Back to Home

    Privacy Policy

    Last Updated: December 14, 2025

    Effective Date: December 14, 2025

    Introduction

    Welcome to SnapProof ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you understand how your information is handled when you use the SnapProof mobile application ("App").

    SnapProof is a documentation tool that allows users to capture photos and videos with embedded metadata including timestamps, GPS coordinates, and device information. SnapProof is NOT a legal service, law firm, or substitute for professional legal advice.

    This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

    Definition of "Evidence"

    Throughout this Privacy Policy, the App, and all associated materials, the term "evidence" is used in its common, everyday meaning to refer to user-generated digital files (photos and videos) and their associated technical metadata (timestamps, GPS coordinates, device information, and cryptographic hashes).

    The use of the term "evidence" does NOT imply, suggest, or guarantee:

    • Legal admissibility in any court, tribunal, arbitration, or legal proceeding
    • Legal authenticity or probative value under any rules of evidence
    • Compliance with any jurisdiction's specific evidentiary standards or requirements
    • That any court, judge, arbitrator, or authority will accept, consider, or give weight to such content
    • Any legal status, certification, or endorsement by SnapProof or any third party

    The determination of whether any content qualifies as admissible evidence in any legal proceeding is made solely by the applicable court, judge, or authority, and is governed by the rules of evidence and procedural rules of the relevant jurisdiction.

    Similarly, the terms "verify," "verified," "certify," "certified," "record," and "recorded" as used in the App refer exclusively to the technical processes performed by the software (cryptographic hashing, timestamping, and metadata embedding) and do not imply any legal conclusion, legal certification, or legal verification.

    Important Disclaimers

    PLEASE READ CAREFULLY:

    • SnapProof is a documentation tool only. We do not provide legal advice, legal services, or legal representation of any kind.
    • We make no guarantees, representations, or warranties regarding the admissibility of any content captured using SnapProof in any court, legal proceeding, arbitration, or dispute resolution process.
    • The admissibility of evidence is determined solely by courts, judges, arbitrators, and applicable rules of evidence in your jurisdiction. We have no control over these determinations.
    • SnapProof does not guarantee any legal outcome, and use of this App should not be considered a substitute for consulting with a qualified attorney.
    • You are solely responsible for how you use any documentation created with SnapProof.

    No Fiduciary Relationship

    Use of SnapProof does not create any fiduciary relationship, attorney-client relationship, expert-client relationship, or duty of care between you and SnapProof, its developers, owners, or affiliates. SnapProof has no obligation to act in your legal, financial, or personal interests. You acknowledge that SnapProof is a software tool and not a trusted advisor, legal representative, or fiduciary of any kind.

    No Expert Testimony

    SnapProof and its developers, owners, employees, and affiliates do not provide expert testimony, forensic analysis, authentication services, or certification services, and shall not be compelled or expected to do so in any legal proceeding, arbitration, or dispute resolution process.

    Lawful Use Requirement

    You agree to use SnapProof only in compliance with all applicable local, state, federal, and international laws, including but not limited to:

    • Consent laws — Laws requiring consent before recording individuals
    • Recording laws — One-party or two-party consent requirements
    • Privacy laws — Laws protecting individuals' privacy rights
    • Surveillance laws — Laws regulating monitoring and documentation
    • Wiretapping laws — Laws governing audio recording

    SnapProof does not authorize, encourage, or condone illegal recording, surveillance, harassment, stalking, or any unlawful documentation. You are solely responsible for determining whether your use of the App is lawful in your jurisdiction and situation.

    If you use SnapProof to violate any law, you do so at your own risk and sole liability. SnapProof expressly disclaims any responsibility for unlawful use of the App.

    Information We Collect

    Information You Create

    When you use SnapProof to capture evidence, the following information is embedded directly into your photos and videos:

    • Date and Time — The exact timestamp (in UTC) when the capture occurred
    • Location Data — GPS coordinates and reverse-geocoded address (if location services are enabled)
    • Device Information — Device model, operating system version
    • Verification ID — A unique identifier for each piece of evidence

    Information Processed for Verification

    To provide cryptographic verification of your evidence, we process:

    • SHA-256 Hash — A cryptographic fingerprint of your captured content
    • Timestamp Token — Obtained from DigiCert's RFC 3161 Timestamp Authority to independently verify when content was captured
    • Device Attestation Token — Obtained from Apple DeviceCheck (iOS) or Google Play Integrity (Android) to verify the authenticity of your device

    Device Attestation Disclaimer: Device Attestation is informational only. A "Verified" attestation status indicates the device passed Apple/Google integrity checks at the time of capture. It does not constitute a guarantee, certification, or endorsement by SnapProof regarding device security or evidence authenticity.

