What exactly is SovSeal?

SovSeal is a permanent, encrypted storage vault for digital inheritance and AI agents. You upload files, we encrypt them locally, and anchor them to decentralized storage forever. Heirs receive access automatically when a release condition is met.

How does the dead man's switch work?

You set a check-in interval. If missed, a 14-day shield contestation period starts. If uncancelled, your heirs automatically receive decryption access to your encrypted vault without intermediaries.

Where do AI agents store their data?

AI agents store their persistent memory and logs in dedicated SovSeal vaults, anchored to Arweave natively via our MCP server, ensuring data outlives the agent's server cycles.

The Ultimate Digital Will & AI Agent Storage

1. Introduction

SovSeal ("Company," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our decentralized infrastructure for sovereign agents and generations, including our website, MCP server, API endpoints, and related applications (collectively, the "Service").

Privacy by Design: SovSeal is built on zero-knowledge principles. Your encrypted content is never accessible to us or any third party. Only you, your designated heirs, and your authorized AI agents can decrypt your vaults.

2. Information We Collect

2.1 Authentication & Identity Data

When you interact with the Service, we may collect or process:

Connect Wallet: Your public wallet address determines your account status.
Social Login (via Privy): If you choose email or social login, we process your email address or social ID solely for key derivation.
Identity Initialization: The timestamp and transaction hash of your on-chain identity verification.

2.2 Agent & API Data

If you connect an AI Agent via MCP (Model Context Protocol):

Agent Signatures: Cryptographic signatures authenticating your agent's requests.
API Usage: Request metadata (timestamp, endpoint, payload size) for rate limiting and billing.
Note: We do NOT analyze the semantic content of your agent's encrypted memory logs.

2.3 Blockchain & Storage Data

The Service interacts with public decentralized ledgers:

On-Chain Activity: Public interactions with SovSeal smart contracts on Base (Ethereum L2).
Permaweb Storage: Encrypted blobs stored on Arweave/Irys. While the content is encrypted, the existence of the data and its size are public.

2.4 Usage Data

We automatically collect certain usage information for converting Gas Credits:

Gas Tank Telemetry: Storage consumption bytes and bandwidth usage to calculate credit burn.
Device Info: IP address, browser type, and OS for security and debugging.

2.5 What We Do NOT Collect (Zero-Knowledge)

Your unencrypted content (files, memories, passwords).
Your encryption keys or decryption keys.
Your wallet private keys or seed phrases.
The plaintext of any "Dead Man's Switch" messages.

3. How We Use Your Information

We use the collected information to:

Provision your sovereign vault and anchor it to your on-chain identity.
Process "Gas Tank" credit purchases, top-ups, and consumption updates.
Execute automated smart contract triggers (e.g., release to heirs after inactivity).
Authorize valid AI agents to read/write to your encrypted memory context.
Detect, prevent, and address fraud, Sybil attacks, or protocol abuse.
Comply with legal obligations (where compatible with zero-knowledge architecture).

4. Third-Party Infrastructure

The Service integrates with decentralized and centralized providers. Your data flows through:

Privy (Authentication & Wallets)

Manages secure login and embedded wallets. Privy isolates key management from our infrastructure.

View Policy

Arweave / Irys (Permanent Storage)

Decentralized storage network. Encrypted data uploaded here is permanent and cannot be deleted by us or you.

View Protocol

Base (Coinbase L2)

Public blockchain for identity and access logic. All transactions are public.

Vercel (Hosting & Edge)

Provides edge computing for the MCP server and web hosting.

View Policy

5. Data Storage & Security

5.1 Decentralized Architecture

Content: Stored physically on Arweave miner nodes distributed globally.
Metadata: Stored on Base blockchain nodes.
Keys: Stored only on your local device or encrypted in Privy's isolated enclave.

5.2 Security Measures

Client-Side Encryption: AES-256-GCM encryption occurs before upload.
No Backdoors: We cannot recover lost keys or decrypt user data.
HTTPS/TLS: All transit data is encrypted.

6. Data Retention

WARNING: IMMUTABLE INFRASTRUCTURE

Blockchain Data: Permanent. Cannot be deleted.
Arweave Content: Permanent. Cannot be deleted. This is a feature of the "Sovereign" architecture.
Account Metadata: Retained until you disconnect or burn your identity token.
Gas Tank History: Retained for 7 years for financial auditing (purchase history).

7. Your Rights (GDPR / CCPA)

Depending on your jurisdiction, you may have rights to access, rectification, or erasure.However, these rights are technically limited by blockchain immutability.

Rectification: You can append new versions of data, but old versions on Arweave remain on-chain.
Erasure: We can delete off-chain metadata (email, usage logs), but cannot delete on-chain history.
Access: You can view all your on-chain data via public explorers at any time.

8. Cookies & Tracking

Essential Cookies: For maintaining your auth session (Privy).
Gas Tank State: LocalStorage is used to cache your credit balance and agent context.
No Ads: We do not use advertising cookies or sell data to brokers.

9. International Data Transfers

SovSeal is a global, decentralized protocol. Your encrypted data is distributed across Arweave nodes worldwide. By using the Service, you acknowledge that your data will be stored on a global network of miner nodes that operates independently of national borders. We ensure our direct infrastructure providers (Vercel, Privy) adhere to standard contractual clauses for data protection.

10. Children's Privacy

The Service is intended for adults (18+) capable of managing cryptographic keys. We do not knowingly collect data from children. If you are a parent and believe your child has uploaded data, please contact us, though note that on-chain data may be immutable.

11. Changes to This Policy

We may update this policy to reflect protocol upgrades. Material changes (e.g., to the Gas Tank model) will be notified via the application dashboard or email (if provided). Continued use implies acceptance.

12. Contact Us

For privacy inquiries regarding your Sovereign Vault:

Privacy Officer: privacy@sovseal.com
Physical Mail: SovSeal Inc., 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom