Fingerprint & verify any document — free, no upload Try it now →
Legal · Privacy

Privacy Notice

Your documents stay on your device. We see only their cryptographic fingerprints. This notice explains what we collect, why, how long we keep it, and what rights you have.

Last updated 2026 · Applies to ledgerproofhq.io and the LedgerProof service. This is a notice, not legal advice.

Plain summary. Documents never leave your computer. We collect the contact details you give us (name, email, organization) and the cryptographic fingerprints you publish. We do not sell or share data with marketers. EU/UK residents have rights under GDPR; California residents under the CCPA. Contact hello@ledgerproofhq.io with any privacy question.

1. The architectural privacy guarantee

LedgerProof is built so the privacy promise is enforced by architecture, not by policy. When you drop a document into the website's fingerprint demo or the Vault app, your browser computes a SHA-256 fingerprint of the document locally, before any network call. Only the resulting 64-character fingerprint is transmitted — along with your timestamp and signature.

The demo literally shows that 0 bytes of file content are uploaded during the fingerprint compute. Your document, its filename (unless you opt to attach one), its contents, and any metadata never reach us.

2. What we collect

From contact and sign-up forms (ledgerproofhq.io)

From the fingerprint demo on the website

From the Vault app (app.ledgerproofhq.io)

3. What we do not collect

4. Why we collect what we collect

Legal bases (GDPR Art. 6). We process personal data to perform our contract with you (operating your account and the Service), for our legitimate interests (security, abuse prevention, and improving the Service), and — for optional product or marketing email — on the basis of your consent, which you can withdraw at any time.

5. Retention schedule

DataHow long we keep it
Chain entries (fingerprints, signatures, anchors)Indefinitely. Receipts work forever.
Contact / sign-up form data24 months, unless you become a customer (then for the life of the account).
Server access logs90 days.
IP address from form submission90 days.
Authentication sessions30 days from last activity.
Email delivery records (sent / opened)12 months.

You can request deletion of your contact data at any time by emailing hello@ledgerproofhq.io; we purge within 30 days. Chain entries cannot be deleted (the chain is append-only by design), but they hold no document content — only salted commitments — and can be disassociated from your account on written request.

6. Sharing and third parties

We do not sell your data. We do not share it with marketers, data brokers, or social networks. The third parties we use to operate the Service are limited to:

International transfers. Some processors above are based in, or operate from, the United States. Where personal data is transferred outside the EEA or the UK, we rely on appropriate safeguards such as the EU Standard Contractual Clauses (and the UK Addendum). EU data-residency options are available on the Enterprise and Government plans.

7. Your rights

If you are an EU/UK resident (GDPR / UK GDPR)

The Service is built for the EU market (it exists to help with EU AI Act Article 50). We honor your rights to access, rectification, erasure, restriction, portability, and objection. Email hello@ledgerproofhq.io; we respond within 30 days. You also have the right to lodge a complaint with your local data-protection supervisory authority. The data controller is LedgerProof Inc. (Delaware, USA); the LedgerProof Foundation owns the open protocol.

If you are a California resident (CCPA / CPRA)

Exercise any of these by emailing hello@ledgerproofhq.io with the subject "Privacy request." We respond within 45 days.

8. Cookies and tracking

The marketing site (ledgerproofhq.io) sets no advertising cookies. The Vault app (app.ledgerproofhq.io) sets a single authentication session cookie if you choose "remember this device." We do not use Google Analytics, Meta Pixel, LinkedIn Insight, or any third-party advertising tracker.

9. Children

The Service is not directed at children under 16. If we learn that we have collected personal information from a child under 16, we will delete it.

10. Security

We use TLS for all transport. Account data is stored on Supabase Postgres with row-level security that prevents cross-account reads. Chain entries are signed with publisher keys. Anchor roots are published to the public chain for independent verification. See /.well-known/security.txt and email security@ledgerproofhq.io for vulnerability reports.

11. Email opt-out

You can opt out of product/marketing email at any time by replying STOP or emailing hello@ledgerproofhq.io. Transactional email (sign-in codes, security notices) is required for the Service to function and cannot be opted out of while you have an active account.

12. Changes to this notice

We will notify you of material changes by email at least seven days before they take effect. Non-material changes (clarifications, typo fixes) are posted here with the updated date.

13. Contact

Email: hello@ledgerproofhq.io
Security: security@ledgerproofhq.io
Privacy questions: include "Privacy" in your subject line.