Skip to main content
Attestix

Privacy Policy

Last updated: February 27, 2026

1. Introduction

VibeTensor Private Limited ("VibeTensor", "we", "us", or "our") operates the Attestix website (attestix.vibetensor.com) and the Attestix open-source software. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

This policy is drafted in compliance with the Information Technology Act, 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Digital Personal Data Protection Act, 2023 (DPDP Act), and the General Data Protection Regulation (GDPR) for users in the European Economic Area.

2. Data Controller

VibeTensor Private Limited is the data controller responsible for your personal data.

3. Information We Collect

3.1 Information you provide

3.2 Information collected automatically

3.3 Information we do NOT collect

3.4 Blockchain Anchoring Disclosure

When you use the optional blockchain anchoring features, Attestix sends cryptographic hashes (not raw data) to the Base L2 blockchain via the Ethereum Attestation Service (EAS). These hashes are publicly visible and permanently immutable on the blockchain. No personal data or raw credential content is sent to the blockchain. You control whether to use this feature.

4. Lawful Basis for Processing (GDPR)

5. How We Use Your Information

6. Data Sharing and Transfers

We do not sell your personal data. We may share data with:

For transfers to countries outside India or the EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards.

7. Data Retention

We retain personal data only as long as necessary for the purposes described above. Contact inquiries are retained for up to 2 years. Server logs are retained for up to 30 days.

8. Your Rights

Under GDPR (EEA residents)

Under DPDP Act (Indian residents)

To exercise any of these rights, contact us at info@vibetensor.com. We will respond within 30 days.

9. Cookies

Our website uses only strictly necessary cookies for basic functionality (such as theme preference). We do not use analytics cookies, tracking cookies, or third-party advertising cookies. See our Cookie Policy for details.

10. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, contact us immediately.

11. Security

We implement reasonable security practices and procedures to protect your data, including HTTPS encryption, security headers, and access controls, consistent with Rule 8 of the IT Rules 2011.

12. Grievance Redressal

If you have any concerns about our data practices, please contact our Grievance Officer:

We will acknowledge your complaint within 48 hours and resolve it within 30 days.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.