When we refer to “us”/”we” or “you” in this policy declaration, the parties we refer to are the organization providing the service on the domain www.telldrc.co - Tell DRC Co. [both the name of our organization and internet domain] [us] and the person creating an account on said service [you]. When we refer to “the service” or ”the Tell DRC Platform” or just “the Platform” that means the service by the name Tell DRC, provided on the domain Tell DRC Co: www.telldrc.co.
Tell DRC Co. is not incorporated as of yet, but we are going to form a de jure company as soon as possible. Currently we - Tell DRC Co. - are an organization consisting of the people you see on the Contact page.
§2.1 Storage of Personal Data
The EU law of protection of private information [GDPR], states that one can only store Personal Data whose usage and purpose is strictly defined, and only until the aim is achieved. The two purposes of the Personal Data that Tell DRC Co. uses and stores is  enabling login and account usage, and  guaranteeing that each physical human only has only one verified account with their own unique credentials and connected to their own unique identity. The latter purpose is however essential only once Tell is in Phase Two [i.e. when identity verification has begun], although information provided by users even before that may also be used to facilitate identity resolution once Phase Two is entered.
This by extension also serves the purpose of ensuring everyone’s security, i.e. preventing illicit actions. Therefore, the necessary Personal Data must be stored as long as the user in question has his/her verified account, and furthermore 365 additional days after deletion [of a verified account].
You understand and agree to that your Personal Data will be stored by Tell DRC Co. as long as you have an account, and that furthermore, once your account is verified your Personal Data will be stored for 365 additional days after deletion. This rule is here for everyone’s safety to prevent fraudulent activity by being able to cooperate with authorities [otherwise illicit or fraudulent users could simply erase all their traces by deleting their account in question].
§2.2 Definition of Personal Data stored
The following is by definition the only User Data [i.e. Personal Data] that Tell DRC Co. stores, as part of its service.
§2.2.1 Unverified accounts [And verified accounts]
* Your name upon signup [although - as it is not verified upon signup - this data is deleted immediately upon account deletion, and not 365 days later].
* Your email upon signup [although - as it is not verified upon signup - this data is deleted immediately upon account deletion, and not 365 days later].
* Your phone number upon signup [although - as it is not verified upon signup - this data is deleted immediately upon account deletion, and not 365 days later]
* Your username upon signup [although this data is deleted immediately upon account deletion, and not 365 days later].
* Your encrypted password, as chosen by you [although this data is deleted immediately upon account deletion, and not 365 days later, since it is of no interest for identity resolution].
* [The Private Tell Key that matches your Public Tell Key is also Personal Data, though it is not saved by Tell DRC Co., but only by you, and whoever you choose to entrust it with.]
§2.2.2 Verified accounts [This data does not exist in Unverified accounts]
When/if you verify your account [which will only be possible in Phase Two of Tell], you additionally consent the storage off [for as long as you have a verified account, plus 365 days]:
* Your full name.
* Your birthdate.
* Your nationality.
* An authentic photo of your face.
Even so, you understand that it is stored in encrypted form, and not as raw data.
§2.3 Usage of Personal Data
The main purpose of storing Personal Data is to make sure that each person only has one verified account and one Trustworthiness Rating [of a verified account], and that [only] he/she can access [log in to] his/her account, and use it. Hence, any data that a user has provided [or will provide] to Tell DRC Co. may or may not be used as an identification method that uniquely identifies this individual.
Personal Data may be used in communication of service related information concerning us/you to enhance the user experience.
Personal Data may be used in collaboration with national and/or local authorities and in accordance with local laws in order to protect users from potential fraud or other illicit activities.
§2.4 Deletion of Personal Data
You have complete rights to be forgotten on the Tell DRC Platform.
Owners of unverified accounts may delete all Personal Data [of that given unverified account] at any time by deleting that account from the Tell DRC Platform - by [which is mandatory] using their Private Tell Key [so that it is proven that the party requesting the account deletion indeed is the account owner]. In that case - when your account is not verified - all your Personal Data will be deleted as fast as the server can process the deletion request [i.e. saying ‘instantly’ would be incorrect, but we hope the servers do it faster than a heartbeat].
You are also free to delete your account [and thus delete all your Personal Data] once your account is verified [in Phase Two of Tell]. Thus you unverify it as well - with all the consequences that entails; e.g. loss of your part of the daily Tell mintage. However, in that case - when your account is verified - certain Personal Data will be stored an additionally 365 days after deletion, which you hereby give consent to. This for the sole purpose of preventing illicit activities and fraud, by enabling cooperation with authorities in the case of suspicion of such illicit activities. This rule is here for everyones' safety, and it is an important point, and in accordance with GDPR, since the aim of this service [which includes everyones’ safety] would not have been able to be achieved if the rule was that User Data would be immediately deleted upon account deletion.
