This document contains the general contracting conditions of the services provided by CONSTATA EU DIGITAL TRUST SERVICES S.L. (hereinafter CONSTATA), with CIF B-02983997 and registered office at Paseo de la Castellana 40, piso 8, 28046, Madrid. CONSTATA is the owner of the website https://constata.eu, the domain constata.eu, all its subdomains and the email addresses hosted on it. The company's contact telephone number is +34622949117, the general contact address is email@example.com, and the Twitter user for contact with that community is @constataEu.
CONSTATA is a trusted electronic service provider specialized in time-stamp certificate and digital signature using, unlike other providers, the public, immutable and distributed data registry system known as Bitcoin blockchain, and the digital signature technology used by that technological ecosystem, as described in these general conditions for the knowledge of the USERS.
CONSTATA provides electronic trust services that have legal effects vis-à-vis third parties and must therefore comply with the obligations imposed on it by Regulation EU 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (eIDAS regulation) as well as Act 6/2020 of 11 November regulating certain aspects of trust services.
CONSTATA provides its services to the client, in its condition of end USER, so it is forbidden the resale or commercialization of the service as well as its transfer to third parties without express authorization.
CONSTATA provides its services to clients, persons over 18 years of age and to legally constituted legal entities, in accordance with the applicable regulations.
- General Information
- 1. Purpose
- 2. Characteristics of service provision.
- 3. Responsibility of the user.
- 4. Service access, quality, maintenance and upgrades.
- 5. Purpose of service and suitability for processing with third parties.
- 6. Registration and activation of services.
- 7. Duration of the contract.
- 8. Modification of contractual conditions.
- 9. Prices, invoicing and methods of payment for services.
- 10. Right of withdrawal.
- 11. Secrecy of communications.
- 12. Protection of personal data.
- 13. Storage periods and security measures for customer data.
- 14. Correction of service errors and returns.
- 15. Errata, and amendments to data provided by the user.
- 16. Exemption from liability.
- 17. Applicable law and jurisdiction.
- 18. Notifications.
- 19. Reliable communication to the User.
- 20. Waiver.
- 21. Nullity.
- Annex I: Description of trust services.
- Service: Time Stamp on Bitcoin blockchain.
- Service: Electronic signature and electronic seal.
- Annex II: Other services.
- Annex III: Definitions and acronyms.
The contractual relations between CONSTATA and its clients shall be governed by the general contracting conditions, so this document constitutes a contract between CONSTATA and the USER, who shall validate it through its acceptance in our website, prior to the effective provision of the contracted services. The acceptance of the terms and conditions in our website and the use of the services provided by CONSTATA implies the full acceptance by the USER of the general contracting conditions contained in this document, so if the USER does not agree with them, he/she should not use any of CONSTATA's services.
The forms of contact with CONSTATA are those detailed in this document, and must be used for any consultation on the present terms and conditions.
2. Characteristics of service provision.
CONSTATA 's service comprises two types.
First, the provision of electronic trust services on the Internet. CONSTATA as an independent provider of electronic trust services accredits and certifies the existence of registered documents, certifications of web page content, or any other service that in the future electronic systems may allow and is covered by the legislation.
Secondly, CONSTATA also provides other types of digital services other than those mentioned above, such as: e-mail exchange, notifications by e-mail or any other electronic or digital means.
The purpose of these general contracting conditions is the intervention of CONSTATA in the certification of the contents requested by the USERS. CONSTATA makes available to the USERS electronic means for the registration and sending of messages and documentation, exercising the functions of trusted service provider on the Internet by the designation of the USER ratified on CONSTATA's website.
CONSTATA makes available to USERS the following services, whose description and current fee schedule is updated in Annex I regarding trust services, and Annex II regarding other services of this document.
- Bitcoin blockchain timestamping service.
- Electronic signature and electronic seal service.
- Electronic notification service.
