What data we collect

When you create a ProofCrest account, we collect:

Account information: Organization name, domain, email address, and hashed password
Document hashes: SHA-256 hashes of your documents (the documents themselves never leave your device)
Blockchain records: Transaction hashes, wallet addresses, and registration timestamps
Usage data: Verification counts, API usage, and feature usage for analytics

What we don't collect

Your actual documents — hashing happens entirely in your browser
Document contents, text, or metadata
Personal data beyond what's needed for your account

How we use your data

Register document hashes on the Polygon blockchain
Verify documents against registered hashes
Display your organization's verification badge
Process billing through Razorpay
Send essential account notifications

Data sharing

We share data only with:

Polygon blockchain: Document hashes and wallet addresses (public, immutable)
Razorpay: For payment processing (paid plans only)

We do not sell your data to third parties.

Data retention

Account data is retained while your account is active. Blockchain records are permanent and immutable by design. You can request account deletion by contacting us.

Security

All data is transmitted over HTTPS. Passwords are hashed with bcrypt. JWT tokens are used for authentication. Document hashing is performed client-side — your files never touch our servers.

Contact

For privacy questions: admin@proofcrest.com

Privacy Policy