Protecting your claims, evidence, and approval records
Veridat is designed for teams handling sensitive commercial information, evidence files, claim records, and approval history.
What is implemented today
Veridat is currently in beta. These controls are implemented today. Formal certification is part of the future security roadmap, not a current claim.
Workspace access controls
Users can only access workspaces they belong to. Evidence preview and download routes check workspace membership before serving files.
Private evidence storage
Evidence files are stored privately and served through authenticated server-side routes.
Authentication
Veridat supports email/password login and configured OAuth providers. Password reset tokens expire after 30 minutes.
Security headers
The app uses baseline security headers, with stricter content security policy work planned before wider enterprise use.
Veridat is not currently SOC 2 audited, ISO 27001 certified, or formally certified as GDPR compliant. We are building our security programme toward stronger controls as the product matures.
Veridat expects to use trusted infrastructure providers such as Vercel, Supabase, Google Workspace, and Resend if configured. This list should be reviewed before paid launch and reflected in future data processing terms.
Questions about security or enterprise requirements?
Contact us to discuss data handling, access controls, security roadmap, or procurement needs.