AEVIONTrust · IP · Globus
DemoAuthQRightQSignBureauPlanetAwardsBankChessPricingAPI

Privacy Policy

Last updated: April 26, 2026

1. Information We Collect

We collect: account information (name, email), content you submit (QRight objects, Planet artifacts), transaction data (AEVION Bank), and usage analytics. We do not sell your personal data to third parties.

2. How We Use Your Data

Your data is used to: provide platform services, verify intellectual property claims, process transactions, prevent fraud, and improve the platform. Compliance data (hashes, signatures) is stored for verification purposes.

3. Data Security

We use industry-standard encryption and Quantum Shield cryptographic protection: every QRight certificate carries an Ed25519 signature whose private key is split via 2-of-3 Shamir Secret Sharing across independent locations, so AEVION never holds enough of the key to forge or recover it alone. Modern certificates also carry a co-signature held only in your browser and an OpenTimestamps proof anchored in a Bitcoin block — meaning a downloaded verification bundle remains mathematically valid even if AEVION ceases operations. Passwords are hashed and never stored in plain text.

4. Trust Graph

Your public Trust Graph (verification history, voting participation, compliance records) is visible to other users as part of the reputation system. Private data (email, financial details) is never exposed through the Trust Graph.

4a. AEVION Bureau — KYC Data

When you upgrade a certificate to the Verified tier, we collect KYC (Know-Your-Customer) data through a regulated identity-verification partner.

  • What AEVION stores: the verification decision (approved / rejected), verified full name, document type (passport / national ID / driver's licence), country of issue, the partner's session reference, and the timestamp.
  • What AEVION does NOT store: raw scans of your ID document, biometric templates, or selfie images. Those remain with the KYC partner under their retention policy (typically 5–7 years for AML/CFT compliance).
  • What ends up on the certificate: only your verified full name and the verification timestamp. The certificate is publicly viewable at /verify/<id>, so understand that your name becomes part of an immutable cryptographic record after the upgrade.

This processing relies on (a) your explicit consent at the start of the upgrade flow, (b) AEVION's legitimate interest in fraud-prevention, and (c) the Law of the Republic of Kazakhstan No. 94-V dated 21 May 2013 “On Personal Data and Their Protection”. EU/EEA residents additionally rely on GDPR Articles 6(1)(a) and 6(1)(f).

5. AEVION Bank Data

Financial transaction data is encrypted and stored securely. We comply with applicable financial regulations. Transaction history is available to the account holder and for regulatory audit purposes only.

6. Cookies and Tracking

We use essential cookies for authentication (JWT tokens stored locally). We use minimal analytics to understand platform usage. No third-party advertising trackers.

7. Your Rights

You have the right to: access your data, correct inaccurate data, request deletion of your account, export your data, and withdraw consent. Contact yahiin1978@gmail.com to exercise these rights.

8. Data Retention

Account data is retained while your account is active. IP registration records and compliance certificates are retained permanently as part of the evidence trail — this is the core value proposition. Note that even outside our retention, a Verification Bundle you downloaded remains independently checkable: SHA-256, Ed25519, and the Bitcoin-anchored timestamp are the trust anchors, not our database. Financial records are retained as required by applicable law.

9. Contact

Data Protection Officer: yahiin1978@gmail.com. AEVION, Astana, Kazakhstan.