Privacy Policy
Last updated: March 27, 2026
Introduction
Common Identity ("we," "us," or "our") provides an invisible watermarking service that helps you prove ownership of your images and videos. This privacy policy explains what data we collect, how we process it, and your rights regarding that data.
We are committed to transparency about our data practices. This policy is written in plain language so you can understand exactly how your information is handled.
Data Controller
Common Identity is the data controller responsible for your personal data. For privacy inquiries, contact us at [email protected].
Enterprise customers may request a Data Processing Agreement (DPA) for GDPR Article 28 compliance.
How Watermarking Works — Data Flow
Images
When you watermark an image, the following data flow occurs:
- Your image is uploaded from your browser to our API server via an encrypted HTTPS connection.
- Our API server reads the image into memory, computes a SHA-256 hash to generate a unique Watermark ID, and forwards the image to our watermark processing server (GPU service).
- The processing server embeds an invisible watermark into the image using a neural network, and returns the watermarked image.
- Our API server returns the watermarked image to your browser. The image is then discarded from server memory. We do not save your image to disk, a database, or any persistent storage.
- If you choose to register your watermark, the Watermark ID and your wallet address are recorded on a public blockchain.
At no point is your image saved, stored, or retained on our servers. It exists in server memory only during the few seconds of processing.
Videos
Video watermarking follows a similar process, with one difference: because video files are large (up to 100 MB), they are temporarily stored in Google Cloud Storage during processing rather than held entirely in server memory.
- Your browser uploads the video directly to a temporary Google Cloud Storage bucket using a time-limited signed URL. The upload bypasses our API server entirely.
- Our API server downloads the video from Cloud Storage, forwards it to the GPU service for frame-by-frame watermark embedding, and uploads the watermarked result back to Cloud Storage.
- Your browser downloads the watermarked video from Cloud Storage using a separate time-limited signed URL.
- Both the original and watermarked video files are automatically deleted from Cloud Storage within 24 hours by a lifecycle policy. We also delete them immediately after processing completes when possible.
Videos are temporarily stored in Cloud Storage only for the duration of processing. They are automatically deleted within 24 hours. We do not retain your videos beyond this window.
What We Collect
Data we store
| Data | Purpose | Retention |
|---|---|---|
| Account information (email) | Authentication and account management | Until account deletion |
| Wallet address | Blockchain registration of watermarks | Until account deletion (on-chain records are permanent) |
| Watermark IDs | Linking watermarked images to ownership records | Permanent (registered on public blockchain) |
| Report metadata (report ID, report type, beacon ID, cryptographic hash, signature) | Verifying the authenticity of generated evidence reports | 1 year |
| Analytics (if opted in) | Improving the service (bucketed, non-PII metrics only) | 90 days |
Data we process but do not store
| Data | Purpose | Retention |
|---|---|---|
| Your images | Watermark embedding and verification | In memory only during processing (seconds), then discarded |
| Your videos | Video watermark embedding and verification | Temporarily stored in Google Cloud Storage during processing, automatically deleted within 24 hours |
| IP address | Rate limiting to prevent abuse | In memory only, cleared on server restart (not persisted) |
| Report contact information (name, email, phone, address, social handles) | Included in evidence reports you generate (PDF created in your browser) | Not stored on our servers. Embedded in the PDF generated locally in your browser and downloaded to your device. |
| Infringement details and DMCA declarations | Documenting infringement claims in evidence reports | Not stored on our servers. Embedded in the locally generated PDF only. |
Data we never collect
- Image or video filenames
- Image or video content or metadata (EXIF data)
- Browsing history or tracking cookies
- Third-party advertising or profiling data
Lawful Basis for Processing
- Contract performance: Processing your images and videos for watermarking is necessary to provide the service you requested.
- Consent: Analytics tracking is opt-in only. We do not collect analytics data unless you explicitly enable it.
- Legitimate interest: Rate limiting (using IP addresses in memory) is necessary to prevent abuse and maintain service availability.
Sub-Processors
The following third parties process data on our behalf:
| Sub-processor | Purpose | Data Processed |
|---|---|---|
| Watermark Processing Server (GPU) | Neural watermark embedding and detection | Image and video bytes (in memory only, not persisted) |
| Google Cloud Storage | Temporary video storage during processing | Video bytes (auto-deleted within 24 hours via lifecycle policy) |
| Base Blockchain Network | Watermark ID registration | Wallet address, Watermark ID, timestamp (permanent, public) |
| Privy | Authentication | Email address, wallet address |
| IPFS (via Pinata) | Decentralized credential storage | Watermark registration metadata (Verifiable Credential JSON). Public claims (policy type, registration date) are readable; private claims are AES-256-GCM encrypted and readable only by you. No image files are stored on IPFS. |
| Upstash Redis | Rate limiting, session caching, and report verification metadata | Rate limit counters (IP-based), report metadata (report ID, type, beacon ID, cryptographic hash, signature) |
Blockchain Records and Immutability
When you register a watermark on-chain, the following data is recorded on a public blockchain:
- Your wallet address (a pseudonymous identifier)
- The Watermark ID (derived from a hash of your image)
- A registration timestamp
- A cryptographic commitment (used for zero-knowledge ownership proofs)
Blockchain records are permanent and cannot be modified or deleted.