3. Responsibility of the user.
The contact with our operators or our virtual assistant to request any payment service, by email or other similar communication channels, as well as the use of our API confers the condition of USER and therefore the USER accepts these terms and conditions, as well as their subsequent modifications, without prejudice to the application of the corresponding legal regulations of mandatory compliance, from the moment the communication or connection with our API is initiated.
The USER agrees to make acceptable use of the communication channels, including email, website and API, and is responsible for:
- Use our website to contract services, send documents, and acquire legally valid rights to use the service.
- Refrain from using the services to store or transmit illegal content, as well as using the services for any activity contrary to law.
- Refrain from fraudulent operations and the exploitation of computer failures that allow the use of services without making the corresponding payment, or accessing the company's databases. If CONSTATA considers that there is an exploitation of computer failures, or a fraudulent use of the platform has been made, it will cancel all actions and inform the relevant authorities.
- Provide truthful and updated contact information, including email address, mailing address, Twitter, Telegram, Whatsapp platform user, among others.
The USER declares that he/she is of legal age and has the legal capacity to enter into contracts with CONSTATA.
4. Service access, quality, maintenance and upgrades.
CONSTATA undertakes to keep its services described in this contract operational at all times and in the best operating conditions, provided that the USERS use them properly and in accordance with the instructions and means made available to them. However, CONSTATA reserves the right to make the necessary modifications and updates for a proper operation of the service.
CONSTATA undertakes to use its best technical efforts to solve possible problems that may arise in the services it provides to the USERS, as long as they are due to a problem in CONSTATA's system, collaborating in everything necessary to provide the USER with a quick solution to the incident.
CONSTATA is not responsible for verifying the identity of customers. Accordingly, it disclaims liability in the event that the system is accessed by a recipient who is not who he/she claims to be or that a document is accessed by a recipient who is not the intended recipient of the document. Nevertheless, CONSTATA will make its best efforts to make available to the USER acceptable authentication measures, according to the communication channel used, by performing:
- For API integrations: Authentication with a private key generated by the USER.
- For email contacts: Verification of the address and originating servers.
- For contacts via Twitter, Telegram, Whatsapp: Verification of the sender user.
The USER 's access to the services through the different channels does not imply CONSTATA 's obligation to control the absence of virus or any other harmful computer element. It is up to the USERS, in any case, the availability of adequate tools for the detection and disinfection of computer programs.
CONSTATA shall not be liable for any damages caused to the physical elements of the computer equipment of the USERS, their employees, or third parties, during the provision of the services covered by this contract, with the exception of the application of Law 22/1994, of July 6, 1994, on civil liability for damages caused by defective products.
5. Purpose of service and suitability for processing with third parties.
The purpose of CONSTATA 's service is to accredit the existence and integrity of data processed through its electronic system, as well as data related to the person or company that requested the processing, and the date on which the processing was carried out. For this purpose, CONSTATA makes available to the USERS a computer protocol by which the USER makes CONSTATA participant as a trusted service provider of its communications with third parties. CONSTATA as an independent trusted third party, certifies such communications, using the Bitcoin blockchain system.
The effective admission as a means of proof of the service shall not correspond to CONSTATA, being solely and exclusively a decision of the jurisdictional, administrative or other competent instances. Consequently, CONSTATA cannot guarantee the effective admission as evidence of its communication service as a trustworthy service provider, in procedures whose decision depends on official instances.
CONSTATA does not access or examine the content of the documents sent by USERS through its service. Consequently, and in accordance with the legislation in force, CONSTATA shall not be liable for the aforementioned contents, as long as it has no knowledge of them, according to the provisions of the applicable regulations.
6. Registration and activation of services.
CONSTATA 's services are provided telematically and no devices or any other physical element is delivered at the moment of contracting them. The mere fact of initiating a communication with our virtual assistant at firstname.lastname@example.org is recognized by CONSTATA as a request from the sender to contract any of the services. The configuration of our command line tool, which allows interacting with our API, is also interpreted by CONSTATA as a request from the USER to contract the service.
In such cases, constata will inform the USER of the terms and conditions of the contract. The USER may withdraw his request to use the service by rejecting these conditions, without incurring any cost on his part.
