1. What we collect
- Account data: email, full name, profile metadata.
- Identity data (only where a feature requires verification): government-issued document image, selfie, and OCR-extracted fields (name, ID number, expiration date).
- Settlement data (where you enable USDC settlement): wallet addresses and on-chain transaction references. Custody and on-chain movement are performed by Circle; we store references for your audit trail.
- Operational data: vaults, guardrails, agents, transactions, delegate tokens (stored as SHA-256 hashes only — we never see plaintext tokens).
- Sensitive Request Data: Active delegate tokens passed to our API are processed in-memory and confirmed to a zero-log policy. We log request metadata for your audit trail, but the raw token and request body are never persisted in server logs.
- Usage data: standard server logs, IP address, user agent, timestamps. Retained for 90 days.
- Billing data: handled directly by Stripe. We store only the customer ID.
2. Why we collect it
- To provide the Service: authorize transactions, enforce guardrails, surface activity.
- To verify identity where a feature requires it (legal compliance + fraud prevention).
- To produce the immutable audit trail you and your auditor depend on.
- To improve product reliability — aggregated, anonymized metrics only.
3. Where it lives
Application data is stored in Supabase (Postgres) with encryption at rest. Identity documents are stored in the private identity-vault bucket with signed-URL access only. Server logs live with our hosting provider (Vercel).
4. Who we share with
We share data only with the sub-processors strictly required to operate the Service:
- Supabase — database, auth, storage, realtime.
- Vercel — application hosting, edge functions, and Speed Insights.
- Stripe — payment processing for credit top-ups.
- Circle — USDC custody and on-chain settlement (where enabled).
- Anthropic — model inference for Vesper (where you use the agent).
- Resend — transactional email.
We do not sell or rent your data. We do not run third-party advertising trackers on the dashboard.
5. Your rights
- Access: export your full dataset from /settings.
- Deletion: delete your account from /settings; data is purged within 30 days except for audit records required by law.
- Correction: edit your profile or re-run identity verification at any time.
- Portability: export transactions, audit logs, and identity decisions as JSON.
- EU residents: rights under GDPR Articles 15–22. CA residents: rights under CCPA.
6. Retention
- Active account data: kept while your account is active.
- Audit log: retained for 7 years (regulatory requirement).
- Identity verification artifacts: 7 years from last verification, then purged.
- Server logs: 90 days rolling.
7. Cookies & analytics
We use a single first-party session cookie for authentication. We do not use third-party advertising cookies. We use Vercel Speed Insights to measure aggregate, anonymized page-performance metrics (such as load times); it does not track you across sites or build an advertising profile.
8. Security
We encrypt data in transit and at rest, scope access by least privilege, and log security-relevant events. Suspected vulnerabilities: security@greenecomply.com.
9. Children
The Service is not intended for users under 18. We do not knowingly collect data from minors.
10. Contact
Privacy questions or data requests: privacy@greenecomply.com