Privacy Policy

1. Introduction

Welcome to Verit ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our tamper-proof and privacy-focused Verifiable Credentials (VC) and Decentralized Identity (DID) services.

By accessing or using our services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

• Register for an account
• Request a demo or contact us
• Subscribe to our newsletter
• Use our services
• Communicate with us

This information may include:

• Contact Information: Name, email address, phone number, company name, job title
• Account Credentials: Username, password (encrypted)
• Identity Information: For DID/VC services, we may process identity verification data as required
• Payment Information: Billing address, payment card details (processed securely through third-party payment processors)
• Communications: Any information you provide when contacting us

2.2 Information Automatically Collected

When you access our website, we automatically collect certain information:

• Usage Data: IP address, browser type, device information, operating system, pages visited, time spent on pages, referring URLs
• Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies (see Section 6)
• Analytics Data: Website performance metrics, user behavior patterns

2.3 Information from Third Parties

We may receive information from:

• Business partners and service providers
• Public databases and identity verification services
• Social media platforms (if you choose to connect your accounts)

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our Verifiable Credentials and Decentralized Identity services
• Account Management: To create and manage your account, authenticate users, and provide customer support
• Communications: To send you service updates, security alerts, and administrative messages
• Marketing: To send promotional materials and newsletters (with your consent, where required)
• Analytics: To understand how users interact with our services and improve user experience
• Security: To detect, prevent, and address fraud, security issues, and technical problems
• Legal Compliance: To comply with legal obligations and enforce our terms and policies
• Business Operations: To conduct research, analytics, and business development

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), our legal basis for collecting and using your personal information depends on the data and context:

• Contract Performance: Processing necessary to provide our services
• Consent: You have given explicit consent for specific purposes
• Legitimate Interests: Processing necessary for our legitimate business interests
• Legal Obligation: Processing required to comply with legal requirements

5. How We Share Your Information

We may share your information with:

5.1 Service Providers

Third-party vendors who perform services on our behalf:

• Cloud hosting providers
• Payment processors
• Analytics services
• Email service providers
• Customer support tools

5.2 Business Transfers

In connection with mergers, acquisitions, or sale of assets, your information may be transferred.

5.3 Legal Requirements

When required by law, court order, or to protect our rights and safety.

5.4 With Your Consent

We may share information with third parties when you have given explicit consent.

We do not sell your personal information to third parties.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Essential Cookies: Required for website functionality and security
• Analytics Cookies: Help us understand how visitors use our website
• Marketing Cookies: Used to deliver relevant advertisements
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality. For more information, see our Cookie Consent Banner when you first visit our site.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit and at rest
• Secure password hashing (bcrypt)
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors considered include:

• The nature and sensitivity of the information
• Legal and regulatory requirements
• The purposes for which we process the information
• Whether we can achieve those purposes through other means

9. Your Privacy Rights

Depending on your location, you may have the following rights:

9.1 GDPR Rights (EEA Residents)

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with a supervisory authority

9.2 CCPA/CPRA Rights (California Residents)

• Right to Know: Request disclosure of collected personal information
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information
• Right to Non-Discrimination: Not be discriminated against for exercising your rights
• Right to Correct: Request correction of inaccurate information
• Right to Limit: Limit use of sensitive personal information

9.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions
• Your explicit consent

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

12. Third-Party Links and Services

Our website may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending you an email notification (for significant changes)

Your continued use of our services after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: