Privacy Policy

Last Updated: October 15, 2025

VeriDeal LLC (VeriDeal, we, our, or us) values your privacy. This Privacy Policy explains how we collect, use, and share information when you use our website, web application, and related services (collectively, the Services).

IMPORTANT NOTICE: VeriDeal is currently operated as a beta service. While we implement industry-standard security measures and privacy protections, the Services are provided on an AS-IS and AS AVAILABLE basis during this beta period. You acknowledge that beta software may contain bugs, errors, or limitations that could affect data processing or security. By using the Services, you consent to this Privacy Policy and accept these conditions.

If you are located in the European Economic Area (EEA), the United Kingdom (UK), Switzerland, or California, you may have additional rights described below.

1. Information We Collect

a. Information You Provide

  • Name, email address, password, and account details
  • Payment information (processed securely through Stripe; we do not store full card numbers)
  • Communications you send us (support requests, feedback)
  • Any other information you voluntarily provide through the Services

b. Information Collected Automatically

  • Device and browser information (IP address, operating system, device identifiers, browser type)
  • Usage data (pages viewed, features used, time spent, clickstream data)
  • Cookies and similar technologies (see Section 6)
  • Log data (access times, error logs, referring URLs)

c. Information From Third Parties

  • Payment processors (e.g., Stripe) provide transaction details and payment status
  • Analytics providers (e.g., Google Analytics) provide aggregated usage insights
  • Service providers who help us operate and improve the Services

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Services: Account creation, authentication, feature delivery, and customer support
  • Process transactions: Payment processing, subscription management, and billing
  • Communicate with you: Service updates, billing notices, customer support responses, security alerts, and administrative messages
  • Improve the Services: Analytics, debugging, testing, research and development, and feature optimization
  • Detect and prevent fraud: Security monitoring, abuse prevention, and legal compliance
  • Comply with legal obligations: Responding to legal processes, enforcing our terms, and protecting rights
  • Develop new features: Beta testing, user research, and service enhancement

Automated Decision-Making

We may use automated systems and algorithms to analyze usage patterns, personalize features, detect fraudulent activity, and improve service performance. You may contact us to request human review of automated decisions that significantly affect you.

3. Sharing of Information

We do not sell your personal data. We may share information with:

Service Providers

We work with third-party service providers who process personal data on our behalf:

  • Cloud hosting and infrastructure: AWS, Google Cloud, or similar providers
  • Payment processing: Stripe and related financial services
  • Analytics and monitoring: Google Analytics, error tracking services
  • Customer support: Help desk and communication platforms
  • Email services: Transactional and marketing email providers
  • Security services: Fraud detection and prevention tools

All service providers are contractually obligated to protect your data and use it only for specified purposes.

Legal and Compliance Requirements

We may disclose your information when required by law, legal process, or government request, or when we believe in good faith that disclosure is necessary to:

  • Comply with legal obligations, court orders, or subpoenas
  • Protect our rights, property, or safety, or that of our users or the public
  • Investigate, prevent, or take action regarding illegal activities, fraud, or security threats
  • Enforce our Terms of Service or other agreements
  • Respond to claims of rights violations

Business Transactions

If VeriDeal is involved in a merger, acquisition, bankruptcy, reorganization, or sale of assets, your information may be transferred as part of that transaction. You will be notified via email and/or prominent notice on our Services of any change in ownership or uses of your personal data.

Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for analytics, research, or business purposes.

4. Legal Bases for Processing (GDPR/International Users)

If you are in the EEA, UK, or Switzerland, we process your personal data only where we have a legal basis:

  • Consent: Where you have given explicit consent (e.g., for marketing communications or non-essential cookies)
  • Contract performance: To provide you with the Services you have requested
  • Legal compliance: To comply with applicable laws and regulations
  • Legitimate interests: To improve and secure the Services, prevent fraud, and conduct business operations (balanced against your rights and interests)

You have the right to withdraw consent or object to processing based on legitimate interests at any time.

