bringBringID

Privacy Policy

Summary

BringID is designed to provide privacy-preserving identity verification without collecting or storing personal data. This Privacy Policy explains what information is processed, how it is used, and the guarantees provided by the BringID extension and airdrop claim page.

1. Data We Do Not Collect

  1. We do not collect, store, or monetize personal data.
  2. We do not access your browsing history, communications, location data, or financial information.
  3. We do not require you to provide personal details such as name, email, or address.

2. How Verification Works

BringID uses Multi-Party Computation over TLS (MPC-TLS) combined with Semaphore zero-knowledge proofs to verify web-based activity in a privacy-preserving way.

  1. Encrypted traffic: The notary only sees encrypted TLS traffic and cannot reconstruct plaintext credentials.
  2. Selective disclosure: Only specific values necessary for verification (e.g. account IDs, verified follower counts, ride IDs, or device IDs) are revealed.
  3. Notary attestation: The notary signs an attestation of the disclosed values.
  4. Hashing & commitments: Disclosed values (e.g. account IDs) are hashed and committed on-chain as Semaphore identity commitments.
  5. Zero-knowledge proofs: Users generate unlinkable proofs from these commitments to demonstrate humanity and uniqueness without exposing their exact identity.

3. Group Membership and Inference

By design, successful proofs may indicate that a user belongs to a verified group (for example: Uber riders, Twitter verified accounts, or Apple device owners).

  1. This information is used only to demonstrate uniqueness and prevent Sybil attacks.
  2. No raw account data is disclosed.
  3. Identity commitments cannot be linked across different proofs, preserving unlinkability.

4. Use of Data

Any data revealed during MPC-TLS verification is:

  1. Processed ephemerally in memory for proof generation.
  2. Never stored, logged, or sold by BringID.
  3. Never used for advertising, profiling, or cross-site tracking.

5. Airdrop Claim Page & Analytics

When you use the BringID airdrop claim page at app.bringid.org, we may process your wallet address and transaction data solely to deliver tokens and prevent abuse.

We also use Plausible Analytics on the claim page to measure usage and conversion. Plausible does not use cookies, does not collect personal data, and does not allow us to identify individual users. Data collected is anonymized and used only to understand claim page performance.

6. Open-Source and Auditability

BringID is built on top of open-source projects including TLS Notary and Semaphore.

  1. Our codebase is fully open and available on GitHub: https://github.com/BringID
  2. Independent review and community audit are encouraged.

7. Data Retention

BringID does not retain user data. All disclosed values (e.g. account IDs, follower counts) are processed ephemerally during the verification session. No logs or databases of user data are maintained.

8. User Rights

Since BringID does not collect or store user data:

  1. There is no personal information to access, modify, or delete.
  2. Users retain complete control over what information is disclosed during verification.

9. Contact

If you have questions about this Privacy Policy or BringID’s data handling practices, you can reach us at:

  1. Website: https://bringid.org
  2. GitHub: https://github.com/BringID
  3. Email: dev@bringid.org