At DPP Report, the security and confidentiality of your data is our primary commitment. Explore how we manage and protect your digital assets.
At DPP Report ("Company", "We", "Our"), protecting your personal data and ensuring confidentiality is a fundamental priority. We fully comply with the European Union General Data Protection Regulation ("GDPR"), California Consumer Privacy Act ("CCPA"), and other applicable global data privacy frameworks. This Privacy Policy outlines the types of information we collect, the purposes of processing, storage conditions, and user rights for brand operators, consumers performing Digital Product Passport (DPP) verifications, and subsequent ownership transfer recipients.
Our platform establishes immutable, blockchain-secured digital twins for high-value physical goods. By verifying ownership, authenticating origins, and preserving lifecycle histories, we facilitate decentralized digital trust. We maintain strict organizational and technical security measures to preserve data confidentiality.
Depending on your interaction with the platform, we collect and manage the following classifications of personal and institutional data:
All processing activities are legally justified under standard GDPR mechanisms, including contract execution, legal compliances, explicit consent, and corporate legitimate interests:
| Data Category | Purpose of Processing | Legal Basis (GDPR Art. 6) |
|---|---|---|
| Identity & Contact | Account provisioning, multi-factor verification flows, support ticket resolution. | Contractual Necessity (Art. 6/1-b) |
| Corporate Documents | Mitigating brand fraud, verifying registered businesses, network protection. | Legitimate Interests (Art. 6/1-f) |
| Transaction Records | Enabling cryptographically secured secondary transfers, provenance logging. | Performance of Contract (Art. 6/1-b) |
| Technical Analytics | Spatio-temporal analysis of fake scan triggers, parallel imports prevention. | Legitimate Interests (Art. 6/1-f) |
DPP Report utilizes distributed ledger technology (Blockchain) to guarantee product authenticity. By design, block structures are immutable and irreversible. Therefore, to respect modern privacy principles:
Crucial Disclosure
Personal data—such as customer names, physical coordinates, and electronic mail—are never stored on the public blockchain. We only publish cryptographically secured hashes and decentralized IDs (DIDs) on-chain. All identifiable profiles remain in secure, isolated databases, ensuring that rights to be forgotten can be fully executed.
We store personal profiles only as long as necessary to fulfill operational scopes, respect legal compliance limits, and maintain structural system backups:
Under GDPR Chapter 3 and standard privacy laws, individuals maintain comprehensive controls over their personal records:
To exercise these rights, submit your structured inquiry to our Data Protection Officer at contact@dpp.report. We will respond and execute your valid requests free of charge within 30 days.