provable.infoComing Soon

Privacy Policy

Last updated: 30 January 2026

What provable.info Does

provable.info provides blockchain-backed document integrity verification for Microsoft 365. When you seal a document, we create a cryptographic hash (digital fingerprint) of the file and anchor it to the blockchain, creating an immutable proof of existence.

Data We Collect

  • Document hashes (SHA-256): A one-way cryptographic fingerprint of your document. The hash cannot be reversed to reconstruct the document.
  • Document metadata: Filename, file size, modification date, and the identity of the user who initiated the seal.
  • Tenant information: Your Microsoft 365 tenant ID, organisation name, and administrator email address.
  • Verification logs: When a document is verified, we log the hash submitted and the IP address of the requester.

Data We Do NOT Collect

  • File content: Your documents are never uploaded to or stored by provable.info. Hashing occurs in your browser or within the SharePoint environment.
  • Access credentials: We do not store your Microsoft 365 passwords or session tokens.
  • Personal documents: We have no access to the contents of your files.

Blockchain Anchoring

Document hashes are anchored to the blockchain via OP_RETURN transactions. Once published, this data is permanent and publicly verifiable. The blockchain record contains only the Merkle root hash of a batch of documents — individual document hashes are not directly exposed on-chain.

Data Storage & Security

Operational data (seals, batches, verification logs) is stored in encrypted PostgreSQL databases hosted on Railway (Europe). Data is encrypted in transit (TLS) and at rest. API keys are stored as irreversible SHA-256 hashes.

Data Retention

Seal records and blockchain anchors are retained indefinitely — this is the core value of the service. Verification logs are retained for 90 days. You may request deletion of your tenant account and associated metadata by contacting us.

Third Parties

We use the following third-party services:

  • Railway — API and database hosting (Europe)
  • Vercel — Frontend hosting
  • Blockchain — Immutable data anchoring
  • Microsoft Graph API — SharePoint integration (with your consent)

We do not sell or share your data with any other third parties.

Your Rights

Under GDPR and UK data protection law, you have the right to access, correct, or delete your personal data. Note that blockchain-anchored hashes cannot be deleted due to the immutable nature of the blockchain, but they cannot be linked to document content without access to the original file.

Contact

For privacy enquiries, contact us at privacy@noscere.co.uk

Noscere Ltd
Kilsyth, Scotland, United Kingdom

Privacy Policy — provable.info