Executive Digital Notary (EDN) Privacy Policy

1. Introduction

Executive Digital Notary (EDN) provides quantum-safe document sovereignty for high-value legal and executive transactions. This policy outlines our commitment to Non-Custodial document processing and how we protect your information through an Isolated Security Silo. Unlike traditional services, EDN is designed to provide mathematical proof of document integrity without maintaining your sensitive files in our long-term database.

2. Consumer Health & Biometric Data Notice (WA MHMDA)

In compliance with the Washington My Health My Data Act (MHMDA) and RCW 19.373, EDN provides the following specific disclosures regarding the measurement of physiological characteristics via our Sphincs-Secured Biometric Gate:

• Purpose of Collection: We process facial geometry and identity credentials solely to perform high-fidelity identity vetting. This process prevents unauthorized access to notarial sessions and protects against identity fraud.
• The Human Authority Standard: While AI assists in identity vetting, the final decision to proceed is a manual act of Independent Professional Judgment by the human Notary.
• Retention Protocols:
  • Purge-on-Completion (Default): For one-time sessions, your biometric template is flagged for immediate deletion upon the conclusion of the identity vetting process.
  • Persistent Identity (Opt-In): You may explicitly opt-in to store your biometric hash for streamlined re-authentication in future EDN sessions. You may revoke this consent at any time.

3. Statutory vs. Commercial Retention

We adhere to a dual-track retention protocol to balance legal mandates with long-term security:

• Statutory Retention (10 Years): Per WA RCW 42.45, official electronic notarial records—including audio-visual communication sessions and electronic journals—are maintained in a secure, WORM-compliant (Write-Once-Read-Many) repository provided by our authorized partner, Proof. These records are kept for the mandatory ten (10) year period.
• Mathematical Integrity Verification (50+ Years): For documents tagged with the EDN attribute, we apply a Secondary Post-Quantum Wrapper (PQW) using the Sphincs+ (SLH-DSA) algorithm. We store this cryptographic signature independently to provide non-repudiation for over 50 years, even if the primary statutory record is eventually purged.

4. Non-Custodial Data Processing

EDN operates on a Stateless Integrity model.

• Zero-Residency: We do not act as the primary storage for your original signed documents.
• Immediate Purge: Once the Sphincs+ signature is generated and your Security Audit Certificate is issued, the source document is purged from EDN's intermediate security silo.
• User Responsibility: Clients are solely responsible for the permanent storage of their original document. EDN provides the "Mathematical Key" to verify that document, not the document itself.

5. Authorized Sub-Processors

To maintain a hardened environment, EDN only shares data with verified sub-processors:

• Proof: Authorized statutory repository and RON technology provider.
• Paubox: Encrypted email transmission for Security Audit Certificates.
• Stripe: Secure payment processing.
• Neon & Vercel: Isolated infrastructure and logical security silos.
• Google Workspace (OAuth): Identity access management for the EDN internal team.

6. Technology Neutrality

Our security protocols are "Technology Neutral." While we currently utilize the NIST-standardized SLH-DSA (SPHINCS+) algorithm and the Proof repository, EDN reserves the right to migrate or update these technologies to maintain our 50-year integrity guarantee as global standards evolve.

7. Contact & Rights

To exercise your right to access, delete, or withdraw consent for biometric processing, please contact the EDN Privacy Office.