Last updated: May 2026 · Applies to all Provlyn users worldwide
Provlyn Ltd ("Provlyn", "we", "us", "our") operates the Provlyn platform at provlyn.com. Provlyn Ltd is a company registered in England and Wales under company number 17185877 with its registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.
We are the data controller for personal data collected through our platform. Provlyn Ltd is registered with the UK Information Commissioner's Office under registration number CSN9368459.
This controller role covers your account, billing, subscription, and vault access data. For the contents of files you deposit, Provlyn acts as a data processor: you remain the controller of your own file content, and we process it only on your instruction to deliver the service.
The same split applies to the recipient email addresses embedded through watermarking. When you choose to share files with watermarking enabled, you decide to use that feature and remain the controller of the recipient personal data it processes; Provlyn acts as your processor, embedding each recipient's email address and access time only on your instruction and for no other purpose. You are responsible for having a lawful basis for this and for giving recipients any notice required, as set out in section 2a of our Terms of Service.
For privacy-related enquiries, contact us at: privacy@provlyn.com
Account data: When you register, we collect your email address, full name, and a hashed version of your password. We never store your password in plain text. Optional fields include your company name and address.
Billing data: Payment processing is handled entirely by Paddle, who is the Merchant of Record. We do not see or store your card details. We retain a record of your subscription status, plan type, price, and payment history for support and accounting purposes.
File data: When you make a deposit, your file is uploaded to our secure storage so it can be retrieved by you and shared on your instruction. We also store the file's name, size, cryptographic hash (SHA-256), the trusted timestamp (issued by our timestamping providers, listed in Section 5), and the OpenTimestamps Bitcoin proof. The cryptographic hash is what proves your file's existence at a given moment — your file's content is not visible from the hash.
Watermark data: When you share a file with watermarking enabled, we embed the recipient's email address and the access date and time into the shared file and into the page images we render for viewing. This creates a per-recipient traceable copy as a leak-deterrence measure. These watermarked copies are held only as a temporary cache and are automatically deleted after 30 days.
View-only rendering: When you share a file as view-only, we render each page of the document into an image for in-browser viewing, so the original file is not downloaded. These rendered page images carry the watermark described above, are held as a per-recipient cache, and are automatically deleted after 30 days.
Vault and access data: We store the names and descriptions of vaults you create, the email addresses of anyone you invite to share access, and access logs (who viewed what, when, from which IP).
Usage data: We collect standard server logs including IP addresses, browser type, pages visited, and access times. This is used for security monitoring and service operation.
Communications: If you contact us by email or via the contact form, we retain those communications to respond to your enquiry.
Provlyn is built around minimising data collection:
We use your personal data to:
Our lawful bases under UK GDPR and EU GDPR are: contractual necessity (to deliver the service you have subscribed to), legitimate interests (security monitoring, fraud prevention, service improvement), and legal obligation (tax records, regulatory compliance).
Provlyn uses the following sub-processors. Each processes personal data only as needed to deliver the part of the service it is responsible for, and each has its own published privacy policy and data processing agreement. For the full list — including location, role, transfer basis and DPA status — see our Sub-processors page.
Render Inc. (United States, infrastructure in Frankfurt, Germany) — hosts our backend servers and the PostgreSQL database holding your account, subscription, vault, and access-log records. Database is encrypted at rest (AES-256). Render's servers process data within the European Union.
Amazon Web Services (S3, eu-north-1, Stockholm, Sweden) — stores your deposited files. Files are encrypted at rest (AES-256) and accessed only through signed, time-limited URLs that we issue.
Paddle (Paddle.com Market Limited, United Kingdom and global) — processes payments and subscription billing as our Merchant of Record. Paddle holds your name, email, billing address, transaction history, and tokenised payment method. Paddle is the data controller for the data it holds in this capacity, with its own retention obligations as a regulated payment provider.
Resend (Resend Inc., United States) — delivers our transactional emails. Resend processes recipient email addresses, message content, and delivery status. See Section 6 below for details on the international transfer.
Vercel (Vercel Inc., United States, edge network global) — hosts and serves our frontend website code. Vercel processes server-side request logs (IP addresses, user agents) for short-term operational purposes.
FreeTSA (Switzerland) — issues RFC 3161 trusted timestamps. We send only your file's cryptographic hash; FreeTSA receives no personal data and no file contents.
AlfaTrust (AlfaSign / Romania, EU) — a Qualified Trust Service Provider on the EU Trusted List that issues qualified eIDAS timestamps for deposits where qualified timestamping is applied, and for daily access-log anchoring. We send only a cryptographic hash; AlfaTrust receives no personal data and no file contents. Our qualified-timestamping architecture is provider-agnostic and this provider may change.
OpenTimestamps and the Bitcoin network — provides public blockchain anchoring of your timestamps. We submit only the cryptographic hash; no personal data and no file contents are recorded on-chain.
Most of your data is stored within the European Union (Render in Frankfurt, AWS S3 in Stockholm). Some processors are based in the United States or United Kingdom.
For transfers from the EEA or UK to the United States (Resend, Vercel) and from the EEA to the UK (Paddle), we rely on the following safeguards as required by Article 46 of GDPR:
You may request a copy of the safeguards in place for any specific transfer by contacting privacy@provlyn.com.
If you are located in the United Kingdom or European Economic Area, you have the following rights regarding your personal data:
Please note: cryptographic hashes anchored to the Bitcoin blockchain are public and permanent by design — these cannot be deleted from the blockchain itself. The personal data linking those hashes to you (your account, email, file metadata) can be deleted on request.
To exercise any of these rights, email privacy@provlyn.com. We will respond within 30 days.
We retain your personal data for as long as your account is active.
If you cancel your subscription, your vault enters a retention window — 14 days for monthly plans, 30 days for annual plans — during which your files are preserved and can be recovered by resubscribing. After that window ends, your stored files are automatically and permanently deleted. You can also ask us to delete your data sooner by writing to privacy@provlyn.com.
If a free trial ends without a subscription, your stored files are automatically deleted 48 hours after the trial expires. In all cases — cancellation or expired trial — your cryptographic hashes and certificate metadata are retained so that proofs you have already created remain verifiable.
Watermarked copies and view-only page images are held only as a temporary cache and are automatically deleted 30 days after they are created. If a recipient views a shared file again after that period, the page images are simply re-rendered.
Paddle retains its own billing records (transactions, invoices, customer details) for the period required by tax and payment regulations — typically 7 years. This is independent of our retention and required by law for payment processors.
Server logs are retained for up to 90 days.
We implement appropriate technical and organisational measures to protect your personal data:
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of it, and notify affected users without undue delay where required by law.
Provlyn uses two categories of cookies and similar storage:
We do not use advertising cookies, behavioural targeting, or sell data to third parties. For full details, see our Cookie Policy.
Provlyn is not intended for use by children under 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact privacy@provlyn.com and we will delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 14 days before they take effect. Continued use of the service after that date constitutes acceptance of the updated policy.
For privacy enquiries: privacy@provlyn.com
If you are unhappy with how we handle your data, you have the right to lodge a complaint with your local data protection authority. In the UK this is the Information Commissioner's Office at ico.org.uk. In Spain, the Agencia Española de Protección de Datos at aepd.es. For other EU countries, you can find your local authority via edpb.europa.eu.