Privacy Policy
Last updated: April 2026
What We Collect
When you purchase a Verilabs Audit, we collect your email address and connect to your Stripe account via read-only OAuth. We never store your Stripe secret keys or access tokens beyond the duration of the audit session.
Stripe Data Access
We request read-only OAuth access to your Stripe account. We read charges, refunds, subscriptions, and customer records solely to generate your audit report. We do not write, modify, or delete any Stripe data. OAuth tokens are discarded after the audit completes.
How We Use Your Data
Your email is used to deliver the audit report and, if you opt in, to notify you about the monitoring service. We do not sell your data to third parties. We do not use your Stripe data for any purpose other than generating your personal audit report.
Data Retention
Audit report summaries (no raw Stripe data) are retained for 90 days so we can answer follow-up questions. Raw Stripe data accessed during the audit is not stored. You may request deletion at any time by emailing audit@verilabs.dev.
Third-Party Services
We use Stripe for payment processing and Vercel for hosting. Each has their own privacy policy. We use Resend for transactional email delivery.
Contact
Questions about this policy: audit@verilabs.dev