Privacy Policy

1. Introduction

Unykorn Technologies ("we," "us," "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Continuity & Evidence Layer (CEL) services.

2. Information We Collect

2.1 Account Information

• Name, email address, company name
• Billing address and payment information
• Account credentials (hashed passwords)
• Contact preferences

2.2 Blockchain Data

• Block numbers, timestamps, hashes
• Economic state snapshots (aggregated balances)
• Transaction metadata (no private keys)
• Validator addresses and signatures

2.3 Operational Data

• Guardian attestation signatures
• Resilience drill results
• Covenant metric compliance records
• System performance metrics

2.4 Usage Data

• IP addresses, browser type, device information
• Pages visited, time spent, click patterns
• API call logs and response times
• Error logs and debugging information

3. How We Use Your Information

We use collected data for:

• Service Provision: Operating CEL services, generating proofs, monitoring continuity
• Account Management: Creating accounts, processing payments, customer support
• Communication: Service updates, security alerts, marketing (with consent)
• Improvement: Analyzing usage patterns, developing new features
• Security: Detecting fraud, preventing abuse, enforcing Terms of Service
• Compliance: Meeting legal obligations, responding to subpoenas

4. Data Sharing and Disclosure

We do NOT sell your personal data. We may share data with:

4.1 Service Providers

• Cloud hosting (AWS, Azure, Google Cloud)
• Payment processing (Stripe, ACH)
• Email services (SendGrid, Mailgun)
• Analytics (Google Analytics, Mixpanel)

4.2 Legal Requirements

We may disclose data when required by:

• Court orders or subpoenas
• Regulatory investigations
• Law enforcement requests
• National security demands

4.3 Business Transfers

If we are acquired or merge with another company, your data may be transferred to the successor entity.

5. Data Retention

• Account Data: Retained while account is active + 7 years (financial records)
• Blockchain Data: Retained indefinitely (immutable proof chain)
• Usage Logs: Retained for 90 days (security analysis)
• Backup Data: Retained for 1 year (disaster recovery)

Upon account deletion, we anonymize or delete personal data within 90 days, except where legally required to retain longer.

6. Data Security

We implement industry-standard security measures:

• Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
• Access Controls: Role-based access, multi-factor authentication
• Monitoring: 24/7 security monitoring, intrusion detection
• Audits: Annual SOC 2 Type II audits (Enterprise tier)
• Incident Response: 24-hour breach notification policy

7. Your Rights (GDPR/CCPA)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in a machine-readable format
• Opt-Out: Unsubscribe from marketing emails
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interests

To exercise these rights, email privacy@unykorn.org. We respond within 30 days.

8. Cookies and Tracking

8.1 Essential Cookies

Required for authentication, security, and session management. Cannot be disabled.

8.2 Analytics Cookies

Track usage patterns to improve services. Can be disabled via browser settings.

8.3 Marketing Cookies

Track conversions and retargeting. Opt-out via cookie banner or Digital Advertising Alliance.

9. Third-Party Links

Our website may link to external sites (e.g., GitHub, documentation). We are not responsible for their privacy practices. Review their policies before providing personal data.

10. Children's Privacy

CEL services are not directed to individuals under 18. We do not knowingly collect data from minors. If we discover such collection, we delete it immediately.

11. International Data Transfers

CEL services are operated from the United States. By using our services, you consent to the transfer of your data to the U.S., which may have different privacy laws than your jurisdiction.

EU Users: We rely on Standard Contractual Clauses (SCCs) for GDPR compliance.

12. California Privacy Rights (CCPA)

California residents have additional rights:

• Know: Categories of data collected and how it's used
• Delete: Request deletion of personal data
• Opt-Out: Opt-out of data "sale" (we don't sell data)
• Non-Discrimination: Equal service regardless of privacy choices

Contact privacy@unykorn.org to exercise CCPA rights.

13. Nevada Privacy Rights

Nevada residents may opt-out of the "sale" of personal information. We do not sell data, but to exercise this right, email privacy@unykorn.org.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in practices or legal requirements. Material changes will be notified via:

• Email to registered users (30 days' notice)
• Prominent notice on our website
• Updated "Last Updated" date at the top

Continued use after changes constitutes acceptance.

15. Contact Us

For privacy questions or to exercise your rights:

Unykorn Technologies
Privacy Officer
Email: privacy@unykorn.org
Website: unykorn.org

EU Representative: [To be appointed if processing EU data]