Privacy Policy

1. Information You Provide

• Name or chosen username (for certificate generation)
• Email address (for delivery and account access)
• Optional text inputs, messages, or answers during the signing process

2. Automatically Collected Data

• IP address, browser type, device information, and access time
• Cookies and similar technologies for analytics and functionality

3. Payment Information

• All payments are securely processed through third-party providers (Stripe, PayPal, or Coinbase Commerce).
• We do not store or have access to your credit card details.

4. How We Use Your Information

We use your data only to:

• generate your symbolic non-binding certificate
• maintain the symbolic Registry
• deliver digital or physical artifacts (if ordered)
• respond to support requests
• maintain security, diagnostics, and functionality of the Service

We do not use data for profiling, advertising, automated decision-making, or behavioral analysis.

5. The Symbolic Registry

If you opt into the Registry:

• we store only encrypted identifiers,
• no names or emails are publicly displayed,
• you may request deletion at any time,
• the Registry is symbolic and has no functional, legal, or contractual meaning.

6. Legal Basis for Processing (GDPR)

We rely on:

• Consent (Article 6(1)(a)) — when you voluntarily provide information
• Legitimate Interest (Article 6(1)(f)) — to ensure stability, security, and basic analytics

You may withdraw consent at any time by contacting privacy@thepact.ai.

7. Data Retention

We retain data only for the minimum period necessary:

After expiry or request, data is securely deleted.

8. Sharing of Data

We do not sell or trade your data.

We may share minimal information with:

Service Providers (Processors)

For hosting, email delivery, analytics, and security.

All providers must follow contractual confidentiality and data protection obligations.

Legal Compliance

If required by law, subpoena, or lawful request.

9. International Data Transfers

Your data may be processed in the United States.

We use appropriate safeguards for EU/EEA users, including:

• Standard Contractual Clauses (SCCs)
• contractual data protection guarantees
• privacy and security controls consistent with GDPR

10. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Request deletion (“Right to be Forgotten”)
• Correct inaccurate data
• Restrict or object to processing
• Request data portability
• Withdraw consent
• Opt out of data sale (we do not sell data)

To exercise rights: privacy@thepact.ai

We respond within 30 days.

11. Children’s Privacy (COPPA Compliance)

The Service is intended for users 18+ only.

We do not knowingly collect information from minors.

If you believe a child has submitted data, contact us for immediate removal.

12. Cookies and Tracking Technologies

We use only minimal cookies:

Strictly Necessary Cookies

• security
• session management
• load balancing

Functional / Analytics Cookies

• anonymized usage metrics
• performance diagnostics

We do not use:

• advertising cookies
• cross-site tracking
• fingerprinting
• behavioral targeting technologies

Your browser may allow cookie control or disabling.

13. Data Security

We employ industry-standard safeguards:

• HTTPS / TLS 1.3 encryption
• encrypted storage for registry identifiers
• firewalls and intrusion detection
• access controls and audit logs
• routine security reviews

In the event of a data breach affecting your rights, we will notify you consistent with applicable law.

14. Third-Party Links

Our Service may contain external links.

We are not responsible for the content, privacy, or security of those sites.

15. Changes to This Policy

We may update this Privacy Policy at any time.

Changes take effect upon posting.

Continued use constitutes acceptance.

16. Contact Us

For any privacy concerns, requests, or questions:

📧 privacy@thepact.ai
📧 legal@thepact.ai
📧 contact@thepact.ai

The Pact LLC
Florida, United States