7. Duration of the contract.
The present contract is indefinite as long as the USER uses the CONSTATA system and keeps his/her account active on the platform.
The USER may terminate this contract unilaterally and without the need to allege just cause, at any time, by notifying CONSTATA by e-mail to email@example.com.
However, the conclusion of the contract for any reason shall not affect the commitments made by the parties with respect to the documents, certificates and other electronic media that CONSTATA has provided to the USERS in its capacity as a trust service provider.
8. Modification of contractual conditions.
CONSTATA may modify the present conditions by notifying the USER at least 1 month in advance. If the client does not accept the new conditions and notifies CONSTATA, he/she may terminate the contract in advance and without any penalty. If after this period of time from CONSTATA's notification, the USER has not expressly expressed his disagreement or the USER uses the service after the effective date of the notified modifications, it will be understood that the USER accepts the proposed modifications. The communication to the USER may be made, among other means, by e-mail to the USER. In addition, CONSTATA will publicly communicate in social networks the modifications it introduces in its contracting conditions.
9. Prices, invoicing and methods of payment for services.
The services provided by CONSTATA are fully paid by the USER.
CONSTATA services are paid for by tokens, which are purchased on the website by any means of payment accepted by CONSTATA (credit card, bank transfer, Bitcoin). The price of the token is 1 EUR.
CONSTATA will issue an electronic invoice for each purchase of tokens by the USER, which will be sent to the USER by e-mail or by the means of notification established for this purpose.
CONSTATA will keep a record of all communications, purchase orders, invoices, and data related to the receipt and accreditation of payments received for the purchase of tokens or provision of other services, in order to constitute a means of proof of transactions, respecting the privacy and data protection provided for in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons and Organic Law 3/2018 of 5 December on the Protection of Personal Data.
The price of the service is calculated on the basis of the size of the files object of the CONSTATA service, at the rate of 1 token per megabyte. The minimum fraction being 1 megabyte.
Additional services that the customer may request, such as consulting and special integrations, will be billed separately by CONSTATA and may be paid by any means of payment or using tokens.
The provision of CONSTATA 's services is subject to availability, and may be affected by force majeure. If a situation arises in which the provision of the services is impossible as committed in these terms and conditions, CONSTATA may proceed to a refund of the tokens purchased by the USER to use the services, according to the refund policy set forth in this contract.
All purchases will be computed in Euros at the current exchange rate, regardless of the currency used to make the payment.
The USER confirms that the credit cards, payment processor accounts, bank accounts and digital wallets used to make payments to CONSTATA belong to him/her.
CONSTATA processes payments in suitable and authorized platforms, and in no case processes, stores, or knows the USER's credit card data, passwords to digital accounts, or private passwords of digital wallets.
In accordance with Law 37/1992 of 28 December 1992 on Value Added Tax (VAT), all orders shall be deemed to be located in the VAT territory of Spain if the declared address is in Spanish territory, except for the Canary Islands, Ceuta and Melilla. The applicable VAT rate will be the one legally in force for the service being purchased. Purchases made by USERS from the Canary Islands, Ceuta and Melilla, will be exempt from VAT according to Law 37/1992, and Directive 2006/112, without prejudice to the application of taxes and tariffs specific to those territories, in accordance with current regulations. Purchases made from other member states of the European Union will be subject to the VAT of that member state according to Directive 2006/112 of the Council of November 28, 2006, relating to the common VAT system. For non-EU countries, the regulations in force will be applied as appropriate.
If the USER needs more information about prices, alternative payment methods, and payment in installments, or the current VAT regulations, he/she can contact CONSTATA by e-mail at firstname.lastname@example.org.
The basic price of 1 token is 1 euro, but it can be reduced by special agreement or for large purchases. Also, CONSTATA may grant tokens free of charge to the USER for marketing purposes or when deemed appropriate. The tokens that the USER has purchased or received as a gift DO NOT EXPIRE.
10. Right of withdrawal.
In accordance with the provisions of Article 3 of Royal Legislative Decree 1/2007, of November 16, which approves the revised text of the General Law for the Defense of Consumers and Users referred to the case that the USER is a natural person in accordance with the provisions of Article 103 a) (The provision of service, once the service has been fully executed, when the execution has begun, with prior express consent of the consumer and user and with the recognition on his part that he is aware that, once the contract has been fully executed by the entrepreneur, he will have lost his right of withdrawal) it is reported that the USER will not be able to exercise the right of withdrawal.
If the user has not spent the tokens purchased for the execution of a CONSTATA service, he/she may exercise the right of withdrawal within 14 calendar days by notifying email@example.com. In case of withdrawal, CONSTATA will reimburse the payment received within a reasonable period of time, which may not exceed 14 calendar days from the notice of withdrawal.
All transactions, whatever the payment method (credit card, bank transfer, bitcoin, foreign currency) will be calculated in euros.
CONSTATA will reimburse the USER using the same payment method used by the USER to purchase the tokens. In case the payment was made in foreign currency or Bitcoin, the reimbursement will always be the amount of Euros received by CONSTATA at the time of the purchase of the tokens.
11. Secrecy of communications.
CONSTATA adopts the necessary technical measures in accordance with the legislation in force to guarantee the secrecy of communications. CONSTATA is exonerated from any responsibility that may derive from the obtaining of confidential content, its use or publicity by the USER or third parties and, in general, from any actions or omissions that, not being attributable to CONSTATA, suppose a breach of the secrecy of the electronic communications.
12. Protection of personal data.
CONSTATA will at all times comply with the provisions of the general Data Protection Regulation (EU) 2016/679.
In compliance with said Regulation, CONSTATA informs USERS that the personal data provided for the provision of the service will be included in a file that is included in the Register of Processing Activities of the Data Controller.
The Responsible for the processing of personal data is CONSTATA DIGITAL TRUST SERVICES S.L., with CIF B- 02983997. Any USER can contact CONSTATA at firstname.lastname@example.org with any questions regarding the processing of their personal data.
USERS ' personal data will be processed for the purpose of maintaining and managing the contractual relationship with CONSTATA in order to adequately provide them with the contracted services, the basis that constitutes the legitimacy of the processing being the need for the execution of the contract, in accordance with Article 6.1 b) of Regulation (EU) 2016/679.
The USERS' personal data will also be processed for sending commercial communications about CONSTATA's products, services, offers and promotions, if the USER gives his/her express consent when consulted by CONSTATA for such purpose. They may also be used for sending commercial communications about third party products that CONSTATA considers may be of interest to the USERS, as long as they have their consent. USERS may revoke their consent to receive such communications at any time by sending an e-mail to email@example.com.
CONSTATA guarantees that the USERS ' personal data will not be used for purposes other than those mentioned in this clause and that its processing will be carried out under the strictest confidentiality and in full compliance with current legislation, especially with Regulation (EU) 2016/679. CONSTATA will not transfer personal data to third parties for purposes unrelated to the provision of its services.
When the USERS request services to CONSTATA in which personal data owned by the USERS themselves or by third parties are accessed by express order of the USER for the performance of a specific service, CONSTATA in its capacity as data processor, will process the data for the sole purpose of performing the service under the instructions of the USER acting as data controller, being the legitimate basis for action the execution of the contract, in accordance with the provisions of Article 6.1 b) of Regulation (EU) 2016/679. The USER expressly authorizes CONSTATA to access such data which will not be processed for purposes other than the provision of the contracted service nor will it communicate them to third parties.
USERS are responsible for the truthfulness and accuracy of the data provided: If the USER considers that his/her personal data have been processed by CONSTATA in breach of the legislation in force, he/she has the right to file a claim before the Spanish Data Protection Agency.
13. Storage periods and security measures for customer data.
Once the provision of personal data processing services has ended or the contract has been terminated, CONSTATA will keep the data duly blocked for a period of 6 years, for the sole purpose of meeting any possible liabilities that may arise.
