Privacy Policy

1. Introduction

WhiteFish.One, LLC ("we", "our", or "us") values your privacy and is committed to protecting your personal and institutional data. This Privacy Policy outlines how we collect, use, disclose, and protect your information across all our digital platforms and services. We adhere strictly to international and national data protection regulations, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Family Educational Rights and Privacy Act (FERPA), and other applicable privacy laws.

2. Information We Collect

• Personal Information: Full name, contact details, login credentials, identifiers, and other user-submitted data.
• Institutional Information: Names of affiliated institutions, administrators, and organization-specific configurations or metadata.
• Credential Data: Issued or received certificates, diplomas, badges, transcripts, and other verifiable records.
• Technical Data: IP address, device type, browser type, OS, access times, and usage patterns.
• Automated Data: Behavioral patterns captured via AI tools, metadata from smart contracts, and system-generated logs.

3. Legal Basis for Data Processing

We process your data under the following legal bases, depending on your location and applicable law:

• Consent: When you voluntarily provide data or opt into services.
• Contractual Necessity: To provide products or services you've requested.
• Legal Obligation: To comply with applicable laws and regulations.
• Legitimate Interest: To improve services, prevent fraud, or ensure security, without overriding your rights.

4. Use of Information

Your data is used to:

• Provide, operate, and improve our digital services and solutions.
• Generate and verify educational or institutional credentials.
• Enable secure and private sharing of data through Learner’s Passport or institutional portals.
• Conduct analytics, reporting, and research (in de-identified form only).
• Ensure security, integrity, compliance, and enforce terms of use.

5. Data Sharing & Disclosure

We do not share, sell, or lease any personal or institutional data with third parties for marketing or commercial purposes.

We only disclose information:

• With your explicit consent.
• To trusted service providers performing duties on our behalf under strict confidentiality agreements (e.g., secure hosting providers).
• When required by law, court order, or regulatory body.
• To affiliated institutions or organizations as part of standard service delivery.

6. Data Security & Storage

We implement robust technical and organizational measures to protect your information from unauthorized access, disclosure, alteration, or destruction. Measures include:

• End-to-end encryption.
• Blockchain-based immutability for verifiable data.
• Access controls and role-based permissions.
• Regular security audits and compliance checks.
• Secure cloud infrastructure with redundancy and backup systems.

7. Data Retention

We retain personal and institutional data only as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. Users may request deletion or anonymization of their data at any time, subject to contractual and legal constraints.

8. User Rights

You may have the following rights under applicable data protection laws:

• The right to access, correct, or delete your data.
• The right to object to or restrict processing.
• The right to data portability.
• The right to withdraw consent where processing is based on consent.
• The right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us at info@whitefish.one.

9. Children's Privacy

We do not knowingly collect or process personal information from children under the age of 13 without verifiable parental consent or institutional oversight, as required by law.

10. Data Storage Location

Your data is stored on servers within United States adhering to its privacy laws. We do not store the data outside the United States and this is also applicable for the backups/snapshots.

11. Changes to This Privacy Policy

We may periodically update this Privacy Policy. When changes are made, we will revise the "Effective Date" at the top and provide notice as appropriate. Continued use of our services after such changes constitutes your acceptance.

12. Contact Us

If you have any questions, requests, or concerns regarding your privacy or this policy, please reach out to:

Email: info@whitefish.one