    Verification Scope: All verification performed by SnapProof is limited to technical metadata integrity and does not verify the accuracy, truth, context, or meaning of any captured content.

    Information We Do NOT Collect

    • We do NOT create user accounts
    • We do NOT require registration or login
    • We do NOT collect your name, email address, phone number, or other personal identifiers
    • We do NOT upload or store your photos or videos on our servers
    • We do NOT use analytics or tracking tools
    • We do NOT sell any data to third parties

    How Your Data Is Stored

    Local Storage Only

    All evidence you capture is stored locally on your device. Your photos, videos, and associated metadata remain on your iPhone or Android device unless you choose to export or share them.

    We do not have access to your captured content. We cannot view, retrieve, modify, or delete your evidence.

    Third-Party Services

    SnapProof uses the following third-party services for verification purposes only:

    1. DigiCert Timestamp Authority

    • Purpose: Provides RFC 3161 compliant timestamps to cryptographically verify when your content was captured
    • Data sent: SHA-256 hash of your content (NOT the actual photo/video)
    • DigiCert Privacy Policy: https://www.digicert.com/privacy-policy

    2. Sectigo Timestamp Authority (Failover)

    • Purpose: Provides RFC 3161 compliant timestamps as a failover when DigiCert's timestamp service is temporarily unavailable
    • Data sent: SHA-256 hash of your content (NOT the actual photo/video)
    • Sectigo Privacy Policy: https://www.sectigo.com/privacy-policy
    • Note: In the event that a Sectigo timestamp is used instead of DigiCert, this will be accurately reflected in your verification records and any exported documentation. Both DigiCert and Sectigo produce cryptographically equivalent RFC 3161 timestamp tokens that carry equal technical validity.

    3. Entrust Timestamp Authority (Secondary Failover)

    • Purpose: Provides RFC 3161 compliant timestamps as a secondary failover when both DigiCert and Sectigo are unavailable
    • Data sent: SHA-256 hash of your content (NOT the actual photo/video)
    • Entrust Privacy Policy: https://www.entrust.com/legal-compliance/privacy
    • Note: As with Sectigo, if an Entrust timestamp is used, this will be accurately reflected in your verification records and exported documentation.

    4. Apple DeviceCheck (iOS)

    • Purpose: Verifies that SnapProof is running on a genuine Apple device
    • Data sent: Device attestation token
    • Apple Privacy Policy: https://www.apple.com/legal/privacy/

    5. Google Play Integrity (Android)

    • Purpose: Verifies that SnapProof is running on a genuine Android device
    • Data sent: Integrity attestation token
    • Google Privacy Policy: https://policies.google.com/privacy

    6. Supabase (Verification Record Storage)

    • Purpose: Stores verification records that enable independent confirmation of evidence integrity
    • Data stored: SHA-256 hashes, verification IDs, capture timestamps, GPS coordinates, and device metadata associated with each piece of evidence
    • Data NOT stored: Photos, videos, or any user-generated media content
    • Supabase Privacy Policy: https://supabase.com/privacy
    • Retention: Verification records are retained indefinitely to ensure long-term verifiability of evidence
    • Infrastructure: Hosted on Amazon Web Services (AWS) with data encrypted at rest and in transit

    Important: Supabase stores only cryptographic verification records — mathematical fingerprints and metadata. Your actual photos and videos are never uploaded to or stored on Supabase or any SnapProof server.

    Important: These services receive only cryptographic tokens and hashes — they never receive your actual photos, videos, or precise location data.

    How We Use Information

    We use information solely to:

    1. Embed verification metadata into your captured photos and videos
    2. Obtain cryptographic timestamps from DigiCert or Sectigo to independently verify capture time
    3. Obtain device attestation from Apple or Google to verify device authenticity
    4. Generate verification certificates (PDF) that you can export and share

    We do NOT use your information for:

    • Marketing or advertising
    • Profiling or analytics
    • Sale to third parties
    • Any purpose other than providing the core documentation functionality

    Data Sharing

    We do not share your personal information with third parties except as described below:

    Service Providers

    We transmit cryptographic hashes (not your actual content) to DigiCert and Sectigo for timestamping. This is essential for the verification functionality of the App.

