โ Back to HashNotary
Privacy Policy
Last updated: March 26, 2026
1. Introduction
HashNotary ("we", "us", "our") operates the hashnotary.io website and blockchain document certification service. This Privacy Policy explains how we collect, use, and protect your information.
2. Zero-Knowledge Architecture
Core Principle: Your documents never leave your device. HashNotary uses a Zero-Knowledge Architecture where all file processing (hashing and encryption) occurs entirely in your web browser. We never receive, store, view, or transmit your original documents.
3. Information We Collect
3.1 Account Information
- Email address (for account creation and communication)
- Name (optional, for certificate personalization)
- Hashed password (we never store plaintext passwords)
3.2 Document Metadata
- SHA-256 hash of your document (a 64-character cryptographic fingerprint)
- Timestamp of certification
- File name and size (optional, for your reference)
3.3 What We Do NOT Collect
- โ Your original document contents
- โ Document previews or thumbnails
- โ Any data that could reconstruct your document
4. Blockchain Records
Document hashes are recorded on the Polygon blockchain, which is a public, immutable ledger. Once a hash is recorded, it cannot be deleted or modified by anyone, including HashNotary. Blockchain records contain only the cryptographic hash, timestamp, and certifier's wallet address โ no personal information or document content.
5. Payment Information
All payments are processed through blockchain transactions on the Polygon network using MATIC or USDC tokens. We do not collect or store credit card numbers, bank account details, or any traditional financial information.
6. Data Security
We implement industry-standard security measures including:
- TLS/SSL encryption for all communications
- AES-256 encryption for stored vault data
- Bcrypt password hashing with salts
- Regular security audits and monitoring
7. Data Retention
Account data is retained while your account is active. You may request deletion of your account and associated metadata at any time by contacting us. Note: blockchain records are immutable and cannot be deleted, but they contain only cryptographic hashes โ not personal data.
8. Cookies
We use essential cookies for session management and authentication. We do not use tracking cookies or share data with advertising networks.
9. Third-Party Services
- Polygon Network: Blockchain transaction recording
- Google Gemini AI: Powering our customer support chatbot
10. Your Rights
You have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request deletion of your account
- Export your certification records
11. Contact
For privacy-related inquiries: contact@hashnotary.io