Disclosure and Government Request Policy

Effective date: 29 March 2026
Last updated: 29 March 2026

This Disclosure and Government Request Policy explains how EviWrite ("EviWrite", "we", "us", or "our") approaches requests for access, disclosure, production, preservation, or other compelled assistance from governments, regulators, law-enforcement bodies, courts, tribunals, and other public authorities.

This page is a public statement of posture. It is not legal advice, does not waive privilege, and does not replace any applicable law, court order, or binding contractual obligation.

1. EviWrite’s operating position

EviWrite operates as an independent evidential and verification layer.

That matters because the right question is not “what could a public authority ask for in theory?” but “what does EviWrite actually hold, control, and process in practice?”

EviWrite is not positioned as a general file-hosting service for broad customer content. Its role is narrower and typically concerns:

• hashes, fingerprints, and evidential representations;
• timestamps and related anchoring records;
• receipt data and verification states;
• limited metadata and operational identifiers supplied through authorised channels;
• audit, integrity, security, and service logs;
• restricted relationship and service-administration information relevant to authorised institutions, partners, or workflows.

That means the scope of anything EviWrite could meaningfully disclose may be substantially narrower than assumptions imported from ordinary storage or social-platform models.

2. General principle

EviWrite does not voluntarily disclose data simply because a request sounds official.

EviWrite’s general approach is to:

• require a valid legal basis where disclosure is sought;
• assess whether the request is properly framed, within jurisdiction, and directed to the correct entity;
• review scope and proportionality;
• distinguish between what EviWrite actually holds and what others may wrongly assume it holds;
• resist, narrow, or challenge requests where appropriate and lawful;
• disclose only what EviWrite reasonably determines it is legally required to disclose.

3. Requests this Policy covers

This Policy applies to requests including, for example:

• court orders;
• subpoenas;
• warrants;
• regulatory production demands;
• statutory notices;
• law-enforcement requests;
• preservation requests;
• national-security or public-authority demands;
• informal government or authority enquiries seeking access, data, or records.

4. Informal requests

As a general rule, EviWrite does not disclose customer-related, partner-related, or operational information merely because a government body, investigator, or official asks informally.

Informal requests are not treated as a substitute for valid legal compulsion unless applicable law clearly requires otherwise.

5. Scope and relevance review

When EviWrite receives a demand, it may review matters such as:

• whether the request is authentic;
• whether the issuing body has proper authority;
• whether EviWrite is the correct recipient;
• whether the request is legally enforceable in the relevant context;
• whether the demand is too broad, vague, or disproportionate;
• whether the request seeks material EviWrite does not possess or control;
• whether disclosure can be narrowed, staged, or clarified;
• whether affected contractual, confidentiality, or rights considerations apply.

EviWrite may require clarification before taking action.

6. Limited-data model

A core part of EviWrite’s posture is simple: it cannot produce what it does not hold.

Because EviWrite generally does not position itself as storing full underlying file contents as a public-service norm, a request assuming full-content custody may be based on the wrong model.

Public authorities may request many things. EviWrite’s response must still be anchored to what EviWrite actually has.

7. Requests involving underlying users

Where EviWrite receives data through authorised institutions, licensees, or approved third parties, EviWrite may not hold the full underlying identity record, relationship context, or source-system data that an authority might expect from the originating institution.

In such cases, EviWrite may be able to identify only limited service-layer information and may not be the correct primary source for broader customer or end-user data.

8. Requests involving verification or receipts

If a request concerns a receipt, status, verification page, or evidential record, EviWrite may assess the request in light of:

• the exact identifier supplied;
• the current status of the record;
• what the record formally means within EviWrite’s system;
• whether the request seeks interpretation, raw data, public explanation, or private operational records;
• whether any requested expansion goes beyond the bounded meaning of EviWrite’s role.

EviWrite does not treat a request for “everything related” as self-justifying.

9. Preservation requests

EviWrite may, where appropriate and lawful, preserve relevant records in response to a valid preservation request or a legal obligation to avoid spoliation or premature deletion.

Preservation does not mean endorsement of the request, waiver of objections, or agreement that the preserved material must ultimately be disclosed.

10. Challenge and narrowing

Where lawful and appropriate, EviWrite may object to, narrow, resist, seek modification of, or otherwise challenge requests that are:

• overbroad;
• unclear;
• jurisdictionally defective;
• directed to the wrong party;
• inconsistent with EviWrite’s actual role;
• disproportionate to the stated purpose;
• in conflict with applicable rights, obligations, or protections.

A request being official in tone does not make it automatically correct in scope.

11. Notice to affected parties

Where lawful and appropriate, EviWrite may seek to notify an authorised institution, partner, or other relevant party before disclosure.

EviWrite may decline or delay notification where:

• prohibited by law;
• prohibited by court order or equivalent measure;
• notification would create legal risk, obstruction risk, or safety risk;
• immediate action is required by law.

EviWrite is not obliged to notify where notice is unlawful or inappropriate.

12. Jurisdiction and cross-border issues

Requests may raise jurisdictional questions, including where:

• the requesting authority is outside the jurisdiction governing EviWrite;
• infrastructure or supporting providers are located elsewhere;
• the request assumes a wider production obligation than the law actually permits.

EviWrite may require proper process through the relevant legal channel rather than accepting a foreign request at face value.

13. Confidentiality, privilege, and security

Where applicable, EviWrite may take account of:

• confidentiality obligations;
• trade-secret sensitivity;
• privilege claims;
• contractual restrictions;
• security and integrity risks arising from disclosure method or scope.

Nothing in this page should be read as a waiver of any privilege, immunity, objection, or legal protection available to EviWrite.

14. Third-party providers and infrastructure

Some data relevant to EviWrite’s services may sit within or pass through third-party infrastructure used by EviWrite.

That does not automatically mean EviWrite can or will disclose beyond what it controls or is legally required to produce. It also does not mean every supporting provider is authorised to disclose on EviWrite’s behalf.

15. No public promise of disclosure catalogue

EviWrite does not publish a universal list of all categories of records that may exist at all times. Record types can vary by workflow, partner channel, infrastructure, and service evolution.

A public authority or third party should not infer the existence of a record merely because it would be convenient to their theory of the case.

16. Transparency and reporting

EviWrite may, where lawful and operationally appropriate, publish high-level information or aggregated reporting about disclosure requests, categories of requests, or general response posture.

Any such reporting may be limited, delayed, grouped, or withheld where necessary to preserve legal compliance, confidentiality, security, or operational integrity.

17. No legal advice to requesters or users

This page does not advise governments, regulators, litigants, institutions, or users on what they are legally entitled to obtain. It also does not advise any person on how to compel disclosure.

18. Contact for lawful requests

Any request seeking disclosure, access, preservation, or production should be directed to:

contact@eviwrite.com

EviWrite may require identity verification, legal documentation, proof of authority, service through appropriate legal process, and sufficient specificity before engaging substantively.

19. Changes to this Policy

EviWrite may update this Policy from time to time to reflect changes in law, service structure, partner model, infrastructure, or operational posture.

20. Final point

EviWrite’s position is controlled for a reason: a serious evidential service should not become loose simply because the person asking happens to have a letterhead.