Global Privacy Policy
Last updated: June 1, 2026 at 21:56
GLOBAL PRIVACY POLICY & BIOMETRIC DATA WAIVER v1.0
INTRODUCTION Bizbio Inc. (“Company,” “we,” or “us”) provides a high-security forensic ecosystem through the Verified Reality App (VRA) and the Newsload platform. This Policy describes how we collect, process, and protect sensitive biometric and personal data. By accessing our Services, you acknowledge that you are participating in a forensic environment where data integrity is paramount, and you provide express, informed consent to the protocols defined herein.
SECTION 1: COLLECTION OF SENSITIVE BIOMETRIC & PERSONAL DATA
1.1 Informed Biometric Consent. To establish a "Physical Root of Trust," the Company must collect and process unique biometric identifiers. By performing a Mission or accessing the VRA platform, you provide express consent for the collection of:
(a) Facial Geometry: Utilizing AWS Rekognition and proprietary logic to verify the identity of the Verifier against their registered "Dossier Photo." This process ensures the person behind the lens is the authorized Contractor.
(b) Sensor Fingerprinting (PRNU): The unique Photo-Response Non-Uniformity noise pattern of your smartphone’s camera sensor. This acts as a hardware-level fingerprint to ensure that Truth Packets are captured by a specific, authorized device and have not been digitally synthesized.
(c) Logic Signature: Behavioral telemetry and hardware-interaction data captured during a VRA session to verify human presence and ensure the absence of generative AI or "Deepfake" injection tools.
1.2 Personal and Account Information. We collect standard personal data to facilitate our marketplace and royalty distribution, including:
(a) Legal Identity: Name, government-issued identification (where required for Track 1/Track 2 Missions), and VRA pseudonyms.
(b) Financial Data: Bank account details and tax identifiers required for the distribution of Mission Fees and Logic Annuities via the Bizbio Ledger.
(c) Communication Data: Records of interactions between Clients and Verifiers, and correspondence with our AI Agents (Victor, Axel, Stella, Orion, and Quinn).
1.3 Automated Technical Metadata. The Platform automatically collects telemetry required for forensic attestation, including GPS coordinates (GPS/GLONASS), altitude, atmospheric data, device hardware specifications, and cryptographic hash logs.
SECTION 2: DATA STORAGE & THE “BLIND CUSTODIAN” ARCHITECTURE
2.1 The Two-Stage Forensic Pipeline. To balance the need for automated AI auditing with long-term privacy, the Company utilizes a segregated ingestion process:
(a) Stage 1 (Ephemeral Audit): During "Active Interrogation," data is processed in a secure, ephemeral plaintext environment to allow the AI bots (Axel and Stella) to verify the "Truth Rating" and technical compatibility.
(b) Stage 2 (Cold Archival): Following the audit, all media and biometric metadata are encrypted using AES-256-GCM before being committed to the Sovereign Vault or anchored to the blockchain.
2.2 The Blind Custodianship Model. Bizbio Inc. operates as a "Blind Custodian." Once your data is committed to the Sovereign Vault, the Company:
(a) Acts as a passive storage provider of encrypted ciphertext;
(b) Does not monitor or view raw media for subjective content; and
(c) Lacks the technical ability to reconstruct your raw biometric profile or view Truth Packets without a user-initiated "Handshake" or a valid cryptographic key release.
2.3 Key Escrow and Forensic Access. The Company maintains a secure, offline Key Escrow system. This system is designed solely to facilitate User-authorized data recovery and to provide "Technical Custodian" support for legal or insurance discovery. Access to these keys is strictly governed by the "Digital Wax Seal" protocols defined in the Master Services Agreement (MSA).
2.4 Data Residency and Sovereignty. To satisfy Canadian legal standards and international forensic mandates, all master records and personal information are stored on SOC 2 Type II compliant servers located within Canada, or in secure gateway nodes in geographically diverse, compliant jurisdictions (e.g., the United States via AWS).
SECTION 3: BLOCKCHAIN IMMUTABILITY & THE TOMBSTONE PROTOCOL
3.1 The Permanent Forensic Anchor. A central feature of the VRA is the use of the Arweave Permaweb to anchor the “Digital Wax Seal.” This ensures that forensic evidence cannot be altered or deleted by any centralized authority, including Bizbio Inc.
3.2 Informed Waiver of the Right to Erasure. By utilizing the Service, the User acknowledges that data anchored to a decentralized blockchain is mathematically permanent. The User provides an Informed Waiver of the “Right to Erasure” (the "Right to be Forgotten") under PIPEDA, GDPR, and similar international statutes, specifically regarding the cryptographic hashes and metadata committed to the public ledger.
3.3 The Tombstone Protocol (Practical Erasure). While the Company cannot "delete" ciphertext from the blockchain, it provides a technical solution for valid, legally mandated erasure requests through the “Tombstone Protocol.” Upon a successful erasure request:
(a) Key Destruction: The Company shall permanently destroy the central decryption keys and metadata pointers associated with the specific Truth Packet.
