Home How Verification Works Security & Privacy

Security & Privacy
by design, by default.

Roya is built with privacy-first architecture that separates verification proof from personal data.

Data minimisation

Only verification metadata is stored; all personal data remains with publishers.

Right to erasure (Art. 17)

Publishers can delete contributor data; anonymous proof remains as audit trail.

Data controller

Publishers remain controller. Roya acts as processor for verification only.

Purpose limitation

Data used solely for split verification, not marketing or other purposes.

What we store (and where)

Blockchain (Monad testnet)

  • Verification timestamp
  • Content hash (cryptographic fingerprint)
  • Basic statistics (contributor count, total %)
  • NO personal information
  • NO names or payment details
public but anonymous

Your systems (your control)

  • All contributor details
  • Split percentages per person
  • Payment calculations
  • Under your complete control
never shared with Roya

πŸ‡ͺπŸ‡Ί GDPR compliance built‑in

Data minimization

Only verification metadata is stored; all personal data remains with publishers.

Right to erasure (Art. 17)

Publishers can delete contributor data; anonymous verification proof remains as audit trail.

Data controller

Publishers remain the data controller. Roya acts as data processor for verification only.

Purpose limitation

Data used solely for split verification, not marketing or other purposes.

Secure processing

All verification happens in isolated, encrypted environments. No data shared between publishers.

Audit trail Β· without privacy risk

The blockchain provides tamper‑proof verification that:

  • A split was verified
  • At a specific time
  • With specific characteristics (4 people, 100% total)

But reveals nothing about:

  • Who the contributors are
  • How much they're receiving
  • Which work this relates to

βœ… This allows independent verification without compromising privacy.

Access control – who can see what

Data typePublishersSTIM*RoyaPublic
Contributor namesβœ“βœ“*❌❌
Split percentagesβœ“βœ“*❌❌
Payment amountsβœ“βŒβŒβŒ
Verification timestampβœ“βœ“βœ“βœ“
Content hashβœ“βœ“βœ“βœ“
* Only when publisher submits registration to STIM through normal process. STIM does not have direct access to Roya data. The table indicates what could be shared during standard royalty reporting.
Secure processing & isolation
All verification happens in isolated, encrypted environments. No data shared between publishers. Every tenant isolated.
Questions?

If you have specific privacy or security questions, please contact us. We’re happy to discuss data processing agreements, sub-processors, or security audits.

security@roya.se
Roya – transparency & verification layer. Monad testnet preview. Β© Roya 2026 Β· Data protection by design