CONSTATA has implemented appropriate technical and organizational measures to ensure the security of personal data and to prevent its destruction, loss, unlawful access, unlawful alteration or manipulation. In developing these measures, CONSTATA has taken into account criteria such as the scope, context and purposes of the processing, the state of technology and the existing risks.
14. Correction of service errors and returns.
In the event that the USER considers that any of the contracted services does not comply with the stipulated in these terms and conditions and its explanatory annex of the services, he/she must contact CONSTATA immediately through any of the channels enabled for such purpose, communicating his/her disagreement and exercising his/her right to withdrawal as stipulated in this contract.
CONSTATA will evaluate ways to correct the errors, so that the effectiveness of the contracted service is not affected. If it is not possible to correct it within a reasonable period of time, the tokens will be returned and, if requested by the USER, the money used for the purchase of those tokens will be refunded, including payment processing fees and other costs incurred by the USER to make the payment.
The consumer protection legislation in force in favor of the USER shall be recognized and applied at all times.
15. Errata, and amendments to data provided by the user.
Given the immutability of Bitcoin blockchain timestamps, CONSTATA establishes its own amendment and errata mechanisms on documents that receive the timestamp, so that they are verifiable by the same means as the original documents.
In the event that the USER detects that he/she has made a mistake in any of the information contained in a document at the time of applying the time stamp or at the time of signing or digitally sealing it, he/she may contact firstname.lastname@example.org so that CONSTATA can evaluate an appropriate and effective way to rectify the situation.
16. Exemption from liability.
CONSTATA works on the continuous improvement of its services so that they can be used in the greatest number of devices and from different platforms operated by third parties. However, as they are external to the company, CONSTATA cannot be held responsible for their correct operation.
Time stamp certificates must be viewed and examined for validation in a web browser, which can be found in desktop operating systems such as those used in laptops, and mobile device operating systems. However, there are currently mobile web browsers that do not allow time stamp certificates to be displayed correctly. In such cases, CONSTATA makes its best effort to detect the problematic platform from the certificate itself, and instructs the recipient to validate it on a supported platform. Currently desktop browsers such as Firefox, Chrome, Microsoft Edge and Opera, for Windows, MacOS and Linux are fully supported.
Our email provider is Google, and performs validations on incoming mail to filter malicious and spoofing emails. Any inconvenience caused by an incorrect configuration of the mail servers that exchange mail with CONSTATA is beyond our control and responsibility.
Similarly, the availability of any of our services provided through Twitter, Telegram, Whatsapp and other messaging platforms is subject to the availability of these platforms, which reserve the right to continue to allow CONSTATA to use them, and may cancel them unilaterally, even if there is no violation of their terms and conditions by CONSTATA.
The Bitcoin network, which operates the database where CONSTATA writes the data that allows validating the issued timestamps, is a decentralized network that never loses its characteristics of immutability and availability, but sometimes takes longer than expected to accept new data to be written. CONSTATA makes its best efforts to be able to write to this database at intervals of between one and three hours, but it is possible that due to unexpected network conditions it may take longer for a timestamp to be written to the database. However, between receipt of a document and its timestamping using Bitcoin blockchain, documents have a date of receipt in CONSTATA's system, which may have less evidentiary validity.
CONSTATA is not responsible for technical failures due to fortuitous causes, force majeure, or other causes that are not attributable to it and prevent normal operation of the service through the communication channels and the API.
17. Applicable law and jurisdiction.
In all matters not provided for in this document of general conditions, the contract shall be governed by the Spanish laws in force. Any dispute that is not resolved amicably, shall be subject to the jurisdiction of the Courts and Tribunals of Madrid (Spain), in the case of legal persons and those determined according to the current rules of procedural distribution for consumers and users for individuals.
The current version of the general contracting conditions are published on the website for consultation and information. It is, therefore, the responsibility of the USER to keep a copy of the accepted conditions in order to make any subsequent claim.
The notifications made by means of the e-mails that the USER notified to CONSTATA in his/her registration as a client shall be considered valid for all purposes, without prejudice to the possibility of using any other alternative means of communication previously used by the parties.
