Spatial Proof Logo

Privacy Policy

Welcome to Spatial Proof, operated by PIESKE ONE LTDA, CNPJ 48.468.140/0001-15. This privacy policy clearly and transparently describes how we collect, use, store, and protect your personal information, in full compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13,709/2018) and international data protection standards.

🔒 Our Commitment: Spatial Proof was designed with privacy from the ground up (Privacy by Design). We collect sensor data exclusively during verification captures and only with your explicit consent. Outside of the capture moment, no sensor data is collected or transmitted.

1. About Spatial Proof

Spatial Proof is a space-time verification infrastructure that transforms your smartphone into an anti-fraud verifier. Our technology creates cryptographic proofs that a person was at a specific location, at a specific time, capturing real and unfalsifiable data.

We use this technology for:

  • Verification of social and environmental projects
  • Carbon credit and sustainability auditing
  • Origin certification in production chains
  • Inspections, audits, and compliance
  • Family and regenerative agriculture

2. Data Collected

2.1 Registration Data

To create and manage your account, we collect:

  • Full name
  • Email address
  • Phone number (optional)
  • Country/Region
  • Profile photo (optional)

2.2 Sensor Data (Collected ONLY During Captures)

⚠️ Important: The sensor data listed below is collected exclusively at the moment you perform a verification capture. The application does NOT collect, monitor, or transmit sensor data in the background or at any other time.
Sensor/Data Purpose When Collected
GPS/GNSS Determine precise geographic coordinates (latitude, longitude, altitude) Only during capture
Accelerometer Detect movement and device orientation to validate authenticity Only during capture
Gyroscope Measure rotation and device stability Only during capture
Magnetometer Determine direction/orientation of capture (compass) Only during capture
Barometer Measure atmospheric pressure for altitude validation Only during capture
Camera Capture photos and videos as visual evidence Only during capture
Cryptographic Timestamp Record exact date/time with cryptographic proof Only during capture
Device Data Model, operating system, unique identifiers for integrity verification Only during capture

2.3 Technical Security Data

To ensure the integrity and authenticity of captures, we also collect during verification:

  • Device root/jailbreak status
  • Emulator or virtual environment detection
  • Application integrity verification
  • Cryptographic hash of collected data

3. Consent and Public Sharing

📢 Public Verification Link: By making a capture in Spatial Proof, you expressly consent that the data from this capture will be accessible through a public verification link. This link allows third parties (auditors, certifiers, partners, or anyone with the link) to verify and authenticate that the capture actually occurred at the indicated location and time.

3.1 What is Shared in the Public Link

When you create a verification capture, the following data can be viewed by anyone who has the link:

  • Geographic coordinates (latitude, longitude, altitude)
  • Date and time of capture with cryptographic proof
  • Captured photos and/or videos
  • Sensor data that proves authenticity
  • Cryptographic verification hash
  • Device integrity metadata

3.2 Explicit Consent

By using Spatial Proof to make verification captures, you:

  • Expressly authorize the collection of sensor data at the time of capture
  • Agree that this data will be processed to generate a verification proof
  • Consent that a public link will be generated to allow verification by third parties
  • Understand that the purpose of the service is precisely to create verifiable and auditable proofs

3.3 Control Over Your Captures

You maintain control over your captures and can:

  • View all captures made in your account
  • Request deletion of specific captures (subject to legal and contractual obligations)
  • Manage which organizations have access to your verifications

4. Legal Basis for Data Processing

We process your personal data based on the following legal grounds under LGPD and international standards:

  • Consent (Art. 7, I): For collecting sensor data during captures and generating public verification links
  • Contract Performance (Art. 7, V): To provide the contracted verification services
  • Legitimate Interest (Art. 7, IX): To improve our services and ensure security
  • Legal Obligation Compliance (Art. 7, II): When required by law or regulation

Consent may be revoked at any time, without prejudice to the legality of processing carried out previously.