    Legal Requirements

    We may disclose information if required by law, subpoena, court order, or government request. However, because we do not store your content on our servers, we have no content to disclose.

    No Sale of Data

    We do not sell, rent, lease, or trade your personal information to any third party for any purpose.

    Your Rights

    For All Users

    You have the right to:

    • Access — View all evidence stored locally on your device
    • Delete — Remove any or all evidence from your device at any time
    • Export — Share your evidence and verification certificates as you choose
    • Opt-out of location — Disable location services for SnapProof in your device settings

    For California Residents (CCPA/CPRA)

    Under the California Consumer Privacy Act and California Privacy Rights Act, you have the right to:

    • Know what personal information we collect
    • Request deletion of your personal information
    • Opt-out of the sale of personal information (we do not sell data)
    • Non-discrimination for exercising your privacy rights

    To exercise these rights, contact us at the address below.

    For European Union Residents (GDPR)

    Under the General Data Protection Regulation, you have the right to:

    • Access your personal data
    • Rectify inaccurate personal data
    • Erase your personal data ("right to be forgotten")
    • Restrict processing of your personal data
    • Data portability
    • Object to processing
    • Lodge a complaint with a supervisory authority

    Legal Basis for Processing: We process limited technical data (cryptographic hashes, device attestation tokens, and verification metadata) based on our legitimate interest in providing the documentation and verification service. This processing is necessary for the core functionality of the App and is proportionate to the service provided. No user-generated content (photos, videos) is processed on our servers. You may object to this processing at any time by contacting us at the address below, though this may affect the availability of verification features.

    Data Controller Clarification: To the extent applicable under GDPR, SnapProof acts only as a provider of user-operated software and does not access, collect, or process user-generated content on its own servers. You retain full control and sole responsibility for all locally stored content on your device.

    To exercise these rights, contact us at the address below.

    Data Security

    We implement appropriate technical and organizational measures to protect your information:

    • Local Storage — Your content is stored locally on your device and never leaves your device unless you actively choose to export or share it. SnapProof does not guarantee the physical security of your device.
    • Integrity Verification — SHA-256 cryptographic hashing generates a unique digital fingerprint of your content. This fingerprint verifies that content has not been altered since the moment of capture. SHA-256 is a one-way hashing algorithm; it cannot be reversed to reconstruct your original content. This is not encryption — it is an integrity verification mechanism.
    • No Cloud Storage — We do not maintain servers that store your content
    • Secure Transmission — All communication with third-party verification services uses HTTPS/TLS encryption

    However, no method of electronic storage or transmission is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

    Data Breach Notification

    In the event that we become aware of a security breach that affects your personal information held on our systems, we will:

    • Investigate the breach promptly and take reasonable steps to contain and remediate it
    • Notify affected users without undue delay, and where required by applicable law (including GDPR Article 33), notify the relevant supervisory authority within 72 hours of becoming aware of the breach
    • Provide you with information about the nature of the breach, the data affected, and the steps we are taking to address it

    Because SnapProof does not store your photos, videos, or other user-generated content on our servers, any breach of our systems would be limited to verification metadata (cryptographic hashes, timestamps, GPS coordinates, device information, and verification IDs). Your actual media content cannot be compromised through a breach of SnapProof's infrastructure.

    Children's Privacy

    SnapProof is not intended for use by children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children.

    If you believe a child has used SnapProof, please contact us and we will take appropriate steps to address the situation.

    Data Retention

    Because all data is stored locally on your device:

    • You control retention — Data remains on your device until you delete it
    • Uninstalling the App — Removes all SnapProof data from your device
    • We retain nothing — We do not store your content on our servers

    Data Continuity and Service Discontinuation

    SnapProof is committed to the long-term integrity of your verification records. In the event that SnapProof ceases operations or discontinues the App:

    • RFC 3161 timestamp certificates issued by DigiCert (or Sectigo) exist independently on their respective servers and remain cryptographically valid regardless of SnapProof's operational status. These timestamps are governed by international standards and do not depend on SnapProof for their continued validity.
    • SHA-256 hashes embedded in your evidence files remain verifiable using any standard cryptographic tool, independent of SnapProof.
    • We will make reasonable efforts to provide advance notice to users and, where feasible, ensure that verification records remain accessible or are exported in a portable format.

