Privacy Policy

• Account information. When you register (by email or Google sign-in) we store your email address, display name and, if provided, an avatar image.
• Content you create. Reviews, scam reports, company claims, company profiles you add or manage, and bookmarks.
• Authentication data. Sessions are managed by Supabase Auth. If you sign in with Google, we receive your basic profile (name, email, avatar) from Google — never your password.
• Technical data. Standard request logs and cookies required to keep you signed in and to operate the site.

• To provide and secure your account and the verification features.
• To publish the reviews, reports and company profiles you choose to submit.
• To calculate company Trust Scores from community and verification signals.
• To moderate content and prevent fraud, spam and abuse.
• To maintain an audit log of important actions for security and accountability.

Scam reports are treated as confidential. The full content of a report is visible only to you and our moderation team. Aggregate, non-identifying information (such as the number and category of reports) may contribute to a company’s public Trust Score.

We do not sell your personal data. We share data only with the service providers that power VerifyRemote:

• Supabase — authentication, database and file storage.
• Vercel — application hosting and delivery.
• Google — only if you choose Google sign-in (OAuth).

We may also disclose information where required by law or to protect the rights, safety and security of our users.

We keep your account data while your account is active. You can delete your reviews and bookmarks at any time. When you request account deletion, we remove your profile and associated content, except where we must retain limited records to comply with legal obligations or resolve disputes.

Depending on your location, you may have the right to access, correct, export or delete your personal data, and to object to or restrict certain processing. You can manage your profile from your account settings, or contact us to exercise any of these rights.

Access to data is enforced at the database level with row-level security, so users can only read and modify what they are permitted to. Session cookies are HTTP-only and transmitted over HTTPS in production. No system is perfectly secure, but we take reasonable measures to protect your data.

We use essential cookies to keep you signed in and to remember your theme preference. We do not use advertising cookies.

VerifyRemote is not intended for anyone under 16, and we do not knowingly collect data from children.

We may update this policy from time to time. Material changes will be reflected by the “Last updated” date above.

Questions about this policy? Contact us at privacy@verifyremote.app.