Elabify

Privacy Policy

How Elabify handles data across the Maknoon app, the Musnad and Mizan services, and the elabify.com website. The short version: Maknoon is built so your keys, recovery phrase, credentials, and identity data stay on your device; the services process only what they need, as described below.

Updated 27 June 2026 Controller: Elabify

Privacy at a glance

These guarantees describe Maknoon, the consumer app. The Musnad and Mizan services do process data to do their jobs, and how is set out in sections 3 and 4.

  • Your keys stay on your device. Recovery phrase, wallet keys, identity keys, credentials, and ID-document data are held in the device secure store and are never transmitted to Elabify.
  • No analytics, no telemetry, no tracking in the app. Maknoon ships with no analytics, crash-reporting, advertising, or attribution SDKs, and no Google Play Services or Firebase. It runs on de-Googled Android (GrapheneOS).
  • You decide what you share. Credentials use selective disclosure: when you prove something (for example, “over 18”), only the field you choose is revealed, not the whole document.
  • On-chain data is not personal data. What Musnad publishes to a blockchain is cryptographic commitments (Merkle roots, hashes, public keys), never your name, document, or attributes.
01

Scope and who we are

The data controller is Elabify (elabify.com). For European Economic Area and United Kingdom users, Elabify acts as controller for the personal data described here, except where it acts as a processor on behalf of an institutional customer (notably for self-hosted or customer-operated deployments of Musnad and Mizan, where the customer is the controller). This policy covers:

  • Maknoon, the mobile identity and wallet app (a local-first holder application).
  • Musnad, the protocol services that issue and verify credentials (issuer and verifier servers and the on-chain registries at musnad.elabify.com and related endpoints).
  • Mizan, the institutional digital-asset risk-governance platform (mizan.elabify.com, and self-hosted deployments).
  • elabify.com, the marketing and support website.

Where a service is deployed in a specific jurisdiction (for example mainland China, see section 9), regional data-handling and localization rules apply in addition to this policy.

02

The Maknoon app: local-first by design

Maknoon is architected so the sensitive material never leaves your device. Elabify operates no account system for the app, requires no sign-up, and receives no copy of your identity, keys, or credentials.

Stays on your device

Held in the platform secure store (iOS Keychain / Secure Enclave, Android Keystore). Never sent to Elabify.

  • Recovery phrase & identity keysPost-quantum (ML-DSA) and wallet keys; signing is gated by your biometric, which also never leaves the device.
  • Wallet keys & addressesBitcoin, Ethereum and other EVM chains, Solana, Tron.
  • Credentials & ID documentsIncluding passport data read over NFC; passive authentication runs on-device.
  • Encrypted backupsEncrypted with a key derived from your password before they ever leave the app (section 5).

Leaves your device (only this)

Network requests you initiate, to providers you can change in Settings. Elabify is not the default destination.

  • Blockchain & price providersNode, explorer, fee and price services. Like any wallet, these see the addresses and transactions you query or broadcast. You can point Maknoon at your own nodes.
  • Credential presentationsCarried over a one-shot, short-lived transport and contain only the fields you chose to disclose.
  • Mini-appsBundles fetched from a catalog, integrity-checked against a pinned hash, and run sandboxed; each capability is shown to you and gated.
  • Connected websites/appsWhen you opt in, requests pass over a relay and you approve each one. Foreground-only; no background push.

Passport, ID documents, and biometrics

Passport or ID-document chip data is processed on your device to display it and to build a credential you requested; the passive-authentication check runs locally as a trust badge. The app does not transmit your raw document data to Elabify. Face ID, fingerprint, or device passcode are used locally to authorize signing; Maknoon receives only a yes/no result from the operating system, never your biometric data.

03

Musnad: issuing and verifying credentials

Issuing a credential or running a higher-assurance check requires processing real data on a server. Musnad is designed for data minimization, and what it commits to a blockchain is never personal data.

Issuer services

When you request a credential (for example, a passport-based identity credential), the issuer may process the document fields needed for that credential (such as name, date of birth, document number, nationality), a reference to any identity check performed, and, where enabled, the result of a sanctions / politically-exposed-person screening run against a third-party dataset. The lawful bases are performance of the service you requested, compliance with legal obligations (for example anti-money-laundering checks), and, where applicable, your consent.

  • Minimization: only the fields that back the credential are processed; the credential is built so you can later disclose them selectively.
  • Third parties: sanctions/PEP screening, when enabled, queries a specialized dataset provider for that purpose only.

Verifier services

When someone verifies a credential you present, the verifier sees only the fields you chose to disclose plus a one-time challenge. The default verifier is stateless: it checks the cryptographic proofs and the on-chain status and does not retain your credential or build a profile of you.

What goes on-chain

The on-chain registries hold cryptographic commitments only: issuer public keys, per-credential Merkle roots, revocation flags, and certificate-authority hashes. They contain no names, document data, or attributes. Because a blockchain is public and effectively permanent, this boundary is deliberate: nothing personal is published, so nothing personal can be exposed or has to be erased there.

04

Mizan: institutional risk governance

Mizan is a multi-tenant platform for stablecoin issuers, family offices, and institutional treasury teams to score protocols, track positions, and produce evidence packs. Unlike Maknoon, Mizan is an account-based service that stores the data you put into your workspace.

