Privacy Policy

On this page

1. INTRODUCTION: THE ZERO-KNOWLEDGE PRINCIPLE

2. INFORMATION WE DO NOT COLLECT

3. INFORMATION WE COLLECT

4. HOW WE USE YOUR INFORMATION

5. LEGAL BASIS FOR PROCESSING (GDPR)

6. DATA SHARING AND DISCLOSURE

7. DATA SECURITY AND RETENTION

8. YOUR RIGHTS AND CHOICES

9. INTERNATIONAL DATA TRANSFERS

10. CHILDREN'S PRIVACY

11. CHANGES TO THIS POLICY

12. CONTACT US

1. INTRODUCTION: THE ZERO-KNOWLEDGE PRINCIPLE

1.1 Our Philosophy

Kemet ("The Network," "we," "us," or "our") is built on a radical principle: we do not want your data. Unlike legacy platform & ad-driven platforms that monetize surveillance, we have architected The Network to make data collection technically impossible, legally unnecessary, and commercially undesirable.

This Privacy Policy explains what information we process, how we protect it, and why our approach is fundamentally different from the data-extraction models utilized by traditional social media and surveillance-based technology companies.

1.2 The Technical Reality

Our privacy guarantees are not policy promises—they are mathematical certainties enforced by cryptography:

• We cannot read your Direct Messages. Ever. Under any circumstances. • We cannot access your Vault Key or recovery phrase. • We cannot decrypt your private communications, even if compelled by legal process. • We do not know your real name, email address, or phone number unless you voluntarily provide them. • We do not track your location, your browsing history, or your social graph in readable form.

This is the Zero-Knowledge Principle: we have designed The Network such that we mathematically cannot access the content of your private communications or your cryptographic identity.

1.3 Public vs. Private Data

We distinguish between two categories of data:

Private Data (Zero-Knowledge): Direct Messages, encrypted Group communications, your Vault Key, private keys, social graph, and encrypted profile settings. We process this data as encrypted binary blobs. We cannot see inside them.

Operational Data (Limited Processing): Public Posts, IP hashes, device fingerprints, timestamps, and account metadata. We process this data to operate The Network, prevent abuse, and comply with legal obligations. This data is minimized, hashed, encrypted where possible, and deleted as quickly as security permits.

1.4 Scope of This Policy

This Privacy Policy applies to: • The Kemet mobile applications (iOS and Android) • The Kemet platform applications (Linux, Windows and MacOS) • The Kemet web interface • Our servers and infrastructure • Any associated services or APIs

By using The Network, you consent to the data practices described in this Policy. If you do not agree, you must not use The Network.

2. INFORMATION WE DO NOT COLLECT

To understand our privacy model, you must first understand what we refuse to collect. We do not collect the following categories of data, ever:

2.1 Identity Information

We do not require, request, or store: • Your real name or legal identity • Your email address • Your phone number • Your government-issued identification • Your physical address • Your date of birth (unless voluntarily provided in your profile) • Your facial recognition data or biometric identifiers (except device authentication)

Your default identifier is a pseudonymous Node ID (e.g., "Node_XXXXXX"). You may optionally provide a display name, username, bio, avatar, location, website URL, or date of birth in your profile settings. These are entirely voluntary and can be deleted or modified at any time.

2.2 Communication Content

We do not collect, store, or have the ability to access: • The content of your Direct Messages • The content of your encrypted Group communications • Your voice messages (when implemented) • Your video calls (when implemented) • Your file attachments (in encrypted form)

All private communications use the Kemet Secure Messaging Protocol (KSMP) with end-to-end encryption. Content is encrypted on your device before transmission and can only be decrypted by the intended recipient's device. Our servers process only encrypted binary data—mathematical noise to us.

2.3 Behavioral Tracking

We do not track: • Your browsing history on or off The Network • Your search queries (search vectors are generated client-side for public posts only) • Your content consumption patterns (what you read, watch, or engage with) • Your off-platform activities • Your location (beyond optional, self-reported city/country in profile) • Your device contacts or address book

We do not use cookies for tracking. We do not build behavioral profiles. We do not practice "surveillance capitalism."

2.4 Advertising Data

We do not: • Sell your data to advertisers • Share your data with advertising networks • Use your data to target advertisements • Build "interest profiles" or "lookalike audiences" • Measure ad effectiveness through user tracking

When advertising is implemented on The Network, it will be region-based only. We will not use personal data for ad targeting.

2.5 Third-Party Data

We do not: • Purchase data about you from data brokers • Receive data about you from social media platforms • Integrate with third-party services that would expose your data • Use third-party analytics that track individual users

3. INFORMATION WE COLLECT

Despite our zero-knowledge architecture, we must collect certain data to operate The Network, prevent abuse, and comply with legal obligations. We collect the minimum necessary and retain it for the shortest time possible.

3.1 Account Information

Required Data: • Public Key (Ed25519): Your cryptographic identity, derived from your Vault Key. This is your Node ID and is publicly visible on The Network. • Signed PreKey (X25519): A medium-term public key signed by your Identity Key, used for offline messaging. Rotated periodically. • One-Time PreKeys (X25519): A batch of single-use public keys for forward secrecy. Deleted from our servers immediately upon use.

Optional Profile Data: • Display name (e.g., "Alice") • Username (e.g., "@alice") • Profile bio/description • Profile picture/avatar • Location (city/country, self-reported) • Website URL • Date of birth

All optional profile data is stored encrypted on our servers. We cannot read this data unless you set it to "public" visibility. You control the privacy settings for each field (public, followers only, private).

3.2 Content Data

Public Content: When you create a Post with visibility set to "public," we collect and store: • The content of the Post (text, media URLs, formatting) • Timestamps (creation, modification) • Search vectors (keywords for search functionality) • Engagement metrics (score, likes, replies - aggregated) • External share settings

Public Content is stored unencrypted in our databases (necessary for search and display) and is visible to all Nodes on The Network.

Private Content: For Direct Messages and encrypted Group communications, we collect: • Encrypted message payloads (binary blobs we cannot decrypt) • Encrypted headers (routing information, also encrypted) • Sender/recipient identifiers (hashed) • Timestamps • Message status (sent, delivered, read - encrypted)

We process this data solely to route it from sender to recipient. We cannot access the content.

3.3 Security and Abuse Prevention Data

To protect The Network from spam, abuse, and attacks, we collect:

IP Hashes: We collect a salted, hashed representation of your IP address. This is NOT your raw IP address—it is a cryptographic hash that cannot be reversed to reveal your actual IP. We rotate salts every 3-7 days, meaning old hashes cannot be correlated with new ones. We retain IP Hashes for 3-7 days depending on abuse levels and Trust Score.

Device Fingerprints: We collect a hashed representation of your device characteristics (hardware model, OS version, etc.) for abuse prevention and device binding. This fingerprint is hashed and cannot be used to identify your specific device outside of our system. Retained until account deletion.

Behavioral Entropy Signals: We analyze patterns in your use of The Network to detect automated behavior (bots, scripts). This includes: • Posting velocity (messages per minute) • Request patterns (API call frequency) • Interaction patterns (human-like vs. robotic)

These signals are processed in real-time and retained for 3-7 days. They are not linked to your identity and are used solely for abuse detection.

Rate Limiting Data: We track request volumes to enforce rate limits and prevent spam. This includes: • Request counts per time window • Rate limit violations • Temporary blocks

Retained for 3-7 days.

KSLP (Kemet Secure Link Protocol): When users post external URLs in public content, we analyze and rate those links for safety (malware, phishing, spam). Links are shortened to to.kemet.network/XXXXX format. Malicious links are flagged with warning interstitials. We retain the shortened URL mapping and safety rating.

KMSP (Kemet Media Safety Protocol): Public images and videos are processed using perceptual hashing to detect known abusive content (CSAM, non-consensual imagery) while preserving privacy through hash-based matching. This analysis occurs on public media only; encrypted private media cannot be scanned.

3.4 Metadata

Message Metadata (Private Communications): For encrypted messages, we process: • Sender identifier (hashed) • Recipient identifier (hashed) • Timestamp • Message size (encrypted payload size) • Conversation ID (hashed)

This metadata is necessary for routing and delivery. It is retained only as long as the message is stored on our servers (until delivery or 7 days, whichever comes first). For messages in transit, metadata is encrypted where possible.

Public Post Metadata: For public posts, we process: • Author identifier (public key) • Timestamps • Visibility settings • Engagement metrics (likes, replies, shares - aggregated) • Search indexing data

Retained until post deletion or account termination.

3.5 Social Graph Data

Your connections, follows, and relationships are stored encrypted on our servers. We process this data to: • Deliver content to your followers (for public posts) • Route private messages to intended recipients • Suggest connections (if you opt in)

We cannot read your social graph. The data is encrypted with keys only you possess. We see only encrypted binary data.

3.6 Payment Information

For Kemet+/Kemet++ subscriptions, we process: • Subscription tier (Kemet, Kemet+, Kemet++) • Payment status (paid/not paid) • Subscription start/end dates • Payment method token (from Stripe/Apple/Google - we do not store card details)

We do NOT collect or store: • Credit card numbers • Billing addresses • Real names (unless provided by payment processor) • Bank account information

All payment processing is handled by third-party processors (Stripe, Apple App Store, Google Play Store). We receive only confirmation of payment status.