    Your locally stored evidence files, including all embedded metadata and cryptographic hashes, remain fully intact and usable on your device regardless of the status of SnapProof's services.

    International Data Transfers

    When obtaining timestamps from DigiCert or Sectigo and attestation from Apple/Google, cryptographic tokens may be processed in the United States or other countries. These transfers involve only hashes and tokens, not your actual content.

    Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. We will notify you of material changes by:

    • Updating the "Last Updated" date at the top of this policy
    • Providing notice within the App

    Your continued use of SnapProof after changes become effective constitutes acceptance of the revised policy.

    Third-Party Links

    The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

    Dispute Resolution

    Any disputes, claims, or controversies arising out of or relating to this Privacy Policy or your use of the App shall be resolved in accordance with the dispute resolution and mandatory arbitration provisions set forth in our Terms of Service, which are incorporated herein by reference.

    By using the App, you acknowledge and agree that you have read and are bound by the arbitration agreement and class action waiver contained in the Terms of Service. To the extent permitted by applicable law, you agree to resolve disputes on an individual basis and waive any right to participate in a class action, collective action, or representative proceeding.

    Contact Us

    If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

    SnapProof
    Email: [email protected]
    Website: https://getsnapproof.com

    Disclaimers and Limitation of Liability

    No Legal Advice

    Nothing in this Privacy Policy or the SnapProof App constitutes legal advice. If you have legal questions about evidence, documentation, or your specific situation, consult a qualified attorney in your jurisdiction.

    No Warranty

    SNAPPROOF IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ANY WARRANTIES ARISING OUT OF COURSE OF DEALING OR USAGE OF TRADE.

    WE DO NOT WARRANT THAT THE APP WILL MEET YOUR REQUIREMENTS, OPERATE WITHOUT INTERRUPTION, BE ERROR-FREE, OR THAT ANY CONTENT CAPTURED WILL BE ADMISSIBLE IN ANY LEGAL PROCEEDING.

    Limitation of Liability

    TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SNAPPROOF AND ITS DEVELOPERS, OWNERS, OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, AND AFFILIATES SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUES, DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, WHETHER INCURRED DIRECTLY OR INDIRECTLY, AND WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, RESULTING FROM:

    • YOUR USE OR INABILITY TO USE THE APP
    • ANY LEGAL PROCEEDING OR OUTCOME RELATED TO CONTENT CAPTURED USING THE APP
    • ANY DETERMINATION BY ANY COURT, JUDGE, OR AUTHORITY REGARDING ADMISSIBILITY OF EVIDENCE
    • UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR CONTENT
    • ANY THIRD-PARTY CONDUCT RELATED TO THE APP
    • ANY OTHER MATTER RELATING TO THE APP

    IN NO EVENT SHALL OUR TOTAL LIABILITY TO YOU FOR ALL CLAIMS EXCEED THE AMOUNT YOU PAID US FOR THE APP IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM, OR FIFTY DOLLARS ($50), WHICHEVER IS GREATER.

    Indemnification

    You agree to indemnify, defend, and hold harmless SnapProof and its developers, owners, officers, directors, employees, agents, and affiliates from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys' fees) arising out of or related to:

    • Your use of the App
    • Your violation of this Privacy Policy or any applicable law
    • Your violation of any third-party rights, including privacy, intellectual property, or other rights
    • Any content you capture, store, or share using the App
    • Any legal proceeding in which content captured using the App is involved

    Survival

    All disclaimers, limitations of liability, indemnification obligations, and other provisions that by their nature should survive, shall survive any termination, expiration, or discontinuation of your use of the App or this Privacy Policy.

    Governing Law

    This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Delaware, United States, without regard to its conflict of law provisions.

    Severability

    If any provision of this Privacy Policy is held to be invalid, illegal, or unenforceable, the remaining provisions shall continue in full force and effect.

    Entire Agreement

    This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and SnapProof regarding your use of the App and supersedes all prior agreements and understandings.