Legal & Privacy

📋 Summary

GlabTech operates SBIX and SBIX Certify — sovereign proof infrastructure for compliance and creators. We only collect what is strictly necessary and we never process your raw data: our systems anchor cryptographic hashes only.

🏢 1. Legal Information

• Publisher: GlabTech SARL
• Location: Anse des Cayes, 97133 St-Barthélemy, France
• ASN: 30077 (LACNIC registered)
• Founded: 2011
• Email: contact@glabtech.com
• Director: Charly Greaux
• Hosting: Self-hosted infrastructure (ASN 30077) + IONOS backup

🛡️ 2. Our Products

SBIX Certify (certify.sbix.io)

Proof of creation for NFT artists. Generates SHA-256 hashes, RFC-3161 timestamps, and anchors proofs on Tezos blockchain.

• Data collected: Email (for account), file hash (never the file itself)
• Blockchain anchoring: Tezos mainnet + Aleph.im
• Payments: Processed by Stripe (PCI-DSS compliant)

SBIX Core (sbix.io)

Enterprise proof infrastructure for MiCA compliance. On-premise deployment available.

• Data collected: Contact form submissions only
• Demo: Available at demo.sbix.io (do not submit sensitive data)

🔐 3. Personal Data (GDPR)

3.1 What data do we collect?

• Account creation: Email address
• Contact forms: Name, email, message
• Certify usage: File hashes (SHA-256), timestamps, proof IDs
• Analytics: Plausible (cookie-less, privacy-first)

3.2 What we DON'T collect

• Your files — we only process the hash
• Your IP address (not stored)
• Tracking cookies
• Third-party advertising data

3.3 Legal bases

• Contract: Account creation, certification services
• Legitimate interest: Analytics, security, service improvement
• Legal obligation: Invoicing, tax records

3.4 Data retention

• Proofs/certificates: Stored indefinitely (blockchain anchored)
• Account data: Until account deletion + 30 days
• Contact requests: 24 months after last contact
• Analytics: Aggregated, no personal data retained

3.5 Your rights

Under GDPR (Articles 15-22), you have the right to:

• Access your personal data
• Rectify inaccurate data
• Request erasure ("right to be forgotten")
• Restrict processing
• Data portability
• Object to processing

Exercise your rights: contact@glabtech.com
Supervisory authority: CNIL (France)

🍪 4. Cookies & Tracking

• glabtech.com: Plausible Analytics (cookie-less, GDPR-compliant)
• certify.sbix.io: Plausible Analytics (cookie-less)
• Essential cookies: Session management only (no tracking)

We do not use Google Analytics, Facebook Pixel, or any third-party tracking.

🔗 5. Third-Party Services

• Stripe: Payment processing (PCI-DSS Level 1)
• Formspree: Contact form handling
• Plausible: Privacy-first analytics (EU-based)
• Tezos: Blockchain anchoring (public, decentralized)
• Aleph.im: Decentralized storage backup

⚡ 6. Security & Sovereignty

• Hashes only: We never store your original files
• Own infrastructure: ASN 30077, self-managed
• No cloud dependency: On-prem deployments available
• Encryption: TLS 1.3, Ed25519 signatures
• Location: EU jurisdiction (St-Barthélemy, France)

📜 7. Terms of Use

Access to GlabTech services is provided "as is". We do not guarantee continuous availability for demo endpoints. You are responsible for your usage and regulatory compliance in your jurisdiction.

SBIX Certify certificates are cryptographic proofs anchored on public blockchains. They cannot be modified or deleted once created. Ensure you have rights to certify any content before using the service.

🔄 8. Policy Updates

We may update this document at any time. The update date appears at the top of this page. Significant changes will be communicated via email to registered users.

❓ Frequently Asked Questions

📧 Contact

For any questions regarding privacy, legal matters, or GDPR requests:

• Email: founder@glabtech.com
• Twitter: @grxSBIX
• Address: GlabTech SARL, Anse des Cayes, 97133 St-Barthélemy, France