Privacy Policy

StationHash (“Service,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains what data we collect, how we use it, how long we keep it, and your rights regarding your personal information.

By using StationHash, you agree to the practices described in this Privacy Policy.

We collect different types of data depending on how you interact with the Service.

2.1 Registered Users (Account Holders)

When you create an account, we collect:

• Email address — used for account authentication, session invitations, notifications, and email verification
• Password — stored as a secure hash by our authentication provider (Supabase Auth); we never store or have access to your plaintext password
• Google account information (if you sign in with Google) — your name and email address as provided by Google OAuth; we do not access your Google contacts, files, or other account data

2.2 Guest Users (Invite Link Access)

When you access a document session through an invite link without creating an account, we collect:

• Email address — provided by the inviting party; used to send verification codes for consequential actions (uploading, accepting, signing)

2.3 Document Data

When you use the Service, we process:

• Uploaded document files — encrypted with AES-256-GCM at rest in our storage system
• Document metadata — session titles, descriptions, revision summaries, comments, and timestamps
• File hashes — SHA-256 cryptographic hashes computed from your uploaded documents

2.4 Blockchain Data

When you sign a document through StationHash, the following is recorded on the Polygon blockchain:

• Document hash — a SHA-256 fingerprint of the signed document
• Email hashes — a one-way cryptographic hash of each party's email address (your actual email is never written to the blockchain)
• Timestamps — when each signature was recorded
• Transaction hashes — unique identifiers for each blockchain transaction

Blockchain records are permanent and cannot be modified or deleted by anyone, including StationHash. However, because only hashes are stored on-chain, your email address and document contents cannot be derived from the blockchain records.

2.5 Automatically Collected Data

• IP addresses — collected when anyone (registered or not) uses our public document verification page, solely for rate limiting purposes. IP addresses in verification logs are retained indefinitely
• Verification logs — when someone uses our public verification page, we log the submitted file hash, whether it matched, the IP address, and the timestamp
• Analytics data — we use Vercel Analytics to collect anonymous usage metrics such as page views, Core Web Vitals, and browser/device information. IP addresses are masked by Vercel and not stored
• Error monitoring data — we use Sentry to capture application errors for debugging purposes. Error reports may include request context such as URL paths and browser information

We do not use cookies for tracking purposes. We do not use any third-party advertising services.

We use your data exclusively for the following purposes:

• Providing the Service — authenticating users, managing document sessions, sending notifications and verification codes, recording signatures on the blockchain
• Security and abuse prevention — rate limiting API requests, preventing unauthorized access, detecting fraudulent activity
• Verification — allowing anyone to verify document authenticity through our public verification page
• Service communications — sending transactional emails such as session invitations, verification codes, signing notifications, and data deletion reminders

We do not sell, rent, or share your personal data with third parties for marketing purposes. We do not use your data for advertising. We do not use your uploaded documents for any purpose other than providing the Service.

4.1 Active Sessions

While a document session is active (in draft, negotiating, or pending signatures), all associated data — documents, emails, comments, and metadata — is retained on our servers.

4.2 Completed Sessions — 30-Day Retention

Once a session is completed (both parties have signed), a 30-day countdown begins. After 30 days, the following data is permanently and automatically deleted from our servers:

• Uploaded document files
• Party email addresses
• Session titles and descriptions
• Revision history
• Comments
• Acceptance records
• Signature records (server-side copies)
• Invite tokens

4.3 What Survives Deletion

After the 30-day deletion, only the following non-personal data remains in our database:

• Session ID (used to link to blockchain records)
• Final document hash (needed for verification)
• Blockchain transaction hashes
• Completion timestamp

Additionally, blockchain records are permanent and survive independently of our servers. These contain only cryptographic hashes, not personal information.

4.4 Deletion Reminder

We send a reminder email 7 days before the scheduled deletion date. It is your responsibility to download your documents and any verification certificates before deletion occurs.

4.5 Incomplete Sessions

Sessions that are never completed (abandoned drafts, negotiations that did not result in signing) are automatically cleaned up after 90 days of inactivity. Inactivity is measured from the last meaningful action (comment, revision upload, acceptance, or signature). After 90 days with no activity, the session and all associated data are permanently deleted using the same process described in Section 4.2.

4.6 Verification Log Retention

IP addresses and file hashes recorded in our verification logs are retained indefinitely for rate limiting and abuse prevention purposes.

We implement the following security measures to protect your data:

• Encryption at rest — uploaded documents are encrypted with AES-256-GCM (authenticated encryption) in our storage system
• Encryption in transit — all data transmitted between your browser and our servers uses HTTPS/TLS
• Row Level Security — database access controls ensure users can only access their own session data
• Hashed identifiers — email addresses are cryptographically hashed before being written to the blockchain, using a server-side secret that is never exposed
• Secure authentication — handled by Supabase Auth with email verification
• Rate limiting — API endpoints are rate-limited to prevent abuse

Despite these measures, no system is perfectly secure. We cannot guarantee that unauthorized access, data breaches, or data loss will never occur. You use the Service at your own risk. Please see our Terms of Service for additional disclaimers.

We use the following third-party services to operate StationHash. Your data may be processed by these providers in accordance with their own privacy policies:

We do not use any advertising or tracking services.

7.1 Access and Download

You can access and download your documents at any time while a session is active or within the 30-day post-completion window. After automatic deletion, we cannot recover your data.

7.2 Account Deletion

You may request deletion of your account by contacting us. Upon account deletion, we will remove your personal data from our servers. Note that:

• Blockchain records cannot be deleted or modified
• Data in active sessions shared with other parties may be retained until those sessions are completed and the 30-day window expires

7.3 Data Portability

You may download your documents and verification certificates at any time before automatic deletion.

7.4 Correction

If your account email is incorrect, you may update it through your account settings.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how it is used
• Right to delete your personal information (subject to the limitations described in Section 7.2)
• Right to opt-out of sale — we do not sell your personal information to any third party
• Right to non-discrimination — we will not treat you differently for exercising your CCPA rights

To exercise these rights, contact us using the information in Section 12.

If you are located in the European Economic Area (EEA) or the United Kingdom, the following applies:

• Legal basis for processing — we process your data based on contractual necessity (providing the Service you requested) and legitimate interests (security, abuse prevention)
• Data transfers — your data is processed in the United States. By using the Service, you consent to the transfer of your data to the US
• Rights — you have the right to access, rectify, erase, restrict processing, object to processing, and data portability. You also have the right to lodge a complaint with your local data protection authority
• Blockchain limitation — due to the immutable nature of blockchain technology, we cannot erase data that has been recorded on the Polygon blockchain. This data consists only of cryptographic hashes and does not contain directly identifiable personal information

To exercise your GDPR rights, contact us using the information in Section 12.

StationHash is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a person under 18, we will take steps to delete that data promptly.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or a prominent notice on the Service. Your continued use after such notice constitutes acceptance of the updated Privacy Policy.

If you have questions about this Privacy Policy or wish to exercise any of your data rights, contact us at:

Email: support@stationhash.com