Cookie Policy

Unlike legacy platforms that deploy dozens of cookies for advertising, tracking, and behavioral profiling, Kemet uses cookies sparingly and only for essential functions. We do not use cookies for: • Advertising or marketing • Behavioral tracking or profiling • Third-party analytics • "Social" plugins or sharing buttons • Retargeting or remarketing

Our cookie usage reflects our core philosophy: we do not want your data. We deploy only the minimum cookies necessary to provide secure, functional service.

3. COOKIES WE USE

We classify cookies into two categories: Essential and Functional.

3.1 Essential Cookies (Strictly Necessary)

These cookies are essential for The Network to function properly. They cannot be disabled without breaking core functionality. They do not store any personally identifiable information beyond what is necessary for operation.

Cookie/Technology	Purpose	Duration	Provider
Session Token	Maintains your authentication state so you don't have to log in repeatedly	Session (deleted when you close the app)	Kemet
CSRF Token	Prevents cross-site request forgery attacks, protecting your account from unauthorized actions	Session	Kemet
SecureStore Reference	References your encrypted keys in device secure storage (iOS Keychain/Android Keystore)	Account lifetime	Device OS
Device Fingerprint Hash	Salted, hashed representation of device characteristics for abuse prevention and rate limiting	Account lifetime	Kemet
IP Hash	Salted, hashed representation of IP address for security (rotated every 3-7 days)	3-7 days	Kemet

Why these are essential: Without these cookies, you could not: • Log in to your account • Send or receive messages securely • Maintain your cryptographic identity • Be protected from automated attacks

3.2 Functional Cookies

These cookies enable enhanced functionality and user preferences. They are not strictly necessary but improve your experience.

Cookie/Technology	Purpose	Duration	Provider
Firebase Cloud Messaging Token	Enables push notifications for new messages and alerts	Until you disable notifications or delete the app	Google (Firebase)
Language Preference	Remembers your selected language for the interface	Account lifetime	Kemet
Theme Preference	Remembers your dark/light mode preference	Account lifetime	Kemet
Notification Settings	Stores your customized notification preferences	Account lifetime	Kemet

Note on Firebase: Firebase Cloud Messaging (FCM) is a service provided by Google. If you enable push notifications, Google may collect device identifiers and IP addresses. This is necessary for delivering notifications but subject to Google's Privacy Policy. You can disable push notifications in your device settings at any time.

3.3 Cookies We Do NOT Use

We explicitly do not use: • Advertising Cookies: No cookies for ad targeting, retargeting, or measurement • Analytics Cookies: No third-party commercial analytics or similar tracking infrastructure • Social Media Cookies: No cross-platform tracking pixels, social widgets, or embedded plugins • Third-Party Tracking: No cookies from data brokers or advertising networks • Behavioral Profiling: No cookies that build interest profiles or hidden behavioral profiles

4. HOW TO MANAGE COOKIES

4.1 In-App Controls

You can manage cookie preferences within the Kemet application: • Settings > Privacy > Cookies: View and manage cookie storage • Settings > Notifications: Enable or disable push notifications (Firebase) • Settings > Display: Manage theme preferences

4.2 Device Controls

You can also control cookies through your device settings:

iOS: • Settings > Privacy & Security > Tracking (disable "Allow Apps to Request to Track") • Settings > [App Name] > Notifications (manage push notifications)

Android: • Settings > Privacy > Ads (opt out of ads personalization) • Settings > Apps > [App Name] > Notifications (manage push notifications)

Browser (if using web version): • Chrome: Settings > Privacy and security > Cookies and other site data • Firefox: Preferences > Privacy & Security > Cookies and Site Data • Safari: Preferences > Privacy > Cookies and website data

4.3 Disabling Cookies

If you disable cookies: • Essential cookies disabled: You will not be able to log in or use The Network • Functional cookies disabled: Push notifications will not work; preferences won't be saved • Third-party cookies disabled: No impact (we don't use them)

Important: Because our cookies are essential for cryptographic operations (key management, secure messaging), disabling them effectively prevents use of The Network. We do not offer a "cookie-free" version because security requires these minimal cookies.

5. COOKIES AND YOUR PRIVACY

5.1 Data Minimization

Our cookies store the minimum data necessary: • No real names or email addresses • No browsing history • No content of your messages • No social graph data

What we store: • Random session identifiers • Hashed device characteristics (irreversible) • Rotated IP hashes (anonymized) • Preference settings (language, theme)

5.2 Encryption and Security

All cookie data is: • Encrypted in transit (TLS 1.3) • Stored in secure, encrypted formats • Protected against tampering and interception • Subject to our data retention policies (3-7 days for most data)

5.3 Third-Party Access

We do not share cookie data with third parties except: • Google (Firebase): Only if you enable push notifications. See Firebase Privacy Policy. • Law Enforcement: Only if required by valid legal process. • Service Providers: Cloud infrastructure providers (AWS, Cloudflare) may process cookies as part of hosting, but cannot access content.