5. International Data Transfers

VeriDeal is based in the United States. If you access the Services from outside the U.S., your information will be transferred to, stored, and processed in the United States and potentially other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country of residence. We take appropriate safeguards to protect your data during international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements with service providers
  • Compliance with applicable data transfer regulations

By using the Services, you consent to the transfer of your information to the United States and other jurisdictions where we or our service providers operate.

6. Cookies & Tracking Technologies

We use cookies, web beacons, pixels, and similar technologies to:

  • Remember your preferences and settings
  • Authenticate your account and maintain sessions
  • Analyze usage patterns and service performance
  • Deliver relevant content and features
  • Measure advertising effectiveness (where applicable)

Types of Cookies We Use

  • Essential cookies: Required for the Services to function properly
  • Functional cookies: Remember your preferences and settings
  • Analytics cookies: Help us understand how you use the Services
  • Advertising cookies: May be used to deliver relevant ads (where applicable)

Your Cookie Choices

  • Browser settings: Most browsers allow you to block or delete cookies through settings
  • EU/UK Users: Where required by law, we obtain your consent before placing non-essential cookies
  • California Users: You may opt out of sharing for cross-context behavioral advertising through our privacy settings or by using the Global Privacy Control (GPC) signal

Note that blocking certain cookies may limit your ability to use some features of the Services.

7. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Privacy Policy or as required by law:

  • Account information: While your account is active and up to 7 years after closure for legal, tax, and regulatory compliance
  • Payment records: 7 years as required by financial regulations and tax laws
  • Communications: Until you unsubscribe or withdraw consent, plus any legally required retention period
  • Usage data: Typically 24-36 months, unless aggregated and anonymized
  • Legal hold data: Data subject to legal holds, litigation, or investigations is retained until the matter is resolved
  • Backup data: Data in system backups may persist for up to 90 days after deletion

After the retention period expires, we securely delete or anonymize your personal data. Aggregated and anonymized data may be retained indefinitely for analytics and research purposes.

8. Your Rights and Choices

a. California Residents (CCPA/CPRA)

California residents have the right to:

  • Know: What personal data we collect, use, disclose, and sell/share
  • Access: Request a copy of your personal data
  • Delete: Request deletion of your personal data (subject to legal exceptions)
  • Correct: Request correction of inaccurate personal data
  • Opt-out: Opt out of sale or sharing of personal data for cross-context behavioral advertising
  • Limit use: Limit use and disclosure of sensitive personal information
  • Non-discrimination: Exercise your rights without discriminatory treatment

Sensitive Personal Information: We do not intentionally collect sensitive personal information as defined by California law (precise geolocation, racial/ethnic origin, religious beliefs, health information, sexual orientation, citizenship/immigration status, genetic data, or certain financial account details with access credentials).

Verification: To protect your privacy, we will verify your identity before processing requests. You or your authorized agent may submit requests to contact@VeriDeal.io. Authorized agents must provide proof of authorization.

Response Time: We will respond to verified requests within 45 days (extendable by 45 days if necessary).

b. EEA/UK/Swiss Residents (GDPR)

If you are in the EEA, UK, or Switzerland, you have the right to:

  • Access: Obtain confirmation of whether we process your data and receive a copy
  • Rectification: Correct inaccurate or incomplete personal data
  • Erasure (right to be forgotten): Request deletion of your personal data in certain circumstances
  • Restriction: Restrict processing of your personal data in certain situations
  • Data portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests or for direct marketing
  • Withdraw consent: Withdraw consent at any time where we rely on consent
  • Lodge a complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at contact@VeriDeal.io or our Data Protection Officer (if appointed). We will respond within one month (extendable by two months for complex requests).

c. All Users

Regardless of location, you can:

  • Update your account information through your account settings
  • Unsubscribe from marketing emails via the link in each message
  • Contact us to request access, correction, or deletion of your data
  • Close your account at any time (though some data may be retained as described in Section 7)

9. Data Security

We implement technical and organizational security measures designed to protect your personal data, including:

  • Industry-standard encryption (TLS/SSL) for data in transit
  • Encryption of sensitive data at rest
  • Secure servers with access controls and authentication
  • Regular security assessments and monitoring
  • Employee training on data protection practices
  • Incident response procedures

Important Limitations: Despite our efforts, no security measures are perfect or impenetrable. No method of transmission over the Internet or electronic storage is 100% secure. During the beta period, the Services may have additional vulnerabilities as we continue testing and development.

