Privacy Policy

VeriStay ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, password, company name
• Property Data: Property details, room information, inspection data
• Media Content: Photos and videos uploaded during inspections
• Payment Information: Billing details (processed securely by our payment processor)

1.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent
• Device Information: IP address, browser type, operating system
• Location Data: Approximate location (if permitted)
• Cookies: See our Cookie Policy below

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our service
• Process AI analysis on inspection images
• Send service-related communications
• Provide customer support
• Analyze usage patterns and optimize performance
• Detect and prevent fraud or abuse
• Comply with legal obligations

3. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

• Service Providers: Cloud hosting (Azure), AI processing, payment processing
• Legal Requirements: When required by law or to protect rights
• Business Transfers: In connection with merger, sale, or acquisition
• With Your Consent: When you explicitly authorize sharing

4. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You may request deletion at any time (subject to legal hold requirements).

• Account Data: Until account deletion + 30 days
• Inspection Data: Configurable retention (default: 2 years)
• Backup Data: Up to 90 days after deletion

5. Your Rights (GDPR & Privacy Laws)

You have the right to:

• Access: Request a copy of your data
• Rectification: Correct inaccurate data
• Erasure: Request deletion ("right to be forgotten")
• Portability: Export your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to certain processing activities
• Withdraw Consent: Revoke consent at any time

To exercise these rights, contact us at privacy@veristay.app.

6. Data Security

We implement industry-standard security measures:

• End-to-end encryption for data in transit (TLS 1.3)
• Encryption at rest for all stored data
• Multi-factor authentication (MFA) support
• Regular security audits and penetration testing
• Strict access controls and monitoring

7. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Authentication, security (cannot be disabled)
• Analytics Cookies: Usage statistics (can be opted out)
• Preference Cookies: Remember your settings

You can control cookies through your browser settings.

8. Third-Party Services

Our service integrates with:

• Microsoft Azure: Cloud hosting and infrastructure
• AI Processing: Image analysis and damage detection
• Analytics: Usage tracking and performance monitoring

These providers have their own privacy policies.

9. Children's Privacy

VeriStay is not intended for users under 18. We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or in-app notification. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or to exercise your rights:

• Email: privacy@veristay.app
• Contact Form: veristay.app/contact
• Data Protection Officer: dpo@veristay.app

13. Legal Basis for Processing (GDPR)

We process your data based on:

• Contract Performance: To provide services you requested
• Legitimate Interests: To improve our service and prevent fraud
• Legal Compliance: To comply with applicable laws
• Consent: For optional features (e.g., marketing emails)

This is a template privacy policy. It should be reviewed and customized by legal counsel before publication.