Privacy Policy

Your privacy and data protection on Agora.fail

Last updated: January 2025

Overview

Agora.fail is committed to protecting your privacy while maintaining the integrity of our truth-based social media platform. This policy explains how we collect, use, protect, and share your information.

Key Principles

  • Minimal data collection - We only collect what's necessary for platform operation
  • Local processing - Biometric verification happens on your device
  • Transparency - You know exactly what data we have and how it's used
  • User control - You can request data deletion at any time
  • No data sales - We never sell your personal information to third parties

Information We Collect

Account Information

  • Email address - For account creation and platform updates
  • Username - Your chosen public identifier on the platform
  • Profile information - Optional bio, interests, and public details

Biometric Verification

  • Facial verification - Processed locally on your device during account setup
  • Cryptographic hash - Only a mathematical fingerprint is stored on our servers
  • No biometric data storage - Your actual face data never leaves your device

Platform Activity

  • Posts and votes - Content you create and voting decisions (public on blockchain)
  • Token transactions - AGORA token stakes, rewards, and transfers (public)
  • Usage analytics - Anonymized data about platform usage patterns

Technical Information

  • IP address - For security and fraud prevention (not linked to public posts)
  • Device information - Browser type, operating system for compatibility
  • Cookies - Essential cookies for login and preferences only

How We Use Your Information

Platform Operations

  • Authenticate your identity and prevent duplicate accounts
  • Process posts, votes, and token transactions
  • Maintain platform security and detect fraudulent activity
  • Provide customer support and respond to your inquiries

Platform Improvement

  • Analyze usage patterns to improve user experience (anonymized data only)
  • Develop new features and enhance existing functionality
  • Monitor platform health and performance

Communications

  • Send important platform updates and security notifications
  • Provide opted-in newsletters about Agora.fail development
  • Respond to support requests and feedback

Biometric Data Protection

Local Processing

All biometric verification occurs on your device using advanced client-side technology:

  • Face detection and analysis happens in your browser or mobile app
  • Only mathematical signatures (cryptographic hashes) are sent to our servers
  • Your actual biometric data never leaves your device or enters our systems
  • We cannot reconstruct your biometric data from the stored hash

Security Measures

  • Hashes are encrypted with industry-standard AES-256 encryption
  • Access restricted to essential security personnel only
  • Regular security audits by independent third parties
  • Compliance with biometric privacy laws (BIPA, GDPR, CCPA)

Retention and Deletion

  • Biometric hashes are retained only while your account is active
  • Immediate deletion upon account termination or user request
  • No backup copies in disconnected systems
  • 30-day verification period before permanent deletion

Information Sharing

Public Information

The following information is public by design:

  • Your posts, comments, and votes (stored on blockchain)
  • Your username and public profile information
  • Your token balance and transaction history
  • Your reputation score and accuracy statistics

We Never Share

  • Your email address or contact information
  • Biometric data or verification hashes
  • IP addresses or technical identifiers
  • Private messages or personal communications

Legal Requirements

We may disclose information only when required by law:

  • Valid court orders or legal subpoenas
  • Compliance with regulatory investigations
  • Protection against legal claims or violations
  • Emergency situations involving immediate physical harm

Your Rights and Controls

Data Access

  • View all personal data we have about you through your account dashboard
  • Download a complete copy of your data in standard formats
  • Request detailed information about how your data is used

Data Control

  • Update or correct your personal information at any time
  • Opt out of non-essential communications
  • Control your public profile visibility and information
  • Manage cookie preferences and tracking settings

Account Deletion

  • Request complete account deletion through your settings
  • 30-day grace period to recover deleted accounts
  • Permanent deletion of all personal data after grace period
  • Note: Public blockchain posts cannot be deleted but will be disassociated

Security Measures

Technical Security

  • End-to-end encryption for all data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication for all accounts
  • Regular security penetration testing
  • Secure cloud infrastructure with major providers

Operational Security

  • Limited access controls for personnel
  • Regular employee security training
  • Incident response and breach notification procedures
  • Third-party security audits and certifications

Cookies and Tracking

Essential Cookies Only

We use minimal cookies necessary for platform operation:

  • Authentication - To keep you logged in securely
  • Preferences - To remember your settings and choices
  • Security - To prevent fraud and protect your account

No Tracking

  • No advertising cookies or pixel tracking
  • No third-party analytics beyond basic usage statistics
  • No cross-site tracking or behavioral profiling
  • No data sales to advertising networks

International Users

Global Compliance

  • GDPR - Full compliance with European data protection regulations
  • CCPA - California Consumer Privacy Act protections for US users
  • BIPA - Illinois Biometric Information Privacy Act compliance
  • Local laws - Adherence to applicable privacy laws in your jurisdiction

Data Storage

  • Primary servers located in the United States and European Union
  • Data residency options for users in specific jurisdictions
  • Cross-border transfer protections using standard contractual clauses

Children's Privacy

Agora.fail is designed for users 18 years and older. We do not knowingly collect personal information from children under 18. If we discover that a child has provided personal information, we will delete it immediately and terminate the account.

If you believe a child has created an account, please contact us immediately at privacy@agora.fail.

Contact Us

If you have questions about this privacy policy or your personal data:

Email: privacy@agora.fail

Data Protection Officer: dpo@agora.fail

Legal Requests: legal@agora.fail

We will respond to all privacy inquiries within 30 days. For urgent security matters, we aim to respond within 24 hours.

Policy Updates

This privacy policy may be updated periodically to reflect changes in our practices or legal requirements. We will:

  • Notify all users of significant changes via email
  • Post updates prominently on our website
  • Provide 30 days notice before implementing material changes
  • Maintain an archive of previous policy versions

Continued use of Agora.fail after policy updates constitutes acceptance of the new terms.