Back to HomeVeriGlob Logo

Privacy Policy

Last Updated: January 3, 2025

1. Introduction

At Veriglob ("we," "us," or "our"), privacy is not just a feature—it's the foundation of everything we build. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our APIs, SDKs, or interact with our decentralized identity protocol.

Our protocol is designed with privacy by design principles. Unlike traditional identity systems, Veriglob enables identity verification without requiring the storage or transmission of personal data. We believe you should control your identity, not corporations or governments.

Key Principle: Veriglob's protocol is designed so that personal identity data is never stored on our servers. Cryptographic proofs are used in place of actual personal information.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: When you create an account to access our developer portal or enterprise services, we collect your name, email address, organization name, and contact details.
  • Communication Data: When you contact us for support, partnership inquiries, or feedback, we collect the content of your messages and any attachments.
  • Payment Information: For paid services, we collect billing information through our secure payment processors. We do not store complete credit card numbers.

2.2 Information Collected Automatically

  • Technical Data: IP addresses, browser type and version, operating system, device identifiers, and referring URLs.
  • Usage Data: Pages visited, time spent on pages, click patterns, and feature usage within our developer portal.
  • API Usage: API call volumes, error rates, and performance metrics (anonymized and aggregated).

2.3 Information We Do NOT Collect

By Design, We Never Access:

  • Your Decentralized Identifiers (DIDs) or private keys
  • The contents of your Verifiable Credentials
  • Personal identity documents (passports, IDs, etc.)
  • Biometric data
  • The specific claims within credentials you present to verifiers

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our platform, APIs, and SDKs.
  • Communication: To send you technical notices, updates, security alerts, and support messages.
  • Analytics: To understand how our services are used and identify areas for improvement (using anonymized, aggregated data).
  • Security: To detect, prevent, and address fraud, abuse, and security issues.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Business Operations: To process payments, manage accounts, and fulfill contractual obligations.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services to you.
  • Legitimate Interests: Processing for our legitimate business interests, such as fraud prevention and service improvement, where these interests do not override your rights.
  • Consent: Where you have given explicit consent for specific processing activities.
  • Legal Obligation: Processing necessary to comply with legal requirements.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating our services (e.g., cloud hosting, payment processing, analytics). These providers are contractually bound to protect your data.
  • Legal Requirements: When required by law, subpoena, or other legal process, or to protect our rights, property, or safety.
  • Business Transfers: In connection with any merger, acquisition, or sale of assets, where your information may be transferred as a business asset.
  • With Your Consent: When you have given explicit permission to share your information.

6. Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for data in transit (TLS 1.3)
  • Encryption at rest for stored data (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Continuous monitoring and incident response procedures
  • Employee security training and background checks

While we strive to protect your information, no method of transmission or storage is 100% secure. We encourage you to use strong passwords and protect your API keys and credentials.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

  • Account Data: Retained while your account is active and for up to 2 years after account closure.
  • Usage Logs: Retained for 90 days in identifiable form, then anonymized and aggregated.
  • Payment Records: Retained for 7 years as required by financial regulations.
  • Support Communications: Retained for 3 years after resolution.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access

Request a copy of your personal data we hold.

Rectification

Request correction of inaccurate or incomplete data.

Erasure

Request deletion of your personal data ("right to be forgotten").

Portability

Receive your data in a structured, machine-readable format.

Restriction

Request limitation of processing in certain circumstances.

Objection

Object to processing based on legitimate interests.

To exercise these rights, please contact us at privacy@veriglob.com. We will respond to your request within 30 days.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with all service providers
  • Compliance with applicable data transfer frameworks

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for basic site functionality (authentication, security).
  • Analytics Cookies: Help us understand how visitors interact with our site (can be disabled).
  • Preference Cookies: Remember your settings and preferences.

You can control cookie settings through your browser. Note that disabling certain cookies may impact site functionality.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately at privacy@veriglob.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically. Your continued use of our services after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Veriglob Ltd.

Email: privacy@veriglob.com

Data Protection Officer: dpo@veriglob.com

Website: https://veriglob.com

← Back to Home