We cannot guarantee absolute security of your data. You acknowledge and accept this risk by using the Services. If you become aware of any security vulnerability, please report it to contact@VeriDeal.io immediately.

Data Breach Notification: In the event of a data breach that affects your personal data, we will notify you and relevant authorities as required by applicable law.

10. Childrens Privacy

The Services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children under 18.

If we discover that we have inadvertently collected personal data from a child under 18, we will promptly delete that information. If you believe a child under 18 has provided us with personal data, please contact us at contact@VeriDeal.io.

11. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices or content of third parties.

We encourage you to review the privacy policies of any third-party services before providing them with personal information.

12. Beta Service Disclaimer and Limitations

BETA STATUS: VeriDeal is currently in beta testing. The Services are provided AS-IS and AS AVAILABLE without warranties of any kind, either express or implied.

Service Limitations

During beta:

  • Features may be incomplete, unstable, or change without notice
  • Data processing may contain errors or inconsistencies
  • Service availability and performance are not guaranteed
  • Data loss, corruption, or unauthorized access may occur despite security measures

User Acknowledgment

By using the Services during beta, you acknowledge and accept:

  • The experimental nature of the Services
  • Inherent risks associated with beta software
  • That data protection measures, while implemented, may not be fully mature
  • The possibility of service interruptions, data loss, or security incidents

No Warranty

TO THE MAXIMUM EXTENT PERMITTED BY LAW, VERIDEAL MAKES NO WARRANTIES ABOUT THE ACCURACY, RELIABILITY, COMPLETENESS, OR TIMELINESS OF DATA PROCESSING OR PRIVACY PROTECTIONS DURING THE BETA PERIOD.

Limitation of Liability

Your use of the beta Services is at your own risk. VeriDeal shall not be liable for any damages arising from service defects, data incidents, or privacy issues during the beta period, except as required by applicable law. This limitation applies to the fullest extent permitted by law.

13. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features.

Notice of Changes

If we make material changes, we will notify you by:

  • Posting a notice on the Services at least 30 days before changes take effect
  • Sending an email to the address associated with your account
  • Displaying a prominent banner in the application

Effective Date

Changes become effective on the date specified in the notice. The Effective Date at the top of this Privacy Policy indicates when it was last updated.

Continued Use

Your continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using the Services and may close your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

14. California Shine the Light Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal data to third parties for their direct marketing purposes.

VeriDeal does not share personal data with third parties for their direct marketing purposes without your explicit consent. If you have questions about this, contact us at contact@VeriDeal.io.

15. Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of certain covered information. VeriDeal does not sell personal data as defined under Nevada law. If you have questions, contact us at contact@VeriDeal.io.

16. Dispute Resolution and Governing Law

This Privacy Policy and any disputes arising from it shall be governed by the laws of the State of Delaware, United States, without regard to conflict of law provisions.

Mandatory Arbitration: Any dispute arising from this Privacy Policy or your use of the Services shall be resolved through binding arbitration in accordance with the American Arbitration Associations rules, except where prohibited by law.

Exceptions: You may assert claims in small claims court if they qualify, and either party may seek injunctive relief in court for intellectual property infringement or unauthorized access to the Services.

17. Contact Us

For questions, concerns, or to exercise your privacy rights:

VeriDeal LLC

Email: contact@VeriDeal.io

For EEA/UK/Swiss residents: If we appoint a Data Protection Officer or EU representative, their contact information will be provided here.

Response Time: We will respond to privacy inquiries within 30 days (or as required by applicable law).

Complaints: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority (for EEA/UK/Swiss residents) or the California Attorney General (for California residents).

18. Entire Agreement

This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and VeriDeal regarding the privacy aspects of the Services and supersedes all prior agreements and understandings.

Questions?

Contact us at: contact@verideal.io