Privacy policy

1. Introduction

This Privacy Policy explains how VerifyWise collects, uses, and protects your personal information. VerifyWise provides AI governance and evaluation services to help organizations manage their AI systems responsibly.

VerifyWise is a B2B-only platform serving enterprise organizations. We are committed to ensuring your privacy is protected and that you understand how your data is handled.

2. Data handling

VerifyWise operates in a completely air-gapped environment within your infrastructure:

• Zero data leaves your infrastructure - all data remains within your environment
• No telemetry or usage analytics are sent to VerifyWise
• No license validation or automatic updates occur
• VerifyWise has no access to any data processed by the platform

3. Information we collect

3.1 Website and general business information

• Contact form submissions and inquiry details
• Marketing communication preferences
• Website usage data through analytics (Google Analytics, PostHog)
• Technical website data (IP address, browser type, device information)

3.2 Platform data

• Account registration and authentication information
• Billing and payment processing data (processed by third-party payment processors)
• Platform configuration and usage patterns
• Support tickets and customer service interactions

4. How we use your information

We use your information to:

• Provide and maintain our AI governance services
• Process payments and manage billing
• Provide customer support and technical assistance
• Send product updates, newsletters, and marketing communications
• Improve our platform and develop new features

5. Data security and encryption

We implement industry-standard security measures to protect your information:

• All customer data is encrypted both in transit and at rest
• Multi-tenant data isolation ensures customer data separation
• Access controls and authentication mechanisms protect platform access
• Regular security monitoring and incident response procedures

6. Cookies and tracking technologies

Our website uses the following types of cookies:

• Functional Cookies: Essential for website operation and user authentication
• Analytics Cookies: Google Analytics and PostHog for website performance analysis
• Marketing Cookies: To track marketing campaign effectiveness and user preferences

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

7. Third-party services and subprocessors

We integrate with the following third-party services:

• Payment Processing: Stripe, Inc. for billing and subscription management
• Analytics: Google Analytics and PostHog for usage analytics
• Infrastructure: Cloud hosting providers for infrastructure services

8. Data retention

We retain different types of data for varying periods:

• Account and evaluation data: Retained for 3 years from account creation or last activity
• Marketing communications: Until you unsubscribe or request removal
• Contact form submissions: Retained for business communication purposes up to 3 years

9. Your rights and data control

As a business customer, you have the right to:

• Access your organization's account and usage data
• Correct inaccurate account or contact information
• Request deletion of your account and associated data
• Object to marketing communications
• Request data export for account migration purposes

10. Legal basis for processing and compliance

We process personal data based on the following legal grounds:

• Contract Performance: Processing necessary to deliver our AI governance services
• Legitimate Interest: Platform improvement, security monitoring, and business communications
• Consent: Marketing communications and non-essential cookies

We comply with GDPR for European customers and CCPA for California customers.

11. Data breach notification

In the event of a data security incident:

• We will assess the incident within 24 hours of discovery
• Affected customers will be notified within 72 hours for high-risk breaches
• We will notify relevant authorities as required by applicable law

12. Changes to this policy

We may update this privacy policy to reflect changes in our services, legal requirements, or business practices. When we make material changes, we will:

• Update the "Last updated" date at the bottom of this policy
• Notify active customers via email of significant changes
• Post the updated policy on our website

13. Contact information

If you have any questions about this Privacy Policy, data handling practices, or wish to exercise your rights, please contact us: