Do I have to upload my files to use CAEXV?

No. CAEXV is designed so your file does not need to be uploaded. Verification can be created from locally derived data (e.g., hashes/metadata) without transferring the original file content to CAEXV.

Does CAEXV store my files or their content?

No. CAEXV does not store your original files or their contents. The service is intended to work with verification data rather than storing the full file.

Is CAEXV an online shop or marketplace?

No. CAEXV is a verification registry and software service, not an online shop, marketplace, or retailer of physical or digital goods.

Privacy Policy

1. Introduction

Privacy and data minimization are core design principles of CAEXV.

CAEXV is built as a Zero-Access system.
At no point does CAEXV receive, upload, store, or process original user files or file contents.

All cryptographic operations related to user files are performed locally in the user’s browser.

2. Data We Do Not Collect

CAEXV does not collect or process:

original files or file contents
previews, thumbnails, or derived content
semantic or contextual file information
behavioral profiles or usage analytics
advertising or tracking data
login credentials or user accounts
payment card or banking information

3. Data We Collect

3.1 Proof & Registry Data

For the purpose of providing the service, CAEXV processes the following non-content technical data:

cryptographic hash (SHA-256)
timestamp of registration
file category (high-level classification only)
technical metadata (“AI-DNA”, non-semantic)
OriginCrest ID

This data cannot be used to reconstruct or infer the original file content.

3.2 Technical & Operational Data

For security and operational stability, CAEXV may process limited technical data, such as:

IP address
request metadata

This data is processed transiently and not used for tracking, profiling, or analytics.

4. Payments

Payments are processed exclusively by Stripe, an independent payment service provider.

Stripe may process personal data such as:

name
email address
billing address
tax information (where legally required)

CAEXV does not access, store, or process payment card data.

Stripe Privacy Policy:
https://stripe.com/privacy

5. Legal Basis for Processing

Data processing is based on the following legal grounds under the GDPR:

Art. 6(1)(b) – performance of a contract
Art. 6(1)(f) – legitimate interests (service security and integrity)
Art. 6(1)(c) – compliance with legal obligations

6. Service Providers

CAEXV uses carefully selected service providers:

Vercel – hosting and deployment
Supabase – database infrastructure (without user accounts)
Stripe – payment processing

All providers are contractually bound to comply with applicable data protection laws.

7. Data Retention

Registry data is retained only as long as necessary to maintain the integrity and verifiability of the proof system.

Deletion requests may be submitted where legally and technically permissible, taking into account the integrity requirements of the registry.

8. User Rights

Under applicable data protection laws, users may request:

access to personal data
correction of inaccurate data
deletion of personal data (where applicable)

Requests can be submitted to:
support@caexv.com

9. Security

CAEXV applies appropriate technical and organizational measures, including:

encryption in transit
strict access controls
Zero-Access architecture by design

CAEXV cannot access user file contents because it never receives them.

10. Children

CAEXV is not intended for use by minors.

11. Changes to This Policy

This Privacy Policy may be updated to reflect legal, technical, or operational changes.

12. Data Controller

Christopher Alex
CAEXV
Germany

Email: support@caexv.com