Veridat
← Back to home

Privacy Policy

This beta privacy summary explains how Veridat expects to handle personal and workspace data. It should be reviewed by counsel before paid launch.

Data we process

Veridat may process account details, workspace information, claims, evidence metadata, approval history, uploaded evidence files, and operational logs needed to run the service.

How data is used

Data is used to provide claims governance workflows, authenticate users, enforce workspace access, store evidence, maintain audit history, and improve service reliability.

AI and pasted copy

Claim analysis uses deterministic checks and may use provider-backed AI for enhanced Claim Risk Checker reports when configured. If AI-enhanced analysis is used, submitted copy or page text may be sent to the AI provider after practical redaction of obvious emails, phone numbers, and token-like strings.

Veridat does not send billing data, invite tokens, reset tokens, uploaded evidence files, or private workspace records to the public checker AI workflow. AI output is advisory only. Your team decides, and Veridat does not provide legal advice or guarantee compliance.

Product analytics

Veridat records limited product events to understand activation, feature usage, reliability, and account operations. Event metadata is designed not to include full pasted copy, uploaded evidence content, or raw evidence files.

If Google Analytics 4 is configured, it is used for website traffic and basic conversion analytics only after analytics consent is accepted. GA4 events use safe metadata such as routes, counts, source type, and risk distribution, not raw claim text, pasted copy, evidence contents, file names, or private notes.

Subprocessors and infrastructure

Veridat currently expects to use Vercel for application hosting, Supabase for database and evidence storage, Google Workspace for company email and documents, and Resend for product email if configured. This beta list should be reviewed and formalised before paid launch.

Certifications

Veridat does not currently claim SOC 2, ISO 27001, GDPR certification, or any equivalent formal certification. Future certifications or audit reports will be listed only once completed.

Contact

For privacy questions during beta, contact support@veridat.com.