Privacy Policy — Encypher Verify Chrome Extension

1. Overview

Encypher ("we," "our," or "us") is committed to protecting your privacy. Encypher Verify is a browser extension that detects and verifies cryptographic provenance markers (C2PA standard) in text, images, audio, and video on the web. This privacy policy describes what data the extension collects, how that data is handled, stored, and shared, and what rights you have as a user.

We will never sell your personal data to third parties.

This policy is specific to the Encypher Verify Chrome extension. For the full Encypher privacy policy covering all services (website, APIs, dashboard, plugins), see encypher.com/privacy.

2. User Data Collection

2.1 Data Collected Locally (Never Sent to Servers)

The following data is stored only in your browser using Chrome's storage APIs and is never transmitted to Encypher servers:

• Extension settings and preferences: Auto-scan toggles, badge display preferences, API base URL configuration
• API key: Stored in Chrome's local storage. Transmitted only to the Encypher API endpoint you configure, over HTTPS.
• Verification cache: Temporary cache of verification results, automatically cleared after 1 hour
• Signing preferences: Embedding mode, frequency, and document type defaults

2.2 Data Sent to Encypher API (Verification)

When you verify content, either automatically or by right-clicking a media element, the extension sends:

• Signed content block: Only the specific text block, image header, audio segment, or video segment containing the C2PA signature — never the full page
• Media file headers: For automatic image detection, only the first 4 KB of each image is inspected via HTTP Range requests

The extension does NOT send: full page content, browsing history, personal information (name, email, etc.), or any data from pages that do not contain C2PA provenance markers.

2.3 Data Sent to Encypher API (Signing)

When you use the signing feature (requires an API key):

• Text to sign: The text you explicitly choose to sign
• Optional title: If you provide one
• API key: Sent over HTTPS to authenticate your request

Signed content metadata (document ID, signer ID, timestamp, signing configuration, content fingerprint) is stored on Encypher servers for verification and audit purposes. We do not store the full text of signed content on our servers.

Public Verification Records: Signing records are part of Encypher's public verification infrastructure. Organization names, document IDs, signer IDs, and signing timestamps associated with content signatures may be returned through the public verification API when content is verified by third parties. This is a core function of the content provenance system: signed content is designed to be publicly verifiable.

2.4 Data Sent to Encypher API (Bug Reports)

When you use the "Report Issue" form in the extension popup:

• Email address (optional): If you choose to enter your email address, it is sent to Encypher so we can reply to your report. You are not required to provide an email.
• Issue description: The text you write describing the problem
• Diagnostics: Extension version, browser version, current page URL, and scan state at the time of the report

Bug report data is used solely to diagnose and resolve the reported issue. Email addresses provided in bug reports are not used for marketing, newsletters, or any purpose other than responding to your report.

2.5 Content Discovery and Distribution Analytics (Always Active)

When the extension detects and verifies signed content on a page, it reports an anonymous discovery event to the Encypher analytics service. Content distribution tracking is a core function of the Encypher platform. It serves two purposes:

• Content owner reporting: Organizations that sign content rely on discovery analytics to see where their content appears across the web, including whether it has been redistributed to unauthorized domains.
• Platform intelligence: Encypher uses aggregated, anonymized discovery data to improve the product, understand content distribution patterns, and produce industry insights. This aggregated data never identifies individual extension users.

Discovery analytics cannot be disabled because content owners depend on it to monitor their signed content. This is comparable to how a certificate transparency log records certificate issuance: the detection record is part of the provenance infrastructure, not optional telemetry.

Each discovery event includes:

• Sanitized page URL and domain: Where the signed content was found. URL query parameters and hash fragments are stripped before reporting.
• Page title: The title of the page containing the signed content
• Signer information: The organization that originally signed the content (extracted from the signature, not from you)
• Verification result: Whether the content signature was verified, invalid, or revoked
• Embedding context: Marker type, embedding size bucket, and detection source (page scan vs. cache hit)
• Domain mismatch signal: Whether the detection domain differs from the original signing domain. This is how content owners detect unauthorized redistribution: if a publisher signs content for their own site and it later appears on a different domain, the mismatch is recorded.
• Anonymized session ID: A random, ephemeral identifier that resets each browser session. This is not tied to your identity, account, or browsing history.

