Privacy Policy

1. Introduction

At Verifact, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our verification and authorization control plane and developer services.

2. Information We Collect

2.1 Information You Provide

• Account information (name, email, password)
• Payment information for billing purposes
• API usage statistics and performance metrics
• Support requests and communications

2.2 Information We Collect Automatically

• Usage analytics and API performance metrics
• IP addresses and basic device information for security
• API request logs (without storing your actual data)
• Cookies and similar tracking technologies

2.3 Data You Control

Verifact operates on a "bring your own database" model. AI-generated results, conversation data, and application content are stored in your own database infrastructure. We do not store, access, or process your actual data or AI outputs unless explicitly configured.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain our AI reasoning platform
• Process payments and manage billing
• Monitor service performance and security
• Provide customer support and technical assistance
• Send important service updates and notifications
• Improve our services through analytics
• Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy:

• With service providers who assist our operations
• To comply with legal obligations
• To protect our rights and prevent fraud
• In connection with a business transfer

5. Data Security

We implement appropriate technical and organizational measures to protect your account information and service access. However, since you bring your own database infrastructure, you are responsible for securing your data storage, encryption, and access controls.

We recommend implementing industry-standard security practices for your database, including encryption at rest and in transit, regular backups, and access control policies.

6. API Data and Content

When you use our API services, data may temporarily pass through our systems for processing, but we do not store, log, or retain your actual data, prompts, or AI-generated responses. All data persistence happens in your own database infrastructure.

We only collect anonymized usage statistics and performance metrics to improve our service quality and monitor system health.

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage patterns, and maintain session security. You can control cookie settings through your browser preferences.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during such transfers.

9. Data Retention

We retain your account information and usage statistics for as long as necessary to provide our services and comply with legal obligations. Since you control your own database, data retention policies for your AI-generated content, conversations, and application data are determined by your own infrastructure and policies.

You can request deletion of your Verifact account at any time, though this will not affect data stored in your own database.

10. Your Rights

Since you maintain control over your data storage, you have enhanced privacy rights:

• Full ownership and control of your AI-generated content and conversation data
• Access to your account information and usage statistics
• Correction of inaccurate account information
• Request deletion of your Verifact account and associated metadata
• Data portability for account-related information
• Independent control over data retention and deletion policies

For data stored in your own database, you have complete autonomy and are not subject to our data management policies.

11. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information promptly.

12. Third-Party Services

Our platform may integrate with third-party services (such as OAuth providers). These services have their own privacy policies, and we encourage you to review them.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our platform. Your continued use of our services constitutes acceptance of the updated policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: