Privacy Policy

1) Who We Are & Scope

Presence Proof ("Presence Proof," "we," "us," "our") provides a manual-first platform that helps global citizens, expatriates, and their advisors calculate and document physical presence for tax, visa, residency, and citizenship workflows.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal data and describes your rights under GDPR/UK GDPR, CCPA/CPRA, and other applicable laws. It is tailored to high-stakes use cases such as FEIE/IRS, Schengen 90/180, naturalization, and residency-by-investment.

2) Data We Collect & Data Minimization

Data Minimization Principle

We follow the principle of data minimization: we collect only what is needed to provide the Service. Optional fields (e.g., nationality, visa status) are not required unless you want functionality that depends on them. You can delete travel logs or evidence you no longer need via your account.

2.1 You Provide

Account & Profile

Name, email, password (encrypted), optional nationality/citizenship/residency/visa context.

Travel Logs

Manual entries of dates/countries/cities/notes; imported history.

Evidence Uploads (may include sensitive/special-category data)

Examples: boarding passes, contracts, passport/visa pages.

Your responsibility:

Upload only documents necessary for your compliance records. Before uploading, redact sensitive information not required for verification (e.g., financial account numbers, health data, or ID numbers beyond what's needed to prove travel dates).

Biometric data in passport scans:

Passport photos are biometric data under GDPR when used for identification. We process such images only as necessary to support your compliance records, do not use facial recognition, and do not share biometric data with third parties. By uploading identity documents, you consent to our processing of any biometric data therein for the limited purposes described.

Support

Messages/attachments you send us.

Payments

Handled by processors (e.g., Stripe). We do not store card numbers.

2.2 Collected Automatically

•
Usage & Device:IP, device/OS, browser, timestamps, referrer, generalized location (city/region).
•
Cookies/Local Storage:Session/authentication, preferences; analytics subject to consent where required.
•
Diagnostics:Error/performance logs (aggregated/pseudonymized where feasible).

2.3 From Third Parties (If You Connect)

Limited, permissioned data from identity providers, cloud storage, or professional tools you explicitly authorize.

2A) Evidence Storage & Retention

For users with evidence management access (Pro and Premium plans), Presence Proof provides secure storage for supporting documents such as boarding passes, contracts, lease agreements, and other compliance evidence.

Storage Quotas

→Free tier: 0 MB (no evidence storage)

→Pro tier: 1 GB of encrypted evidence storage

→Premium tier: 5 GB of encrypted evidence storage

Storage quota is enforced in real-time. When you delete a document, storage quota is freed immediately—you don't have to wait for permanent deletion.

Deletion & Retention Policy

30-Day Soft Delete

When you delete an evidence document, it enters a 30-day retention period (soft delete). During this time:

The document is moved to your Trash and hidden from normal views
Storage quota is freed immediately
You can restore the document at any time via the Trash page
You will receive an email notification 7 days before permanent deletion

Permanent Deletion

After 30 days in Trash, documents are permanently and irreversibly deleted from our storage systems. The file itself, including all file contents and binary data, is destroyed and cannot be recovered.

7-Year Audit Trail (IRS Compliance)

To support IRS and tax authority audit requirements, we maintain an immutable cryptographic audit trail for 7 years after deletion. This audit trail contains:

→SHA-256 hash of the document (cryptographic fingerprint)
→Document metadata: title, upload date, deletion date, file size, MIME type
→Action log: who uploaded, when deleted, restoration history

Important: The audit trail does NOT contain the document file itself or its contents.

This preserves proof of what evidence you had (for audit defense) while respecting your right to deletion under GDPR Article 17. The cryptographic hash proves document authenticity without storing personal data contained in the file.

Evidence Security Measures

Encryption at Rest

All evidence files are encrypted using AES-256 encryption before being stored on our secure infrastructure.

Signed URLs

Documents are only accessible via time-limited signed URLs that expire after 60 seconds, preventing unauthorized sharing.

Row-Level Security

Database policies ensure you can only access your own evidence. Even our engineers cannot access your documents without explicit authorization.

Virus Scanning

All uploads are scanned for malware and viruses before being stored to protect you and other users.

Account Deletion & Evidence

When you delete your Presence Proof account, all evidence documents are immediately soft-deleted with 30-day retention. This ensures GDPR compliance while giving you a recovery window. You can request immediate hard deletion by contacting privacy@presenceproof.com, though we recommend keeping the 30-day window in case you change your mind.

For detailed information about managing your evidence storage, visit your Storage & Data Settings page or view your Trash.

3) How We Use Data (Purposes & Legal Bases)

Purposes

•Provide and secure the Service; generate presence calculations and auditable reports.
•Operate advisor access you enable (see §7).
•Communicate about service, billing, and support.
•Fulfill legal/contractual obligations; prevent fraud; ensure security.

Product Improvement Analytics

We analyze usage to improve calculations and features using:

→Aggregated metrics (e.g., "X% of users ran a Schengen report last month"),
→Anonymized data stripped of identifiers so individuals are not identifiable,
→No analysis of individual travel histories or calculation results for marketing purposes.
→If we ever need pseudonymized analysis for a specific defect investigation, we will request explicit opt-in consent and apply strict access controls.

Legal Bases (GDPR/UK GDPR)

Contract performance; legitimate interests (security, maintenance, improvement); consent (cookies, certain integrations/communications); legal obligation.

4) Automated Calculations & Human Review

Presence Proof calculates day counts using automated logic. Laws are complex and evolving. You have the right to request human review and to contest a calculation by contacting our support team. Always assess whether a scenario is legally critical and, where appropriate, obtain professional advice before filing or applying.

5) Retention

Active accounts

Retained while your account remains active.

After deletion

Personal data removed from production systems within 30 days and from immutable/backups within 90 days, except where law requires longer retention (e.g., financial records).

Legal holds

If we receive a lawful preservation request, deletion pauses until the hold is lifted.

6) Security

TLS in transit
Encryption at rest (e.g., AES-256)
Role-based access controls; least-privilege
Audit logging
Periodic security testing

No system is perfectly secure—protect your credentials and enable available security controls.

7) Advisor Access (CPAs, Lawyers, Immigration/Wealth Advisors)

You may invite a professional advisor and assign permissions; you can revoke access at any time.

Advisors who manage multiple client files generally act as independent controllers for their client relationships; Presence Proof acts as a processor. Advisors must accept our Data Processing Addendum (DPA) and confidentiality terms.

8) International Transfers, Sub-processors & Data Residency

We use vetted vendors (hosting, database, payments, email, analytics). Personal data may be processed in the U.S. and other countries. For EEA/UK transfers, we use Standard Contractual Clauses and conduct Transfer Impact Assessments as required.

Sub-processor List

We maintain a public, versioned list naming each sub-processor, region, and purpose, with DPA/SCC references and 30-day advance change notices: [link to Sub-processor List].

EU/UK data residency

We are developing EU-region hosting for customers who require data localization. Expected availability: Q2 2025. Join the early-access waitlist: [link]. Until then, transfers to/from the EEA rely on Standard Contractual Clauses with appropriate safeguards detailed in our DPA.

9) Government & Law-Enforcement Requests; Transparency

We disclose data only when legally required (valid subpoena, court order, or equivalent). User notice is provided before disclosure unless prohibited by law or there is a clear risk of harm or fraud. We may challenge overbroad or unlawful requests.

Transparency Reporting

Beginning Q2 2025, we will publish an annual Transparency Report showing counts, types, and jurisdictions of requests and our response rates, available at: [link].

10) Your Rights

GDPR/UK GDPR Rights

•Access and rectification
•Erasure and portability
•Restriction and objection
•Consent withdrawal

California (CCPA/CPRA) Rights

•Right to know and access
•Delete and correct
•Limit use of sensitive data
•Non-discrimination

We do not "sell" or "share" personal information as defined by CPRA.

To exercise rights, email privacy@presenceproof.com; we'll verify and respond within statutory timeframes.

11) Portability & Deletion (Self-Service)

Export travel logs, reports, and (where feasible) evidence in CSV/JSON/PDF. Delete items or your full account (see §5 for timing).

If you participated in an advisor workspace, coordinate with the advisor regarding their independent records.

12) Cookies & Similar Technologies

Essential cookies

Authentication, security, preferences — always on.

Analytics cookies

Opt-in where required, controllable via our cookie banner/settings.

We do not use third-party marketing cookies unrelated to Presence Proof. See our Cookie Policy for details.

Presence Proof uses Google Analytics 4 with Consent Mode v2 to understand overall site usage while protecting your privacy.

How Consent Mode Works

Before You Grant Consent

Analytics operates in a cookieless, aggregated mode. No personal data or identifiers are stored or accessed. Google Analytics receives only aggregated, anonymized data about site traffic patterns.

After You Consent

Analytics cookies may be used to measure interactions and improve the Service. This allows us to understand how individual user sessions interact with features and identify areas for improvement.

Your Control

You can withdraw or modify your consent at any time via the cookie preferences panel. Withdrawing consent will immediately stop analytics cookies and revert to cookieless tracking.

Learn more about how Google processes data in analytics at https://support.google.com/analytics/answer/9976101.

13) Data Breach Notification

If a personal-data breach is likely to result in risk to your rights and freedoms, we will notify regulators within 72 hours (where required) and notify affected users without undue delay, including what happened, data involved, mitigation, and steps you can take.

14) Children

Not intended for under-18s. We do not knowingly collect children's data.

15) EU Representative & DPO

Current status: We currently do not meet thresholds requiring an EU representative or DPO. If this changes, we will update this section and notify affected users. (If/when appointed, we will list representative/DPO details here.)

16) Changes & Contact

We may update this Policy; material changes will be announced via email or in-app notice with the effective date.

Privacy & Rights: privacy@presenceproof.com

Security Incidents: security@presenceproof.com

Legal & Contracts: legal@presenceproof.com