What We Collect

Account data: Name and email from Google OAuth sign-in.
Company data: Company name, domain, and website URL you provide during verification.
Verification data: Client email addresses, engagement dates, and service categories for verification requests you create.
Analytics: Anonymized usage events via Mixpanel (EU data residency).

What We Do NOT Collect

We do not read your emails. Email thread hashing is opt-in and processes metadata only (From, To, Date headers).
We do not store passwords. Authentication is handled via Google OAuth.
We do not store personally identifiable information on the blockchain. Only cryptographic hashes are recorded on-chain.

How We Use Your Data

To create and verify your company profile.
To send verification request emails to clients on your behalf.
To publish verified business relationships on your public trust profile.
To improve the platform based on aggregated, anonymized usage patterns.

Data Storage

Data is stored in PostgreSQL (hosted on Neon, AWS infrastructure). Blockchain attestation hashes are stored on Polygon mainnet. Analytics data is processed by Mixpanel with EU data residency.

Your Rights

You can request deletion of your account and associated data by contacting us. Blockchain records are immutable by design but contain only non-reversible cryptographic hashes, not personal information.

Contact

Questions about this policy? Email privacy@ibee.one.