Trust Center

This page is maintained by Veridexa to answer common security and privacy questions about the Veridexa document verification platform.

Data Protection

All data is encrypted in transit with TLS and at rest using industry-standard algorithms. Access to production data is restricted to authorized personnel and audited.

Application Security

Secure development practices, dependency scanning, and code review are part of every release. Sensitive operations are protected by strict role-based access controls.

Infrastructure

Veridexa runs on hardened cloud infrastructure with isolated environments, DDoS protection, and continuous monitoring across regions.

Privacy & Compliance

We align our practices with GDPR and comparable data protection laws. A DPA and subprocessor list are available for customers with regulatory obligations.

Access & Identity

Authentication is protected by strong password policies and support for federated sign-in. Session tokens are rotated and revocable.

Incident Response

We maintain documented procedures for detecting, responding to, and communicating security incidents. Affected customers are notified without undue delay.

Shared Responsibility

Security is a shared responsibility. Veridexa is responsible for the security of the platform — infrastructure, application, and operational controls. Customers are responsible for how they use the Services, including account credentials, user access, and the data they choose to submit.

Reporting a Vulnerability

If you believe you have discovered a security vulnerability in the Veridexa platform, please report it responsibly to security@veridexa.io. Please include steps to reproduce and avoid accessing data that is not yours.

Contact

For security or privacy questions, contact security@veridexa.io.