3.7 Analytics Data (Future Implementation)

We plan to collect anonymized analytics data for service improvement: • App crash logs (anonymized, no user identifiers) • Error reports (anonymized) • Performance metrics (response times, server load) • Feature usage statistics (aggregated, not individual)

This data will be completely anonymized and cannot be linked to individual users or Nodes. We will implement this only after publishing an updated Privacy Policy with specific details.

3.8 Communication Data

If you contact us (e.g., legal@kemet.network, appeals@kemet.network), we collect: • Your email address (if you provide one) • Your Node ID (if you provide it) • The content of your communication • Timestamps

This data is used solely to respond to your inquiry and is retained for as long as necessary to resolve the issue, typically 90 days.

4. HOW WE USE YOUR INFORMATION

We use the limited data we collect for the following purposes:

4.1 Service Provision

We use your data to: • Create and maintain your Node • Deliver public posts to your followers • Route encrypted messages from sender to recipient • Enable search and discovery of public content • Process subscription payments • Provide customer support

This is the core functionality of The Network. Without this processing, we cannot provide the service.

4.2 Security and Abuse Prevention

We use security data to: • Detect and prevent spam, bots, and automated abuse • Identify and terminate abusive Nodes • Enforce rate limits and prevent denial-of-service attacks • Maintain the Trust Score system • Protect against Sybil attacks (multiple fake accounts) • Detect unusual patterns that may indicate compromise

Our abuse prevention systems are automated and use hashed, rotated data to minimize privacy impact while maintaining network security.

4.3 Service Improvement

We may use aggregated, anonymized data to: • Improve The Network's performance and reliability • Develop new features • Train machine learning models for abuse detection and content recommendation • Analyze network health and usage patterns

This data is always aggregated and cannot identify individual users. We do not use personal data for service improvement.

4.4 Legal Compliance

We may process data to: • Comply with applicable laws and regulations • Respond to valid legal requests (see Section 6) • Enforce our Terms of Service and Community Covenant • Protect our rights, privacy, safety, or property • Prevent illegal activities

4.5 What We Do NOT Use Your Data For

We do not use your data for: • Advertising or marketing (except service-related notifications you opt into) • Selling to third parties • Building behavioral profiles • Credit scoring or financial assessment • Political manipulation or influence operations • Any purpose not explicitly stated in this Policy

5. LEGAL BASIS FOR PROCESSING (GDPR)

For users in the European Union, we process personal data under the following legal bases as defined in the General Data Protection Regulation (GDPR):

5.1 Contractual Necessity (Article 6(1)(b))

Most of our processing is necessary to perform our contract with you (the Terms of Service). This includes: • Creating and maintaining your Node • Delivering messages and posts • Processing payments • Providing customer support

Without this processing, we cannot provide The Network to you.

5.2 Legal Obligation (Article 6(1)(c))

We process data to comply with legal obligations, including: • Responding to valid legal requests from law enforcement • Maintaining audit trails for legal compliance • Enforcing illegal content removal (CSAM, terrorism) • Complying with tax and accounting regulations

5.3 Legitimate Interests (Article 6(1)(f))

We process data based on our legitimate interests in: • Network security and abuse prevention • Service improvement and development • Fraud prevention • Protection of our rights and property

We have carefully balanced these interests against your privacy rights. Our processing is minimal, short-term, and designed to protect The Network while respecting your privacy.

5.4 Consent (Article 6(1)(a))

For certain optional features, we rely on consent: • Optional profile information (bio, avatar, location) • Push notifications (you can disable these in settings) • Analytics participation (when implemented, will be opt-in)

You can withdraw consent at any time by deleting the optional data or disabling the feature.

5.5 No Processing Based on Vital Interests or Public Task

We do not process data based on vital interests (Article 6(1)(d)) or public task (Article 6(1)(e)) as we are not a government entity and do not process health or safety-critical data.

6. DATA SHARING AND DISCLOSURE

6.1 No Sale of Data

We do not sell your personal data. This is not a policy choice—it is a business model impossibility. We have no data to sell that would be valuable to advertisers or data brokers, and we have designed our architecture to make such collection impossible.

6.2 Service Providers

We share limited data with third-party service providers who assist us in operating The Network:

Cloud Infrastructure: We use cloud hosting providers (e.g., AWS, Google Cloud, Cloudflare) to store and process data. These providers have access to encrypted data only (for private content) or operational data (for public content). They are bound by data processing agreements that restrict their use of data.

Payment Processors: We share payment information with Stripe, Apple App Store, and Google Play Store to process subscriptions. These processors receive only the data necessary to process payments. We do not share your Node ID or other account information with them.

Push Notification Services: We use Firebase Cloud Messaging (Google) to deliver push notifications. If you enable push notifications, Google may collect device identifiers and IP addresses. Notification payloads are encrypted end-to-end. You can disable push notifications in your device settings.

Analytics Providers (Future): If we implement analytics, we will use privacy-respecting, anonymized analytics services. No individual user data will be shared.

6.3 Law Enforcement and Legal Requests

We comply with valid legal requests from law enforcement and government agencies. However, our technical architecture severely limits what we can provide:

What We CAN Provide: • IP Hashes (salted, hashed, rotated every 3-7 days) • Timestamps of account creation and activity • Public Content (which is publicly visible anyway) • Device fingerprints (hashed) • Account status and Trust Score • Audit logs (hashed, anonymized where possible)

What We CANNOT Provide: • Content of Direct Messages or encrypted Group communications (mathematically impossible) • Your Vault Key or private keys (we do not possess them) • Your decrypted social graph (stored encrypted) • Your real identity (we do not collect it) • Raw IP addresses (we only store hashed versions)

Emergency Disclosures: We may disclose information without legal process if we have a good faith belief that such disclosure is necessary to prevent: • Imminent death or serious physical injury • Terrorism or violent extremism • Child sexual exploitation • Severe harm to The Network infrastructure

In such cases, we will preserve available data (pausing rotation cycles) and provide it to appropriate authorities. We will attempt to notify affected users unless prohibited by law or emergency circumstances.

Transparency: We will publish a transparency report annually (or more frequently) detailing the number and type of legal requests we receive and how we respond.

6.4 Business Transfers

If Kemet is acquired by or merged with another entity, your data may be transferred to the new owner. We will notify you of any such transfer and ensure the new owner agrees to protect your data in accordance with this Policy. Private Content will remain encrypted and inaccessible to the new owner.

6.5 With Your Consent

We may share data with third parties if you explicitly consent. For example, if we integrate with third-party services in the future, we will ask for your permission before sharing any data.

7. DATA SECURITY AND RETENTION

7.1 Security Measures

We implement industry-standard security measures to protect your data:

Encryption: • All data in transit uses TLS 1.3 or higher • Private Content uses end-to-end encryption (KSMP with XChaCha20-Poly1305) • Data at rest is encrypted using AES-256 • Optional profile data is encrypted with keys only you possess

Access Controls: • Strict access controls on our servers • Multi-factor authentication for administrative access • Regular security audits and penetration testing • Principle of least privilege (employees access only what necessary)

Infrastructure Security: • Distributed server architecture for redundancy • DDoS protection and rate limiting • Regular security patches and updates • Monitoring for suspicious activity

Personnel Security: • Background checks for employees with data access • Security training and awareness programs • Confidentiality agreements

7.2 Data Retention Periods

We retain data only as long as necessary for the purposes stated in this Policy:

Short-Term Retention (3-7 days): • IP Hashes (rotated and deleted) • Behavioral entropy signals • Rate limiting data • Temporary message metadata

Medium-Term Retention (7-30 days): • Undelivered encrypted messages (deleted upon delivery or after 7 days) • Support communications (90 days) • Backup data (7 days maximum)

Long-Term Retention (Until account deletion): • Public Posts (until you delete them) • Account metadata (creation date, status) • Encrypted social graph (until account deletion) • Subscription records (as required by law)

Indefinite Retention: • Audit logs (hashed, anonymized, tamper-evident) • Anonymized, aggregated analytics data (cannot identify users)

Immediate Deletion Upon Request: • Optional profile data (you can delete anytime) • Public Posts (deleted when you delete them) • Account and all associated data (within 3-7 days of deletion request)

7.3 Data Deletion

When you delete your account: 1. Your Public Content is removed from active display immediately 2. Your encrypted data becomes inaccessible (keys destroyed) 3. Your IP Hashes and temporary data are purged 4. Your device fingerprint is blacklisted 5. Remaining data is purged from backup systems within 7 days

Some data may remain in: • Audit logs (hashed, cannot identify you) • Anonymized analytics (cannot identify you) • Legal holds (if required by ongoing investigation)

7.4 Security Limitations

Despite our security measures, no system is 100% secure. You acknowledge that: • Your device security is your responsibility • End-to-end encryption depends on endpoint security • We cannot protect against screenshots or recipient-side leaks • Metadata analysis may reveal patterns despite encryption • Quantum computing may eventually break current encryption

8. YOUR RIGHTS AND CHOICES

8.1 GDPR Rights (EU Users)

If you are in the European Union, you have the following rights under GDPR:

Right to Access (Article 15): You have the right to request a copy of your personal data. Because of our encryption architecture, we can provide: • Your optional profile data (if not encrypted) • Your Public Posts • Account metadata (timestamps, status) • IP Hashes (if not yet rotated)

We cannot provide: • Content of your Direct Messages (encrypted, only you can decrypt) • Your decrypted social graph (encrypted, only you can decrypt) • Your Vault Key or private keys (we do not possess them)

To exercise this right, contact legal@kemet.network. We will respond within 30 days. You must prove Node ownership through cryptographic signature or by demonstrating control of the account.

Right to Rectification (Article 16): You can correct inaccurate profile data at any time through the application settings.

Right to Erasure / "Right to be Forgotten" (Article 17): You can delete your account at any time, which will remove your data as described in Section 7.3. Due to our encryption architecture, "erasure" of private data means destruction of the keys making it inaccessible, not necessarily deletion of the encrypted blobs (which are mathematically meaningless without keys).

Right to Restrict Processing (Article 18): You can request restriction of processing in certain circumstances. However, this may require account suspension as we cannot selectively restrict processing of operational data while maintaining service.

Right to Data Portability (Article 20): You can export your Public Posts and optional profile data. Private communications cannot be exported by us (you must use your keys to decrypt them).

Right to Object (Article 21): You can object to processing based on legitimate interests. We will cease such processing unless we demonstrate compelling legitimate grounds.

Right to Withdraw Consent: You can withdraw consent for optional features at any time.

8.2 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

Right to Know: You have the right to know what personal information we collect about you. See Section 3 for a complete list.

Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, security needs).

Right to Opt-Out of Sale: We do not sell personal information, so this right is not applicable. However, we provide this disclosure for transparency.

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Right to Correct: You have the right to correct inaccurate personal information.

To exercise CCPA rights, contact legal@kemet.network. We will verify your identity through cryptographic proof of Node ownership.

8.3 Other Jurisdictions

Users in other jurisdictions may have similar rights under local data protection laws. Contact us to exercise these rights.

8.4 Exercising Your Rights

To exercise any privacy right: 1. Contact legal@kemet.network or use the in-app privacy settings 2. Provide your Node ID 3. Prove ownership through cryptographic signature or account access 4. Specify the right you wish to exercise

We will respond within 30 days (or sooner if required by law). If we cannot verify your identity, we may be unable to process your request due to our encryption architecture.

8.5 Limitations Due to Encryption

Our technical architecture creates certain limitations on privacy rights:

• Decryption: We cannot decrypt your private communications. Only you can do this with your keys. • Identification: We may be unable to verify your identity if you cannot prove cryptographic ownership of your Node. • Anonymization: Much of our data is already anonymized or hashed, making individual identification impossible.

These limitations are not evasions of privacy law—they are the technical reality of our zero-knowledge architecture. We will work with you to exercise your rights to the extent technically possible.

9. INTERNATIONAL DATA TRANSFERS

9.1 Global Operation

The Network operates globally. By using The Network, you consent to the transfer, storage, and processing of your information in jurisdictions around the world, including the United States, European Union, and other locations where we have servers or service providers.

9.2 Transfer Safeguards

For transfers from the EU/EEA to the United States, we rely on: • Standard Contractual Clauses (SCCs) approved by the European Commission • Adequacy decisions where applicable (e.g., EU-US Data Privacy Framework) • Technical safeguards (encryption) that make data inaccessible to recipients

9.3 Data Localization

We do not currently offer data localization (storing your data only in specific jurisdictions). Your data may be processed on servers located in the United States, EU, or other jurisdictions. All data is encrypted in transit and at rest.

10. CHILDREN'S PRIVACY

10.1 Age Limitation

The Network is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information immediately.

10.2 No COPPA Data Collection

We do not collect the types of information regulated by the Children's Online Privacy Protection Act (COPPA), such as: • Real names • Home addresses • Email addresses • Phone numbers • Geolocation data (precise) • Photos or videos (unless voluntarily uploaded by user)

10.3 Parental Controls

We do not provide parental controls or monitoring tools. Parents and guardians are responsible for monitoring their children's use of The Network.

11. CHANGES TO THIS POLICY

11.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service improvements. Changes will be effective immediately upon posting.

11.2 Material Changes

For material changes to this Policy, we will: • Post a notice on The Network • Update the "Last Updated" date • Notify users via in-app notification where technically feasible

Your continued use of The Network after changes constitutes acceptance of the updated Policy.

11.3 Historical Versions

We will maintain archived versions of this Policy for transparency. You can request previous versions by contacting legal@kemet.network.

12. CONTACT US

12.1 Privacy Inquiries

For questions about this Privacy Policy, to exercise your privacy rights, or to report privacy concerns, contact us at:

Email: legal@kemet.network

12.2 Data Protection Officer

We have not yet appointed a Data Protection Officer. Once we establish formal corporate structure, we will appoint a DPO and update this section.

12.3 Supervisory Authorities

If you are in the EU and believe we have violated your privacy rights, you have the right to lodge a complaint with your local supervisory authority.

