Effective date: 6th of October 2025
WrittenInStone provides tools to create verifiable proofs of digital work, such as timestamps, checksums, and verification links. This Privacy Policy explains what data we process, why, and how you can exercise your rights.
The data controller is WrittenInStone. If you have privacy or data protection questions, please contact us securely via our contact page .
We collect only what is necessary to provide and improve the service.
| Category | Example | Purpose |
|---|---|---|
| Account information | Email, username, authentication provider | To create and maintain your account |
| Usage and logs | IP address, browser type, timestamps, request metadata | To operate, secure, and monitor system performance |
| Verification data | Hashes or checksums of uploaded files | To provide immutable proofs of authenticity |
| Originals | Files or attachments needed to create fingerprint and extract metadata | Store originals if you enable this premium feature |
| Support or contact data | Messages, issue reports | To respond to your requests |
Files, documents, or other materials uploaded by users (“User Content”) are processed solely to provide the requested services, including fingerprinting, metadata extraction, verification, audit logging, and integrity checks.
User Content is not reviewed manually, shared with other users, or used for advertising or marketing purposes. Processing is performed automatically as part of normal SaaS service operation.
Anonymized metadata and user-provided verification data may be processed by automated tools, including similarity detection or internet search systems, to:
These operations do not expose your personal information or file contents. They are carried out under our legitimate interest in improving reliability and user trust.
To operate and maintain the service, WrittenInStone may generate technical derivatives of User Content such as hashes, fingerprints, previews, indexes, or cached representations.
These derivatives are used exclusively for service functionality, security, fraud prevention, system reliability, and performance optimization. They do not replace or expose the original content.
Users retain all rights, title, and interest in their User Content. WrittenInStone does not claim ownership of uploaded materials and processes them solely as a service provider.
We use reputable infrastructure and service providers that comply with EU data protection standards. If data is processed outside the EEA, we apply safeguards such as Standard Contractual Clauses. We do not sell or trade personal data.
Under GDPR and similar laws, you may request access, correction, deletion, restriction, or portability of your data. You may also object to processing based on legitimate interest.
To exercise your rights, please use our contact form. We will reply within the time required by law.
WrittenInStone acts as a data controller for account, authentication, billing, and operational data. For User Content uploaded to the platform, WrittenInStone acts as a data processor on behalf of the user.
We use encryption (HTTPS/TLS), access controls, and regular updates to keep systems secure. No internet service is completely risk-free, so please keep credentials private and report suspected misuse promptly.
This service is intended for adults and professionals. It is not marketed to children or minors.
We may update this policy as laws or services evolve. The latest version is always available on this page, with the effective date shown above.
This policy complies with the EU General Data Protection Regulation (GDPR) and relevant U.S. state privacy laws. It is governed by the laws of EU, unless mandatory local privacy regulations require otherwise.