This is by design—it ensures your ownership proof persists independently of our company. However, it means that once a watermark is registered, the on-chain record cannot be removed even if you delete your account. The Watermark ID alone does not reveal the content of your image.
Portfolio linkability
All watermarks you register are linked to the same wallet address on-chain. This means that if someone discovers any one of your watermarked images, they can look up the corresponding on-chain record, find your wallet address, and then discover all other watermarks registered to that same wallet.
In concrete terms: a person who has one of your watermarked images can learn how many other images you have registered, when you registered them, and what policy type (e.g., creator, marketplace) you selected for each. They cannot see the content of your images or read your private registration details, which are encrypted.
This is a known limitation of the current system. We are working on stealth registration addresses that will make each registration unlinkable from the others. In the meantime, if portfolio unlinkability is important to you, you can register different images from different wallet addresses.
Data Retention
| Data Type | Retention Period |
|---|---|
| Your images | Not retained (in-memory during processing only) |
| Your videos | Temporary Cloud Storage (auto-deleted within 24 hours) |
| Server logs | 30 days |
| Rate limiting data (IP addresses) | In-memory only, cleared on server restart |
| Account information | Until you delete your account |
| Report metadata | 1 year (automatically deleted after expiry) |
| Blockchain registration records | Permanent (immutable by design) |
| Analytics data (if opted in) | 90 days |
Cookies and Local Storage
We do not use third-party tracking cookies. We use the following local storage items:
- Authentication tokens: Managed by Privy for keeping you signed in.
- Analytics preference: Your opt-in/opt-out choice for analytics (stored in localStorage).
Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you. You can export your data programmatically via the
GET /api/account/exportendpoint. - Portability: Receive your data in a structured, machine-readable format. The export endpoint returns JSON with a
Content-Disposition: attachmentheader for easy download. - Rectification: Request correction of inaccurate data.
- Erasure: Request deletion of your account and associated data. When you delete your account, we delete your authentication data, report metadata, and remove your registration metadata from our IPFS provider. Blockchain records are permanent and cannot be deleted. Cached copies of metadata documents may persist on other IPFS nodes beyond our control.
- Withdraw consent: You can disable analytics at any time through the analytics settings toggle.
- Complaint: You have the right to lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully.
To exercise any of these rights, contact us at [email protected].
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: You may request the categories of personal information we collect, the purposes for collection, and the categories of third parties with whom we share it.
- Right to Delete: You may request deletion of your personal information, subject to the same exceptions noted above (blockchain records are permanent by design).
- Right to Correct: You may request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information as defined by the CCPA/CPRA.
- Right to Limit Use of Sensitive PI: We do not collect sensitive personal information as defined by the CCPA/CPRA beyond what is disclosed in this policy.
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
Categories of Personal Information Collected
- Identifiers: Email address, wallet address, report IDs (linked to user account)
- Internet Activity: Bucketed analytics metrics (only if opted in)
- Geolocation: IP address for rate limiting only (not stored, not linked to identity)
Personal Information Sold or Shared
- Personal information sold in the last 12 months: None
- Personal information shared for cross-context behavioral advertising in the last 12 months: None
To exercise any of these rights, contact us at [email protected].
AI Model Training
We do not use your images or videos to train AI models. Our watermarking model was pre-trained on public datasets and is not fine-tuned or retrained using customer content. Your images and videos are processed for watermark embedding/detection only and are not retained for any other purpose.
Security
- All data in transit is encrypted via HTTPS/TLS.
- Communication between our API server and watermark processing server is authenticated via API key.
- Rate limiting protects against abuse (10 requests per minute per IP).
- Server-side API keys are never exposed to client-side code.
International Transfers
Where your data is processed by US-based sub-processors, we rely on Standard Contractual Clauses (SCCs) as the legal mechanism for EU-US data transfers. For details on the specific transfer safeguards and supplementary measures we apply, see our Data Processing Agreement.
Changes to This Policy
We may update this privacy policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Contact Us
If you have questions about this privacy policy or our data practices, contact us at: