Privacy Policy
Last updated: 7 July 2026
1. Controller
The data controller for VERIDIAN AI OS and its products is SHOBHA KAMAL SOLUTIONS PRIVATE LIMITED, a company incorporated in India under the Companies Act. Privacy contact: raajat.agarwal@gmail.com.
2. What we collect
- Account data — name, email, organisation name, and authentication records when you sign up.
- Business data — the content your organisation puts into the Services (records, documents, messages, tasks).
- Website analytics— on our public pages we assign a random, self-generated visitor identifier (stored in your browser's local storage; it contains no personal details) and record which pages and sections you view, links you click, when you leave, and any promotional offers shown to you. We use this to understand where visitors lose interest and to present relevant offers. No name or email is collected before you sign up.
- Technical data — IP address, browser type, and referral source, from standard server logs.
3. How we use it
- To provide, secure, and support the Services.
- To analyse and improve our websites and conversion journeys, including customized offers.
- To train and improve our models and systems. We use data to make our AI more accurate and useful. Safeguards and the scope of this use are set out in our Data Policy; you may object or seek exclusions by contacting us.
- To comply with law and enforce our terms.
4. Third parties and international transfers
We use third-party service providers to run the Services — including cloud hosting and database infrastructure (Vercel, Supabase) and AI model providers reached through our model-routing layer. These providers maintain GDPR compliance commitments and SOC 2 attestations. Our own systems are designed and operated in accordance with GDPR principles and SOC 2 trust-service criteria. Where data is transferred internationally, it is protected by appropriate safeguards such as standard contractual clauses offered by our providers.
5. Security and retention
Data is protected with encryption in transit, tenant isolation enforced at the database layer (row-level security), encrypted storage of API credentials, and audit logging of system actions. We retain data for as long as your account is active or as needed for the purposes above, then delete or anonymise it within a reasonable period.
6. Your rights
Subject to applicable law (including the GDPR where it applies and India's data protection framework), you may request access, correction, deletion, portability, or restriction of your personal data, and object to certain processing including use of your data for model training. Write to raajat.agarwal@gmail.com; we respond within the timelines required by law. This address also serves as the grievance contact under applicable Indian law.
7. Changes
We may update this policy; material changes will be posted here with a new date and, where appropriate, notified through the Services.