Roya · Documents

Terms of Service

Last updated: 15 Feb 2026 · v2.1 Swedish law

1. Definitions

"Roya" refers to Roya AB, a Swedish company. "Service" means the Roya verification platform. "Publisher" means the entity using the Service.

2. Eligibility

You must be at least 18 years old and have authority to bind your organization.

3. Verification Service

Roya provides a cryptographic verification layer for music publishing splits. We store only hashes on-chain; all personal data remains with you.

4. Data Ownership

You retain full ownership of all split sheets. Roya claims no intellectual property over your content.

5. Acceptable Use

You agree not to use the Service for illegal purposes or to infringe third-party rights.

6. Fees

Currently free during testnet evaluation. Future fees will be announced with 30 days notice.

7. Limitation of Liability

The Service is provided "AS IS". Roya's total liability is limited to €50 for free users.

8. Governing Law

These Terms are governed by the laws of Sweden. Disputes shall be resolved in Stockholm courts.

Privacy & Security

GDPR compliant · by design, by default

Roya is built with privacy-first architecture that separates verification proof from personal data.

Data minimisation

Only verification metadata is stored; all personal data remains with publishers.

Right to erasure (Art. 17)

Publishers can delete contributor data; anonymous proof remains as audit trail.

Data controller

Publishers remain controller. Roya acts as processor for verification only.

Purpose limitation

Data used solely for split verification, not marketing or other purposes.

What we store (and where)

Blockchain (Monad testnet)

Verification timestamp
Content hash (cryptographic fingerprint)
Basic statistics (contributor count, total %)
NO personal information
NO names or payment details

public but anonymous

Your systems (your control)

All contributor details
Split percentages per person
Payment calculations
Under your complete control

never shared with Roya

🇪🇺 GDPR compliance built‑in

Data minimization
Only verification metadata stored

Right to erasure
Delete contributor data, keep proof

Data controller
Publishers control, Roya processes

Purpose limitation
Verification only, no marketing

Secure processing
Isolated, encrypted environments

Audit trail · without privacy risk

✓ The blockchain proves:

A split was verified
At a specific time
With specific characteristics (4 people, 100% total)

❌ But reveals nothing about:

Who the contributors are
How much they're receiving
Which work this relates to

✅ This allows independent verification without compromising privacy.

Access control – who can see what

Data type	Publishers	STIM*	Roya	Public
Contributor names	✓	✓*	❌	❌
Split percentages	✓	✓*	❌	❌
Payment amounts	✓	❌	❌	❌
Verification timestamp	✓	✓	✓	✓
Content hash	✓	✓	✓	✓

* Only when publisher submits registration to STIM through normal process. STIM does not have direct access to Roya data. The table indicates what could be shared during standard royalty reporting.

Secure processing & isolation

All verification happens in isolated, encrypted environments. No data shared between publishers. Every tenant isolated.

GDPR Compliance

Articles 5, 17, 24, 28

Roya is designed to help publishers meet their GDPR obligations. Key principles:

Article 5: Data minimization – only hashes stored
Article 17: Right to erasure – delete personal data, keep proof
Article 24: Controller responsibility – you control data
Article 28: Processor obligations – Roya acts as processor

For full details, see Privacy & Security section above.

How Verification Works

Monad testnet · Digital notary stamp

Digital Notary Stamp

The blockchain stores only a mathematical proof—like a digital notary stamp. All sensitive data stays with you.

In a dispute:

You "We verified this split on February 15, 2026"

Other "No you didn't, we never agreed"

Blockchain Verification ID QmXoy...6uco confirms 4-person split at 100% total, verified at 14:32 UTC

                 QmXoypizjW3WknFiJnKLwHCnL72vedxjQkDDP1mXWo6uco
            

You provide your private records showing the actual names/percentages. Blockchain proves it hasn't been altered since verification.

What Roya Stores

Blockchain (public)

✓ Verification timestamp
✓ Content hash
✓ Contributor count
✓ Total % (100%)
❌ No names
❌ No payment amounts

Your system (private)

✓ All contributor names
✓ Split percentages
✓ Wallet addresses
✓ Payment amounts
✓ You control access

Security Overview

Encryption: All data encrypted at rest and in transit
Isolation: Multi-tenant isolation, no cross-publisher data access
Access control: Role-based permissions, MFA recommended
Audit logging: All verification attempts recorded
Blockchain: Immutable, tamper-evident storage

Dispute Resolution

In case of a royalty dispute, Roya provides:

On-chain timestamp proving when verification occurred
Cryptographic hash matching the original split sheet
Immutable record that cannot be altered by any party

The blockchain acts as a neutral third party—no trust required.

Documents