Legal — Signet Academic

Privacy & Terms

Privacy Policy

Last updated: May 19, 2026

Signet Academic records that you wrote, not what you wrote. The extension counts edit events in Google Docs. It never logs which keys you pressed and never captures clipboard content. The one exception to "never your text": if you choose to run Rewind (or keep its witness on when certifying), rendered views of your document's revision history are stored so verifiers can review them — and only then. Your writing otherwise stays private.

Signet Academic is in open beta — this policy describes the service as it works today, and we update it as the product develops.

What we collect

  • Account info — your email and name from Google sign-in. Used to identify your account.
  • Session metadata — when each writing session started and ended, total edit event counts by category (insertions, deletions, undo, redo, cut), pause patterns, and the length (not content) of paste events.
  • Document fingerprints — mathematical hashes of your document's state at intervals. Hashes cannot be reversed to reveal text — the text itself never leaves your device.
  • Certificate records — when you generate a Certificate of Authorship, we store its metadata (timing, session summary, document title) to support permanent verification URLs.
  • Revision views (Rewind — the one content exception) — if you run Rewind, or leave the revision-history witness enabled when certifying, Signet renders images of your document's text at significant moments of its Google Docs revision history and stores them so verifiers can review them. This happens only when you initiate it; the images are generated on your device, and the revision stream itself is never uploaded — only the rendered views and derived metrics (timing, character counts) are stored. Switching the witness off at certification keeps the metrics and excludes the images.
  • Form submissions — when you submit a contact form or waitlist signup on our website, we receive your email, name, optional institution, and any message you wrote. Used to respond to your inquiry and (where applicable) to add you to a waitlist.

What we never collect

  • Document text or content (except the revision views above — included only when you choose to include them)
  • Which specific keys you pressed
  • Clipboard content
  • Data from any site outside Google Docs
  • Browsing history

This is architectural, not just policy — the code that sends data to our servers has no access to document content.

How we use your data

To operate the service, generate and verify certificates, and send automated confirmation emails when you submit a contact form or waitlist signup on our website. We do not currently send automated emails during onboarding, while using the extension, or when generating certificates. We do not sell your data. We do not use your data for advertising. We do not run third-party analytics or tracking inside the Chrome extension.

Where your data is stored and who handles it

Session data is encrypted in your browser before being synced to your Signet account. The local copy is cleared after sync is confirmed.

Signet's infrastructure runs on the following third-party providers, all operating in the United States:

  • Supabase, Inc. — database, authentication, and file storage. Holds your account, session metadata, and certificate records.
  • Vercel, Inc. — hosts the getsignet.app web application and provides anonymous web analytics (page paths visited, country, device class, referrer). Does not receive account data, document content, or any data from inside the dashboard or extension.
  • PostHog, Inc. — receives product analytics events (e.g., "user signed in," "onboarding completed," "certificate generated," "verification document generated") to help us improve the product. Never receives document content, document titles, paste content, paste annotations, or certificate hashes.
  • Google LLC — handles the OAuth sign-in flow. We receive your email and name from Google; Google does not receive your writing data.
  • Resend, Inc. — delivers automated confirmation emails when you submit a contact form or waitlist signup on our website, and notifications to our team about new submissions. Receives your email address, name, and any message content you submitted. Not used for emails about onboarding, extension usage, or certificate generation — no automated emails are sent for those flows today.

None of these providers have access to your document content. We do not share your data with any party outside this list, except when required by valid legal process (subpoena, court order) or with your explicit consent.

Your data is not training data

We do not use your data — including session metadata, document fingerprints, certificate records, or any behavioral signals — to train AI systems, our own or anyone else's. Our infrastructure providers operate under their own terms, but none have access to your document content, and we do not authorize our metadata to be used as training data for AI systems of any kind.

Your control

  • Exclude any document from recording at any time via the extension.
  • Download a signed copy of your complete record from your dashboard.
  • Delete your account by contacting support@getsignet.app.
  • Sign out of the dashboard at any time. Note that signing out of the dashboard does not stop the extension from recording — you must use the extension's exclude or uninstall options to do that.

Data retention

  • Session metadata — kept while your account is active. Deleted 90 days after account cancellation.
  • Certificate records — kept indefinitely to support permanent verification URLs. On account deletion, certificate records are anonymized (your account identifier is removed) rather than deleted, so verification keeps working for anyone holding a certificate you previously issued.
  • Account data — deleted on request, typically within 30 days.

Your rights

You may request access to, correction of, or deletion of your personal data at any time by emailing support@getsignet.app. We respond within 30 days.

The Chrome extension

The Signet Academic extension operates only on docs.google.com. It does not run on any other site. It does not intercept network traffic or modify the Google Docs interface beyond a small, dismissable indicator. The extension requests only the minimum Chrome permissions required to function: storage (for authentication tokens and queued session data) and alarms (for background token refresh).

Age requirements

Signet Academic is not directed to children under 13. By creating an account, you confirm that you are at least 13 years of age. If you are under 18, you should review these terms with a parent or guardian. If we become aware that we have collected personal information from a child under 13, we will delete that information.

California privacy rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give you specific rights regarding your personal information:

  • Right to know what personal information we have collected about you.
  • Right to delete personal information we have collected about you, subject to certain exceptions (including certificate records, which are preserved for permanent verification — these are anonymized on account deletion).
  • Right to correct inaccurate personal information.
  • Right to opt out of the sale or sharing of personal information. Signet does not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
  • Right to non-discrimination for exercising any of these rights.

To exercise these rights, contact us at support@getsignet.app. We respond within 45 days as required by California law. You may also designate an authorized agent to make a request on your behalf — we will verify your identity before fulfilling the request.

Changes to this policy

If we make material changes, we will update the date above and notify active users by email. Continued use after changes take effect constitutes acceptance.

Contact

Privacy questions: support@getsignet.app

Signet Proof, Inc.
2871 Clayton Crossing Way
Ste 1017 PMB 1029
Oviedo, FL 32765
United States

Terms of Service

Last updated: July 2026

Agreement

By using Signet Academic you agree to these terms. If you don't agree, don't use the service. These terms form a binding agreement between you and Signet Proof, Inc. ("Signet", "we", "us").

The service

Signet Academic is a Chrome extension and web app that records writing process metadata from Google Docs and generates portable certificates of authorship. Use of Signet Academic requires the Google Chrome browser and a Google account, and operates within Google Docs. Your use of Google services is governed by Google's own terms and privacy practices, available at policies.google.com.

We provide the service "as is" and may modify, suspend, or discontinue features. Material changes will be communicated by email where reasonable.

Open beta

Signet Academic is currently in open beta and under active development. Features, interfaces, and record formats may change between versions, and you may encounter rough edges. One thing does not change: certificates issued during the beta remain permanently verifiable at their verification URLs — verification does not depend on any version-specific software.

Your account

You are responsible for keeping your credentials secure and for all activity under your account. You agree to provide accurate information when signing up and to update it if it changes.

Acceptable use

You may use Signet Academic for any lawful purpose. You may not:

  • Use the service to misrepresent the authorship of a document
  • Attempt to record documents you do not own or have permission to record
  • Reverse-engineer, decompile, or extract the source code of the extension or web app
  • Resell, sublicense, or redistribute access to the service without our written permission
  • Use the service in any way that infringes third-party rights or applicable law

Your content

You own everything you write. We claim no rights to your documents or session data. You grant us a limited, non-exclusive license to process your session data solely to provide the service — storage, sync, and certificate generation. This license ends when you delete your account, subject to the certificate retention terms below.

Certificates

Certificates we generate include cryptographic signatures and verification URLs. We commit to keeping verification URLs working indefinitely, even after account cancellation. To preserve this, certificate records may be anonymized rather than deleted when an account is closed.

Certificates are a tool to support your writing record. They are not a substitute for institutional academic-integrity processes, expert opinion, or legal proceedings.

Wind-Down Protocol

Signet Proof, Inc. is committed to ensuring that certificates issued through its services remain verifiable for the long term — regardless of our continued operation. To that end, we make the following binding commitments:

  1. Trigger Events. This Wind-Down Protocol is triggered if any of the following occurs: (a) our voluntary dissolution; (b) our bankruptcy or insolvency; (c) acquisition of Signet by an entity that materially changes or discontinues the verification service; (d) an interruption of the verification service exceeding 180 consecutive days without a published recovery plan.
  2. Notification. Upon a Trigger Event, we will provide ninety (90) days advance written notice to all institutional customers and post public notice at getsignet.app.
  3. Open Source Release. Within thirty (30) days of a Trigger Event, we will publish under an OSI-approved open source license: the reference verifier source code, the certificate format specification, the verification page server source code, and the documentation necessary for an independent party to operate the verification service.
  4. Institutional Data Transfer. Upon written request from any institutional customer received within one hundred eighty (180) days of the Trigger Event, we will transfer to that institution all certificate records and verification metadata associated with users at that institution's verified domain — in machine-readable format suitable for ingestion by an independent verification system.
  5. Successor Designation. We will make best efforts to identify and engage a nonprofit digital preservation successor — such as the Internet Archive, the Software Preservation Network, or a similar mission-aligned organization — to assume hosting of public verification infrastructure for certificates not otherwise transferred to institutional customers. Where no successor can be engaged, we will publish all verification data as a public archive with documentation sufficient to allow third parties to reconstruct verification capabilities.
  6. Binding on Successors. This Wind-Down Protocol binds Signet Proof, Inc., its successors, assignees, and any acquiring entity that continues to operate the verification service. Any acquisition or merger involving Signet must include explicit acknowledgment and assumption of these commitments.

Service availability

We aim for high availability but do not guarantee uninterrupted service. Scheduled maintenance and unplanned outages may occur. We are not liable for losses arising from service interruptions.

Disclaimers

The service is provided "as is" and "as available" without warranties of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, and non-infringement.

Limitation of liability

To the maximum extent permitted by law, our total liability for any claim arising out of or relating to the service is limited to the amount you paid us in the twelve months preceding the claim, or $100, whichever is greater. We are not liable for indirect, incidental, consequential, special, or punitive damages.

Termination

You may cancel your account at any time by contacting support@getsignet.app. We may suspend or terminate accounts that violate these terms, with notice where reasonable.

Changes to these terms

We may update these terms. Material changes will be communicated by email and reflected in the date above. Continued use after changes take effect constitutes acceptance.

Governing law

These terms are governed by the laws of the State of Delaware, without regard to conflict-of-law principles. Disputes will be resolved exclusively in the state or federal courts located in Wilmington, Delaware.

Contact

Terms questions: support@getsignet.app