6. LEGAL BASIS FOR COOKIES (GDPR/ePrivacy)

6.1 Essential Cookies

Under the EU's ePrivacy Directive and GDPR, we do not require consent for cookies that are: • Strictly necessary for the provision of a service explicitly requested by the user • Used solely for carrying out the transmission of a communication • Essential for security and fraud prevention

Our Essential Cookies meet these criteria. They are automatically deployed when you use The Network. You cannot opt out without ceasing use of the service.

6.2 Functional Cookies

For Functional Cookies (language preferences, notification settings), we rely on: • Legitimate Interest: For settings that improve your experience without significant privacy impact • Consent: Where required by law, you provide consent by enabling these features in settings

You can withdraw consent for Functional Cookies at any time by disabling the feature in settings.

Because we do not use: • Tracking cookies • Advertising cookies • Third-party analytics

We do not need to display annoying "cookie banners" or request broad consent for data practices we don't engage in. This is the advantage of our minimal, essential-only approach.

7. INTERNATIONAL COMPLIANCE

We comply with: • ePrivacy Directive (2002/58/EC): Requires consent for non-essential cookies • GDPR Article 6: Legal basis for processing (contract necessity, legitimate interest) • GDPR Article 7: Conditions for consent (where applicable)

Our approach: • Essential cookies: No consent required (strictly necessary) • Functional cookies: Consent obtained through in-app settings • No tracking/advertising cookies: No consent needed for what we don't do

We comply with: • Privacy and Electronic Communications Regulations (PECR) • UK GDPR requirements for transparency and lawful processing

7.3 California (CCPA/CPRA)

We comply with: • California Consumer Privacy Act (CCPA) disclosure requirements • California Privacy Rights Act (CPRA) opt-out rights

Our cookies do not constitute a "sale" of personal information under CCPA because: • We do not sell data to third parties • We do not share data for cross-context behavioral advertising • Firebase is used solely for service provision, not advertising

7.4 Other Jurisdictions

We comply with cookie and tracking laws in: • Canada (PIPEDA) • Australia (Privacy Act) • Singapore (PDPA) • Brazil (LGPD)

8. CHANGES TO THIS POLICY

We may update this Cookie Policy to reflect changes in: • Technology we use • Legal requirements • Our service offerings

Changes will be posted on legal.kemet.network with an updated "Last Updated" date. Material changes will be announced via in-app notification.

9. CONTACT US

For questions about this Cookie Policy or our use of cookies:

Email: legal@kemet.network

Postal Address: [To be added when Delaware C-Corp formed]

Data Protection Officer: [To be appointed when required by GDPR scale thresholds]

APPENDIX: COOKIE REFERENCE TABLE

Name/Type	Category	Purpose	Duration	Provider	User Control
Session Token	Essential	Authentication	Session	Kemet	Cannot disable
CSRF Token	Essential	Security	Session	Kemet	Cannot disable
SecureStore Ref	Essential	Key Management	Account lifetime	Device OS	Cannot disable
Device Fingerprint	Essential	Abuse Prevention	Account lifetime	Kemet	Cannot disable
IP Hash	Essential	Security	3-7 days	Kemet	Cannot disable
FCM Token	Functional	Push Notifications	Until disabled	Google	Can disable in settings
Language Pref	Functional	Localization	1 year	Kemet	Can change in settings
Theme Pref	Functional	Display	1 year	Kemet	Can change in settings
Notif Settings	Functional	Preferences	Account lifetime	Kemet	Can change in settings

Total Cookies Used: 9 Essential (Cannot Disable): 5 Functional (User Control): 4 Advertising/Tracking: 0

COMPARISON: KEMET VS. LEGACY PLATFORMS

Platform	Cookie Count	Advertising	Tracking	User Control
Kemet	9	0	0	Full control of functional
Major Social Networks	100+	Yes	Extensive	Limited, complex
Microblogging Platforms	50+	Yes	Extensive	Limited
Search Engine Giants	200+	Yes	Extensive	Buried in settings
Content Aggregators	30+	Yes	Moderate	Limited

2. THE KEMET APPROACH: MINIMALISM BY DESIGN