Privacy Policy

1. Who We Are (Data Controller)

Veriwins ("we", "us", "our") operates the VeriWin$ platform and is the data controller responsible for personal data processed through the Service. For privacy questions, contact privacy@veriwins.com.

2. Data We Collect

• Account data. Name, email, password hash, and authentication identifiers used to create and secure your account.
• Profile & usage data. Settings, audit submissions, reports, in-app activity, device identifiers and IP address.
• Giveaway data. Publicly available information from social media links you submit for auditing.
• Sensitive evidence. Screenshots, direct messages and receipts you upload to prove fraud or prize fulfilment.
• Support communications. Messages you send us and metadata about those messages.
• Payment-related data. Billing email and subscription status. Card details and full billing addresses are collected directly by Paddle (see §5).

3. Purposes & Legal Bases

4. How We Handle Sensitive Evidence

• Automated masking. AI detects and blurs PII (addresses, phone numbers) in uploaded images before permanent storage.
• Encrypted storage. Evidence is stored using AES-256 encryption at rest, with TLS in transit.
• Restricted access. Evidence is accessible only to you and, if you formally report a scam, to official state consumer protection offices.

5. Sharing & Disclosure

• Payments — Paddle (Merchant of Record). We use Paddle.com as our payment processor and Merchant of Record. Paddle independently collects and processes your payment details (card data, billing address, tax identifiers) to fulfil your order, manage subscriptions, handle refunds, and meet tax and invoicing obligations.
• Service providers. Cloud hosting, database, storage, analytics and email infrastructure providers that process data on our behalf under written agreements.
• Government agencies. Packaged evidence is shared with consumer protection offices or the FTC only when you explicitly file a formal complaint, or where required by law.
• Professional advisers. Legal, accounting and audit advisers, under confidentiality.
• No data sales. Veriwins never sells your personal data or evidence to advertisers or data brokers.

6. Data Retention

• Account data. Retained for the lifetime of your account and deleted within 30 days of account closure, except where longer retention is required by law.
• Evidence uploads. Retained while the related audit or report is active, and for up to 24 months after closure to support investigations, then deleted or anonymised.
• Billing & tax records. Retained by Veriwins and Paddle for up to 7 years to meet legal, tax and accounting obligations.
• Support communications. Retained for up to 24 months after the conversation closes.
• Security logs. Retained for up to 12 months for fraud prevention and incident response.

7. Your Rights & Control

• Access & portability. Request a copy of the data we hold about you.
• Correction. Update inaccurate or incomplete data from your account settings or by contacting us.
• Deletion. Request permanent deletion of your account and associated evidence from settings.
• Restriction & objection. Ask us to restrict or object to certain processing based on legitimate interests.
• Withdraw consent. Withdraw consent for marketing at any time using the unsubscribe link in any email.
• Complaints. If you are in the UK/EEA you may complain to your local data protection authority.

9. International Transfers & Cookies

Personal data may be processed in countries outside your own, including the United States. Where required, transfers are protected by Standard Contractual Clauses or equivalent safeguards. We use strictly necessary cookies to keep you signed in and optional analytics cookies to improve the Service; you can manage preferences in your browser.