19. Reliable communication to the User.
The USER accepts, for contractual purposes, that communications with CONSTATA are electronic, through the enabled communication channels, including messages received via API and those published on our website, and acknowledges that the electronic communications received from CONSTATA comply with the legal requirements identical to those of written communication, without prejudice to the rights recognized by law to the USER.
The USER may contact CONSTATA in any of the channels set forth in these Terms, and CONSTATA may contact and reliably notify the USER at any email address, Twitter user, Telegram handle or Whatsapp number that the USER has used to interact and contract the Services, or in writing to any mailing address declared as its own, including the billing address.
The waiver by CONSTATA of a specific legal right or action, or the failure to require the USER to comply with any obligation on its part, shall not constitute a waiver of such right by CONSTATA, or of any other rights or actions arising from this agreement, nor shall it exonerate the USER from compliance therewith, except for those cases in which a waiver is explicitly established by CONSTATA and formally communicated to the USER in writing.
Should any part or parts of this contract be declared null and void by a final decision of the competent authorities, the rest of the clauses that are not affected by such declaration of nullity shall remain in force.
Annex I: Description of trust services.
Service: Time Stamp on Bitcoin blockchain.
CONSTATA 's Time Stamping service aims to generate irrefutable proof of the date from which a document exists, and that the integrity of the document has not been breached since the time it was time stamped. This service is charged at a rate of 1 token for each MB of file weight, with a minimum fraction of 1 MB.
When a USER sends a document to CONSTATA for sealing, CONSTATA calculates one or more digital fingerprints (hashes, calculated with the sha256 algorithm), and adds them to a self-made bulletin with a periodicity of between one and three hours. If the hash of a document is written to a bulletin, and the hash of the bulletin is written to the Bitcoin blockchain, it can be proven that the document has existed at least since the date the data was written to the Bitcoin blockchain.
Once the timestamp is applied, the USER is provided with a digital attestation, called a timestamp certificate containing the stamped documents, the bulletin, the transaction identifier in the Bitcoin network where it was registered, and the algorithm that allows validating it. This certificate can be transmitted and stored by the USER by any means, and validated by third parties receiving it, without requiring CONSTATA 's active intervention for its validation.
The time-stamping service includes storage of the stamped document for a period of 5 years, which can be extended at the user's request.
The delivery channel of the time stamp certificate will be the same as the one used to transmit the documents, either as an attachment or through a unique direct download link. In the case of receiving a direct download link, it is the sole responsibility of the USER not to disclose it to third parties who do not wish to have access to the certificate and its documents. It is possible that the time stamp certificate may also be delivered by alternative means, at the USER's request.
The time stamp certificate is a file in HTML format that can be viewed in a desktop web browser. It acts as an archiver of the documents that were time-stamped and also allows the viewing or extraction of those original documents. Each time the certificate is opened, the validation algorithm is executed in real time.
To verify the integrity of the algorithm, CONSTATA signs all certificates it issues. In addition, the signature can be validated by any recipient of the certificate using the tool available at https://constata.eu without the need for the recipient to register, or ask CONSTATA for permission to do so. The signature validation tool runs on the user's computer, and never sends or receives data from CONSTATA.
In cases where there are documents that correlate with each other, e.g. messages and responses deferred in time, or a document that modifies a previous document, CONSTATA can produce a time-stamped certificate containing such documents to serve as a record of them.
If the USER also has the electronic signature service active, the time stamp certificates will contain the clarifications related to the validations that CONSTATA has performed on the signatory's data. For further information please refer to the electronic signature and time stamp service.
Anyone can write an email to email@example.com and have it time-stamped, along with any attachments it contains. If the email is sent or copied to a third party, our additional electronic notification service is automatically activated.
CONSTATA 's virtual assistant responds with an email with acknowledgement of receipt and registers the sender as a USER. This email contains the instructions to accept the terms and conditions and to purchase the tokens needed to use the service. CONSTATA may make a total or partial bonus of the tokens.