APPENDIX A: TECHNICAL SPECIFICATIONS

A.1 Encryption Standards

• Asymmetric Encryption: Ed25519 (signatures), X25519 (key exchange) • Symmetric Encryption: XChaCha20-Poly1305 (messages), AES-256-GCM (headers) • Hash Functions: SHA-256, Argon2id (key derivation) • Key Derivation: HKDF-SHA256 • Protocol: Kemet Secure Messaging Protocol (KSMP) v4.0

A.2 Hashing and Salting

IP addresses and device fingerprints are hashed using: • Cryptographic hash functions (SHA-256 or stronger) • Random salts unique to each hash • Salt rotation every 3-7 days for IP hashes

This makes reversing the hash (finding the original IP from the hash) computationally infeasible.

A.3 Retention Schedule Detail

APPENDIX B: GLOSSARY OF PRIVACY TERMS

End-to-End Encryption (E2EE): Encryption where only the communicating users can read the messages. No third party, including the service provider, can decrypt the content.

Hash: A one-way function that converts data into a fixed-size string. Hashes cannot be reversed to reveal the original data.

Metadata: Data about data, such as timestamps, sender/recipient identifiers, and message size. Not the content itself.

Salt: Random data added to input before hashing to prevent pre-computed attacks.

Zero-Knowledge: A system design where the service provider cannot access user content or keys.

13. AUTOMATED DECISION-MAKING AND PROFILING

13.1 Trust Score Algorithm

Kemet uses an automated scoring system called the "Trust Score" to maintain network integrity and prevent abuse. This system may be considered automated decision-making under GDPR Article 22. We provide the following transparency about this system:

Logic of the Processing: The Trust Score is calculated using a weighted algorithm that analyzes multiple factors: • Account Age (weight: 20%) - Older accounts receive higher baseline scores • Graph Density (weight: 20%) - Connections to high-trust accounts increase score • Behavioral Entropy (weight: 20%) - Human-like patterns increase score; robotic patterns decrease score • Report Volume (weight: 15%) - Reports from other users decrease score • Content Quality Signals (weight: 15%) - Engagement with legitimate content increases score • Device Fingerprint Consistency (weight: 5%) - Device changes may temporarily decrease score • Rate Limit Compliance (weight: 5%) - Staying within limits maintains score

The algorithm uses statistical analysis and machine learning to identify patterns associated with spam, bots, and abuse. Scores range from 0 to 100. Scores below 20 trigger Shadow Containment (content de-indexing). Scores below 10 may trigger suspension review.

Significance and Consequences: Your Trust Score affects: • Visibility of your content in the Public Feed • Search indexing of your posts • Rate limits for posting and messaging • Access to certain features (e.g., Group creation) • Potential for account suspension or termination

A low Trust Score does not prevent you from using The Network but limits your reach and functionality. This is designed to contain abuse without outright banning, allowing for rehabilitation through positive behavior.

Human Intervention: While Trust Score calculation is automated, enforcement decisions (suspension, termination) involve human review by the Oversight Team upon appeal. You have the right to: • Request human review of enforcement decisions • Contest the decision and provide context • Receive explanation of the factors that led to the decision

To request human intervention, submit an appeal via appeals@kemet.network or through the in-app appeal function.

Data Used: The Trust Score algorithm processes: • IP Hashes (rotated, anonymized) • Device Fingerprints (hashed) • Behavioral patterns (aggregated, anonymized) • Report counts (aggregated) • Engagement metrics (aggregated)

We do NOT use for Trust Score: • Content of your private messages (inaccessible to us) • Your real identity (we don't have it) • Protected characteristics (race, religion, etc.) • Sensitive personal data

13.2 No Significant Automated Decisions

The Trust Score does not produce "legal effects" or "similarly significant effects" as defined by GDPR Article 22. It does not: • Affect your legal rights or status • Determine access to housing, employment, or credit • Result in automatic denial of services (only reduced visibility) • Use special category data (Article 9)

However, we provide transparency about the algorithm as a best practice and to facilitate your right to contest decisions.

13.3 Your Rights Regarding Automated Processing

You have the right to: • Be informed about the existence of automated decision-making (this section) • Obtain human intervention in enforcement decisions • Express your point of view regarding decisions • Contest decisions based solely on automated processing

To exercise these rights, contact appeals@kemet.network.

14. DATA BREACH NOTIFICATION

14.1 Security Incidents

A "personal data breach" is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data.

Given our zero-knowledge architecture, most breaches would affect encrypted data that remains inaccessible without keys. However, we take all breaches seriously.

14.2 Breach Assessment

Upon discovering a potential breach, we will: 1. Assess the nature, scope, and severity of the breach 2. Determine the categories and approximate number of affected users 3. Identify the likely consequences for data subjects 4. Identify measures taken or proposed to address the breach

14.3 Notification to Supervisory Authorities

If a breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required by law.

Given our encryption architecture, most breaches involving encrypted data would not meet this threshold, as the data remains inaccessible.

14.4 Notification to Affected Users

If a breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay. The notification will include: • Description of the breach • Categories of data affected • Likely consequences • Measures taken or proposed • Contact information for further information

14.5 Notification Methods

We will notify users via: • In-app notifications • Email (if you have provided one for support purposes) • Posting on our status page or legal documentation repository

14.6 Documentation

We will maintain records of all breaches, including: • Facts relating to the breach • Effects of the breach • Remedial actions taken

These records will be maintained for compliance and improvement purposes.

15. PRIVACY BY DESIGN AND BY DEFAULT

15.1 Privacy by Design

Kemet was built with privacy as a foundational principle, not an afterthought. Our architecture embodies the seven Foundational Principles of Privacy by Design:

1. Proactive not Reactive; Preventative not Remedial: We designed The Network to prevent privacy breaches before they occur through encryption and data minimization.

2. Privacy as the Default Setting: By default, all private communications are end-to-end encrypted. Users must actively choose to make content public.

3. Privacy Embedded into Design: Cryptographic privacy is built into the protocol layer, not added as a feature.

4. Full Functionality — Positive-Sum, not Zero-Sum: We achieve privacy without sacrificing functionality. Users enjoy full social media capabilities with cryptographic protection.

5. End-to-End Security — Full Lifecycle Protection: Data is protected from creation (on user device) through transmission to reception (recipient device).

6. Visibility and Transparency — Keep it Open: We publish this Privacy Policy, our protocol specifications, and audit trails for accountability.

7. Respect for User Privacy — Keep it User-Centric: Users control their keys, their content visibility, and their data retention.

15.2 Privacy by Default

The following privacy protections are enabled by default: • End-to-end encryption for all Direct Messages • Private account setting (content not publicly searchable until you choose) • Minimal data collection (only required data collected) • Shortest possible retention periods • No third-party tracking or analytics (until explicitly enabled) • No advertising profiling • Push notifications disabled by default for DMs (you opt in)

15.3 Data Minimization

We collect only the data necessary for the specific purpose. We do not collect: • Excessive optional data • Data "for future use" • Data unrelated to service provision • Data that could be used for unrelated purposes

15.4 Purpose Limitation

We use data only for the purposes stated at collection. We do not: • Use data for purposes incompatible with original collection • Further process data in ways users would not expect • Expand uses without updating this Policy

16. DATA PROTECTION IMPACT ASSESSMENT (DPIA)

16.1 When DPIAs Are Required

Under GDPR Article 35, we conduct Data Protection Impact Assessments for processing that is likely to result in a high risk to the rights and freedoms of natural persons, including: • Systematic and extensive profiling with significant effects • Large-scale use of sensitive data • Large-scale, systematic monitoring of publicly accessible areas

16.2 Our DPIA for Trust Score

We have conducted a DPIA for the Trust Score algorithm, which involves systematic evaluation of personal aspects. The assessment concluded: • The processing is necessary for fraud prevention (legitimate interest) • Data used is minimized and anonymized (IP hashes, not raw IPs) • Effects are limited (reduced visibility, not denial of service) • Safeguards are in place (human review for enforcement, appeal process) • Risk to users is low given the anonymization and limited impact

16.3 Consultation with Supervisory Authorities

If our DPIA indicates high risk that cannot be mitigated, we will consult with the relevant supervisory authority before processing. Currently, we have not identified such risks requiring consultation.

16.4 DPIA Review

We review DPIAs: • At least annually • When there are changes to the processing • When new risks emerge • Following any data breach or incident

17. ADDITIONAL JURISDICTIONAL COMPLIANCE

17.1 Canada (PIPEDA)

For Canadian users, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA): • We obtain consent for collection, use, and disclosure of personal information • We limit collection to purposes identified to users • We use information only for those purposes (or compatible purposes with consent) • We protect personal information with appropriate safeguards • We retain information only as long as necessary • We ensure accuracy of information • We provide access to personal information upon request • We provide recourse for complaints

17.2 Japan (APPI)

For Japanese users, we comply with the Act on the Protection of Personal Information (APPI): • We specify the purpose of use of personal information • We do not use personal information beyond the scope necessary for the specified purpose • We obtain consent for provision of personal information to third parties • We implement security control measures • We respond to requests for disclosure, correction, or cessation of use

17.3 Australia (Privacy Act)

For Australian users, we comply with the Australian Privacy Principles (APPs): • We manage personal information openly and transparently • We give individuals the option of not identifying themselves where practicable • We collect solicited personal information only for lawful purposes • We protect personal information from misuse, interference, loss, and unauthorized access

17.4 Singapore (PDPA)

For Singaporean users, we comply with the Personal Data Protection Act (PDPA): • We obtain consent before collecting, using, or disclosing personal data • We notify individuals of the purposes for collection, use, or disclosure • We allow access to and correction of personal data • We protect personal data with reasonable security arrangements

17.5 Switzerland (FADP)

For Swiss users, we comply with the Federal Act on Data Protection (FADP): • We process personal data lawfully, in good faith, and proportionately • We specify the purpose of processing • We limit data to what is necessary for the purpose • We ensure accuracy and completeness • We retain data no longer than necessary • We ensure security through appropriate technical and organizational measures

18. COOKIES AND TRACKING TECHNOLOGIES

18.1 What Are Cookies

Cookies are small text files stored on your device when you visit websites or use applications. They are widely used to make applications work efficiently and provide information to the operators.

