Privacy Policy

This Privacy Policy explains how SELA by DaTamoon Ltd. ("DaTamoon", "we", "us") collects, uses, stores, and protects information when you visit selaapps.com, use the SELA App, SELA Link, SELA Connect, SELA Fortress, or any related service (the "Services"). SELA is a Breach-Nullification platform: our core architecture is intentionally designed so that personal data is held on your device and is never stored on our servers.

1. Who we are

SELA is operated by DaTamoon Ltd., a company organized under the laws of Israel. You can reach us at info@selaapps.com or +972 9 744 1117.

2. Our privacy-by-design principles

• Self-custody. Private keys are generated on your device and never leave it. We have no access to your keys, your seed phrase, or your credentials.
• On-device processing. Document OCR, biometric authentication, and identity verification run on your device wherever technically possible.
• Selective disclosure. You control which attributes you share with each verifier, including via Zero-Knowledge Proofs that reveal nothing beyond a single answer.
• No PII on chain. Only cryptographic hashes and proof anchors are written to the Polygon blockchain; never your personal information.

3. Information we process

We try to keep this list as short as possible. We process:

• Account and contact data you provide (e.g. name, email, phone) when you join a waitlist, contact us, or register for SELA Link.
• Wallet metadata such as your public DID, public keys, and transaction hashes — never your private key.
• Verification metadata from SELA Fortress (e.g. trust score, document type, success/failure flag). The actual document images are processed and discarded; we keep only the minimum metadata required to issue a credential.
• Service telemetry like device type, app version, language, error logs, and pseudonymous identifiers, used solely to operate and debug the Services.
• Web analytics through Google Analytics on selaapps.com (page views, referrers, anonymized IP). You can opt out via your browser settings or a Do Not Track signal.
• Breach Radar lookups that you initiate. The lookup value (email, phone, username) is sent to our breach-check provider over TLS. We store only an SHA-256 hash of any verified email used to raise your daily quota.

4. What we do not collect

• Your private keys or seed phrase.
• Plain-text copies of your identity documents on our servers.
• The contents of your credential vault, which lives encrypted on your device.
• Selfies, biometric templates, or fingerprints — these stay on your device and are handled by the operating system's secure enclave.

5. How we use information

• To provide, operate, and improve the Services.
• To respond to your questions and support requests.
• To detect, prevent, and respond to abuse, fraud, and security incidents.
• To comply with our legal obligations.

We do not sell your personal information. We do not use it for advertising profiling or behavioral targeting.

6. Legal bases (GDPR)

If you are in the European Economic Area or the UK, our legal bases are: performance of a contract (to deliver the Services you requested), our legitimate interests (to keep the Services secure and improve them), your consent (where required, e.g. for marketing emails), and legal obligation (e.g. tax, AML).

7. Sharing

We share information only with:

• Infrastructure providers who host or transmit data for us under written data-processing terms.
• Verifiers you choose in SELA Link or SELA Connect, and only the attributes you explicitly disclose.
• Authorities when required by law, valid legal process, or to protect rights, safety, and security.

8. Retention

We keep account, contact, and verification metadata only for as long as needed to provide the Services and meet legal obligations. Waitlist entries are kept until you ask us to delete them or until the waitlist is retired. You can request deletion at any time at info@selaapps.com.

9. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, port, or restrict the processing of your personal information, and to object to certain processing. To exercise any of these rights, email info@selaapps.com. We will respond within the timeframes required by applicable law.

10. Security

We use industry-standard safeguards including TLS for data in transit, encryption at rest, role-based access controls, hardware-backed key storage on devices, audit logging, and routine security testing. Despite these measures, no system is perfectly secure; we encourage you to use strong device passcodes and biometric protection.

11. International transfers

Our infrastructure and team are global. When we transfer personal data outside your country, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalents.

12. Children

SELA is not directed to children under 16 and we do not knowingly collect their personal information. If you believe we have, contact us and we will delete it.

13. Changes

We may update this policy from time to time. The "Last updated" date at the top reflects the most recent version. Material changes will be highlighted on this page.

14. Contact

Questions, complaints, or data requests:
SELA by DaTamoon Ltd.
Email: info@selaapps.com
Phone: +972 9 744 1117