K-ConnectK-Connect
Back to Registration

KAHARAGIA CONNECT

PRIVACY POLICY

Effective Date: 22 December 2025 Last Updated: 22 December 2025

1. INTRODUCTION

This Privacy Policy explains how Kaharagia Connect, the official digital identity and single sign-on ("SSO") system of the Principality of Kaharagia, collects, uses, stores, and protects personal data.

Kaharagia Connect is a sovereign, non-commercial authentication system used exclusively to enable secure access to digital services operated by or on behalf of the Principality of Kaharagia.

This Policy applies to all individuals who create, claim, or use a Kaharagia Connect account ("Users"), regardless of nationality, residence, or legal status.

2. ROLE OF KAHARAGIA CONNECT

Kaharagia Connect exists solely to provide digital identity and authentication services.

It:

  • Confirms identity for login and access control;
  • Enables single sign-on across Kaharagian services; and
  • Supports account security and integrity.

Kaharagia Connect does not provide substantive services, make determinations, grant benefits, or confer nationality, status, or rights.

3. DATA CONTROLLER

For the purposes of this Policy, the data controller is:

Principality of Kaharagia

Operating through its authorised administrative and technical offices

https://connect.kaharagia.org/

4. DATA WE COLLECT

Kaharagia Connect collects only the minimum data necessary to operate a secure identity and authentication system.

This may include:

4.1 Account and Identity Data

  • Name or chosen account identifier;
  • Username or unique account ID;
  • Email address;
  • Account status and verification flags.

4.2 Authentication and Security Data

  • Password hashes and authentication credentials;
  • Multi-factor authentication information (where enabled);
  • Login timestamps;
  • Security logs related to access, misuse, or attempted compromise.

4.3 System and Technical Data

  • IP addresses;
  • Device or browser metadata;
  • Session identifiers and access tokens.

5. DATA WE DO NOT COLLECT

Kaharagia Connect does not collect:

  • Biometric data;
  • Financial or payment information;
  • Commercial profiling data;
  • Advertising or marketing analytics;
  • Data from third-party identity providers.

6. PURPOSES OF DATA PROCESSING

Personal data is processed only for the following purposes:

  • Creating and maintaining identity records;
  • Authenticating Users;
  • Securing accounts and preventing misuse;
  • Enabling access to Connected Services;
  • Communicating essential service and security information;
  • Complying with lawful authority where required.

Data is not processed for commercial, advertising, behavioural profiling, or resale purposes.

7. DATA SHARING AND DISCLOSURE

7.1 Connected Services

Limited data is shared with Connected Services solely as required to:

  • Confirm authentication;
  • Determine authorisation;
  • Maintain session continuity.

Each Connected Service operates under its own privacy and governance framework.

7.2 No Commercial Disclosure

Personal data is never sold, rented, traded, licensed, or monetised.

7.3 Legal and Security Disclosure

Data may be disclosed where:

  • Required by lawful authority; or
  • Necessary to protect system integrity, public trust, or security.

8. COMMUNICATIONS

By maintaining a Kaharagia Connect account, Users consent to receive:

  • Essential service notices;
  • Security alerts;
  • Account-related communications; and
  • The official Kaharagian Newsletter, which may include governmental, cultural, or programme-related updates.

Users may opt out of non-essential communications where legally permitted. Critical service or security communications cannot be opted out of.

9. DATA RETENTION

Personal data is retained only for as long as necessary to:

  • Maintain the User"s account;
  • Ensure security and auditability;
  • Meet legal or administrative obligations.

Accounts that remain inactive for extended periods may be archived, restricted, or removed in accordance with internal retention policies.

10. DATA SECURITY

The Operator implements appropriate technical and organisational measures to protect personal data, including:

  • Encrypted storage of credentials;
  • Access controls and administrative logging;
  • Network and system hardening;
  • Regular security maintenance and monitoring.

No system can be guaranteed to be entirely secure; however, reasonable and proportionate safeguards are continuously applied.

11. USER RESPONSIBILITIES

Users are responsible for:

  • Safeguarding their credentials;
  • Using the Service in accordance with the Terms of Service;
  • Promptly reporting suspected unauthorised access or security incidents.

The Operator is not responsible for compromise resulting from User negligence or misuse.

12. USER RIGHTS

Users may, subject to applicable limitations and security considerations:

  • Request access to personal data associated with their account;
  • Request correction of inaccurate information;
  • Request account closure or deactivation.

Requests may be limited where disclosure would compromise security, system integrity, or the rights of others.

13. CHILDREN AND LEGAL CAPACITY

Where a User lacks full legal capacity, responsibility for data use and account activity rests with the User"s lawful guardian or representative.

Certain Connected Services may impose additional eligibility or age-related requirements.

14. INTERNATIONAL USE

Kaharagia Connect is operated as a sovereign system and may be accessed internationally.

By using the Service, Users acknowledge that their data will be processed within systems governed by the internal law of the Principality of Kaharagia.

15. CHANGES TO THIS POLICY

This Privacy Policy may be updated to reflect changes in law, security practices, or system operation.

Continued use of Kaharagia Connect after changes take effect constitutes acceptance of the revised Policy.

16. CONTACT

Questions or requests relating to this Privacy Policy may be directed to:

support@kaharagia.org