Privacy is how the system is built.

Oliu™ does not hold Canadians' personal credential data on central servers. Credentials live on the holder's device, in the Oliu™ Wallet. Oliu™'s trust registry — the public infrastructure that supports verification — stores cryptographic references, not personal information.

This is not a policy choice. It is an architectural choice.

A server that doesn't hold personal data cannot leak it, cannot be compelled to disclose it, and cannot be the subject of a breach affecting it.

The data protection comes from the design, not from a commitment to defend the data.

Everything else on this page follows from this.

The contents of your credentials — the issuer, the qualification, your identity on the credential, the issue date, the expiry, any conditions — live only in your wallet. Oliu™ never has a copy. Your employer never has a copy unless you've shared it. Your training provider never holds a copy outside of its own records of having issued to you.

The wallet uses your phone's built-in security — the same face, fingerprint, or passcode that unlocks the device. Credential contents are encrypted at rest on the device. If someone else gets your unlocked phone, they can see what you've chosen to make visible, the same way they could see any other app on an unlocked phone. But they cannot retrieve your credentials from an Oliu™ server, because the server does not hold them.

Oliu™ operates a trust registry that supports verification. The registry is what makes it possible for a verifier to confirm a credential is real, without contacting the issuer. The registry holds cryptographic references — specifically, the public keys of accredited issuers and the revocation status of credentials they have issued.

The registry does not hold the content of credentials, the identities of credential holders, or any record of verifications. A verifier running a check against the registry does not leave a trail in the registry of what they checked, or about whom.

This matters because it closes a common privacy failure mode in digital credential systems. If the registry tracked verifications, the registry operator could build a behavioural profile — where a holder has applied for work, how often their licence has been checked, which employers have looked at which credentials. Oliu™'s registry does not store that information, so it cannot be compiled, cannot be requested, and cannot be leaked.

Sharing a credential is always an action the holder takes. A verifier cannot pull a credential from a holder's wallet. The exchange happens only when the holder initiates it, by showing the QR code from their wallet.

This is a structural property of the system, not a toggle in a settings panel. A verifier has no mechanism to request a credential without the holder's consent and participation. Silent access does not exist in the protocol.

Where the W3C Verifiable Credentials standard supports it, holders can share only the specific fields a verifier needs. An age verification can confirm a holder is over 19 without revealing their date of birth. A safety-ticket verification can confirm a specific qualification without revealing other qualifications the holder has.

A verifier who scans a QR code from a holder's wallet sees exactly what the holder has chosen to share, and nothing else.

They see the information contained in the credential. They see that the credential was issued by a specific accredited issuer. They see that the credential is current — active, not revoked, not expired. They see the cryptographic verification result, confirming the credential has not been altered since it was signed.

They do not see other credentials the holder holds. They do not see where the holder has previously presented credentials. They do not see the holder's wallet account or device information. They do not gain ongoing access to the holder's wallet.

Verification is a single exchange. It ends when it ends.

Running a network requires some operational data. Oliu™ collects what it needs to keep the network working and no more — and aggregates or anonymizes operational data where possible.

Issuers receive operational data related to their own credentials: how many they have issued, the lifecycle status of credentials they have signed, aggregate verification activity. Issuers do not receive data about the other credentials their holders may hold, because Oliu™ does not hold that information in a form that could be shared.

Oliu™ itself uses operational data to maintain the network's performance, security, and reliability. Oliu™ does not sell operational data. Oliu™ does not share it with third parties for marketing, advertising, or commercial profiling of holders.

A full description of what Oliu™ collects, how it is used, and how long it is retained is published in the Oliu™ Privacy Policy. Read the full Privacy Policy →

Oliu™ is a Canadian company, operating under Canadian jurisdiction. Oliu™ complies with lawful requests from Canadian authorities. In practice, this is a limited matter — Oliu™ cannot disclose what it does not hold, and Oliu™ does not hold the contents of credentials, holder identities, verification histories, or behavioural profiles of Canadians.

When Oliu™ receives a lawful request for operational information it does hold — for example, records related to an issuer's accreditation, or a credential's revocation status — Oliu™ responds as required by Canadian law. Oliu™ publishes summary transparency information about requests it has received and how they have been handled.

Oliu™ aligns its privacy posture with:

• The W3C Verifiable Credentials Data Model v2.0, which defines the credential architecture
• The DIACC Pan-Canadian Trust Framework and Digital Governance Standards Institute guidance, which define Canadian privacy and trust standards for credential infrastructure
• The Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation, which define legal privacy obligations in Canadian jurisdiction

Oliu™ is DIACC PCTF certified. The platform is built and hosted 100% in Canada. Data residency, jurisdictional alignment, and operational presence all have a single, simple answer.

If you believe your credential or your wallet has been compromised, contact Oliu™ at support@oliu.ca. If you believe a specific credential was issued in error, contact the issuing organization directly — Oliu™ carries the credential but does not decide who earned it.

If you have a privacy concern about how Oliu™ has handled information that relates to you, contact Oliu™'s privacy officer at privacy@oliu.ca. You also have the right to contact the Office of the Privacy Commissioner of Canada, or your provincial privacy commissioner, with any privacy concern.

Oliu™ commits to responding to privacy inquiries within ten business days.