Legal

Privacy Policy

Last updated: March 2026

Humark is built on the principle that your identity belongs to you. This policy explains exactly what data we collect, what we never touch, and how your biometric information stays on your device.

01

What We Collect

Humark collects the minimum data necessary to provide verifiable provenance for your creative work. This includes:

  • Asset hashes (SHA-256 cryptographic hashes and perceptual fingerprints of your hardened assets)
  • Public keys (the public portion of your device-generated signing keypair)
  • C2PA metadata (Content Credentials manifests that record provenance information)
  • Display name (the creator name you choose to associate with your signed work)
  • Email address (waitlist registrations only, used solely for product updates)
02

What We Don’t Collect

We want to be unambiguous about this: Humark never collects, stores, transmits, or has access to your biometric data. This includes but is not limited to:

  • Face geometry or facial recognition data
  • Fingerprint data or fingerprint templates
  • Iris scans or retinal data
  • Voiceprints or behavioral biometrics
  • Raw images or video of your face or body

Your biometric information is used exclusively on your device, within the hardware-secured environment (Secure Enclave on iOS, Keystore on Android), to authorize the creation of a cryptographic signing key. The biometric data never leaves the secure hardware. We only receive the public key — a mathematical value that cannot be reverse-engineered to reconstruct any biometric information.

03

How Biometrics Work in Humark

When you set up Humark, your device’s Secure Enclave (Apple) or Keystore (Android) generates an asymmetric keypair. This process uses your biometric authentication (FaceID, TouchID, or fingerprint) as a gate — meaning only you can authorize signing operations.

The private key is generated inside the secure hardware and never leaves it. It cannot be exported, copied, or accessed by any software — including Humark. When you sign an asset, the signing operation happens entirely within the secure hardware. Humark sends the hash to be signed, and the secure hardware returns a signature. At no point does Humark have access to the private key or any biometric data.

The public key is shared with the Humark registry so that anyone can verify your signatures. A public key cannot be used to sign new documents, access your device, or reconstruct your biometric data.

04

Your Rights

We respect and uphold your data protection rights under all applicable privacy legislation.

Under GDPR (European Economic Area)

  • Right to access all personal data we hold about you
  • Right to rectification of inaccurate data
  • Right to erasure (“right to be forgotten”) of your account data
  • Right to restrict or object to processing
  • Right to data portability
  • Right to lodge a complaint with your local supervisory authority

Under CCPA (California)

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information held by us
  • Right to opt out of the sale of personal information (note: Humark does not sell personal information)
  • Right to non-discrimination for exercising your privacy rights

Under BIPA (Illinois)

  • Humark does not collect biometric identifiers or biometric information as defined under BIPA
  • All biometric processing occurs exclusively on your device within hardware-secured environments
  • No biometric data is transmitted to, received by, or stored on Humark servers
  • We provide this disclosure proactively as part of our commitment to transparency
05

Data Retention

Provenance records (asset hashes, public keys, C2PA manifests, and zero-knowledge proofs) are stored indefinitely in the Humark public registry. This is by design: the value of provenance depends on its permanence. These records form an immutable, tamper-evident ledger that allows anyone to verify the authenticity and origin of creative work at any point in the future.

Account-level data (display name, email address, account preferences) can be deleted upon request. When you request account deletion, we will remove all personally identifiable account data within 30 days. Provenance records will remain in the registry but will be disassociated from any personally identifiable information.

Waitlist email addresses are retained only until the product launches and are deleted within 90 days of your first app login, unless you opt in to continued communications.

06

Contact

If you have questions about this privacy policy, wish to exercise any of your data rights, or need to report a concern, contact us at:

privacy@humark.id

We aim to respond to all privacy-related inquiries within 5 business days.

This privacy policy is effective as of March 2026 and applies to all users of the Humark application and website. We will notify users of any material changes to this policy via email or in-app notification.