An official website of the Free Republic of Campfira.

Official websites use gov.campfira.org

The public-facing site of the Republic is at campfira.org. Government services are hosted on the gov.campfira.org domain. If you see that domain, you are dealing with an official organisation of the Government of Campfira.

Secure government websites use HTTPS

A lock icon, or https:// at the start of the address, means you have safely connected to the website. Share sensitive information only on official, secure websites.

Ministry of the Interior Free Republic of Campfira

Privacy policy

How the Government of Campfira collects, processes, retains, and discloses personal data.

The Free Republic of Campfira treats privacy as a constitutional right. The Ministry of the Interior acts as the data controller for the citizenship and identity services described on this site. The Office of the Privacy Auditor, independent of the Cabinet, is the supervisory authority.

This policy is drafted to meet the standards of the EU General Data Protection Regulation (GDPR) and Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), as the closest analogues to the rights set out in the Republic's Privacy Act.

1. What we collect

The Ministry collects only the data necessary to administer the services it offers. The categories collected vary by service.

Where collectedCategories
Account creationEmail address, password (stored only in a non-reversible form), account type, account status.
e-Residency applicationLegal name, date of birth, place of birth, current and mailing address, citizenships held, criminal-history disclosure, identity-document type/number/country/scan, live selfie, short identity-verification video.
Citizen PortalDisplay name, biography, avatar (optional), preferred language, notification preferences, registry visibility preference.
Tier upgradesStatement of Participation (Resident), sponsor CMP numbers and Citizen Affirmation (Citizen).
PaymentsTransaction references and receipts. The Ministry does not see, store, or process card-payment data; that is held by our payment processor under their own controls.
Audit logsA timestamped record of authentication events, application transitions, and access to PII by Ministry staff.

2. Lawful basis

The Ministry processes personal data on the following bases:

  • Performance of a public task. Administering citizenship, residency, and the civil registry is a function of the Government, established by the Citizenship Act.
  • Contract. Administering paid services such as e-Residency requires processing the data the user submits.
  • Consent. Specific opt-ins (notification preferences, listing in the public registry) rely on consent and may be withdrawn from the Citizen Portal.
  • Legal obligation. Audit-log retention is required by the Service Charter Act.

3. How we store data

Personal data is stored on infrastructure under the direct administration of the Government of Campfira. We do not use commercial hyperscale data hosting for personal data.

  • All identifying fields are encrypted at rest. Encryption keys are held in a dedicated key-management system isolated from the application services, and are not accessible from the public internet.
  • Identity documents and the identity-verification video are encrypted with industry-standard authenticated encryption before being written to storage.
  • All connections between the public and the Government's services use modern TLS. Service-to-service traffic is restricted to the Republic's internal network.

The Ministry's technical posture is summarised on the data-handling page at a level intended to satisfy reasonable scrutiny without aiding an attacker.

4. Retention

The Ministry retains personal data only for as long as necessary.

CategoryRetention
Identity-verification documents and videos30 days after a final decision (approval, rejection, or withdrawal). Then irreversibly deleted.
Account profile dataUntil you request deletion via the Citizen Portal.
Citizen Identity Number (CMP) and tier historyRetained indefinitely as part of the civil registry, even after account deletion.
Audit logs7 years, for compliance with the Service Charter Act.
Payment records7 years, for compliance with the Republic's tax and accounting obligations.
Tombstone (post-deletion)A minimal record (CMP, tier at deletion, deletion date) is retained indefinitely for civil-registry integrity. No personally identifying information remains.

5. Your rights

Under the Republic's Privacy Act, and consistent with GDPR and PIPEDA, you have the following rights:

  • Access. Request a copy of the data we hold about you.
  • Rectification. Ask us to correct inaccurate or incomplete data.
  • Erasure. Ask us to delete your account and associated data, subject to the retention obligations above.
  • Portability. Receive a structured, machine-readable copy of your data (JSON).
  • Objection. Object to processing for purposes other than those listed in section 2.
  • Restriction. Ask us to suspend processing while a complaint is being investigated.

You exercise these rights through the Privacy & data page in the Citizen Portal. Account-holders do not need to write to us first; the Portal records and acts on the request directly.

If you do not have an account, write to the Privacy Auditor at [email protected]. We respond to verified requests within 30 days.

6. Disclosure

The Ministry does not sell personal data. We do not share it with commercial third parties for marketing.

We disclose personal data only:

  • To other ministries and offices of the Government of Campfira, where lawful and necessary to deliver the service the data subject has applied for.
  • To our payment processor, limited to what is required to complete a transaction the data subject has initiated.
  • To the Court of Arbitration, on order, in the course of a properly-constituted proceeding.

7. International transfers

Personal data does not leave the Republic's infrastructure. All processing occurs on Government-administered systems. The single exception is payment-related data necessarily routed through our payment processor; that processing is governed by the processor's own privacy notice.

8. Cookies

The Ministry's services use a single technical cookie per service to maintain your sign-in session. It contains an opaque session token; it does not contain personal data.

We do not use analytics cookies. We do not use third-party cookies. We do not place advertising tags.

9. Breach notification

If we determine that a personal-data breach has occurred and presents a risk to data subjects, we will:

  • Notify the Office of the Privacy Auditor within 72 hours of becoming aware of the breach.
  • Notify affected data subjects without undue delay, by the email address on file.
  • Publish a public notice on the news page when the breach affects a class of users, even where individual notification is not technically required.

10. The Privacy Auditor

The Office of the Privacy Auditor is established by the Privacy Act as an officer of the Founders Council, independent of the Cabinet. The Auditor:

  • Receives complaints from data subjects.
  • Investigates suspected breaches.
  • Conducts an annual review of the Ministry's data handling.
  • Publishes the annual review.

Contact the Auditor at [email protected].

11. Changes to this policy

The Ministry will publish material changes to this policy on the news page at least 14 days before they take effect. The current version supersedes all earlier versions.

12. Contact

For questions about this policy, write to: