginProof Logo
OriginProofby OKO Lab

Legal

Privacy Policy

Effective date: 28 March 2026

This Privacy Policy explains how OriginProof collects, uses, stores, and shares information when you use the service.

1. What We Collect

Depending on how you use the service, we may collect:

  • proof data, including SHA256 fingerprint, Proof ID, UTC timestamp, and duplicate registration status;
  • metadata you submit, including registrant name, optional title, optional description, source context, and optional profile URL;
  • verification and certificate request data;
  • technical and security data, including IP address, request metadata, anti-abuse signals, and rate-limit records;
  • captcha verification data from Cloudflare Turnstile;
  • basic operational logs generated by hosting and infrastructure providers.

2. What We Do Not Intend to Store

OriginProof is designed so that uploaded files or pasted content are processed to generate a cryptographic fingerprint and are not intended to be retained as part of the stored proof record.

Temporary processing, caching, logging, or infrastructure-layer handling may occur as part of normal service delivery and security operations.

3. Why We Use Information

We use information to:

  • generate, store, and display proof records;
  • issue certificates and public verification pages;
  • detect duplicate registrations;
  • protect the service from abuse, fraud, spam, and automated misuse;
  • operate, maintain, debug, and improve the service;
  • comply with applicable legal obligations and respond to lawful requests.

4. Public Nature of Proof Records

Verification pages, proof links, badges, and certificates are intended to be shareable. Information included in a proof record may be publicly visible when that proof is accessed or shared.

Do not submit metadata that you do not want displayed or associated with a public proof record.

5. Service Providers and Third Parties

We may use third-party providers to operate the service, including:

  • hosting and deployment providers such as Vercel;
  • database and storage providers such as Supabase or PostgreSQL infrastructure;
  • security and anti-bot providers such as Cloudflare Turnstile;
  • other infrastructure vendors reasonably necessary to operate the service.

These providers may process data on our behalf for hosting, storage, security, and service delivery purposes.

6. Retention

Stored proof records may be retained for as long as reasonably necessary to operate the service, preserve proof integrity, maintain verification functionality, comply with law, resolve disputes, or enforce our terms.

Security and anti-abuse logs may be retained for shorter periods as reasonably necessary for fraud prevention, incident response, and operational integrity.

7. Security

We use reasonable technical and organizational measures designed to protect stored proof data and service infrastructure. No method of transmission, storage, or processing is completely secure, and we cannot guarantee absolute security.

8. Your Choices and Requests

Depending on applicable law, you may have rights to request access, correction, or deletion of certain personal information associated with you.

Because proof records are designed to preserve timestamp evidence and verification integrity, deletion or modification requests may be limited where record integrity, fraud prevention, legal obligations, or legitimate service operation require retention.

9. International Processing

Your information may be processed in countries other than your own, depending on the location of our infrastructure providers and service operations.

10. Children's Privacy

OriginProof is not directed to children, and we do not knowingly collect personal information from children in violation of applicable law.

11. Cookies and Similar Technologies

At this time, OriginProof is not intended to rely on advertising cookies. Infrastructure and security providers may use strictly necessary cookies or similar technologies for fraud prevention, session integrity, and service delivery.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the service after an update means you accept the revised policy.

13. Contact

For privacy-related questions or requests, contact: r.silverstone@proton.me

You can also review the Terms of Service.