Back to Home

Privacy Policy

Last Updated: September 15, 2025

VeriAct (“we”, “our”, or “us”) operates https://veriact.com (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By using VeriAct, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

  • Account Information: Name, email (via Clerk authentication)
  • Payment Information: Processed by Stripe — we do NOT store card details
  • Meeting Transcripts: Text files you upload
  • Action Items: Tasks extracted using AI processing
  • Organization Details: Company name, team member emails (Enterprise)

1.2 Automatically Collected Information

  • Usage Data: Feature usage, pages visited, timestamps
  • Device Information: Browser, IP, OS
  • Cookies: Authentication/session cookies

1.3 Audio/Video Files

  • Temporary Storage: Uploads stored only for processing
  • Automatic Deletion: All media files deleted within 24 hours
  • No Permanent Storage: Only transcript and derived action items are retained

2. How We Use Your Information

  • Provide and maintain the Service
  • Process transcripts using OpenAI Whisper
  • Extract action items using AI
  • Manage billing and subscriptions via Stripe
  • Email reminders and invitation access
  • Customer support
  • Comply with legal obligations

OpenAI Data Processing

  • Your transcript data is processed securely through OpenAI
  • OpenAI does not use API data for model training
  • Secure retention/deletion based on OpenAI policy

3. Data Storage & Security

Where Data Is Stored

  • Authentication: Clerk
  • Database: Supabase
  • Processing: OpenAI
  • Payments: Stripe
  • Hosting: Vercel

Security Measures

  • HTTPS/TLS encryption
  • Role-based & row-level database security
  • Encrypted temporary storage
  • No card storage

Data Retention

  • Action items: 90 days
  • Account data: while active
  • Audio/video files: deleted in 24 hours
  • Usage logs: 90 days

4. Data Sharing

We do NOT sell your data.

We only share data with required service providers:

  • Clerk
  • Supabase
  • OpenAI
  • Stripe
  • Resend
  • Vercel

We may share data if legally required or in business transfers (e.g. acquisition).

5. Your Rights (GDPR & UK GDPR)

  • Access, correction, deletion
  • Download/export data
  • Withdraw consent
  • Object to certain processing

Email: privacy@veriact.co.uk

6. Children’s Privacy

Not for users under 16. If data was mistakenly submitted, please contact us.

7. International Data Transfers

GDPR-compliant safeguards including SCCs and encryption.

8. Cookies

Only essential cookies (authentication/session). No ads or trackers.

9. California CCPA Rights

Right to know, delete, and non-discrimination — we do not sell data.

10. Data Breach Notification

You will be notified within 72 hours if your data is impacted.

11. Changes to This Policy

We notify users of changes via website update and/or email.

12. Contact Us

Email: privacy@veriact.co.uk

Supervisory Authority: UK ICO — https://ico.org.uk

13. Legal Basis for Processing

ProcessingLegal Basis
Account creationContract performance
Payment processingContract performance
Service improvementLegitimate interest
Marketing (if opted in)Consent

By using VeriAct, you acknowledge that you have read and understood this Privacy Policy.

Questions about privacy?

Contact us at: privacy@veriact.co.uk