Article 1. Definitions

1.1. Personal data
Any information relating to an identified or identifiable natural person (the “data subject”). An “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity (Article 4(1) GDPR; Recital 26).

1.2. Processing
Any operation or set of operations performed on personal data, whether or not by automated means, including but not limited to collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction (Article 4(2) GDPR).

1.3. HashCam
The mobile application developed and operated by Impact Makers BV (Mimosalaan 18, 3191 Boortmeerbeek, Belgium; VAT BE 0777.567.440). HashCam creates a secure cryptographic hash of each photo or video captured on the user’s device, then registers that hash on the public Ethereum blockchain to provide an immutable timestamp. No original media files are uploaded or processed outside the user’s device. HashCam provides a technical timestamp. It is not a “qualified electronic time-stamp” under Regulation (EU) 910/2014 (eIDAS).

1.4. User
Any natural person who downloads, installs, or uses HashCam. Insofar as such a User is a data subject, they may exercise rights under this Privacy Policy and under applicable data-protection laws.

1.5. Metadata

Data generated by HashCam in the course of creating or verifying a cryptographic hash of media (for example, timestamps, transaction identifiers, or SHA-256 digests). Metadata do not include original photo or video content, but in certain contexts (e.g., when linked to a pseudonymous User ID), they may constitute personal data.

1.6. JSON Web Token (JWT)

A compact, URL-safe means of representing claims to be transferred between two parties (as defined by RFC 7519). A JWT consists of a header, payload (containing signed claims, such as a User ID or an expiration timestamp), and a signature. HashCam may use JWTs to authenticate Users or authorize access to protected endpoints. JWTs themselves do not contain personal data unless such data are included in the payload; users should ensure that any personal data in a JWT are limited to what is strictly necessary and are protected in transit and at rest.

1.7. Controller

Impact Makers BV, Mimosalaan 18, 3191 Boortmeerbeek, Belgium (VAT BE 0777.567.440), which determines the purposes and means of processing.

Article 2. Subject of the Policy

2.1. This Privacy Policy explains how and why HashCam processes your Personal Data, in accordance with the General Data Protection Regulation (GDPR) and Belgian law.

Article 3. What Personal Data We Process

3.1. HashCam collects only minimal personal data, necessary for secure access and proper app functioning:

•    Apple-generated pseudonymous identifier (sub)

•    Apple-provided private relay email address

•    Token issuance, expiry, and validation metadata

•    JWTs stored on the user’s device via Apple Keychain

•    Minimal security telemetry: device model, iOS version and IP address (see Art. 5.2)

•    Optional capture location (GPS latitude/longitude) – stored locally in the PDF certificate and in the photo’s EXIF metadata so you can later prove where the media was created. The data stays on-device (or, if you opt-in, in your personal iCloud Drive) and is never sent to our servers.

3.2. Creating an account requires sharing your Apple Sign-In identifier. If you refuse, we cannot provide the HashCam service.

3.3. We do not collect:

•    Names, real emails, or addresses

•    Images, videos

•    Device usage or behaviour analytics

3.4. HashCam never accesses or uploads your media files. 

3.5. Your photos and videos never leave your device. When you tap ‘Timestamp’, HashCam first computes a one-way SHA-256 cryptographic hash (a mathematical fingerprint) on-device, then sends only that hash together with a transaction reference to our backend hosted by Combell NV (Belgium) for registration on the public Ethereum blockchain. Because the hash is irreversible, it cannot be used to reconstruct your original media and is not personal data unless linked to an identifier. 

If you choose “Yes” to the iCloud prompt, HashCam simply writes the resulting PDF certificate (which may include the capture location) into a dedicated “HashCam” folder in your private iCloud Drive; HashCam has no read-access to that folder.

3.6. HashCam is not directed at children under 17 and does not knowingly process their personal data. Parents may request deletion via privacy@hashcam.io.

Article 4. Purposes of Processing

4.1. Your Personal Data is used solely to:

•    Authenticate your identity via Apple Sign-In

•    Assign and verify credit balances

•    Record token validity and ensure secure sessions

•    Prevent fraud and ensure network security (using the minimal telemetry described in Art. 5.2). 

•    Embed the optional capture location in your certificate and photo metadata, at your request, so you can demonstrate place of capture.

4.2. No profiling, advertising, or marketing use is made of your data. We do not send marketing communications.

Article 5. Legal Basis for Processing

5.1. We process your data on the following legal grounds:

•    Performance of a contract: use of the App requires session authentication

•    Legitimate interest: to ensure App functionality and secure user experience

5.2. We collect the following minimal telemetry under our legitimate interests (Art. 6 (1)(f) GDPR) to prevent fraud and ensure network security: device model, OS version, IP address and cryptographic integrity checks. Logs are stored for 30 days on a dedicated virtual private server operated by Combell NV in Brussels (Belgium), encrypted at rest with full-disk AES-256 encryption, and are never used for profiling or marketing. You may object at any time by emailing privacy@hashcam.io; unless we demonstrate compelling security reasons, we will cease telemetry collection.

Article 6. Your Rights

6.1. As a data subject, you have the following rights:

•    Right of access to your data;

•    Right to rectification of inaccurate data;

•    Right to erasure (right to be forgotten);

•    Right to restriction of processing;

•    Right to object to processing in certain cases;

•    Right to data portability where applicable;

•    Right to withdraw consent – when we ask for your consent (e.g. potentially optional marketing), you may revoke it at any time in Settings. This does not affect processing carried out before withdrawal (Art. 13 §2 (c)).

6.2. HashCam does not engage in automated decision-making, including profiling, that produces legal or similarly significant effects (Art. 22 GDPR).

6.3. Any requests can be sent to: privacy@hashcam.io

Article 7. Security of Your Data

7.1. HashCam employs security measures consistent with industry standards:

•    End-to-end encryption (JWT with secret key). JWTs use HS256, expire after 30 minutes and are rotated on every refresh.

•    Secure storage via Apple iOS Keychain. 

•    Signing keys are stored in an encrypted Hardware Security Module (HSM) managed by Combell NV inside its ISO 27001-certified Belgian data centre and are rotated every 90 days.

•    Auth endpoints are rate-limited (20 attempts / minute / IP).

•    No transmission of media content or location data.

•    Regular token expiry and limited scope.

•    All traffic is encrypted using HTTPS (TLS 1.2 or higher).

•    Only an irreversible SHA-256 hash of your media is ever transmitted; the original file never leaves your device.

Article 8. Data Retention

8.1. HashCam keeps no central user profiles. The only server-side data are security logs (Art. 5.2), retained 30 days on Combell’s Belgian servers, then anonymised. JWTs reside solely on your device.

8.2. How long we keep your data: