Privacy Policy

Last updated: June 30, 2025

1. Scope & Controller

  • Controller: Verifire.ai Ltd, registered in Cyprus.

  • Applies to all personal data collected via our website, dashboards, APIs, and during service delivery.

2. Information We Collect

We collect and process the following categories of data:

  • Contact & Account Data: Name, email, company, role, credentials.

  • Usage & Technical Data: IP address, device/browser info, API usage, logs.

  • Transactional & Payment Data: Billing information collected via third-party processor (Ecommpay).

  • Customer Data: Data uploaded by clients (third-party compliance integrations), which we process solely as a data processor.

3. How We Use Your Data

  • Provide and improve services, support, billing.

  • Monitor system security, performance, fraud prevention.

  • Legal compliance and protecting our rights.

4. Legal Bases for Processing

  • Contractual Necessity: To deliver agreed services.

  • Legitimate Interests: Service improvement, security, fraud prevention.

  • Legal Compliance: Meeting requirements under GDPR, Cyprus law, AML, etc.

5. Data Storage & Retention

  • Customer Data: Retained per the selected Data Retention package (24 hours of storage, unless otherwise agreed).

  • Usage & Logs: Stored up to 30 days for support/security, aggregated long-term.

  • Contact & Billing Data: Retained for the duration of our business relationship and 7 years post termination, to meet accounting and legal obligations.

6. Data Sharing & Subprocessors

We share personal data only with third parties when necessary:

  • Payment Processors: Ecommpay.

  • Cloud & Hosting Providers: e.g., Gcore, GCP.

  • Subprocessors: Other systems hosting logs or analytics.

  • Legal Disclosures: As required by law.

7. International Transfers

If data is transferred outside the EEA (e.g., to the U.S.), we ensure compliance through:

  • EU Standard Contractual Clauses, or

  • Adequacy Frameworks, such as Privacy Shield–equivalent for Cyprus.

8. Data Subject Rights

In accordance with GDPR and equivalent laws, individuals can:

  • Access their personal data.

  • Rectify, erase, or request restriction of processing.

  • Object to processing or withdraw consent.

  • Data portability, when technically feasible.

Requests can be made via privacy@verifire.ai and will be handled within 30 days.

9. Security

We implement robust security measures:

  • Encryption at rest and in transit.

  • Access controls, audit logs.

  • Regular security reviews and breach response protocols.

10. Third-Party Links

Our platforms may contain links to external sites. We are not responsible for their privacy practices. We recommend reviewing their privacy policies.

11. Children

Our Service is for B2B clients and professionals. We do not knowingly collect data from children under 16. Any such data discovered will be promptly deleted.

12. Policy Updates

We may revise this policy to reflect changes in our practices or legal requirements. We will notify customers of material updates via email or dashboard notices and update the “Last updated” date.

13. Contact Us

For any privacy questions or to exercise your rights, please contact: privacy@verifire.ai

Verifire.ai Ltd. Kypranoros 13, EVI BUILDING, 2nd floor, Office 201, 1061, Nicosia, Cyprus.

14. Additional Provisions

Depending on client needs, optional agreements include:

  • Data Processing Addendum (DPA): Covers GDPR, data processing-by-verifire.

  • Standard Contractual Clauses: For EEA–non-EEA transfers.

  • HIPAA BAA: Available upon request for U.S. healthcare customers.

Terms of use ›

Verifire © 2025. All right reserved.

Verifire © 2025. All right reserved.

Verifire © 2025. All right reserved.

Verifire © 2025. All right reserved.