Privacy Policy
1. Introduction
Privacy is a core principle of CAEXV.
CAEXV is designed as a Zero-Access platform.
No original files are uploaded or stored.
All sensitive operations occur locally in the user’s browser.
2. Data We Do Not Collect
CAEXV does not collect:
original files or file contents
semantic file data
behavioral profiles
analytics or advertising data
payment card information
3. Data We Collect
3.1 Proof / Registry Data
SHA-256 hash
timestamp
file category
AI-DNA technical metadata
OriginCrest ID
3.2 Technical Data
Limited technical data (e.g. IP address) is processed transiently for security and stability only.
4. Payments
Payments are processed by Stripe.
Stripe may process:
name
email address
billing address
tax information (if required)
CAEXV does not store payment data.
5. Legal Bases
Processing occurs under:
Art. 6(1)(b) GDPR – contract performance
Art. 6(1)(f) GDPR – legitimate interests
Art. 6(1)(c) GDPR – legal obligations
6. Service Providers
Vercel (hosting)
Supabase (database & auth)
Stripe (payments)
7. Data Retention
Registry data is retained for integrity unless deletion is requested.
8. User Rights
Users may request access, correction, or deletion.
9. Security
Encryption in transit, strict access control, Zero-Access by design.
10. Children
CAEXV is not intended for minors.
11. Changes
Policy updates may occur.
12. Data Controller