Brief content (your pitch text)
- Where
- Encrypted at rest
- Retention
- While your account is active; deleted on request
- Who sees it
- Owner only
We do not sell your data or use it to train public models. Here is exactly what we do with your data, where it goes, and who handles it.
We are an early-stage company. We do not yet hold a third-party security certification such as SOC 2 or ISO 27001, and we do not yet have custom DPAs or signed provider amendments in place. The practices below are self-attested and rely on each vendor's standard terms. If you need a security questionnaire response or want to discuss a custom arrangement, email security@tryverdikt.app.
We list the primary third-party processors in our stack, including ones that haven't started receiving data yet. The status column tells you exactly which are live today. Updates go out 30 days before any new processor handles your data.
Each item below is either operating today or waiting on the relevant launch. Where a practice activates only when its sub-processor goes live, it inherits that vendor's status from the table above. We update this page when any item changes.
Security researchers and customers can report a concern at any time. We acknowledge within one business day and ship a remediation timeline within 72 hours.
security@tryverdikt.app