Privacy Policy
What we collect
Account information (email, name, password hash, billing details), API usage (request counts, response codes, latency), submitted content (AI output you send us for review), reviewer outputs (validated results, scorecards, and reviewer ID), and basic device information (IP address, user agent) for security and rate limiting.
Why we collect it
To provide the Service, to bill you, to detect abuse, to improve the Service, and to comply with our legal obligations. We do not use your content to train our own models or anyone else's.
Who we share it with
Reviewers (only the content they need to review). Payment processors (Stripe, Wise — for billing). Cloud infrastructure providers (AWS, GCP — for hosting, under data processing agreements). Law enforcement (only when legally compelled). We do not sell your data.
Where we store it
Data is stored in the United States and the European Union, in encrypted-at-rest databases managed by our cloud providers. Backups are encrypted and retained for 30 days.
How long we keep it
Account data is retained for the life of your account plus 90 days. Submitted content is retained for up to 90 days for debugging and quality assurance, then deleted. Audit logs are retained for 1 year. Billing records are retained for 7 years as required by tax law.
Your rights
You can access, correct, export, or delete your data at any time from the account settings, or by emailing privacy@verifiedworkflows.com. EU and UK residents have the additional rights set out in our GDPR notice.
Cookies
We use first-party cookies for authentication and session management, and Google Analytics for aggregate traffic measurement. See our Cookie Policy for the full list.
Children
The Service is not directed to children under 16, and we do not knowingly collect data from children.
Contact
For privacy questions or to exercise your rights, contact privacy@verifiedworkflows.com or our EU representative at eu-rep@verifiedworkflows.com.