Privacy Policy

This Privacy Policy explains how Verrim (“Verrim”, “we”, “us”) collects, uses, and protects information when you use verrim.com and the Verrim application (the “Service”). Verrim is operated from Arizona, United States. The Service is intended for businesses in the United States.

Account information you give us: your name, email address, company name, and login credentials.

Certificate data you upload: resale and exemption certificates and the information in them, which can include third parties’ names, addresses, tax and exemption identification numbers, and signatures, provided on behalf of your business.

Usage and device information, such as IP address and browser type, collected to keep the Service working and secure.

Communications you send us, such as support requests.

We use it to provide and operate the Service, read and organize the certificates you upload, support you, keep the Service secure, improve it, and meet legal obligations. We do not sell your personal information.

Verrim uses automated and AI-assisted processing to read certificates, label fields, and score confidence. This may use trusted third-party AI providers acting as our subprocessors. The output can contain errors and is not tax or legal advice. See our AI Disclaimer, and always review results before relying on them.

We share information with service providers and subprocessors who help us run the Service (for example, hosting, AI processing, email delivery, and product analytics), under agreements that limit their use of it. We may share information if required by law or to protect rights and safety. If Verrim is involved in a merger or acquisition, information may transfer as part of that transaction. We will name our subprocessors on request, and a Data Processing Addendum is available for business customers who need one.

We use a product-analytics provider, acting as our subprocessor, to understand how the Service is used so we can improve it. We send usage events keyed to account and user identifiers — not the contents of your certificates, and not customer names or tax identification numbers. This information is used solely to operate and improve the Service.

Some browsers send a “Do Not Track” signal. There is no agreed industry standard for responding to it, so we do not currently respond to these signals. We will update this policy if that changes.

You can ask to access, correct, delete, or export your information, and opt out of any sale or sharing (we do not sell or share for advertising). Email hello@verrim.com to make a request. Depending on where you live, you may have additional rights under laws such as the California Consumer Privacy Act.

We keep information while your account is active or as needed to provide the Service, then delete or de-identify it unless we must keep it for legal reasons.

We take reasonable steps to protect your information, including encryption of data in transit. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If a breach affects your information, we will notify you and any regulators as required by law.

The Service is for businesses and is not directed to anyone under 18. We do not knowingly collect information from children.

We may update this policy and will post the new version here with the date.

Questions or requests: hello@verrim.com.