Security and privacy are not buzzwords - they are our mission

Our commitment to safeguarding your data and privacy is paramount. This page outlines the measures we take to protect your personal information and ensure your privacy.

Certifications & compliance

3rd-Party Audited to Ensure Adherence to Strict Compliance Standards

AICPA SOC

Soc 2 Type II

We are third party audited regularly to maintain SOC 2 Type II certification. This means we follow strict rules to safeguard customer data privacy and confidentiality.

GDPR Badge

GDPR Compliant

We comply with all major European privacy and regulatory requirements such as GDPR.

CCPA Badge

CCPA Compliant

We comply with California's Consumer Privacy Act through transparency about what data is being collected, how it's used, and who has access to it, by protecting user data rigorously, and honoring requests form California to allow access and opt-outs for residents, among other requirements.

Security & PRIVACY features

Protecting your data

Below are just some of the steps that we take to safeguard consumer data privacy.

Anonymous data encryption

Personal data is thoroughly encrypted and anonymized so users are protected in the worst-case scenario of a data breach.

Minimal personal data collection

We only collect the data that is necessary for the type of application being submitted to protect our users.

Two-factor authentication

Even if a team member's login credentials are leaked, user data is still protected due to 100% mandatory two-factor authentication on all of our team members' access endpoints.

Authentication and authorization controls

Authentication to access user data is only granted on a "need-to-know" basis to protect user data.

Protection against third-party data selling

We require any API partners or vendors who interact with our data to adhere to strict requirements against selling user data to any third parties.

Full-access to consent and opt-out

Users have total control over their data - data is only collected with consent and users can opt-out at any time.

Enforcing user’s right to be forgotten

Users can request their data be deleted at any point, and it will be promptly deleted from all storage after the request is made.

Enforcing user’s right to full control of their data

Where the user's data rights conflict with business requests, we will side with the users and enforce their right to own and control their own data.

See our Privacy Policy

Questions?

For questions or concerns regarding privacy or data security, contact us at sales@verifast.com or fill out this form and we’ll get back to you within 48 hours.