Privacy Policy.
Effective 2026-06-18 · Version 1.0
Veracore Compliance Group (“Veracore,” “we”) operates a compliance review platform for blockchain and digital-asset operators. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
1. Information we collect
- Account information — name, email, organization, role. Managed by our authentication provider, Clerk.
- Submitted content — chat messages, uploaded documents, image attachments, and metadata about each submission (timestamps, file types, sizes).
- Vera outputs— Vera's responses and the citations she relies on. Retained alongside the originating submission.
- Billing data — managed by Stripe. We store the Stripe customer ID and subscription state; we do not store full payment-card numbers.
- Operational logs — request metadata, error events, and aggregate usage counts. Used for service health and abuse prevention.
2. How we use information
- To deliver the compliance review service and human-officer escalation queue.
- To authenticate users, enforce subscription limits, and bill for use.
- To detect and prevent abuse of the platform.
- To improve the knowledge base and operating playbook authored by our team — we do not use your submitted content to train any AI model.
3. Subprocessors
The platform is delivered with the help of the following subprocessors. Each is bound by a data-protection agreement; the list may change with notice.
- Vercel — application hosting and serverless compute (United States).
- Neon — managed Postgres database (United States).
- Clerk — authentication and user management.
- Anthropic— large language model that powers Vera. Submissions sent for inference are not used to train Anthropic's models per their API terms.
- Voyage AI — embeddings for retrieval.
- Stripe — payments and subscription management.
- Vercel Blob — private object storage for uploaded files and images.
4. International transfers
Our infrastructure is primarily located in the United States. By using the service, you consent to the transfer of your information to the United States. For users in the EU/UK, we rely on Standard Contractual Clauses with our subprocessors where required.
5. Retention
Submitted content and Vera outputs are retained for the life of your account plus the period required by our records-keeping obligations. Operational logs are retained for up to twelve months. You may request deletion of specific records or your account by emailing the contact below; statutory retention may delay deletion of some categories.
6. Security
Documents and image attachments are stored in private object storage and served only through authenticated proxy endpoints. Database traffic is TLS-encrypted. Access by Veracore staff is limited to roles with a business need.
7. Your rights
Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data. To exercise any of these rights, contact us at the address below. We will respond within the timeframe required by applicable law.
8. Children
The service is not intended for individuals under 18 and we do not knowingly collect data from minors.
9. Changes
We will post material changes to this Policy on this page with a new effective date. Continued use after a change constitutes acceptance.
10. Contact
Privacy questions or data-rights requests: hello@veracorecg.com.