Photon by RocketShoes — Privacy Policy

1. Introduction

RocketShoes Pty Ltd ("RocketShoes", "we", "us", "our") operates Photon ("the App"), a personal timestamping application that lets individuals prove a file existed, unchanged, at a specific point in time by anchoring its cryptographic hash to the Bitcoin blockchain via OpenTimestamps.

This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in connection with the App. We are committed to handling personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth), and where applicable, the Privacy and Data Protection Act 2014 (Vic).

Further information about the APPs is available from the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

2. About the App and Who This Policy Covers

Photon is used by:

• Individual users who sign up directly and use the App to stamp their own files — students protecting assignments, designers protecting concepts, developers protecting code, and anyone else who needs a durable, independent record that a piece of work existed at a given point in time.

This policy covers personal information collected from those users. In the future Photon may support institutional plans (e.g., schools, training organisations, or companies provisioning accounts for their members); where that occurs, additional terms will apply and affected users will be notified.

3. What Personal Information We Collect

3.1 Account information

When you create or use a Photon account we may collect:

• Full name and email address (provided directly, or via Google Sign-In / Firebase Authentication)
• Profile photo (if provided via Google Sign-In)
• Authentication tokens and session identifiers
• Login activity and session data
• Usage logs and feature interaction data

3.2 Two-factor authentication information

If you enrol a second factor for sign-in, we may collect:

• SMS: your phone number, stored by Firebase Authentication for the purpose of sending verification codes
• Authenticator app (TOTP): a secret shared with your authenticator application, managed by Firebase Authentication

This information is used only to authenticate you at sign-in.

3.3 Files and stamp records

When you stamp a file with Photon we collect and store:

• The original file, stored privately in Firebase Storage under your account
• Filename, size, MIME type, and upload timestamp
• The file's SHA-256 hash (computed locally in your browser before upload)
• Any tags or descriptions you add
• Stamp records linking the file hash to its OpenTimestamps receipt and, once anchored, the corresponding Bitcoin block height and transaction

3.4 Automatically collected information

When you use the App, we may automatically collect:

• Device type, browser, and operating system
• IP address and approximate location (for fraud prevention and SMS region policies)
• Log data including access times, pages viewed, and API requests
• Authentication tokens and session identifiers

4. How We Collect Personal Information

We collect personal information:

• Directly from you when you register, sign in, and use the App
• Via Google Sign-In (Firebase Authentication), which provides your name, email address, and profile photo from your Google account
• When you upload, tag, or describe files in the App
• Automatically through application logs and Firebase platform services

We do not collect personal information from third parties except as described above.

5. Sensitive Information

We do not intentionally collect sensitive information (as defined in the Privacy Act 1988, including racial or ethnic origin, health information, political opinions, religious beliefs, or biometric data) through the App.

The files you upload may incidentally contain sensitive information (for example, a document that happens to include health or identity details). Where that occurs:

• You remain responsible for the content of files you upload
• We treat all uploaded files with the same security standards as other personal information
• We do not access, read, or process the contents of your uploaded files except as necessary to provide and maintain the App (for example, serving them back to you on request)

6. Why We Collect Personal Information

Primary purposes

• To provide, operate, and maintain the App and its features
• To authenticate you and manage access to your account, including multi-factor authentication where enrolled
• To compute, submit, and record timestamp proofs against the Bitcoin blockchain via OpenTimestamps
• To let you retrieve, tag, search, and verify your stamped files
• To communicate with you about your account, support requests, and service updates

Secondary purposes

Secondary uses are directly related to the primary purposes above. We may use contact details to:

• Send service notifications and important updates (e.g., MFA enrolment confirmations, security alerts, planned outages)
• Respond to support enquiries
• Conduct platform improvement research (aggregated and de-identified where possible)

You may opt out of non-essential communications at any time by contacting us at the address below.

7. Blockchain Anchoring — Public and Permanent Records

Photon's core function is to anchor evidence of your file's existence to the Bitcoin blockchain through the OpenTimestamps protocol. This section explains what that means for your data.

What is sent off-platform

• We aggregate many file hashes from our users into a local Merkle tree and submit only the root hash of that tree to public OpenTimestamps calendar servers. A Merkle root is a fixed-length random-looking 256-bit value; on its own it tells an observer nothing about the underlying files, their content, their filenames, or the identity of the uploader.
• OpenTimestamps calendar servers ultimately commit those root hashes to the Bitcoin blockchain via standard Bitcoin transactions. Each transaction becomes part of the permanent public Bitcoin ledger.

What is NOT sent off-platform

• Your file contents never leave our Google Cloud infrastructure. Files are stored in Firebase Storage under your account and are not transmitted to OpenTimestamps calendars, the Bitcoin network, or any third party.
• Your personal identity is not published to the public Bitcoin network. The on-chain anchor is a cryptographic hash with no link back to you.
• The per-leaf receipt (the .ots file) that proves a specific file's timestamp is held privately in your Photon account. You can download it at any time from the Stamp detail page.