18.2 Our Use of Cookies

Kemet uses minimal cookies and tracking technologies:

Essential Cookies: • Session management (maintaining your login state) • Security (CSRF protection, rate limiting) • Functionality (language preferences, display settings)

These cookies are necessary for The Network to function and cannot be disabled.

Analytics Cookies (Future): We may use anonymized analytics cookies to understand aggregate usage patterns. These would be: • Strictly anonymized (no user identifiers) • Optional (you can disable in settings) • Used only for service improvement • Not shared with third parties

18.3 Third-Party Cookies

We do not use third-party advertising cookies or tracking pixels. The only third-party cookies are: • Firebase Cloud Messaging (for push notification functionality) • Payment processor cookies (during subscription flow)

18.4 Cookie Management

You can manage cookies through: • In-app privacy settings • Browser settings (for web access) • Device settings (for mobile apps)

Note: Disabling essential cookies may prevent The Network from functioning properly.

18.5 Do Not Track

We do not currently respond to "Do Not Track" signals from browsers, as there is no industry standard for how to interpret such signals. However, our data collection is minimal regardless of DNT settings.

19. CROSS-BORDER DATA TRANSFERS

19.1 Transfer Mechanisms

When we transfer personal data outside your jurisdiction, we rely on the following safeguards:

European Economic Area (EEA): • Standard Contractual Clauses (SCCs) approved by the European Commission • EU-US Data Privacy Framework (for transfers to certified US organizations) • Adequacy decisions for approved countries

United Kingdom: • UK International Data Transfer Agreement (IDTA) • UK Addendum to EU SCCs • Adequacy regulations

Other Jurisdictions: • Contractual clauses based on local requirements • Data localization where required by law • Encryption in transit and at rest

19.2 Countries Where Data May Be Processed

Your data may be processed in: • United States (primary infrastructure) • European Union (for EU users) • Other jurisdictions where we maintain servers or use service providers

All locations use encryption and access controls.

19.3 Data Localization

Some jurisdictions require data to remain within their borders. We comply with such requirements where they apply and are enforceable. Currently, we do not offer data localization options for individual users, but we may implement this if required by law.

20. DISPUTE RESOLUTION

20.1 Privacy Complaints

If you believe we have violated your privacy rights, you have the following options:

Contact Us First: Email legal@kemet.network with your complaint. We will investigate and respond within 30 days.

Supervisory Authority: If you are in the EU, you have the right to lodge a complaint with your local supervisory authority: • EU: List of national DPAs available at https://edpb.europa.eu/about-edpb/board/members_en • UK: Information Commissioner's Office (ICO) • Other jurisdictions: Contact your national data protection authority

20.2 Alternative Dispute Resolution

For privacy-related disputes, we may offer alternative dispute resolution through: • Mediation • Binding arbitration (as per Terms of Service) • Industry ombudsman services

20.3 Jurisdiction

Privacy-related legal actions are subject to the governing law and dispute resolution provisions in our Terms of Service (Delaware law, arbitration in Wilmington).

21. EMPLOYEE AND CONTRACTOR DATA

21.1 Internal Privacy

This Privacy Policy primarily addresses user data. For information about how we process employee and contractor personal data, please refer to our internal Employee Privacy Notice, available to employees upon request.

21.2 Confidentiality Obligations

All employees and contractors with access to user data are bound by strict confidentiality obligations and subject to disciplinary action for violations.

22. SEVERABILITY AND INTERPRETATION

22.1 Severability

If any provision of this Privacy Policy is held invalid or unenforceable, the remaining provisions shall continue in full force and effect.

22.2 Interpretation

This Privacy Policy shall be interpreted: • In accordance with the principles of transparency and fairness • To maximize user privacy protection • Consistently with applicable data protection law • With headings for convenience only (not affecting meaning)

22.3 Translation

This Privacy Policy is drafted in English. Translations may be provided for convenience, but the English version prevails in case of conflict.

APPENDIX C: COMPLETE GDPR ARTICLE 13/14 COMPLIANCE CHECKLIST

For transparency and compliance verification, the following table maps GDPR requirements to sections of this Policy:

APPENDIX D: RECORD OF PROCESSING ACTIVITIES (ARTICLE 30)

In accordance with GDPR Article 30, we maintain records of processing activities. Summary: