Privacy Policy

Veridian Software LLC ("Veridian," "we," "us," or "our") is a Texas limited liability company that provides managed digital services to businesses. This Privacy Policy describes how we collect, use, protect, and share information in connection with our website at veridiansoftware.net and the services we provide.

We built our privacy practices around a simple standard: your data belongs to you. We use it to serve you. We do not sell it, rent it, or share it in ways you haven't authorized.

Information you provide directly:

• Contact and intake forms: name, email address, phone number, business name, type of business, and any other information you choose to include.
• Service onboarding: business details, website content, brand assets, domain preferences, and other information needed to deliver your service.
• Payment information: payment is processed entirely by Stripe. Veridian receives only a masked card identifier and billing confirmation. We never store full card numbers.

Information collected automatically:

• Website analytics: pages visited, referral sources, device type, and approximate location (city-level). Collected via Google Analytics 4. No personally identifiable information is included in these analytics by default.
• Service performance data: for managed services, we access analytics from your Google Business Profile, website, and advertising accounts as authorized. This data is used solely to manage and improve your service.
• Access logs: all access to Veridian systems is logged for security monitoring purposes.

We use the information we collect to:

• Deliver and manage the services you subscribe to.
• Communicate with you about your service, billing, and updates.
• Respond to inquiries submitted through our contact forms.
• Generate monthly analytics reports and performance summaries for your business.
• Improve our service delivery using anonymized, aggregated performance patterns — never by analyzing individual client records without stripping identifying attributes first.
• Detect and respond to security threats to our systems and client environments.
• Meet our legal obligations.

We do not use your data to train general-purpose AI models. We do not use your data for targeted advertising. We do not use your data for any purpose not listed above without your explicit consent.

To be unambiguous:

• We do not sell your data. Your business data — including contact information, analytics, business details, and content — is never sold to any third party under any circumstances.
• We do not share your data with advertisers. None of your information is shared with advertising networks, data brokers, or marketing platforms.
• We do not share your data with other clients. Client environments are isolated. Your data is not accessible to other Veridian clients.
• We do not use your raw business data to improve services for competitors. Any platform improvements that involve performance analysis are derived exclusively from anonymized, aggregated signals — individual business records are never used directly.

All Veridian client data is protected by our Veridian Shield security infrastructure, which includes:

• AES-256 encryption at rest and in transit.
• Logical isolation — each client operates in a separate data environment inaccessible to other clients.
• Anonymization pipeline — all aggregate analysis passes through an automated anonymization process before any analysis occurs.
• Full audit logging — every data access event is logged and retained.
• Real-time threat monitoring — automated detection of anomalous access patterns with immediate automated response.
• Incident response protocol — in the event of a confirmed security incident, you will be notified within 72 hours.

No security system is infallible. While we take all reasonable and technically current measures to protect your data, we cannot guarantee absolute security against all possible threats.

We share limited information with third-party vendors who help us deliver services. These vendors are contractually obligated to use your data only as directed by Veridian and not for their own purposes:

• Stripe — payment processing. Subject to Stripe's Privacy Policy.
• Vercel — website hosting infrastructure. Subject to Vercel's Privacy Policy.
• Google — Google Analytics (anonymized web analytics) and Google Business Profile API (for GBP management services you've authorized).
• Anthropic — AI-generated copy and reporting. Data submitted for generation is not retained by Anthropic for training purposes under our API agreement.

We do not share your data with any other third party without your explicit written consent, except as required by law.

Our website uses cookies and similar tracking technologies for the following purposes:

• Analytics cookies (Google Analytics 4): to understand how visitors use our website. These are anonymized and aggregated. IP anonymization is enabled.
• Functional cookies: to remember preferences and improve site performance. No cross-site tracking.

We do not use advertising or remarketing cookies on veridiansoftware.net. You may disable cookies in your browser settings. Disabling cookies may affect site functionality.

We retain your data for as long as your service subscription is active, and for a period of 36 months after termination for legal and business record-keeping purposes. After 36 months, personal data is deleted or anonymized.

Access logs and security event records are retained for 12 months. Anonymized aggregate performance data may be retained indefinitely.

If you submit a contact form without becoming a client, your information is retained for 18 months in our CRM and then deleted.

You have the following rights with respect to your personal data:

• Access: request a copy of the personal data we hold about you.
• Correction: request correction of inaccurate data.
• Deletion: request deletion of your personal data, subject to our legal retention obligations.
• Portability: request your data in a machine-readable format.
• Opt-out of sale: we do not sell your data, but you may formally assert this right in writing.

To exercise any of these rights, email sean.a@veridiansoftware.net with the subject line "Privacy Request." We will respond within 30 calendar days. We may request identity verification before processing sensitive requests.

California (CCPA/CPRA): California residents have rights under the California Consumer Privacy Act including the right to know, delete, correct, and opt out of the sale of personal information. As stated in this policy, Veridian does not sell personal information. To exercise your CCPA rights, see Section 9 above.

Texas (TDPSA): Texas residents have rights under the Texas Data Privacy and Security Act effective July 1, 2024. These include the right to access, correct, delete, and obtain a portable copy of your personal data, as well as the right to opt out of targeted advertising and profiling. Veridian does not conduct targeted advertising or profiling as described under the TDPSA. To exercise your rights, see Section 9.

Our services are directed at businesses and their owners. We do not knowingly collect personal information from individuals under the age of 18. If we learn that we have inadvertently collected information from a minor, we will delete it promptly. If you believe we have collected information from a minor, please contact us immediately.

We may update this Privacy Policy as our practices change or as required by law. When we make material changes, we will notify active clients via email at least 14 days before the change takes effect, and update the "Last updated" date at the top of this page.

For privacy questions, data requests, or security concerns: