Algeria Certify, operated by TKAWEN, is committed to protecting the privacy of personal and academic data and ensuring it is processed securely and reliably, based on the highest standards and general principles of data protection.
1. Data We Process
In the context of providing digital verification services, we process specific and limited categories of data provided to us by certificate-issuing entities, including:
- Identity data: Full name, date of birth, and registration or university number.
- Academic data: Certificate title, specialization, graduation year, and grades or evaluations (where applicable).
- Technical digital data: Encrypted unique digital identifier (UUID), verification code hash (QR Hash), and issuance date and time.
- Usage data: IP address, browser type, and verification logs for security and fraud prevention purposes.
Data minimization principle: We are architecturally committed to not processing or storing any data unnecessary for the purpose of secure verification.
2. Data Processing Purposes
The platform does not sell, lease, or commercially exploit personal data in any form. Processing is limited exclusively to the following purposes:
- Enabling real-time verification of certificate authenticity via direct electronic scanning.
- Preventing forgery or unauthorized modification of documents.
- Protecting the integrity of digital academic records for institutions.
- Ensuring platform continuity and performance at the highest efficiency.
3. Data Sovereignty & Security
a) National Data Sovereignty Sensitive data and central records are hosted on secure servers within national territory.
b) Encryption & Technical Protection
- Data in transit encrypted using TLS 1.3 protocol.
- Data at rest encrypted using AES-256.
- Web Application Firewall (WAF) deployed.
- Access restriction mechanisms based on the "least privilege" principle (Zero Trust Model).
4. Privacy by Design
We apply the "Privacy by Design" principle. No entity can search for certificates by name openly or randomly.
Verification data is only displayed when one of the following conditions is met exclusively:
- Entering the unique digital reference identifier of the certificate programmatically.
- Scanning the QR code attached to the certificate and provided by the holder personally.
4b. Cookie Policy
The platform uses only essential cookies required for site operation: session cookies for authentication, language preference cookies, and CSRF protection cookies. We do not use tracking or advertising cookies. You can manage cookies through your browser settings.
5. User Sovereignty Rights
- Right of access: You may request a copy of the recorded data related to you.
- Right of rectification: You may request correction of any material error by coordinating with the issuing academic entity.
- Right of revocation and erasure: The issuing entity has the right to revoke a certificate if entitlement is proven invalid.
6. Retention & Third-Party Sharing
Data is retained as long as necessary to achieve the purpose of sustainable digital verification.
Retention periods: Issued digital certificates are stored permanently to ensure future verifiability. Deleted account data is retained for two (2) years after account deletion then automatically purged. Verification logs are retained for 5 years for auditing and compliance purposes.
7. Data Protection Officer Contact
Data Protection & Compliance Team
Email: contact@algeriacertify.com
Please write "Privacy inquiry" in the subject line for a faster response.
