Privacy Policy

This Privacy Policy explains how SigChain collects, uses, stores, and discloses information in connection with the SigChain website, forms, documentation, applications, and related services (collectively, the "Service").

SigChain is operated by the SigChain team ("we," "us," or "our").

1. Information We Collect

We may collect the following categories of information:

• Information you provide directly: such as contact details, profile or eligibility information, form responses, messages, uploads, feedback, and other information you choose to send through the Service or in direct communications with us
• Access, account, and relationship information: such as records used to create, administer, secure, or control access to the Service
• Service content and usage information: such as information needed to provide, save, maintain, compare, restore, support, personalize, or improve content, workflows, and interactions within the Service
• Technical, device, and log information: such as IP address, device or browser information, session identifiers, timestamps, and related technical information used for security, fraud prevention, troubleshooting, analytics, and service administration
• Cookies and similar technologies: such as cookies, local storage and related technologies used to operate the Service, remember state or preferences, measure usage, and support security and continuity
• Diagnostic, support, and communications information: such as crash, error, debugging, support, and communications-related information generated when the Service is used or when issues are reported

2. How We Use Information

We may use information to:

• Operate, host, secure, and maintain the Service
• Authenticate users and control access to the Service
• Store, resume, compare, restore, and support work product, content, and interactions between visits or sessions where supported
• Provide application, communication, analytics, upload, automation, AI-powered, and related product features
• Respond to inquiries, support requests, and product feedback
• Send access instructions, service messages, product updates, marketing communications, and administrative notices where permitted by law
• Investigate abuse, enforce our Terms, detect bugs, and improve the Service
• Develop, test, personalize, measure, and refine current and future SigChain features

3. Legal Bases for Processing

If you are in the European Economic Area, the United Kingdom, or another jurisdiction that requires a legal basis for processing, we rely on one or more of the following legal bases depending on the context:

• Performance of a contract: to provide the Service you request, including access, account or session continuity, saved content, communications, uploads, support, and other functionality necessary to deliver the Service
• Legitimate interests: to secure, maintain, analyze, debug, improve, personalize, and administer the Service, prevent abuse, enforce our Terms, understand service usage, protect our systems, and communicate with users about the operation and development of the Service
• Consent: where you voluntarily submit information, choose optional features, accept non-essential cookies or similar technologies, or where consent is required by law for specific processing activities
• Legal obligation: where processing is needed to comply with applicable law, lawful requests, court orders, or regulatory obligations

Where we rely on legitimate interests, those interests generally include operating and improving SigChain, protecting the Service from misuse, supporting users, understanding how the Service is used, and improving the product and user experience.

4. Cookies and Local Storage

We use cookies and similar technologies to operate the Service. These technologies may be used for authentication, session continuity, state preservation, security, preferences, analytics, and related service functions.

Some cookies and similar technologies are necessary for the Service to function. Others may be used for analytics, performance measurement, communications, embedded content, or related purposes. Where required by law, we will seek consent before using non-essential cookies or similar technologies.

5. Third-Party Services

We may use or embed third-party services including:

• Form, communications, and customer operations providers
• Hosting, infrastructure, and developer tooling providers
• Embedded media, font, and content delivery providers
• Analytics, performance, and measurement providers
• AI and machine-learning service providers

These third parties may process information under their own privacy policies. We do not sell your personal information to data brokers or advertisers.

6. How We Share Information

We may share information:

• With service providers, contractors, and vendors that help us operate, support, secure, analyze, or improve the Service
• When needed to investigate fraud, abuse, security issues, or Terms violations
• To comply with law, regulation, legal process, or a valid government request
• In connection with a merger, acquisition, financing, restructuring, or sale of assets, subject to applicable confidentiality obligations

7. Retention

We keep information for as long as reasonably necessary to operate the Service, support users, communicate with users, improve the product, resolve disputes, enforce our agreements, and comply with legal obligations.

Some Service data may persist so the Service can function properly and provide continuity across visits, devices, sessions, or support interactions. Certain browser-side data remains until you clear it or it expires. Some records may remain in backups or logs for a limited period after deletion or reset.

More specifically, we generally retain:

• Contact and relationship data until it is no longer needed for communications, account administration, support, or related recordkeeping
• Access, security, and compliance records for as long as needed to manage access, prevent abuse, and maintain security, auditability, and legal compliance
• Saved content, uploaded materials, and service interaction records until deleted, replaced, or no longer needed for operation, support, continuity, or improvement of the Service, subject to backups and legal retention needs
• Logs, analytics, and diagnostic records for as long as reasonably needed for security, fraud prevention, troubleshooting, service measurement, and operational monitoring

8. Your Choices and Rights

You can contact us to request access, correction, deletion, or reset of data that is associated with you. We may need to verify your request and may retain limited information where required for security, fraud prevention, recordkeeping, or legal compliance.

You can also clear certain browser-side data by clearing your browser cookies, local storage, and similar browser data. Logging out or restarting a session may not remove all server-side records.

Depending on your location, you may also have the right to:

• Request access to the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request deletion of your personal data
• Request restriction of processing
• Object to processing based on legitimate interests
• Request portability of certain data
• Withdraw consent where processing is based on consent, without affecting earlier processing
• Lodge a complaint with your local supervisory authority or data protection regulator

If we rely on legitimate interests for processing, you have the right to object to that processing in certain circumstances.

9. Communications

We may send access instructions, service communications, and product communications by email and, where applicable and permitted by law, by other channels.

If you voluntarily provide contact information, we may use it for service-related, support, product, or marketing communications where appropriate and lawful.

10. International Transfers

Your information may be processed in the United States and other countries where we or our service providers operate. Those countries may have data protection rules that differ from the laws of your jurisdiction.

Where required by applicable law, we will rely on appropriate safeguards for international transfers, such as contractual protections or other lawful transfer mechanisms, when transferring personal data across borders.

11. Automated Decision-Making

We do not use your personal data to make solely automated decisions that produce legal or similarly significant effects about you in the sense contemplated by applicable data protection law. The Service may generate technical outputs, suggestions, or analyses, but those are product outputs and are not used by us to make legally significant decisions about you.

12. Security

We use reasonable administrative, technical, and organizational measures designed to protect information. No system is completely secure, and we cannot guarantee absolute security.

13. Children's Privacy

The Service is not intended for children under 18, and we do not knowingly collect personal information from individuals under 18. If you believe a minor has provided us personal information, contact us and we will take reasonable steps to delete it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version becomes effective when posted unless we state otherwise. Your continued use of the Service after the effective date of the updated policy means you accept the revised policy.

15. Contact

For privacy questions or requests, contact contact@sigchainapp.com.