Privacy policy

Privacy Policy

Last updated: 31 May 2026

This policy explains how we handle your personal data when you join our waitlist, request a demo, subscribe to updates, or otherwise interact with us.

Controller and contact

The controller is VERIDA AB, company reg. no. 559521-8586, Kungsgatan 12, 652 24 Karlstad, Sweden.

Questions about data protection or requests to exercise your rights: contact@verida.se.

What data we collect

Depending on the context we may process:

  • Identity and contact details: name, email, phone, company, role.
  • Communication details: messages you send to us, meeting bookings.
  • Technical details: IP address, device or browser data, and visit statistics via cookies. See our Cookie Policy.

When and why we use your data

If you join the waitlist or request a demo through our forms

  • Purpose: manage the waitlist, contact you about product updates and beta access, schedule and run demos, and follow up on interest.
  • Legal basis: legitimate interest to respond to your request and manage the waitlist. Consent for marketing emails and product news when you actively opt in.
  • Retention: up to 24 months after your last interaction or until you withdraw consent. If you become a customer, see the customer section below.

If you use our contact form

We use your details to deliver what you asked for and to follow up with relevant information about our services.

  • Legal basis: legitimate interest.
  • Retention: as long as needed to handle your request and reasonable follow up. You can object at any time.

If you interact with us on social media

Posts and comments on our public pages are processed to communicate and market our services.

  • Legal basis: legitimate interest.
  • Retention: we read, may reply, and delete when appropriate. You can delete your own posts at any time. The social media platform also processes your data under its own terms.

If you email us

We read, store, and forward your message internally if needed. Typical data are name, email, phone, and role.

  • Legal basis: legitimate interest.
  • Retention: depends on the matter. Within an active customer relationship we may keep messages for the term of the agreement and a period thereafter to protect our legal rights.

If you subscribe to our newsletter

We process your email address to send the newsletter.

  • Legal basis: consent, which you can withdraw at any time via the Unsubscribe link or by contacting us.
  • Retention: until you withdraw consent. If you are an existing customer or a likely B2B prospect, we may send relevant updates based on legitimate interest. You can object at any time.

If you are a current or potential customer

We process contact details to market our services, manage agreements, deliver support, document commitments, and invoice.

  • Legal basis: legitimate interest and, where applicable, necessary for contract performance.
  • Retention:
    • Prospects that do not become customers: up to 2 years after the last contact.
    • Customer upsell and marketing data: up to 3 years after the last transaction.
    • Other customer data required for legal claims or bookkeeping: up to 10 years under applicable law.

If you apply for a job

We process the information you submit, such as name, address, email, phone, personal identity number, CV, and cover letter.

  • Legal basis: legitimate interest to manage your application.
  • Withdraw: email carlos@verida.se and we will delete your data unless we must keep some data to comply with law.
  • Retention:
    • If not hired: application documents kept for 2 years to comply with Swedish discrimination law.
    • Unsolicited applications when we are not hiring: 1 year or less if you request deletion.
    • If hired: merit documents for 2 years; other necessary employment data for the duration of the employment and a period thereafter.
    • With your consent we may keep your details for future roles or events. You can withdraw consent at any time.

We may contact references you provide and will inform them at first contact. Reference data are kept up to 2 years if the applicant is not hired.

Cookies and analytics

We use Google Analytics (GA4) to understand how the site is used, for example which pages are visited and how visitors arrive. The analytics may process personal data such as IP address, device and browser data, and visit statistics, and involves transferring data to Google (including to the US, with the EU Commission Standard Contractual Clauses as a safeguard).

Analytics cookies are only set after you have actively consented via our cookie banner. Strictly necessary functions required for the site to work do not require consent. You can change or withdraw your consent at any time via the “Cookie settings” link at the bottom of the page. Legal basis: consent.

Who can access your data

We share personal data with suppliers and partners when needed for the purposes above, for example:

  • Web hosting and cloud infrastructure
  • Form and email services for waitlist, demos, and newsletters
  • CRM and customer support tools
  • Analytics and cookie providers

We have data processing agreements in place so they only process data on our instructions. If data is transferred outside the EU or EEA, we ensure a lawful basis, for example the EU Commission Standard Contractual Clauses plus required safeguards.

Your rights

Under GDPR you have the right to:

  • access your personal data and receive a copy
  • rectify inaccurate data and complete incomplete data
  • request restriction of processing in certain situations
  • object to processing based on legitimate interest or for direct marketing
  • request deletion in certain cases
  • withdraw consent at any time
  • receive your data in a structured, commonly used, machine-readable format and, where technically feasible, have it transferred to another controller (data portability)

If a request is clearly unfounded or excessive, for example repetitive, we may charge a fee or refuse it.

You can learn more about your rights from the Swedish Authority for Privacy Protection (IMY): imy.se/privatperson/dataskydd/dina-rattigheter.

You also have the right to lodge a complaint with IMY if you believe our processing violates applicable rules.

Security

We protect your data with appropriate technical and organizational measures, such as access controls, encryption in transit, and routine logging.

Changes to this policy

We may update this policy. The latest version is always available on our website.

Contact

VERIDA AB, company reg. no. 559521-8586, Kungsgatan 12, 652 24 Karlstad, Sweden.
Email: contact@verida.se