Privacy Policy
Effective date: 1 August 2026
The full Privacy Policy is available at www.veriproof.app/privacy . This page summarises the most important parts.
Information We Collect
Account Information
When you create a VeriProof account, we collect your name, email address, and organisation name. If you add payment details, your billing information is processed by our payment processor (Stripe) — VeriProof does not store full card details.
Usage and Session Data
The session data captured through the VeriProof SDK is your data, processed by VeriProof on your behalf. We treat it as confidential. We do not mine it for product improvements, advertising, or any purpose other than providing the VeriProof service.
Service Usage Metadata
We collect logs and analytics about how the APIs and portals are used — request counts, error rates, latency percentiles. This information is used for capacity planning, debugging, and service improvement.
How We Use Your Information
| Information type | Purposes |
|---|---|
| Account information | Account management, billing, support, legal compliance |
| Session data | Providing the audit and compliance features you’ve configured |
| Service metadata | Service operation, debugging, abuse prevention, anonymised analytics |
We do not sell personal information to third parties.
Data Sharing
We share personal information with:
- Sub-processors needed to operate the service (see Subprocessors)
- Legal requirements: When required by valid legal process, we’ll notify you if legally permitted before complying
- Business transfers: In the event of a merger or acquisition, personal information may be transferred; we’ll provide notice
Your Rights
Depending on your jurisdiction, you may have rights to:
- Access the personal information we hold about you
- Correct inaccurate information
- Delete your information (subject to retention obligations)
- Port your data to another service
- Object to certain processing
For requests under GDPR, CCPA, or other privacy laws, contact privacy@veriproof.app.
Data Retention
Account information is retained for the duration of your subscription plus 30 days. Session data is retained according to the retention period you configure for your organisation (see Security FAQ).
Cookies and Tracking
The VeriProof Customer Portal and Staff Portal use session cookies for authentication. We do not use advertising cookies or cross-site tracking. The documentation site (docs.veriproof.app) uses Cloudflare Web Analytics, which does not use cookies or fingerprint individual users.
Contact
For privacy inquiries: privacy@veriproof.app
VeriProof Ltd, registered in England and Wales.
Full Policy
The complete Privacy Policy is at www.veriproof.app/privacy .
Next Steps
- Data Processing Agreement — DPA for GDPR compliance
- GDPR — how we support your GDPR obligations
- Subprocessors — third parties that process data