CERTIFIED HUMAN INTELLIGENCE™

1. INFORMATION WE COLLECT

1.1 Account Information

When you create an account, we collect:

• Identity Information: Full name, email address, and password (stored in hashed form)
• Authentication Data: Google ID if you use "Sign in with Google"
• Verification Data: Email verification tokens and timestamps
• Profile Information: Any additional information you choose to provide

1.2 Content and Certification Data

When you submit content for certification, we collect:

• Uploaded Content: The files you submit (images, videos, PDFs, and other supported formats)
• Certified Content: Watermarked and processed versions of your content
• File Metadata: Filename, file type, file size, and upload timestamp
• Certification Records: Certificate IDs, cryptographic signatures, and authorship attestations
• Perceptual Hashes: Mathematical fingerprints of your content used for verification
• Creation Evidence: If requested for verification, original project files, drafts, and process documentation

1.3 Transaction and Subscription Data

When you make purchases or subscribe, we collect:

• Subscription Information: Plan type, subscription status, and renewal dates
• Payment Identifiers: Stripe customer ID and subscription ID (we do NOT store credit card numbers)
• Usage Data: Certification counts and limit tracking

1.4 Automatically Collected Information

When you use our Platform, we automatically collect:

• Log Data: IP address, browser type, operating system, referring URLs, and access timestamps
• Device Information: Device type, unique device identifiers, and screen resolution
• Usage Information: Pages viewed, features used, and actions taken
• Cookies and Similar Technologies: As described in Section 8 below

1.5 Verification Request Information

When third parties verify content, we collect:

• Verification Logs: What content was verified, when, and the result
• Requestor Information: IP address and basic device information of verification requestors

2. HOW WE USE YOUR INFORMATION

2.1 Providing Certification Services

We use your information to:

• Process and certify your content as human-created
• Generate cryptographic certificates and watermarks
• Respond to verification requests from third parties
• Maintain the permanent certification record
• Link your verified identity to certified content

2.2 Account Management

We use your information to:

• Create and maintain your User Account
• Authenticate your identity and verify you are human
• Process payments and manage subscriptions
• Track usage against plan limits
• Send service-related communications

2.3 Security and Integrity

We use your information to:

• Detect and prevent fraud, including AI-generated content submissions
• Investigate potential violations of our User Agreement
• Protect the integrity of our certification system
• Maintain audit trails for compliance purposes

2.4 Platform Improvement

We use your information to:

• Improve our AI detection and verification capabilities
• Analyze usage patterns to enhance user experience
• Develop new features and services
• Conduct research on content authenticity

2.5 Legal Compliance

We use your information to:

• Comply with applicable laws and regulations
• Respond to legal process and government requests
• Enforce our User Agreement
• Protect our rights, privacy, safety, or property

3. DATA RETENTION

3.1 Permanent Retention

The following data is retained indefinitely, even after account termination:

• All original content submitted for certification
• All certified (watermarked) versions of content
• All certificates issued and certification records
• User identity information linked to certifications
• Cryptographic signatures and perceptual hashes
• Verification request logs
• Records of any violations or certificate revocations

3.2 Why Permanent Retention is Necessary

This retention is essential to:

• Maintain the validity and verifiability of issued certificates
• Respond to verification requests indefinitely
• Provide proof of human authorship when challenged
• Investigate fraud even after significant time has passed
• Comply with legal and regulatory requirements
• Protect third parties who rely on our certifications

3.3 Account Data Retention

3.4 Your Acknowledgment

As stated in our User Agreement, you acknowledge that closing your account does NOT delete your certification records, certified content, or identity information linked to certifications. This data remains part of the permanent certification record.

4. HOW WE SHARE YOUR INFORMATION

4.1 Public Verification

When third parties verify certified content, we share:

• Confirmation of whether content is certified
• The creator's name as registered with CHI
• Certification date and certificate ID
• Certification status (valid or revoked)

This disclosure is fundamental to our service and is consented to when you certify content.

4.2 Service Providers

We share information with trusted service providers who assist in operating our Platform:

• Amazon Web Services (AWS): Cloud hosting, storage, and database services
• Stripe: Payment processing (they receive payment information directly; we only store identifiers)
• Google: OAuth authentication services
• Email Service Providers: For transactional emails

These providers are contractually bound to protect your information and use it only for the services they provide to us.

4.3 Legal and Safety Disclosures

We may disclose your information when we believe it is necessary to:

• Comply with applicable law, regulation, or legal process
• Respond to lawful requests from public authorities
• Enforce our User Agreement and investigate violations
• Detect, prevent, or address fraud or security issues
• Protect the rights, property, or safety of CHI, our users, or others

4.4 Certificate Revocation

If a certificate is revoked due to violation of our User Agreement, we may publicly disclose:

• The fact of revocation
• The certificate ID
• The identity of the violator (in cases of fraud)

4.5 Business Transfers

If CHI is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or control.

5. DATA SECURITY

5.1 Security Measures

We implement robust security measures to protect your information:

• Encryption in Transit: All data transmitted to and from our Platform uses TLS/HTTPS encryption
• Encryption at Rest: Stored data is encrypted using industry-standard AES-256 encryption
• Password Security: Passwords are hashed using secure algorithms; we never store plain-text passwords
• Access Controls: Strict access controls limit who can access your data
• Cryptographic Signatures: Certifications are protected by cryptographic signatures that prevent tampering
• Secure Infrastructure: Our Platform is hosted on AWS with enterprise-grade security

5.2 Limitations

While we implement strong security measures, no system is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the security of your account credentials.

5.3 Breach Notification

In the event of a data breach that affects your personal information, we will notify you in accordance with applicable law and take appropriate steps to mitigate harm.

6. YOUR RIGHTS AND CHOICES

6.1 Account Information

You may:

• Access: View your account information through your dashboard
• Update: Correct or update your profile information
• Download: Request a copy of your certification history

6.2 Communications

You may opt out of promotional communications by clicking "unsubscribe" in any promotional email. You cannot opt out of service-related communications (such as security alerts or changes to our terms).

6.3 Account Deletion

You may request account deletion through your account settings or by contacting us. However, as described in Section 3, deletion of your account does NOT delete:

• Certified content and certificates (permanent record)
• Your identity information linked to certifications
• Verification logs and audit trails

6.4 Limitations on Deletion

7. INTERNATIONAL DATA TRANSFERS

7.1 Location of Data

CHI is based in the United States. Your information will be transferred to and processed in the United States, regardless of where you access the Platform.

7.2 EEA, UK, and Swiss Users

If you are located in the European Economic Area, United Kingdom, or Switzerland:

• We process your data under the legal bases of contract performance (providing our services), legitimate interests (maintaining certification integrity, fraud prevention), and your consent
• By using our Platform, you consent to the transfer of your data to the United States
• We employ appropriate safeguards for international transfers as required by applicable law

7.3 Your GDPR Rights

If GDPR applies to you, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion (subject to our retention requirements)
• Restriction: Request restriction of processing in certain circumstances
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us at privacy@certifiedhumanintelligence.com. Note that some rights may be limited due to our permanent retention requirements.

7.4 Supervisory Authority

EEA and UK users have the right to lodge a complaint with their local data protection supervisory authority.

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 Cookies We Use

8.2 Third-Party Services

• Google reCAPTCHA: We use Google reCAPTCHA to prevent bot registrations. This service may set cookies and collect data according to Google's Privacy Policy
• Stripe: Payment processing may involve Stripe cookies according to Stripe's Privacy Policy

8.3 Managing Cookies

Most browsers allow you to refuse or delete cookies. However, blocking essential cookies may prevent you from using our Platform. Browser settings vary, so consult your browser's help documentation.

8.4 Do Not Track

We do not currently respond to "Do Not Track" browser signals, as there is no industry standard for this feature.

9. CHILDREN'S PRIVACY

Our Platform is not intended for children under 18 years of age. We do not knowingly collect personal information from anyone under 18. If you are under 18, do not create an account or submit any content.

If we learn that we have collected personal information from a child under 18, we will delete that information promptly. If you believe a child has provided us with personal information, please contact us immediately at privacy@certifiedhumanintelligence.com.

10. THIRD-PARTY LINKS AND SERVICES

Our Platform may contain links to third-party websites or services. This Privacy Policy applies only to CHI. We are not responsible for the privacy practices of third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our Platform with a new "Effective Date"
• Sending an email to the address associated with your account
• Displaying a prominent notice on our Platform

We will provide at least 30 days' notice before material changes take effect. Your continued use of the Platform after the updated policy becomes effective constitutes your acceptance of the changes.

12. CONTACT US

If you have questions about this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 30 days.

13. CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about the categories and specific pieces of personal information we have collected
• Right to Delete: Request deletion of personal information (subject to exceptions, including our retention requirements)
• Right to Opt-Out: We do not sell personal information, so there is no sale to opt out of
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at privacy@certifiedhumanintelligence.com.