1. Introduction
This Privacy Policy explains how eAttest collects, uses, stores, and protects personal data.
The Platform is designed with privacy-by-design principles and complies with applicable data protection laws.
2. Information We Collect
We may collect the following categories of data:
Personal Information
- Name
- Email address
- Country and region
- Role (User, Lawyer, Franchise Admin)
Document Metadata
- Document type
- Attestation date
- Verifying authority
- Status and identifiers
Technical Information
- IP address
- Device and browser details
- Access logs and timestamps
3. How We Use Information
Information is used to:
- Provide document access and verification
- Authenticate users securely
- Enable document sharing and translation
- Process payments
- Ensure compliance and auditability
Your Privacy Matters: We do not sell or trade personal data.
4. Document Storage and Data Sovereignty
- Application code and central configuration are hosted in the eAttest data center.
- Franchise-specific data and documents are stored either:
- In the eAttest data center, or
- In franchise-managed local infrastructure
Documents remain within the jurisdiction chosen by the franchise.
5. Data Security
We implement:
TLS encryption for data in transit
AES-256 encryption for data at rest
Role-based access controls
Secure audit logs
Only authorized users can access relevant data.
6. Sharing of Information
Data may be shared only with:
- Authorized verifiers involved in attestation
- Payment processors (limited to payment data)
- Legal authorities when required by law
Important: Document content is never shared with franchises or third parties without user action.
7. User Rights
Users have the right to:
- Access their data
- Request correction
- Request deletion
- Request recovery within the allowed period
Requests can be made via platform support.
8. Retention Policy
- Active data is retained as long as the account remains active
- Deleted data is retained for up to 30 days for recovery
- Audit logs are retained as required by law
9. Cookies and Tracking
The Platform uses essential cookies for authentication and session management.
No Tracking: No third-party advertising trackers are used.
10. International Transfers
Where cross-border transfers are necessary, they are limited to metadata and protected using standard contractual safeguards.
11. Changes to Privacy Policy
This Privacy Policy may be updated periodically. Material changes will be communicated through the Platform.