Irreversibility

Once a Merkle root has been anchored to Bitcoin, that block record is permanent and cannot be altered or removed by us, by you, or by anyone else. This is a feature — it's what makes the proof durable — but it is important that you understand:

• Deleting your account removes your files, filenames, and stamp records from our systems.
• Deleting your account does not remove the corresponding Merkle root from the Bitcoin blockchain. Because the root is a hash with no identifying information, this does not expose anything about you — but the anchor itself cannot be "untaken".

If you need confidentiality on the fact that a particular file was ever timestamped, do not stamp that file with Photon.

8. Disclosure of Personal Information

We do not sell, rent, or trade personal information. We may disclose personal information to:

• Firebase / Google Cloud — our infrastructure provider. Account data, file metadata, and uploaded files are stored and processed using Firebase services (Firestore, Firebase Authentication, Firebase Storage, Firebase Hosting) and served to you via Google Cloud Run. Google may store data on servers located outside Australia, including in the United States. Google's data handling practices are governed by the Google Cloud Privacy Notice.
• OpenTimestamps calendar servers — we submit Merkle root hashes (not file contents, not metadata, not personal identifiers) to one or more public OpenTimestamps calendar servers operated by the OpenTimestamps project and affiliated volunteers. See the public OpenTimestamps project at opentimestamps.org.
• The public Bitcoin blockchain — Merkle root hashes are ultimately committed by OpenTimestamps calendars into Bitcoin transactions, becoming part of the permanent public ledger. As noted above, these commitments contain no personal information.
• Google reCAPTCHA — our sign-in and SMS MFA enrolment flows are protected by Google reCAPTCHA for abuse prevention. Use of reCAPTCHA is subject to Google's Privacy Policy and Terms of Service.
• Our staff and contractors — only to the extent necessary to provide support, operate the App, or investigate abuse, and subject to confidentiality obligations. Our staff can see aggregated usage metrics and account metadata; we do not routinely access the contents of your uploaded files.
• Legal and regulatory authorities — where required or authorised by law.

Where personal information is disclosed to overseas recipients (including Google Cloud infrastructure, OpenTimestamps calendars, and the Bitcoin network), we take reasonable steps to ensure those recipients handle the information consistently with the APPs, noting that APP 8.1 obligations apply.

9. Data Isolation Between Users

Photon enforces per-user data isolation at multiple layers. Firestore and Firebase Storage security rules ensure that each user can only read and write data owned by their own account, identified by their Firebase Authentication UID. RocketShoes does not grant one user access to another user's files, filenames, or stamp history.

10. Security of Personal Information

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. Our security measures include:

• Firebase Authentication with email/password or Google Sign-In. Passwords are hashed and stored by Firebase; RocketShoes does not see or store your password.
• Optional multi-factor authentication (SMS and/or authenticator-app TOTP) for sign-in
• Firestore and Firebase Storage security rules enforcing per-user data access
• HTTPS encryption for all data in transit
• Short-lived signed URLs for file uploads and downloads
• Access to production systems limited to authorised personnel
• Mandatory multi-factor authentication for administrative access

No method of transmission or storage is 100% secure. If you become aware of a security concern, please contact us immediately.

11. Retention and Destruction of Personal Information

• Active account data is retained for as long as your account remains active
• Upon account closure, account data and uploaded files are scheduled for deletion. Stamp records and audit logs may be retained for a minimum of seven (7) years to meet legal, accounting, and platform-integrity obligations, after which they are securely destroyed or de-identified
• You may request earlier deletion of your personal information (see Section 13), subject to any legal retention requirements
• As noted in Section 7, Bitcoin blockchain anchors are permanent and cannot be deleted. These anchors contain no personal identifiers

12. Cookies and Local Storage

The App uses browser-based authentication tokens and local storage to maintain your session. These are managed by Firebase Authentication and are necessary for the App to function. Google reCAPTCHA may also set cookies as part of its abuse-prevention checks. No third-party advertising or tracking cookies are used.

13. Access, Correction, and Complaints

Access and correction

You have the right to access and correct personal information we hold about you. To make a request:

• Submit your request in writing to the contact details below
• We may require verification of your identity before granting access
• We will respond within a reasonable timeframe (generally 30 days)
• No fee is charged for making an access or correction request; an administrative fee may apply for providing copies of records

Data portability

You can download your uploaded files and .ots receipts directly from the App at any time while your account is active. Contact us for a broader data export in structured form.

Complaints

If you believe we have breached the APPs or the Privacy and Data Protection Act 2014 (Vic), you may lodge a complaint with us in writing. We will investigate and respond within 30 days. If you are not satisfied with our response, you may refer your complaint to:

• Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au — 1300 363 992
• Office of the Victorian Information Commissioner (OVIC): ovic.vic.gov.au — 1300 006 842

14. Changes to This Policy

We may update this Privacy Policy from time to time. Where changes are material, we will notify users via the App or by email. Continued use of the App after notification constitutes acceptance of the updated policy.