Discovery analytics does NOT collect: your name, email, or any personal information; your browsing history or data from pages without signed content; your IP address for analytics storage (IP is used transiently for rate limiting only and is not persisted).

2.6 What the Extension Does NOT Collect

• Browsing history
• Full page content or DOM
• Personal information (names, addresses, phone numbers). Email addresses are collected only if you voluntarily enter one in the bug report form (see Section 2.4).
• Passwords or financial information
• Data from pages that do not contain C2PA provenance markers
• Cookies, tracking pixels, or third-party analytics SDKs

3. Data Handling

We use the collected information for the following purposes:

• Service Delivery: To provide content verification and signing functionality
• Content Distribution Reporting: To deliver reports to signing organizations showing where their signed content appears on the web, including detection of unauthorized redistribution (content appearing on domains the signer did not authorize)
• Aggregated Business Intelligence: Encypher uses anonymized, aggregated discovery data to understand content distribution patterns across the web, improve the platform, inform product strategy, and produce industry insights. Aggregated statistics (e.g., trends in content redistribution, adoption of provenance signing across industries) may appear in Encypher marketing materials, industry reports, or product documentation. These aggregated statistics never identify individual extension users.
• Security: To detect, prevent, and address technical issues and security threats
• Legal Compliance: To comply with legal obligations and protect our rights
• Product Development: To improve our technology and develop new features. We do not use your personal data or signed content to train AI models.

4. Data Storage

4.1 Local Storage (In Your Browser)

4.2 Server Storage (Encypher API)

4.3 Data Location and Encryption

Encypher's primary infrastructure is located in the United States. All data transmitted between the extension and Encypher servers is encrypted in transit using HTTPS/TLS. Server-side data is encrypted at rest. API keys are stored locally using Chrome's encrypted storage API.

When data is no longer needed, we securely delete or anonymize it. Longer retention periods may apply where required by law.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information only in the following circumstances:

5.1 Service Providers (Sub-processors)

The following third-party vendors assist in operating the Encypher services that the extension connects to. These providers are contractually obligated to protect your data and may only use it to perform services on our behalf:

• Railway (railway.app) — Application hosting and infrastructure
• SSL.com — Cryptographic certificate issuance for C2PA content signing
• Sentry — Error monitoring and application diagnostics

Additional sub-processors used by the broader Encypher platform (Stripe for payments, SendGrid for email) do not receive data from the Chrome extension.

5.2 Content Owners (via Discovery Analytics)

Signing organizations receive reports showing where their signed content appears, including page URLs, domains, detection timestamps, and whether the content was found on an authorized or unauthorized domain. These reports help content owners monitor redistribution of their work. No information that identifies the extension user is included in these reports.

5.3 Aggregated Industry Insights

Encypher may publish or use in marketing materials aggregated, anonymized statistics derived from discovery analytics, such as content distribution trends, adoption rates of provenance signing, or redistribution patterns across industries. These statistics are derived from data that has been stripped of any information that could identify individual users, specific URLs, or specific content items. This is similar to how CDN providers publish internet traffic reports from aggregated request data.

5.4 Public Verification API

Organization names, document IDs, and signing timestamps embedded in signed content are publicly accessible through the verification API as a core function of the provenance system. See Section 2.3.

5.5 Legal Requirements

When required by law, court order, or governmental authority.

5.6 Business Transfers

In connection with a merger, acquisition, or sale of assets, with appropriate safeguards for your data. You will be notified of any such transfer.

5.7 No Other Third Parties

Encypher does not sell, rent, or share your data with advertisers, data brokers, or any other third-party services beyond those listed above. No third-party analytics SDKs (Google Analytics, Mixpanel, etc.) are embedded in the extension. The extension does not use cookies or tracking pixels.

6. Extension Permissions

The extension requests only the permissions necessary for its functionality:

• activeTab: Access the current tab to detect provenance markers in page content
• storage: Store settings, API key, and verification cache locally in the browser
• clipboardWrite: Copy signed text to clipboard when you use the signing feature
• contextMenus: Add "Verify with Encypher" to the right-click menu for images, audio, and video
• scripting: Inject content scripts to detect markers and display verification badges on pages
• Host permissions (<all_urls>): Required so the extension can detect C2PA provenance markers on any webpage you visit. The extension only reads content that contains cryptographic signatures; it does not access or transmit other page content.

7. Legal Basis for Data Processing

Encypher processes data under the following legal bases (GDPR Art. 6):

• Contract (Art. 6(1)(b)): Processing necessary to provide the services you have requested, including signing, verification, and account management
• Legitimate Interests (Art. 6(1)(f)): Verification requests, discovery analytics, security monitoring, and product improvement are necessary to deliver the extension's core functionality. We have assessed that these interests do not override your rights and freedoms.
• Consent (Art. 6(1)(a)): Signing content is an explicit user-initiated action. You choose what text to sign and when.
• Legal Obligation (Art. 6(1)(c)): Where processing is required by applicable law, such as financial record retention

8. International Data Transfers

Encypher's primary infrastructure is located in the United States. If you use this extension from outside the United States, your verification requests and discovery analytics data are transferred to and processed in the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for transfers from the European Economic Area (EEA) or United Kingdom. Enterprise customers may request a Data Processing Agreement (DPA) at legal@encypher.com.

9. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of data in transit (HTTPS/TLS) and at rest
• Access controls and authentication mechanisms
• Secure storage of API keys using Chrome's encrypted storage API
• Error and anomaly monitoring via Sentry to detect unauthorized access attempts
• Regular security assessments and updates

We will notify you within 72 hours of becoming aware of a security incident that is likely to result in a risk to your rights and freedoms.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Your Rights and Controls

10.1 Extension Controls

• View settings: Open the extension options page to see your configuration
• Delete API key: Remove your API key at any time via the extension options page
• Clear verification cache: Clear cached results via the extension options page
• Disable auto-scan: Turn off automatic image and media detection in the extension options page
• Uninstall: Removing the extension deletes all locally stored data immediately

10.2 Data Deletion Requests

• Local data: Automatically and permanently deleted when you uninstall the extension
• Server data: Contact privacy@encypher.com to request deletion of signed content metadata associated with your API key. Encypher will process deletion requests within 30 days.

Note: Deletion of account data does not remove signing records from the public verification infrastructure. Signing records (document IDs, timestamps, organization names) are part of the content provenance chain and are retained to maintain the integrity of previously signed content.

10.3 Opt-Out Mechanisms

11. Children's Privacy

This extension is not directed at children under 13 (or the applicable age of consent in your jurisdiction). Encypher does not knowingly collect personal data from children. If you believe a child has provided personal data through the extension, contact privacy@encypher.com and Encypher will delete it.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (Encypher does not sell personal information)
• Right to non-discrimination for exercising your privacy rights

Authorized Agent: You may designate an authorized agent to submit requests on your behalf. To use an authorized agent, provide written authorization signed by you and your agent, along with proof of identity. Contact privacy@encypher.com with your request.

13. European Privacy Rights (GDPR)

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation, including:

• Access the personal data Encypher holds about you
• Rectify inaccurate data
• Request erasure of your data (subject to retention requirements in Section 4)
• Restrict or object to processing
• Data portability
• Withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal
• Lodge a complaint with your local supervisory authority

For transfers of personal data from the EEA to the United States, we rely on Standard Contractual Clauses (SCCs). You may request a copy of our SCCs at legal@encypher.com.

14. Changes to This Policy

Encypher may update this privacy policy to reflect changes in the extension's functionality or applicable law. Changes will be reflected in the "Last Updated" date at the top. For material changes, Encypher will provide notice through the extension's update notes on the Chrome Web Store. Continued use of the extension after a policy update constitutes acceptance of the updated terms.

15. Contact

For questions about this privacy policy, data practices, or to exercise your privacy rights:

Encypher Corporation
Privacy inquiries: privacy@encypher.com
Legal: legal@encypher.com
General support: support@encypher.com
Full company privacy policy: encypher.com/privacy

16. Summary