Privacy Policy

1. Overview

GAMP Registry ("GAMP", "we", "our") operates as a public trust infrastructure for AI models. This Privacy Policy explains what personal and model data we collect, how we use it, and your rights in relation to it.

GAMP is designed with transparency as a core principle. Much of the data submitted to GAMP is intentionally public — the purpose of the registry is to make AI model provenance visible and verifiable. This policy makes clear which data is public and which is kept private.

2. What We Collect

2.1 Account Data

• Name and email address (provided at registration)
• Hashed password (stored using bcrypt — plaintext never retained)
• Account creation timestamp and status
• Organisation name (optional)

2.2 Model Registration Data

When you register an AI model, the following data is collected and stored in the registry:

• Model name, version, type, and description
• Architecture and training data description
• Intended use and industry classification
• Trust tier and live trust score
• Cryptographic passport hash and GAMP master signature
• Agent public key (stored — used for output verification)
• Audit status and co-signature records
• Drift reports submitted against the model

The agent private key is generated and transmitted to you at registration. GAMP does not store it.

2.3 Audit Documentation

Documents submitted as part of audit applications (architecture docs, safety evaluations, training data descriptions) are stored and reviewed by GAMP staff and approved certifiers. These documents are not published publicly unless you request it.

2.4 Usage Data

• IP address and browser information when accessing the platform
• API access logs (endpoint, timestamp, response code)
• Badge embed requests (model ID, timestamp, requesting IP)

2.5 Payment Data

Payment processing is handled by third-party processors (Stripe or equivalent). GAMP stores payment references, tier, amount, and subscription dates. We do not store card numbers, CVV codes, or full payment credentials.

2.6 Contact Form Data

Name, email, enquiry type, and message content submitted via the contact form, retained for up to 12 months.

3. How We Use Your Data

• Providing the Service — operating the registry, issuing passports, serving badges, running audit checks
• Account management — authentication, password reset, account status notifications
• Transactional emails — audit results, tier changes, payment confirmations, suspension notices
• Trust scoring — computing live trust scores from co-signatures, drift reports, and verification data
• Security and integrity — detecting abuse, enforcing rate limits, investigating fraud
• Platform improvement — aggregate, anonymised analytics on registry usage patterns
• Legal compliance — responding to lawful requests from authorities where required

We do not use your data for advertising, profiling for commercial third parties, or any purpose beyond operating the Service as described.

4. Public Registry Data

The following data is intentionally public and accessible to anyone without authentication:

• Model name, type, version, description, and intended use
• Trust tier, live trust score, and badge status
• Cryptographic passport hash and GAMP signature
• Agent public key (required for output verification)
• Industry classifications (declared and approved)
• Certifier co-signatures and their timestamps
• Drift reports (severity, description, resolution status)
• Public transparency log entries (registrations, tier changes)
• Revocation feed (suspended and flagged models)

Your account email address, audit documents, and payment information are not publicly accessible.

By registering a model, you acknowledge and consent to this public data being displayed in the registry, the badge system, and the transparency log.

5. Data Sharing

5.1 Service Providers

We may share data with trusted service providers who assist in operating the platform (hosting, email delivery, payment processing). These providers are contractually bound to process data only as instructed by GAMP.

5.2 Certifiers

When a model applies for Audited tier, submitted audit documents are shared with the reviewing certifier under confidentiality obligations.

5.3 Legal Requirements

We may disclose data if required to do so by law, court order, or regulatory authority. Where permitted, we will notify affected users before such disclosure.

5.4 No Sale of Data

GAMP does not sell, rent, or trade personal data to third parties.

6. Data Retention

• Account data — retained for the lifetime of the account plus 90 days after closure
• Model passports — retained indefinitely in the transparency log (as inactive records) after model deletion, to preserve audit trail integrity
• Audit documents — retained for 3 years after audit completion
• Payment records — retained for 7 years to comply with financial regulations
• API access logs — retained for 90 days
• Contact form submissions — retained for 12 months

7. Security

GAMP implements industry-standard security measures:

• All data transmitted to GAMP is encrypted in transit via TLS 1.2 or 1.3
• Passwords are stored as bcrypt hashes — plaintext is never retained
• Cryptographic operations use Ed25519 — a modern, auditable signature algorithm
• Agent private keys are never stored by GAMP after issuance
• The GAMP master signing key is stored in a restricted filesystem, separate from application code
• Rate limiting is applied to all endpoints to prevent abuse and denial-of-service
• Admin actions are logged to an append-only audit trail

While we implement strong security controls, no system is immune from all risks. You should use a strong, unique password and store your agent private key securely.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate account data
• Erasure — request deletion of your account and personal data (subject to our retention obligations and the public registry design described in Section 4)
• Portability — request your data in a machine-readable format
• Objection — object to processing of your data in certain circumstances

Note: model passport entries in the public transparency log cannot be fully erased after publication, as this would compromise the integrity of the audit trail. Deleted models are marked inactive but remain as historical entries.

To exercise your rights, use the Contact form at gampid.co.za. We will respond within 30 days.

9. Cookies

GAMP uses a minimal set of cookies:

• Authentication token — a session token stored in localStorage to maintain your login state. This is functional and cannot be disabled if you wish to use the authenticated dashboard.
• No tracking cookies — GAMP does not use advertising pixels, third-party analytics trackers, or behavioural profiling cookies.

10. International Transfers

GAMP may process data in jurisdictions outside your country of residence. Where data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable data protection law.

11. Children

The Service is not directed at persons under 18 years of age. GAMP does not knowingly collect personal data from children. If you believe a child has registered, please contact us and we will delete the account promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified to registered account holders by email at least 14 days before taking effect. Continued use of the Service after that date constitutes acceptance of the updated policy.

13. Contact

For any privacy-related questions, requests, or complaints:

GAMP Registry — Privacy
Contact form: gampid.co.za
Response time: within 30 days for rights requests, within 5 business days for general enquiries.