Privacy Policy

This policy applies to miniterms.com, the waitlist site for the upcoming Miniterms product. It does not yet describe the future product itself — that policy will land when the product launches and will be linked here.

Today, the only personal data we collect is the email addressyou submit through the waitlist form. We don’t run analytics, don’t drop tracking cookies, and don’t fingerprint your device. Server logs hold standard request metadata (IP, user-agent, timestamp) for up to 30 days for abuse prevention only.

• Send you a one-time confirmation that we received your signup
• Send you a single launch email when the product is ready
• Detect spam and rate-limit abusive signups

We won’t add you to a marketing list, sell your email, or use it for anything other than the above.

The infrastructure that makes Miniterms work. As a B2B service, we offer a Data Processing Agreement (DPA) to customers who need one for GDPR compliance. Download our DPA ↗. Payments are processed by Stripe via Dekimu ID; Miniterms itself never receives your payment card data.

Under GDPR, UK GDPR, and CCPA you have the right to access, correct, delete, or export your data. To exercise any of these, email legal@dekimu.com from the address you signed up with. We respond within 30 days.

Waitlist emails are kept until you unsubscribe or until 90 days after public launch, whichever comes first. Server logs are deleted after 30 days.

If we change anything material, we’ll bump the version above and post a one-line summary at the top of this page. Substantive changes will also be emailed to anyone on the waitlist at the time.

Dekimu Labs S.L. (CIF B55431357) · legal@dekimu.com. Privacy questions, deletion requests, anything legal — legal@dekimu.com.

This policy is governed by the laws of Spain. You may lodge a complaint with the Agencia Española de Protección de Datos (AEPD) or the supervisory authority of your habitual residence.

If you use features that issue anchored receipts (APR, ACR, or any other Anchored Receipts protocol-family member), we process salted cryptographic commitments derived from identifiers and event metadata. Commitments are designed to be resistant to direct re-identification but remain personal data under GDPR Article 4. We process them on the legal basis of legitimate interest (Article 6(1)(f)) in providing tamper-evident audit trails, with the retention period stated above. Anchored daily roots are non-retroactive by design: an erasure request received after a receipt has been anchored is honoured by ceasing to serve the receipt body, but the historical signature record cannot be withdrawn from the anchored root. This is disclosed before any receipt is minted.

Miniterms sets a single strictly-necessary authentication cookie (miniterms_access) after you sign in. This cookie is used solely to maintain your authenticated session and is deleted when you sign out or it expires. We do not set analytics, advertising, or tracking cookies of any kind, and we do not use any third-party trackers.

A theme preference may be stored in your browser’s localStorage to remember your light/dark mode choice. This value never leaves your device and is not personal data.