Privacy Policy
This Privacy Policy explains how Archive Origin Public handles account data, uploaded media, verification metadata, support requests, and operational logs. It follows the same plain-language structure used by school-facing privacy and security pages: clear data categories, limited use, defined sharing boundaries, and explicit support handling.
Scope
This policy applies to the public verification service, including account registration, media uploads, verification pages, shared record access, compilation verification, support forms, and related API services.
Roles and responsibilities
- You control what you upload and share. Records are private by default unless you explicitly share them.
- Archive Origin operates the service. We store media, hashes, verification metadata, and operational logs needed to run, secure, and support the platform.
Information we collect
- Account data: email address and a hashed password.
- Uploaded media: photos, videos, and related files you submit to the service.
- Verification and ledger metadata: cryptographic hashes, capture timestamp, device identifier supplied by the app, optional assertion text, and manifest fields required to verify integrity. Ledger metadata is retained independently of account status so that previously issued verification links remain resolvable.
- Sharing metadata: recipient links, share tokens, and access control records when you explicitly share a record.
- Service and security metadata: request logs, IP-based abuse prevention, rate-limiting data, and storage quota usage required to keep the service reliable and secure.
- Support requests: your name, email address, support type, and message content when you submit the support form.
How we use information
- To store your media and generate a verifiable ledger or compilation record.
- To deliver verification pages, record previews, and compilation checks to authorized viewers.
- To operate authentication, storage quotas, integrity checks, abuse prevention, and rate limits.
- To respond to support requests, troubleshoot technical issues, and improve service reliability.
Sharing and disclosure
Records are private by default. You can explicitly share a record with another user. Shared links grant access to the record preview and metadata.
Shared verification links remain resolvable after the sharer deletes their account; they surface the ledger record, not the sharer's identity.
- We do not sell uploaded media, verification data, or support request contents.
- We disclose data only as needed to operate the service, respond to your request, enforce policy, or comply with law.
- Support requests submitted through the public support form are delivered to
damion@archiveorigin.comfor handling.
Support requests and contact information
When you use the support form, we collect your submitted contact information and message so we can respond, investigate issues, and maintain a record of support communications. Please do not include unnecessary sensitive personal, financial, medical, or student information in support submissions.
Security and integrity
- We use authentication, storage controls, rate limiting, and verification hashes to protect service integrity.
- Verification metadata is designed to show whether a stored artifact still matches its recorded hash chain and ordered sequence.
- Support can help explain verification results, but support cannot override a failed verification outcome.
Retention
- Uploaded media is retained until you delete it or delete your account, or until it is removed under policy or legal process.
- Verification and ledger records are retained to preserve integrity and continuity of verification. They are not removed by routine account deletion. Removal of a verification record is handled only through the policy review process described below.
- Support communications may be retained as needed for support operations, service improvement, security review, and compliance.
Account deletion
You can delete your account from the iOS app (Settings → Delete Account) or by contacting damion@archiveorigin.com.
When you delete your account, Archive Origin removes:
- Your personal account data (email, password hash, Apple sign-in reference, username, session tokens).
- Uploaded media files and generated thumbnails stored on our servers.
- Share relationships you created, support history, and webhook subscriptions tied to your account.
Archive Origin retains, after deletion:
- Verification records on the Archive Origin ledger — cryptographic hashes, capture timestamps, signature metadata, manifest references, and ledger ordering. These are the evidence that something was captured and sealed at a given moment, and they must remain intact for the system to be meaningful.
- Before retention, these records are dissociated from you: your account identifier is scrubbed and the creator field is replaced with an anonymized reference, so the ledger entry continues to prove the event occurred without re-identifying you.
Shared verification links continue to resolve after account deletion. If the underlying media has been removed, the verification page will load and clearly indicate that the original media is no longer available, while still showing the hash, timestamp, signature, and verification status from the ledger.
This is how Archive Origin works as verification infrastructure: a user can walk away from the service, but the integrity record of what was captured cannot be silently erased from history. If you need a verification record itself reviewed for removal (for example on legal or safety grounds), contact damion@archiveorigin.com; requests are reviewed case by case.
Public verification limits
Archive Origin Public verifies integrity and chain consistency for stored artifacts. Verification indicates whether stored records still match their recorded hashes, ordering, and ledger state. It does not independently verify the truth of user statements.
Contact
Privacy: damion@archiveorigin.com
Support: Support form or damion@archiveorigin.com