  • Account data: the email address used for magic-link sign-in, and basic account and workspace settings. Lawful basis: performance of the contract for the service.
  • Workspace data you enter: vault and protocol assessments, governance checklists, positions you track, alert rules, and scheduled reports. This is your institutional data; Elabify processes it to provide the platform.
  • Market and on-chain data: Mizan pulls protocol performance and position data from third-party data sources (for example Alchemy and DeFiLlama) to populate your workspace. Public wallet addresses you choose to track are sent to those providers to read on-chain state.
  • Audit logs: every change in a workspace is logged with before/after values for accountability (section 7).
  • Tenant isolation: each workspace is isolated by Postgres row-level security from creation; no tenant can see another tenant’s data.
  • Self-hosted option: when you run Mizan on your own infrastructure (Helm/Docker), your data stays in your environment and you are the controller; Elabify does not receive it.
05

Backups (Maknoon)

If you create a backup of your Maknoon identity, the app encrypts it on your device (authenticated AES-GCM, with the key derived from your chosen password) before writing it anywhere. You choose where it goes (for example iCloud Drive, the Files app, or a local file). Elabify cannot read your backup and does not hold the password. A “verify backup” tool lets you confirm a backup opens and shows its contents, entirely on-device. If you lose the password, the backup cannot be recovered, by you or by anyone.

06

The elabify.com website

The marketing and support website behaves like a typical website and is separate from the apps and services above.

Comments, forms, embedded media, and cookies

When you leave a comment we collect the comment-form data, your IP address, and your browser user-agent string to help spam detection; an anonymized hash of your email may be sent to the Gravatar service to show a profile picture. Information submitted via a contact form is used only to respond to your inquiry. Embedded content from other websites behaves as if you visited that site directly and may set its own cookies or trackers. Cookies: comment-preference and screen-option cookies last about a year; login cookies last 2 days (2 weeks with “remember me”); a post-edit cookie lasts a day. The website is served through standard hosting, CDN, and (portal site only) analytics providers; datacenter providers have no access to customer product data, which is encrypted with Elabify-managed keys.

07

Logs and retention

We keep data only as long as needed for the purpose it was collected, plus any period required by law (for example anti-money-laundering or tax rules), after which it is deleted or anonymized. Backups are rotated, so deleted data may persist in encrypted backups for a short window before expiring. Indicative periods:

DataRetention
Website server / access logsUp to 30 days, then deleted or anonymized
Security logs (authentication, abuse, intrusion detection)Up to 12 months
Musnad issuance / revocation audit trailThe credential lifecycle plus the period required for audit and AML/KYC obligations; pilot deployments are minimized
Mizan account and workspace dataFor the life of the workspace; deleted on workspace or account deletion (subject to backup rotation, up to 30 days)
Mizan audit logsFor the life of the workspace, for accountability; deleted with the workspace
Operational backupsRotated, up to 30 days
Customer server data after cancellation7 days, then deleted
Data processed via musnad.elabify.comNot retained beyond the operational need to issue or verify
Maknoon app dataHeld on your device only; Elabify retains nothing

Where a longer period is required by a legal hold or a regulator, that period applies and overrides the above.

08

Your rights (GDPR / UK GDPR)

If you are in the European Economic Area or the United Kingdom, you have the rights below over personal data Elabify holds about you as controller. For self-hosted or customer-operated deployments where an institution is the controller, address requests to that institution; we will assist them as processor.

  • Access a copy of your data, and information about how it is processed.
  • Rectification of inaccurate or incomplete data.
  • Erasure (“right to be forgotten”), subject to data we must keep by law.
  • Restriction of processing, and the right to object to processing based on legitimate interests.
  • Portability: receive your data in a portable format, where processing is based on consent or contract.
  • Withdraw consent at any time, where processing is based on consent.
  • Not be subject to solely automated decisions with legal or similarly significant effects. We do not carry out such decision-making (any payment-fraud screening by a payment processor on the website is that processor’s function).
  • Complain to your local supervisory authority (for example your national data protection authority, or the UK ICO).

Lawful bases. We rely on: performance of a contract (providing Maknoon services, Musnad issuance you request, and Mizan); compliance with legal obligations (AML/KYC and sanctions checks); legitimate interests (security, abuse prevention, and operating our services); and consent (cookies and optional features), which you can withdraw.

A note specific to Maknoon. Because your keys, credentials, and identity data live on your device and not on our servers, for the app there is generally nothing for Elabify to access, export, or delete; you control that data directly and can erase it by removing it from your device. We do not sell personal data.

To exercise any right, contact us using section 11. We respond within the timeframes required by applicable law (one month under the GDPR, extendable for complex requests). An EU/UK Article 27 representative can be identified on request.

09

International transfers and regional deployments

Where personal data is transferred outside the EEA or the UK, we rely on an adequacy decision where one exists, or on appropriate safeguards such as the Standard Contractual Clauses together with supplementary measures, and we transfer the minimum necessary.

Mainland China (managed ICP deployments)

For deployments operated in mainland China, Elabify provides a local team and managed services, including ICP BeiAn registration and in-country cloud operation. In that setting, infrastructure and personal data sit inside mainland China, and personal information is handled in accordance with applicable Chinese law (including the Personal Information Protection Law), with data localization and any cross-border transfer subject to the requirements of that law. The institution operating the deployment is typically the controller for that data; Elabify acts as a managed-service provider. Specific localization, consent, and cross-border arrangements are agreed per deployment.

10

Security, children, and changes

  • Identity and credential signatures use post-quantum cryptography (ML-DSA-65); key transport uses a hybrid post-quantum scheme.
  • On the device, secrets live in the platform secure store and signing is biometric-gated.
  • Backups and stored customer product data are encrypted at rest (AES-256); Mizan workspaces are isolated by row-level security.
  • Public releases of the on-device code are cryptographically signed, and the source is published so a build can be independently audited.

Breach notification: if we become aware of a suspected breach affecting customer data we hold, we aim to notify affected customers by email within 24 hours, and to notify supervisory authorities and individuals where the law requires.

Children: the apps and services are not directed to children and are intended for adults. Changes: we may update this policy; material changes will be reflected by the effective date above and communicated through the apps or website.