§2.5 Sharing of Personal Data
We only share Personal Data [i.e. User Data] with authorities or law enforcement in the case of a criminal investigation in order to comply with applicable law - granted of course that the law in question does not contradict the United Nations’ Universal Declaration of Human Rights [UDHR], which can be read at https://www.un.org/en/universal-declaration-human-rights/.
§3.1 Definition of Non Personal Data
No data on the platform is Personal Data, that is only traceable to a given person if it first passes through the User Data, which is defined previously in this policy.
The Non Personal forms Data are primarily as follows.
* Account ID.
* Public Tell Key.
* Transomnic receipts.
* Trustworthiness Ratings and related Trustworthiness Data.
* [Anonymous] data of total outgoing sum [on a daily basis], and incoming sum [on a weekly basis] from and to each account. See more in the “Transomnic Receipts” section of this policy.
§3.2 Details of Non Personal Data
§3.2.1 The state of Non Personal Data
You agree to the term and policy that you are under no circumstances free to delete Non Personal Data.
This includes all Non Personal Data, most importantly transomnic receipts [registered in the past or future, by you or someone else] on the Tell DRC Platform. Those receipts, once registered, belong to Tell DRC Co. and will always remain on the platform. Nobody is free to delete them, since that Non Personal Data belongs to Tell DRC Co.
§3.2.2 Transomnic Receipts
Transomnic receipts are by definition Non Personal Data because they in themselves are not linked/traceable to a human person. Once registered on the platform, transomnic receipts will always remain. You hereby agree on this.
You furthermore agree on and declare that you understand that the transaction notes of the transomnic receipts are viewable to both parties, the transaction sender and the transaction recipient as declared in the receipt [and therefore it is advisable not to write sensitive information in them]. Furthermore, the transomnic receipts start belonging [only the data of them] to Tell DRC Co. the moment they are registered on the Tell DRC Platform [though not in the exclusive sense, meaning; both the sender and recipient are free to use the data that their receipts constitute, in whatever way they like.]
You agree on this both in the case of you being the sender, and in the case of you being the recipient defined in a receipt in question. I.e. it doesn't matter if you or someone [anyone] else registered the receipt: By agreeing to this Policy, and by participating in the use of the Tell DRC Platform, you agree on this.
Notice: Even though Tell DRC Co. owns the information that the transomnic receipts constitute, of course, Tell DRC Co. does not own the 'purchase/transaction' itself, but merely the information of the receipt. That means Tell DRC Co. can of course not reverse a transaction, but Tell DRC Co. merely owns the information that the receipt in question constitutes.
This being said, if you want to distance yourself from a transomnic receipt [in capacity of being the sender or recipient of the related transaction] on the Tell DRC Platform [despite it there being private and not publicly viewable], you must delete your account. In doing so [if your account is verified] there will [after 365 days] no longer be any connection between your person [i.e. your Personal Data, as defined previously] and the Account ID of the transomnic receipt. Transomnic receipts that concerned you, are from then on merely proof of transactions pointing from [if you were the sender in regards to the transaction] or to [if you were the recipient of the transaction] a ”blank” Account ID without a person behind it. [Though, if your account is not verified, as stated, there is no such 365 day rule.]
§3.2.3 Public Trustworthiness Data
You understand and agree to that the Trustworthiness Rating [and related Trustworthiness Data] is Non Personal Data. The user [Account Holder] does not own the Trustworthiness Rating data: Rather Tell DRC Co. owns it. You agree to and understand that the Trustworthiness Rating [and related Trustworthiness Data], linked to the Account ID of your account, enabled by it being Non Personal Data, is indefinitely [i.e. forever] publicly viewable.
The data that the Trustworthiness Rating [and related data] constitutes, is not provided by users, but is generated by us when receipts are registered of outgoing transactions, that may or may not have backing by receipts of incoming transactions.
The purpose of this data is to enable transactions based only on those very trustworthiness ratings. However, this too, might only be truly valuable in Phase Two of Tell.
The Account Holder can however delete his/her account, and all his/her de facto Personal Data, thus severing all ties to the Trustworthiness Data in question [immediately if your account is not verified, and 365 days after deletion if your account is verified], although he/she can not delete the Trustworthiness Rating of that ‘dead’ account.