Privacy Policy

1. Who we are

VERIFION LLC is a company incorporated in the State of Wyoming, United States. In this Privacy Policy, “VERIFION,” “we,” “us,” or “our” mean VERIFION LLC. We are a technology services provider delivering software, hosting, and infrastructure work to business clients.

Registered mailing address: 407 Lincoln Road, Suite 708, Miami Beach, FL 33139, United States.

Contact email: support@verifion.net (privacy and data requests).

Day-to-day technical operations are coordinated on a distributed basis worldwide, in line with client time zones and project locations; client infrastructure may reside with international cloud and hosting providers. We serve business customers internationally.

Our work includes, depending on the engagement: custom software development for third-party clients; infrastructure hosting and cloud arrangements (including VPS and managed environments); deployment, configuration, and ongoing maintenance of platforms such as learning management systems (for example Moodle), web applications, APIs, and backend systems; infrastructure management and technical support; network security measures including mitigation of denial-of-service and volumetric attacks when included in a service plan; and general IT consulting and tailored technical solutions agreed in writing.

This Privacy Policy describes how we handle personal information in connection with our public website at verifion.net, sales and support communications, billing, and the delivery of those professional services (collectively, the “Services”).

If a signed contract (statement of work, master services agreement, hosting or support agreement, order form, or addendum) conflicts with this Policy on a specific subject, that contract controls for the client relationship to the extent permitted by law.

2. How client systems relate to personal data

We engage primarily with organizations. Personal information we process usually falls into one of these buckets:

• Our customer relationship data. Names, business emails, phone numbers, billing contacts, and account credentials for representatives of companies that hire VERIFION.
• Data inside client systems we host or maintain. When we operate servers, applications, or databases on a client’s behalf, those systems may store end-user or employee personal data defined and controlled by the client. The client is generally responsible for its own privacy notices, lawful bases, and data subject requests for that data. We process it only as instructed and as needed to provide the Services (patching, backups where contracted, monitoring, incident response, support access, migration, or development tasks within scope).
• Technical and operational telemetry. IP addresses, HTTP logs, firewall and load-balancer events, resource utilization metrics, error traces, and similar signals generated by infrastructure we manage. The exact categories depend on what is deployed for each client.

3. Personal information we collect (our business)

We may collect and process:

• Account and contact data. Name, company name, title, postal address, email, telephone, and comparable identifiers you give us for contracting, support, or invoicing.
• Billing and financial administration. Purchase records, tax or registration identifiers required for accounts receivable, and payment events processed by payment partners.
• Authentication data. Password hashes or tokens for portals or control planes we operate for clients, stored using industry-accepted methods.
• Communications. Content of emails, tickets, chat transcripts (if used), and notes reasonably necessary to perform the Services.
• Website and portal usage data. When you use verifion.net or administrative interfaces we provide: IP address, user agent, device characteristics, referring URLs, coarse geolocation from IP, session timestamps, and security-relevant events (failed logins, rate-limit flags).
• Infrastructure monitoring and security data. Server, network, and application logs; DDoS scrubbing or CDN statistics; alerts from monitoring systems; snapshots or excerpts retained for troubleshooting or post-incident review, as allowed by contract.

4. Processing methods

We process information through ticketing and email, project management tools, source control and CI systems for development engagements, cloud-provider consoles, backup and configuration management utilities, remote access sessions authorized by clients, and automated jobs (log rotation, patch workflows, capacity alerts, traffic filtering rules for attack mitigation). Processing is partly automated (filtering, monitoring, alerting) and partly performed by our personnel under access policies appropriate to their role.

5. Purposes

We use personal information to: negotiate and perform contracts; provision and administer hosting and cloud resources; develop, deploy, and maintain software deliverables; provide technical support; secure infrastructure under our management (including detection of abuse and volumetric attacks); invoice and collect amounts due; meet legal and tax obligations; enforce our agreements; improve internal operations using aggregate or de-identified statistics where reasonable; and communicate operational or policy changes.

We do not sell personal information as defined in the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”), and we do not use personal information for cross-context behavioral advertising.

6. Third-party service providers

We use independent vendors typical for an IT services firm, including:

• Cloud and infrastructure providers. Compute, storage, networking, DNS, and related capacity where client workloads or our tooling run.
• Connectivity and security-edge services. Bandwidth suppliers, reverse-proxy or CDN layers, and traffic-scrubbing or filtering services used to mitigate large-scale network attacks when that service is in scope.
• Monitoring, logging, and analytics tools. Uptime checks, application performance monitoring, log aggregation, error reporting, and occasional product analytics with settings aimed at minimizing personal data in reports.
• Business productivity software. Email, calendars, documents, accounting, e-signatures, CRM, and support platforms.
• Payment processors. Services that tokenize or route card and bank payments so that we limit retention of sensitive payment details on our own systems.

We bind vendors with confidentiality and security expectations appropriate to their role. Enterprise customers may request a summary of material subprocessor categories at support@verifion.net.

7. Disclosure

We disclose personal information to the categories of providers above; to professional advisers under confidentiality; to an acquirer or successor in a merger, acquisition, or asset sale subject to continued obligations; and when we believe in good faith that disclosure is required by law, regulation, valid legal process, or to protect the rights, property, or safety of persons.

8. International transfers

We primarily store and process data in the United States. If data is handled across borders, we take steps required by applicable law and by contractual commitments made to clients.

9. Retention

Retention varies by data type and contract:

• Sales and marketing contacts until withdrawal of consent or inactive-list deletion, often within twenty-four (24) months without an active project.
• Contracts, invoices, and accounting evidence commonly at least seven (7) years unless a shorter period is legally sufficient.
• Infrastructure and security logs typically thirty (30) days to twelve (12) months depending on environment and client requirements, longer when tied to an open investigation or legal hold.
• Client production backups and VMs per the schedule in each hosting or backup agreement; decommissioning is coordinated after termination.
• Corporate system backups may delay final deletion until the backup window expires (often thirty (30) to ninety (90) days).

10. Security

We apply administrative, technical, and organizational measures suited to IT infrastructure and development work, including: role-based access to production systems; authentication and logging for administrative actions; encryption of data in transit (TLS) where applicable; encryption at rest where supported by the underlying platforms; network segmentation between environments where practicable; patch and vulnerability management; monitoring for intrusion and availability; and DDoS mitigation controls when offered under contract. Risk cannot be eliminated; we do not warrant that all attacks or outages will be prevented.

11. Your rights

Contact support@verifion.net to request access, correction, or deletion of personal information we control about you, subject to legal exceptions. Where we act only as a processor for data residing in a client’s environment, we may refer you to that client for the fastest resolution.

Residents of California may have rights under the CCPA/CPRA. We do not discriminate against individuals for exercising statutory privacy rights. Authorized agents may submit verifiable requests.

12. Children

Our Services are intended for businesses and professionals. We do not knowingly collect personal information from children under thirteen (13). If you believe we have received such information inadvertently, email support@verifion.net.

13. Cookies

We use cookies and similar technologies needed for session management, authentication, load balancing, and security on verifion.net and interfaces we operate. Optional analytics cookies, if introduced later, will be described here along with choices where legally required.

14. Changes

We may revise this Policy by posting an updated version and changing the “Last updated” date. Material changes may be communicated to active customer contacts by email or through service notices.

15. Contact

VERIFION LLC — a company incorporated in the State of Wyoming, United States.

Registered mailing address: 407 Lincoln Road, Suite 708, Miami Beach, FL 33139, United States.

Contact email: support@verifion.net
Phone: +1 (305) 686-9815