Product Privacy Policy

Verity is a multi-tenant SaaS data analytics platform that allows customers to analyse their own marketing and analytics data through an AI agent. This Product Privacy Policy describes how the Verity product collects, stores, processes, and deletes data on behalf of its customers. This policy is separate from our website Privacy Policy, which only covers visitors of ask-verity.com and our waitlist. If you are a logged-in Verity customer, this Product Privacy Policy applies to you in addition to your contractual agreement with Verity.

Verity reads data from third-party platforms only after a customer (Account Owner or Admin) explicitly connects an integration via OAuth. We request the minimum scopes required for the analytics features the customer has enabled. Facebook (Meta Marketing API, ads_read scope) When a customer connects a Facebook Ads account, Verity reads: • Account metadata via /me/adaccounts: account_id, name, currency, timezone, business_id • Campaign, ad set, and ad metadata: names, status, objective, dates, structure • Performance metrics via /{ad_account_id}/insights: spend, impressions, clicks, CTR, CPC, CPM, conversions, reach, frequency, and date breakdowns Verity does not request or store user-level data, personal contact data of leads, custom audience membership, or the contents of ad creatives beyond what is needed for attribution and reporting. Other connected sources Customers may also connect Google Ads, Google Analytics 4, and BigQuery datasets. The same principle applies: Verity reads only the metrics and dimensions needed for the analytical features the customer uses, scoped to the accounts the customer authorises.

OAuth tokens Access tokens and refresh tokens for connected platforms are encrypted at rest using envelope encryption with keys managed by Google Cloud KMS. Tokens are scoped per workspace and are never shared between tenants. Cached metrics Aggregated query results pulled from connected sources are cached for performance. Cached metrics are retained on a 30-day rolling window and refreshed on demand. Query history Natural-language questions, the SQL Verity generated, and the result rows are retained for 90 days so customers can revisit prior analyses. After 90 days, query history is purged. Aggregate analytics Anonymised, non-identifying usage statistics (e.g. count of queries per pack, error rates, latency percentiles) are retained longer for product improvement. These contain no customer data, no third-party platform identifiers, and no personal data.

All customer data is stored in Google Cloud Platform, in EU multi-region locations (europe-west and europe-north). Verity does not transfer customer data outside the European Economic Area, with the limited exception of LLM processing described in section 6.

Verity is multi-tenant. Each customer has one or more Accounts, and each Account contains one or more Workspaces. Data is strictly isolated per Account at the database, query, and cache layer. There is no cross-tenant access path in the product. Within a Workspace, access is governed by role-based permissions: • OWNER: full control, including billing and deletion • ADMIN: manage integrations, members, and settings • MEMBER: run queries and view results • VIEWER: read-only access to dashboards and saved queries

Verity uses the following sub-processors. Each is bound by a data processing agreement (DPA) and processes data only on documented instructions from Verity. Google Cloud Platform (EU multi-region): hosting, Postgres database, BigQuery, Cloud Storage, KMS for token encryption. OpenAI and Anthropic: used to power Verity's AI agent. When a customer asks a question, Verity sends to the LLM provider: (a) the natural-language question, (b) relevant schema and glossary context for the datasets in scope, and (c) aggregated query results needed to generate the answer. Verity does not send raw user-level advertising data, raw event-stream data, or OAuth tokens to LLM providers. LLM providers are configured for zero-retention where supported and are contractually prohibited from training on Verity customer data. Postmark: transactional email delivery (account confirmations, notifications, support replies).

OAuth tokens are encrypted at rest with per-tenant key derivation. Tokens are decrypted in memory only at the moment an authorised job needs to call the upstream API on behalf of the customer. We log token use for audit purposes but never log the token value itself. When a customer disconnects an integration, revokes the Verity app at the source platform (e.g. via Facebook Settings → Apps and Websites), or deletes their account, the token is invalidated immediately and the linked data is scheduled for deletion as described in section 8.

Concrete retention windows: • OAuth tokens: until disconnect or token revocation (deleted within 24 hours of either) • Cached metrics: 30 days rolling • Query history: 90 days • Account audit logs: 12 months • Aggregate, anonymised analytics: retained indefinitely for product improvement • Backups: encrypted, retained for 30 days, then permanently deleted On account deletion, all customer-identifiable data is removed from production within 24 hours and from backups within 30 days.

If you are a Verity customer or a person whose personal data is processed by a Verity customer through the product, you have the right to: • Access the personal data we process about you • Correct inaccurate data • Request deletion of your data • Object to or restrict processing • Receive your data in a portable format • Lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) For requests originating from end-users of a Verity customer's ad accounts, please contact the customer (controller) directly. Verity acts as the processor in those cases and will assist the customer in fulfilling such requests. To exercise these rights with Verity directly, contact us at [email protected].

Customers can delete their data at any time, either inside the product or by emailing us. See our Data Deletion Instructions for the exact steps and timelines.

Verity is a B2B product and is not directed at, or intended for, children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

We may update this policy when we add features, change sub-processors, or to reflect legal changes. Material changes are communicated to logged-in customers by email at least 30 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

Verity is operated by Digital-Strategies, a sole proprietorship registered in the Netherlands. For privacy questions, data subject requests, or any other matters covered by this policy: [email protected]