Once the USER accepts the terms and conditions, and has the necessary tokens, CONSTATA applies the time stamp to the mail and all its attachments and sends a new mail to the USER containing the time stamp certificate. If due to the size of the certificate CONSTATA considers it inconvenient to send it as an attachment, a download link will be sent to the USER. It is the responsibility of the USER to keep the download link private and not to disclose it to persons who should not have access to the certificate.
The USER can download the CONSTATA SDK and our command line tool from the links available on the website.
In the first execution of our command line tool a private key will be generated in the USER 's computer to be used as a digital signature with the ECDSA SECP256k1 algorithm. This algorithm is the same used by Bitcoin wallets to sign transactions.
This private key is stored on the USER 's computer and is never transmitted to CONSTATA. In addition, the private key is encrypted with a password that the USER must provide in order for the command line tool to decrypt the private key.
Using our API you can send documents to CONSTATA to be time stamped, consult previously stamped documents, the USER 's account status and download time stamp certificates. You can also request to CONSTATA the service of electronic signature or electronic seal in its variant of Website validation.
If any payment is required to continue processing the documents, a link with payment instructions will be included in the CONSTATA API response.
Orders to CONSTATA 's API will be digitally signed with the USER 's private key, who is responsible for keeping backup copies of it. The time stamp certificates will show the public key, with which the documents sent to CONSTATA were signed, in a similar way as the validations of the electronic signature and electronic seal service are shown.
On the validity and durability of the Bitcoin blockchain.
The CONSTATA timestamp uses the Bitcoin blockchain for its ability to sequence records and date them with certainty, its immutability characteristics, and its distributed availability.
The immutability of the Bitcoin blockchain is ensured by the proof-of-work algorithm, and the amount of resources (electrical power, attention, and independent investment) allocated by those performing that proof-of-work. It is prohibitively expensive for any centralized agent to attempt to erase or modify the data on the Bitcoin blockchain, and it can be independently validated by any network participant, nullifying the attack vector of any malicious intermediary.
In addition, the Bitcoin blockchain has numerous third-party managed copies that can be easily queried, copied, and independently validated, ways abound in which any auditor can get their hands on a copy of the Bitcoin blockchain.
The application of the time stamp to a document with the CONSTATA mechanism may be delayed from the time the USER requests the stamp. However, the certification provided by CONSTATA has an accurate date to the second. The delay depends on the time CONSTATA takes to validate that exact date in the Bitcoin network.
Service: Electronic signature and electronic seal.
The electronic signature and electronic seal services are intended to establish the veracity of data of the CONSTATA USER who applies a time stamp on its platform. To activate the service, the USER requires CONSTATA to perform the relevant validations. CONSTATA produces such validations, and saves its evidence with time stamp.
Once the validations have been carried out, all time stamp certificates issued to the USER will have a special CONSTATA legend on them, indicating the data that CONSTATA has been able to certify about the signing USER.
The cost of the service depends on the weight in megabytes of the evidence collected and certified by CONSTATA, at a rate of 1 token per megabyte of evidence. This service will be 100% bonus unless otherwise indicated by CONSTATA at the time the USER requires the service.
CONSTATA may certify different USER data over time. This updated data will be incorporated into all subsequent timestamp certificates automatically, and may also be incorporated into previous timestamp certificates at the USER's request.
The USER using the command line tool and the CONSTATA API may be required to be verified as a web site administrator.
CONSTATA then requires the USER to sign a message defined by CONSTATA for this validation, and proceed to post it on a web site address set by CONSTATA.
When CONSTATA observes the correctly signed message on the USER 's website it saves the web traffic resulting from the observation as evidence and time-stamps it.
From that point on, CONSTATA verifies that the USER is the administrator of the website, and all timestamp certificates issued to that USER will bear the legend to explain this validation, "Web: We verify that the signer administers the website [website address]".
Verification of user data.
CONSTATA verifies the USER 's data and his/her capacity to act on behalf of him/herself and a company, associating them with other previously obtained data such as his/her email address and public API key.
This service is provided at the USER 's request or through a tailor-made service contract between CONSTATA and the USER.
In order to perform these verifications CONSTATA will require the USER to submit forms with personal data, images of his/her identity document, proof of address, and if he/she will be acting on behalf of a company, the updated bylaws of his/her company, and powers of attorney or minutes of appointment that allow him/her to act on its behalf. CONSTATA will also carry out a telematic biometric process by means of a video call or similar technology, in which the consent and acceptance of the process by the USER will be established, in addition to ratifying the data provided above.
The process of verification and analysis of this data will be carried out by CONSTATA personnel, who will be assisted by public databases and special software to prevent fraud. Upon successful completion of this process, CONSTATA will apply a time stamp to all documents and media in the verification file.
From that moment on, all timestamp certificates issued by that USER will have the legend in order to explain the validation performed: "We verify that the signatory is [First name, Last name, ID number, Year of birth, Nationality, Country of residence] and acts as [Title or position within the company, company name, country of the company, state registration number of the company, tax identification number]".
Annex II: Other services.
Service: Electronic notification.
By means of the Electronic Notification service, CONSTATA certifies that an issuer has completed the necessary steps to contact one or more recipients. To use the service, the sender writes an e-mail and adds to CONSTATA 's virtual assistant firstname.lastname@example.org a copy of it (in the fields To, CC, BCC).
CONSTATA applies time stamping to the RAW version of the email, thus crediting the content and all email headers, including the other email recipients and the information of the email servers that processed the message.
Once the time stamp is applied to the mail, the sender receives a time stamp certificate containing the mail in RAW format, and each section of the mail separately.
If the USER issuing the notification has activated the electronic signature service or electronic seal associated to his/her e-mail address, the certificate will also be electronically signed by the USER including the legend corresponding to the verifications made by CONSTATA.
The electronic notification service is similar to the time stamp service when provided by e-mail. In this case the mail has other recipients in addition to email@example.com. The time-stamped mail is the proof of electronic notification, and is stored for 5 years, at a cost of 1 token per megabyte of weight.
Since current technology does not have reliable mechanisms to reliably accredit the opening, reading and understanding of the email by its recipients, CONSTATA 's electronic notification is limited to verifying the procedures carried out by the USER when sending the email.
Annex III: Definitions and acronyms.
Definitions and acronyms are used for descriptive purposes only and are not considered binding for the application and/or interpretation of the contract,
Time stampData in electronic format that references other data in the same format, and links it to a specific point in time, providing proof that the latter data has existed since that point in time.Electronic signatureData in electronic format that accredits through a trusted third party the consent of a natural person signatory to a set of data.Electronic sealAn electronic signature of a juridical person (instead of a natural person).Electronic signatureAn electronic signature of a juridical person (instead of a natural person).Trusted e-service providerA natural or legal person who performs one or more trusted services.UserA natural or legal person who uses Constata's payment services.IdentificationThe process by which a person proves his identity.IntegrityA set of data and/or documents that have not been subject to changes or alterations subsequent to their certification with electronic signature and/or time stamp.ValidationThe procedure by which the trusted e-service provider verifies the validity of data or documents.HashThe result of the application of an encryption algorithm on a data set, which is unique and univocal for each data set, does not retain information about the original data set, and therefore can only be recalculated from that data set.Bitcoin BlockchainPublic database, incrementally written based on immutably sequenced blocks using the proof-of-work algorithm, globally distributed and freely accessible.Private KeySecret data guarded by the user, which when introduced together with a document to the digital signature algorithm, produces a digital signature of said document that can be validated using the corresponding public key, proving the user's irrefutable consent without the need to expose his private key.Public KeyPublic data linked to a private key, which when used in the digital signature validation algorithm, can prove whether the custodian of said private key gave his consent to a document.
HTMLHyper-text markup language, a text document format interpretable by web browsers that can constitute a complete software application.SDKSoftware development kit, a set of tools that facilitate the development of software applications and the use of an API.