Data Deletion Guidelines - UnifiedID

These guidelines explain how users can request deletion of personal data that Glyph UnifiedID (“Glyph”, “we”, “us”) processes, including data received from OAuth providers such as Meta (Facebook / Instagram), Google, X, and others.

1. Scope: What this covers

These data deletion guidelines apply to:

• Users who sign in to Glyph / UnifiedID using:

  • Meta (Facebook / Instagram) Login

  • Other OAuth providers (e.g., Google, X, etc.)

• Any personal data we store off-chain that is associated with:

  • Your UnifiedID

  • Your connected social login account(s)

  • Your connected wallets

They do not change how public, on-chain blockchain data works (see Section 7).

2. What data we may store from OAuth providers

When you sign in using Meta or another OAuth provider, we may receive and store some or all of the following, depending on permissions granted:

• Basic profile information (e.g., name, profile picture, locale)

• Email address

• App-scoped user ID or provider-specific ID

• Access tokens / refresh tokens required to keep your login active

• Basic device / session metadata (IP, user agent, timestamps)

• Audit logs related to security and consent (e.g., when you linked or revoked accounts)

We do not access your private messages or post on your behalf.

3. Where your data is stored

Glyph uses a combination of:

• Secure servers and databases for:

  • OAuth tokens and IDs

  • Email and contact information

  • Internal logs and analytics

• Blockchain networks for:

  • On-chain parts of your UnifiedID and associated proofs (where applicable)

Only the off-chain data related to your Meta / OAuth account is deletable in the conventional sense. On-chain data is subject to blockchain immutability (see Section 7).

4. How to request deletion of your data

You can request deletion of your data associated with Glyph UnifiedID in three primary ways:

If your UnifiedID dashboard or linked app offers an account or settings page:

1. Sign in to your Glyph / UnifiedID account.

2. Go to Settings or Account.

3. Use the “Delete account” or “Delete my data” option (if available).

4. This will initiate deletion of:

   • OAuth tokens and IDs

   • Off-chain profile and contact data

   • Associated logs that are not required by law or security obligations.

If you do not see a delete option, you can always use the email method below.

4.2. Via Meta (Facebook / Instagram) – “Apps and Websites”

You can also request deletion by removing Glyph’s app access from your Meta account settings. Meta exposes an interface for managing and removing third-party apps, which is what their policies expect for app-linked data deletion.

To do this:

1. Log in to your Facebook account.

2. Go to Settings & Privacy → Settings.

3. Navigate to Apps and Websites.

4. Find the app listed as “Glyph” (or the exact app name you used).

5. Click Remove.

6. If Facebook offers a “Request data deletion” option on the removed app card, follow those instructions.

When Meta sends us a data deletion request or you remove our app from your Meta account:

• We will interpret this as a request to:

  • Delete Facebook/Instagram-derived data stored by Glyph.

  • Remove the mapping between your Meta account and your UnifiedID.

  • Revoke and delete OAuth tokens associated with Meta.

4.3. By email request

You can also request deletion by contacting us directly:

• Email: [email protected]

Please include:

• Subject line: “Data Deletion Request – Glyph UnifiedID”

• The email address associated with your Glyph / OAuth login (Meta / Google / etc.)

• Any additional identifiers you can safely provide:

  • Your UnifiedID (if known)

  • The OAuth provider used (e.g., “Facebook”, “Instagram”)

  • Approximate date when you created the account

We may ask for minimal additional information to verify that you are the account owner before processing the request. We will never ask for your password.

5. What we delete when you request deletion

Once we receive and verify a valid deletion request (via app, Meta, or email), we will:

1. Delete OAuth credentials

   • Access tokens and refresh tokens from Meta and other providers.

2. Delete or anonymize profile data

   • Email address, name, and any profile details stored off-chain that are tied to your UnifiedID and OAuth account.

3. Delete account mappings

   • The link between your Meta / OAuth account and your UnifiedID.

4. Delete or minimize logs

   • Security and audit logs are minimized, anonymized, or deleted, except where retention is required for:

     • Fraud prevention

     • Security investigations

     • Legal or regulatory obligations.

Where full deletion is not legally or technically possible (e.g., financial records we must retain), we will restrict use of that data and keep it only for the minimum required duration.

6. Deletion timelines

Unless a different timeframe is required by local law:

• We aim to acknowledge your request within 7 days.

• We aim to complete deletion or anonymization of eligible data within 30 days of verification of your request.

• In complex cases (e.g., multiple linked identities or legal holds), we will inform you if additional time is required and explain why.

If the request comes through Meta’s data deletion flow or app removal, deletion will be initiated automatically upon receiving the signed request from Meta’s systems.

7. On-chain data and technical limitations

Glyph UnifiedID is built for Web3 environments, where some identity-related data may be written to public blockchains.

Important notes:

• Blockchain data is immutable:

  Once a transaction is confirmed on-chain, it cannot be deleted or altered by us or anyone else.

• What we can do instead:

  • Stop processing or enriching on-chain data associated with your UnifiedID.

  • Remove or anonymize off-chain references linking your real-world identifiers (email, OAuth accounts) to your on-chain identity.

  • Mark your UnifiedID as “closed” or “deleted” in our internal systems and prevent future use in partner apps.

This ensures that, even though the raw on-chain data remains public, we no longer maintain or actively use any personal linkage between that on-chain data and your real-world or OAuth identity.

8. Status of your deletion request

If you submit a deletion request via:

• In-app / dashboard:

  Status will be reflected directly in your account (e.g., account pending deletion, or immediately logged out once deletion completes).

• Meta’s deletion mechanism:

  Meta may show a confirmation and/or status page on their side. In addition, if we implement Meta’s Data Deletion Request Callback, we will respond to Meta with a URL and confirmation code where you can check the status, as required by their documentation.

• Email:

  We will confirm via email:

  • That your request was received,

  • When deletion has been completed, or

  • If there is any data we are required to retain and why.

9. Contact and related policies

For any questions regarding data deletion, access, or privacy:

• Email: [email protected]

• Website: https://glyph.network

Please also refer to:

• Privacy Policy

• Terms of Use