Legal & Privacy
Last updated: March 30, 2026 — V2.0
📋 Summary
GlabTech operates SBIX and SBIX Certify — sovereign proof infrastructure for creators and enterprise. We only collect what is strictly necessary and we never store your raw images or files: our systems work on cryptographic hashes and perceptual fingerprints only.
🏢 1. Legal Information
- Publisher: GlabTech SARL
- Location: Anse des Cayes, 97133 St-Barthelemy, France
- ASN: 30077 (ARIN registered)
- Founded: 2011
- Email: founder@glabtech.com
- Director: Charly Greaux
- Hosting: Self-hosted infrastructure (ASN 30077) + IONOS backup (EU)
🛡️ 2. Our Products
SBIX Verify API (certify.sbix.io/check)
Visual origin engine. Detects image copies, infers probable origin, traces cross-platform propagation. 5.4M images indexed across 14 platforms.
- Data processed: Perceptual hashes only (pHash/dHash/aHash) — images are never stored
- Index: Public platforms (Teia, Objkt, Wikimedia, MET, NASA, Europeana...)
- Decision: BLOCK / REVIEW / SAFE returned in <200ms
- Legal proof: eIDAS Qualified timestamp on every BLOCK decision
- Enterprise POC: Available under NDA — contact@sbix.io
SBIX Certify (certify.sbix.io)
Proof of creation for digital artists. Legal timestamps + blockchain anchoring in 60 seconds.
- Data collected: Email (for account), file hash SHA-256 (never the file itself)
- Timestamp: eIDAS Qualified (AlfaSign / AlfaTrust) or RFC-3161 local
- Blockchain anchoring: Tezos L1 + Aleph.im
- Payments: Processed by Stripe (PCI-DSS compliant)
SBIX Core (sbix.io)
Enterprise proof infrastructure for MiCA compliance. On-premise deployment available.
- Data collected: Contact form submissions only
- Deployment: On-premise available — data never leaves your infrastructure
🔐 3. Personal Data (GDPR)
3.1 What data do we collect?
- Account creation: Email address
- Contact forms: Name, email, message
- Certify usage: File hashes (SHA-256), timestamps, proof IDs
- Verify API: Perceptual hashes of submitted images (pHash/dHash/aHash)
- Analytics: Plausible (cookie-less, privacy-first, EU-based)
3.2 What we do NOT collect
- Your files or images — we only process cryptographic fingerprints
- Your IP address (not stored)
- Tracking or advertising cookies
- Third-party marketing data
3.3 Legal bases
- Contract: Account creation, certification services, API access
- Legitimate interest: Analytics, security, service improvement
- Legal obligation: Invoicing, tax records
3.4 Data retention
- Proofs/certificates: Stored indefinitely (blockchain anchored)
- Perceptual fingerprints: Stored in index indefinitely to improve detection
- Account data: Until account deletion + 30 days
- Contact requests: 24 months after last contact
3.5 Your rights (GDPR Articles 15-22)
- Access, rectify, or erase your personal data
- Restrict or object to processing
- Data portability
Exercise your rights: founder@glabtech.com — Supervisory authority: CNIL (France)
🍪 4. Cookies & Tracking
- glabtech.com: Plausible Analytics (cookie-less, GDPR-compliant)
- certify.sbix.io: Plausible Analytics (cookie-less)
- Essential cookies: Session management only (no tracking)
We do not use Google Analytics, Facebook Pixel, or any third-party advertising tracking.
🔗 5. Third-Party Services
- Stripe: Payment processing (PCI-DSS Level 1)
- AlfaSign / AlfaTrust: eIDAS Qualified timestamps (EU Trusted List)
- Plausible: Privacy-first analytics (EU-based)
- Tezos: Blockchain anchoring (public, decentralized)
- Aleph.im: Decentralized storage backup
- Formspree: Contact form handling
⚡ 6. Security & Sovereignty
- Hashes only: We never store your original files or images
- Own infrastructure: ASN 30077 — self-managed, EU jurisdiction
- No cloud dependency: On-prem deployments available for enterprise
- Encryption: TLS 1.3 in transit, Ed25519 signatures
- Location: St-Barthelemy, France (French law, CNIL jurisdiction)
📜 7. Terms of Use
Access to GlabTech services is provided "as is". SBIX Certify certificates are cryptographic proofs anchored on public blockchains — they cannot be modified or deleted once created. Ensure you have rights to certify any content before using the service.
SBIX Verify API results are informational. Decisions (BLOCK/REVIEW/SAFE) are based on indexed fingerprints and probabilistic scoring. They do not constitute legal advice or definitive copyright determination.
❓ FAQ
Do you store my images?
Never. We only process perceptual hashes (pHash/dHash/aHash). Your images are never stored on our servers.
Do you sell my data?
No. Never. We do not sell, rent, or share your personal data with third parties for marketing purposes.
How do I request a POC for the Verify API?
Email contact@sbix.io with your use case. Enterprise POCs are available under NDA for image archives of any size.
How do I delete my account?
Email founder@glabtech.com — we will process within 30 days. Blockchain-anchored proofs cannot be deleted.
📧 Contact
- General / Legal / GDPR: founder@glabtech.com
- Verify API / POC: contact@sbix.io
- Address: GlabTech SARL, Anse des Cayes, 97133 St-Barthelemy, France