VeraIDVeraID
Identity Security
Security Posture (ISPM)Threat Detection (ITDR)Directory IntegrationAI Agent Security
Governance
Lifecycle AutomationOffboarding CascadesComplianceCross-Cloud Correlation
FeaturesSecurityDocumentation
Blog
Partner ProgramMSP PartnersReseller PartnersTechnology PartnersReferral Partners
AboutCareersContact
Pricing
Join WaitlistLogin

Privacy Policy

Last updated: December 2024

Introduction

VeraID ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our identity security platform.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name and organization details
  • Password (securely hashed)
  • Billing information (for paid plans)

Usage Data

We automatically collect information about how you use our service:

  • API requests and authentication events
  • Feature usage and interactions
  • IP addresses and device information
  • Browser type and settings

Identity and Credential Data

To provide our service, we store information about your non-human identities and credentials. This includes identity metadata, access policies, and audit logs. We never store plaintext credentials — all sensitive data is encrypted at rest and in transit.

How We Use Your Information

We use your information to:

  • Provide and maintain our identity security platform
  • Process your transactions and send related information
  • Send you technical notices, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Analyze usage patterns to improve our service
  • Detect, prevent, and address security issues

Data Sharing

We do not sell your personal information. We may share your data with:

  • Service Providers: Third parties that help us operate our platform (hosting, analytics, payment processing)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Audit logs are retained according to your plan (30 days for Free, 1 year for Team, custom for Enterprise). You can request deletion of your data at any time.

Cookies

We use cookies and similar technologies to:

  • Keep you signed in
  • Remember your preferences
  • Analyze site usage and performance
  • Provide security features

You can control cookies through your browser settings. Disabling cookies may affect some features of our service.

Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Export your data in a portable format
  • Object to or restrict certain processing
  • Withdraw consent (where applicable)

To exercise these rights, contact us at privacy@veraid.io.

Security

We implement industry-standard security measures including encryption, access controls, and regular security audits. For more details, see our Security page.

International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where required.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or through a notice on our website.

Contact Us

If you have questions about this privacy policy or our data practices, contact us at:

Email: privacy@veraid.io
Address: VeraID, Inc.