Privacy Policy

1. Who we are

YSEEKU (“we”, “us”, “our”) operates the SONATE platform and the website at yseeku.com. YSEEKU is based in Melbourne, Australia.

For any privacy-related questions, contact us at stephen@yseeku.com.

2. Information we collect

We collect information in the following ways:

Information you provide

• Contact information (name, email address) when you reach out to us
• Account information if you register for the SONATE platform
• Communications you send us (emails, feedback, inquiries)

Information collected automatically

• Usage data via Vercel Analytics (page views, referrers — no personal tracking)
• Technical data (browser type, device type, IP address)
• Cookies necessary for site functionality

Platform usage data

• AI interaction metadata processed through SONATE (inputs, outputs, policy evaluations)
• Trust Receipts generated by your use of the platform
• Note: Trust Receipts can be configured to store only hashes, not raw content

3. How we use your information

• To provide and maintain the SONATE platform and services
• To respond to your inquiries and provide support
• To improve our website and platform
• To send relevant communications (only with your consent)
• To comply with legal obligations

4. Data storage and security

We take data security seriously. Platform data is protected using industry-standard measures including:

• Ed25519 cryptographic signing for data integrity
• SHA-256 hash chains for tamper evidence
• Encryption in transit (TLS) and at rest
• Role-based access control (RBAC)
• Immutable audit logging

Data is stored on servers operated by our infrastructure providers (Vercel, Fly.io, MongoDB Atlas). We select providers that maintain appropriate security certifications.

5. Data sharing

We do not sell your personal information. We may share data with:

• Infrastructure providers — necessary for platform operation (hosting, databases)
• AI model providers — when you route AI interactions through SONATE (OpenAI, Anthropic, Google)
• Legal requirements — when required by law or to protect our rights

Trust Receipts are designed so that verification can happen independently using public keys and open-source SDKs, without sharing data with YSEEKU.

6. Your rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Object to or restrict processing
• Data portability
• Withdraw consent at any time

To exercise any of these rights, contact us at stephen@yseeku.com.

7. International data transfers

YSEEKU is based in Australia. If you access our services from outside Australia, your data may be transferred to and processed in Australia and other countries where our infrastructure providers operate. We ensure appropriate safeguards are in place for such transfers.

8. Data retention

We retain personal data only as long as necessary for the purposes described in this policy, or as required by law. Trust Receipts are retained according to your configured retention policies within the platform.

Demo data (from our interactive demos) is purged daily.

9. Cookies

We use minimal cookies necessary for website functionality. We use Vercel Analytics for privacy-friendly, anonymized site analytics — no cross-site tracking, no personal profiling, no third-party advertising cookies.

10. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via our website. Continued use of our services after changes constitutes acceptance of the updated policy.