Privacy Policy

Effective date: 17 December 2025 · Last updated: February 2026

1. Who we are

SIA (“we”, “us”, “our”) is operated by Kant LTD, a private limited company registered in England and Wales (company number 16916607). Our registered office is at 3rd Floor, 86-90 Paul Street, London, England, EC2A 4NE.

These terms cover the SIA platform at sia.vision and the NFC service at nfc.sia.vision.

2. Data we collect

  • Account information — email address, display name, profile image, and authentication provider identifiers (e.g., Google OAuth).
  • Content you create — storyworlds, scenes, characters, notes, media uploads, and other creative assets stored on the platform.
  • NFC provisioning data — tag identifiers, device attestation metadata, and provisioning event logs when you use our NFC services.
  • Blockchain records — wallet addresses and on-chain transaction hashes related to IP registration, licensing, and royalty distribution.
  • Usage and analytics — pages visited, features used, device type, browser, IP address, and session duration.
  • Communications — messages you send us via contact forms or email.

3. How we use your data

  • Provide, maintain, and improve the SIA platform and NFC services.
  • Authenticate users, manage sessions, and prevent unauthorized access.
  • Process NFC tag provisioning, verification, and blockchain registration.
  • Generate AI-assisted content (scenes, images, video) as requested by you.
  • Register intellectual property on-chain and manage licensing on your behalf using Story Protocol.
  • Send transactional emails and service notifications.
  • Analyse usage patterns to improve performance and user experience.
  • Comply with legal obligations and respond to lawful requests.

4. Legal basis for processing (UK GDPR)

  • Contract — processing necessary to provide the services you signed up for.
  • Legitimate interests — security, fraud prevention, analytics, and service improvement.
  • Consent — where we rely on your consent (e.g., optional analytics cookies), you can withdraw it at any time.
  • Legal obligation — where required by applicable law.

5. Data sharing and third parties

We do not sell your personal data. We may share data with:

  • Infrastructure providers — Firebase (Google Cloud), MongoDB Atlas, and Vercel for hosting, storage, and database services.
  • AI providers — Google Vertex AI, xAI, and other providers to process your AI generation requests. Content is sent only when you initiate a generation.
  • Blockchain networks — Ethereum, Base, Story Protocol, and Solana networks when you register or license IP. On-chain data is public by nature.
  • Payment processors — to handle billing and subscription payments.
  • Legal authorities — when required by law, court order, or regulatory obligation.

6. Data security

We implement industry-standard security measures including encrypted connections (TLS), authenticated API access, device-bound attestation for NFC provisioning, encrypted key storage, and access controls. While no system is 100% secure, we take reasonable steps to protect your data from unauthorized access, alteration, or destruction.

7. Data retention

We retain your personal data for as long as your account is active or as needed to provide services. When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or necessary for legitimate business purposes (e.g., fraud prevention, legal claims). On-chain data cannot be deleted due to the immutable nature of blockchain technology.

8. Your rights

Under UK GDPR, you have the right to:

  • Access a copy of your personal data.
  • Rectify inaccurate or incomplete data.
  • Erase your personal data (“right to be forgotten”).
  • Restrict or object to certain processing.
  • Data portability — receive your data in a structured format.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at privacy@sia.vision.

9. Cookies

We use essential cookies to maintain your session and authentication state. We may also use analytics cookies to understand how you use the platform. You can manage cookie preferences in your browser settings.

10. International data transfers

Your data may be processed outside the UK and EEA by our infrastructure and AI providers. Where this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, in accordance with UK GDPR requirements.

11. Children’s privacy

SIA is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the platform or email. Continued use of the service after changes constitutes acceptance of the updated policy.

13. Contact us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Kant LTD

3rd Floor, 86-90 Paul Street

London, EC2A 4NE

United Kingdom

Email: privacy@sia.vision

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection.