VERITABLEFashion Authentication

Legal

Privacy Policy

Last updated May 5, 2026. This policy is a polished implementation draft and should be reviewed by counsel for production use.

Information we collect

We collect account information, contact details, submission details, handbag photos, payment status metadata, certificate data, support inquiries, and operational logs required to provide authentication services.

How we use information

We use information to create accounts, process submissions, record authorization status, conduct authentication review, issue certificates, provide public verification, prevent abuse, respond to inquiries, and improve the service.

Submission photos

Handbag images are used for authentication review and internal quality control. Production storage should use private buckets, signed URLs, access controls, file-name sanitization, and audit logging.

Public certificate verification

Public verification pages show only limited certificate and item information such as certificate status, certificate ID, brand, model, result, and date issued. Private customer information is not displayed by default.

Authorization status

This configuration does not collect card data or process payments. Veritable stores representative authorization status, support notes, certificate data, and operational records required to provide authentication services.

Service providers

We may use infrastructure, storage, email, analytics, fraud prevention, and operational providers to operate Veritable. These providers process information according to their contracts and security obligations.

Retention

We retain records for as long as needed to provide authentication services, maintain certificate verification, meet legal obligations, resolve disputes, prevent fraud, and support audit trails.

Your choices

You may update account details, request support, and inquire about data access or deletion where applicable. Certificate integrity and fraud-prevention obligations may limit deletion of certain records.

Security

Veritable is designed with role-based access, protected routes, signed file access, webhook verification, audit logs, and environment-based secret handling. No system can guarantee absolute security.