erifAI logo
erifAISOC2 TRUST READY

Privacy Policy

Last updated: December 2024

Information We Collect

Account Information

When you create an account, we collect your name, email address, company information, and other details necessary to provide our services.

Compliance Data

We collect and process compliance-related information from your connected systems, including evidence documents, configuration data, and audit trail information.

Usage Information

We collect information about how you use our platform, including features accessed, integrations configured, and performance metrics.

How We Use Your Information

  • • Provide and maintain our compliance automation services
  • • Generate compliance reports and dashboards
  • • Analyze and improve our platform performance
  • • Communicate with you about service updates and support
  • • Ensure security and prevent fraud
  • • Comply with legal obligations

Data Security

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

Access Controls

We implement role-based access controls and multi-factor authentication to protect your data.

Compliance

Our platform is SOC 2 Type II compliant and follows industry best practices for data protection.

Data Sharing

We do not sell, trade, or rent your personal information. We may share information only in these limited circumstances:

  • • With your explicit consent
  • • With service providers who assist in platform operations (under strict confidentiality agreements)
  • • To comply with legal obligations or protect our rights
  • • In connection with a business transfer (merger, acquisition, etc.)

Your Rights

You have the following rights regarding your personal data:

  • • Access and review your personal information
  • • Correct inaccurate or incomplete data
  • • Delete your account and associated data
  • • Export your data in a machine-readable format
  • • Object to certain processing activities
  • • Withdraw consent where applicable

International Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions where applicable.

Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations. Account data is deleted within 30 days of account closure, unless longer retention is required by law.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

  • • Email: privacy@verifai.com
  • • Address: VerifAI Privacy Team, [Company Address]
  • • Phone: +1 (555) 123-4567