5. Purposes of Processing

We use your data exclusively for:

  • Creating and managing your user account
  • Processing and generating space-time verification proofs
  • Providing public links for capture authentication
  • Synchronizing captures made offline when there is a connection
  • Ensuring the integrity and authenticity of verifications
  • Detecting and preventing fraud or manipulation
  • Sending relevant notifications about your captures
  • Continuously improving our services
  • Complying with legal and regulatory obligations

6. Offline Operation

Spatial Proof was designed to work in remote areas without connectivity:

  • Captures can be made completely offline
  • Data is stored locally in a secure and encrypted manner
  • When connection is available, data is synchronized with our servers
  • Cryptographic integrity is maintained regardless of synchronization timing

7. Sharing with Third Parties

In addition to public verification links, we may share data with:

7.1 Verification Partners

  • Carbon certifiers (Verra, Gold Standard, etc.)
  • Audit and compliance organizations
  • Government entities when legally required

7.2 Infrastructure Providers

  • Cloud hosting services
  • File storage services
  • Authentication providers

All partners and providers are subject to contracts with confidentiality and security clauses in compliance with LGPD and international data protection standards.

8. Information Security

We implement robust technical and organizational measures:

  • End-to-end encryption for data in transit
  • AES-256 encryption for data at rest
  • SHA-256 cryptographic hashing for integrity
  • Secure servers with security certifications
  • Regular backups and geographic redundancy
  • Continuous security monitoring
  • Role-based access control
  • Periodic security audits

9. Your Rights

In compliance with LGPD and international data protection regulations, you have the right to:

  • Confirmation and Access: Know if we process your data and access it
  • Correction: Correct incomplete, inaccurate, or outdated data
  • Anonymization, Blocking, or Deletion: Request processing of unnecessary or excessive data
  • Portability: Receive your data in a structured format
  • Deletion: Request deletion of data processed based on consent
  • Information: Know with whom we share your data
  • Revocation of Consent: Withdraw consent at any time
  • Objection: Object to processing in certain situations

To exercise any of these rights, contact us at: brayon@spatialproof.org

10. Data Retention

We keep your data:

  • Account data: While your account is active
  • Verification captures: For the period necessary for audit purposes or as contractually agreed
  • Data for legal obligations: For the period required by law

After the retention period ends, data is securely deleted or anonymized.

11. International Data Transfer

Some data may be processed on servers located outside Brazil. In these cases:

  • We ensure that the destination country offers an adequate level of protection
  • We use approved standard contractual clauses
  • We implement additional technical security measures
  • We maintain compliance with Chapter V of LGPD and international data transfer requirements

12. Children and Adolescents

Spatial Proof is not intended for persons under 18 years of age. We do not intentionally collect data from minors. If we identify that data from minors has been collected without the consent of a legal guardian, this data will be deleted immediately.

13. Cookies and Similar Technologies

On our web platform, we may use:

  • Essential cookies: Necessary for basic functionality
  • Analytics cookies: To understand how you use the service
  • Preference cookies: To remember your settings

You can manage your cookie preferences through your browser settings.

14. Changes to This Policy

We may update this policy periodically. When we make significant changes:

  • We will notify you by email or through the application
  • We will update the "last updated" date at the end of this document
  • For material changes, we will request new consent when necessary

We recommend reviewing this policy periodically.

15. Data Protection Officer (DPO)

For questions related to privacy and data protection, contact our Data Protection Officer:

16. Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of Brazil. The Court of the District of Timbó, State of Santa Catarina, Brazil, is elected to resolve any conflicts arising from this policy, with express waiver of any other, however privileged it may be.

17. Contact

PIESKE ONE LTDA
CNPJ: 48.468.140/0001-15

Address:
Rodovia SC 110, KM 134
Rodeio Doze, Rodeio, SC
ZIP Code: 89136-000, Brazil

Phone: +55 47 99769-2127
Email: brayon@spatialproof.org
Website: spatialproof.org
Last updated: November 27, 2025
© 2025 Spatial Proof - All rights reserved