(b) Ciphertext Invalidation: The media remains on the blockchain as unreadable, indecipherable ciphertext. * (c) Legal Equivalent of Deletion: The User accepts that the execution of the Tombstone Protocol constitutes the technical and legal equivalent of “deletion,” as the data is rendered irretrievable by the Company or any third party.
SECTION 4: SECURITY AND QUANTUM-RESILIENT INDEMNITY
4.1 Prevailing Standards and Limitations. Bizbio Inc. utilizes industry-standard encryption (AES-256-GCM) to protect the Sovereign Vault. However, no cryptographic method is absolute.
4.2 QUANTUM-RESILIENT INDEMNIFICATION (HNDL DISCLAIMER). THE USER EXPLICITLY ACKNOWLEDGES THE RISK OF "HARVEST NOW, DECRYPT LATER" (HNDL) ATTACKS.
(a) Cryptographic Obsolescence: The Company provides no warranty against future cryptographic breaches caused by advancements in computing power (e.g., Quantum Computing) that may exceed 2026 defensive capabilities.
(b) Assumption of Long-Term Risk: By choosing to anchor forensic data to a permanent public ledger, the User assumes all risks associated with the eventual exposure of that data should current encryption standards be broken in the future.
(c) Limitation of Liability: Bizbio Inc. and its Independent Verifiers are held harmless against any damages, privacy breaches, or legal repercussions resulting from the natural obsolescence of current encryption mathematics.
4.3 Data Breach Notification. In the event of a confirmed breach of the Company’s central metadata servers (non-blockchain storage), Bizbio Inc. will notify affected Users via their registered email address within seventy-two (72) hours. Note: A breach of central metadata does not grant an attacker access to the encrypted raw media stored within the Sovereign Vault.
SECTION 5: THE “ANALOG HOLE” AND NARRATIVE DISCLAIMER
5.1 Integrity of Record vs. Narrative Truth. The Service is a forensic attestation tool that provides hardware-level evidence of a physical event. The Company warrants the "Physical Root of Trust" (that the sensor recorded the data at the specified time and location).
(a) Sincerity Disclaimer: The Company does not warrant the "Subjective Narrative" or the honesty of the scene (e.g., theatrical staging, deceptive intent of human actors, or "staged realities" occurring in front of a real camera).
(b) Digital Notary Status: The User acknowledges that Bizbio Inc. acts as a "Digital Notary," verifying the authenticity of the digital file, not the truthfulness of the real-world events depicted therein.
5.2 AI Forensic Audits (Axel & Stella Protocols). The platform utilizes AI agents ("Axel" and "Stella") to perform probabilistic damage assessments and forensic audits.
(a) Probabilistic Nature: AI audit outputs are "Forensic Suggestions" based on neural network estimations. They are not final legal or financial determinations.
(b) Human-in-the-Loop Requirement: For any financial or insurance decision exceeding $5,000.00 CAD, the Client is contractually required to perform a human review of the media. Failure to conduct a human audit constitutes a waiver of liability against the Company for any resulting financial loss or AI "hallucination."
SECTION 6: RETENTION, SUB-PROCESSORS, AND DISCLOSURE
6.1 The Seven-Year Retention Mandate. In alignment with global insurance and legal standards, the Company shall maintain Truth Packets and associated forensic logs in the Sovereign Vault for a minimum of seven (7) years. Following this period, data may be subject to the Tombstone Protocol unless a subscription extension is active.
6.2 Authorized Sub-Processors. To maintain the VRA infrastructure, the Company utilizes the following high-security third-party providers:
(a) Cloud Hosting & AI Logic: Amazon Web Services (AWS) - [Rekognition / S3]
(b) Payment & Financial Anchoring: Stripe Inc.
(c) Decentralized Storage: Arweave (The Permaweb)
(d) Stability & Analytics: Google Firebase / Sentry.io
6.3 Third-Party Disclosure Limits. Bizbio Inc. does not sell, rent, or trade personal biometric data. Disclosure is strictly limited to:
(a) The Client: Who receives the verified identity status of the Verifier as part of the Truth Packet.
(b) Legal Process: Only upon receipt of a valid Canadian warrant or court order. The Company will provide account metadata but will maintain its Technological Inability to decrypt Zero-Knowledge data stored in the Sovereign Vault without the User’s key.
SECTION 7: GENERAL PROVISIONS AND STATUTORY RIGHTS
7.1 International Data Transfers. Forensic metadata may be processed in jurisdictions outside of Canada (primarily the United States). By using the Service, the User acknowledges these transfers. The Company utilizes Standard Contractual Clauses (SCCs) to ensure data receive the same level of protection as required by PIPEDA and GDPR.
7.2 Children’s Privacy. The VRA and the Newsload platform are strictly intended for users aged eighteen (18) and older. We do not knowingly collect or process data from minors. Any account found to be operated by a minor will be subject to immediate decommissioning and the Tombstone Protocol.
7.3 Right to Portability. Users may request a copy of their account metadata and unencrypted Truth Packets (subject to identity verification) in a structured, machine-readable format.
7.4 "Force-Read" Updates. The Company reserves the right to update this Policy. Significant changes will be announced via a "Force-Read" modal within the VRA App. Users will be required to acknowledge the updated terms before they can perform their next Mission or access the Ledger.