TOMBSTONE
Cryptographic Proof of Deletion
scroll to continue ↓
LIFECYCLE EVENTS
tombstone — lifecycle events
CERTIFICATE
CRYPTOGRAPHIC CERTIFICATE OF DATA DELETION
TOMBSTONE ID
TS-2026-6f5fb03b1c1f
This certifies that Tombstone received, timestamped, and cryptographically sealed deletion-completion evidence for the data reference identified below. The record can be independently verified without exposing the underlying personal data.
RegulationCCPA 1798.105 – Right to Delete
Data Subject Ref.sha256:15d76d84f542…
System CoveredCustomer Data Store (S3)
Request ReceivedJune 28, 2026
CompletedJune 29, 2026 (1 day)
Versions Listed2
Deleted Successfully2
Failed Deletes0
Delete Markers0
Retention ExpiresJune 29, 2028
IssuedJune 29, 2026 · 06:42 UTC
DELETION VERIFIED
Signature (Ed25519, truncated)
NlG9eqUSxJtNqVmRBuy2CmuvR5xCxO2pkxl5HiAlKedkM0rUnnTV8ilRlxMdBC8P…
Key ID: 1a1f59bd616dc808
Verify at verify.tombstone.sh — no account required
TOMBSTONE.SH
Verify a certificate
Live ledger
For developers

When the regulator asks,
what do you hand them?

Not a log.
Not a policy document.
A certificate — signed by an independent third party, showing what was deleted, when it happened, verifiable by any regulator or auditor. Hand them a Tombstone.

CRYPTOGRAPHIC CERTIFICATE OF DATA DELETION
TOMBSTONE ID
TS-2026-d698be2c5a1c
This certifies that Tombstone received, timestamped, and cryptographically sealed deletion-completion evidence for the data reference identified below. The record can be independently verified without exposing the underlying personal data.
RegulationCCPA 1798.105 – Right to Delete
Data Subject Ref.sha256:15d76d84f542…
System CoveredCustomer Data Store (S3)
Request ReceivedJune 28, 2026
CompletedJune 29, 2026 (1 day)
Versions Listed2
Deleted Successfully2
Failed Deletes0
Delete Markers0
Retention ExpiresJune 29, 2028
IssuedJune 29, 2026 · 06:42 UTC
DELETION VERIFIED
Signature (Ed25519, truncated)
NlG9eqUSxJtNqVmRBuy2CmuvR5xCxO2pkxl5HiAlKedkM0rUnnTV8ilRlxMdBC8P…
Key ID: 1a1f59bd616dc808
Verify at verify.tombstone.sh — no account required
§

Your systems perform the deletion. Tombstone makes the completion evidence verifiable.

California DELETE Act — data brokers must process DROP deletion requests beginning Aug 1, 2026 CCPA audit readiness — independent evidence meets the accountability standard GDPR Articles 17 & 5(2) — erasure rights and controller accountability

Why it holds up

Four properties that make the evidence admissible

01
No PII retained.

Tombstone stores hashes, event metadata, and signatures — not names, emails, or any raw subject data. Architected for guaranteed privacy.

02
Independent third party.

The certificate is minted and signed in Tombstone's custody. Independent evidence for compliance.

03
Tamper-evident by construction.

Every event is signed and linked to the one before it. Any gap or alteration breaks the chain. Silent modification becomes detectable.

04
Verifiable without an account.

Regulators, auditors, or the data subject can verify any certificate at verify.tombstone.sh. Verifiable by all parties.

Pilot program — limited availability

Turn deletion lifecycle events into verifiable evidence.

We respond within one business day. No commitment required.