×
Verihuman AI

VeriHuman Limited

Privacy Policy

This Privacy Policy explains how VeriHuman Limited (“VeriHuman”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our website, applications, and APIs (the “Service”). It also describes your privacy rights and how to exercise them.

Effective: 15 February 2026
Last updated: 15 February 2026
Privacy contact: contact@verihumanai.com

1. Who we are

The Service is operated by VeriHuman Limited, incorporated in Kenya. For the purposes of applicable data protection laws, VeriHuman Limited acts as a data controller for personal data collected through the Service, unless we clearly state otherwise (for example, where we act as a processor for an enterprise customer).

Tip: If you use VeriHuman through a company/organization account, that organization may be the controller for some processing, and we may act as a processor. Contact your organization for their internal privacy details.

2. Scope

This Privacy Policy applies to our website, web app, customer support, billing, and our APIs (including developer dashboards and API keys). It does not cover third-party services we don’t control (see Section 16).

3. Data we collect

3.1 Data you provide

  • Account data: name, email address, organization name (if provided), password (stored in encrypted/hashed form), and profile settings.
  • Billing data: billing address, payment status, invoices/receipts, subscription plan, and transaction references. (Payment card details are typically processed by our payment provider, not stored by us.)
  • Support data: messages you send to support, attachments you provide, and troubleshooting details.
  • Content you submit: text, prompts, and documents you provide to the chat, detection, or humanizer features (“Inputs”).

3.2 Data we collect automatically

  • Device and usage data: IP address, device type, browser type, operating system, app interactions, pages viewed, referral URLs, and timestamps.
  • Log and security data: login events, API usage logs, rate-limit events, fraud/abuse signals, and error logs.
  • Cookies and similar technologies: see Section 7.

3.3 Data from third parties

  • Payment processors: confirmation of payment, subscription status, chargebacks, and fraud signals.
  • Identity/sign-in providers: if you use social login, we receive limited profile data as permitted by that provider and your settings.
  • Service providers: analytics, hosting, and security vendors may provide aggregated or technical signals.
Do not send sensitive personal data (e.g., medical information, national IDs, passwords, or confidential third-party data) unless you have a lawful reason and permission to do so. If you choose to submit it, you do so at your own risk.

4. How we use data

We use personal data to:

  • Provide, operate, and maintain the Service (including chat, detection, humanizing, and APIs).
  • Create and manage accounts, authenticate users, and issue API keys.
  • Process payments, manage subscriptions, and prevent fraud.
  • Monitor usage, enforce plan limits, prevent abuse, and keep the Service secure.
  • Improve quality, performance, and user experience (for example, by analyzing aggregate usage and error patterns).
  • Provide customer support and respond to inquiries.
  • Comply with legal obligations and enforce our Terms & Conditions.

5. Legal bases for processing

Depending on your location and applicable law, we rely on one or more of the following legal bases:

  • Contract: to provide the Service you request, including account access, features, and customer support.
  • Legitimate interests: to secure the Service, prevent fraud/abuse, improve functionality, and maintain platform integrity.
  • Consent: where required (for example, certain cookies or marketing communications). You can withdraw consent at any time where it applies.
  • Legal obligation: to meet legal, regulatory, tax, or accounting requirements, and respond to lawful requests.

6. AI features & content processing

VeriHuman processes the text you submit to generate outputs (chat responses, detection likelihood signals, or rewritten text). We may also process technical and usage signals to enforce rate limits, protect the Service, and prevent misuse.

6.1 Inputs and outputs

  • Inputs: the text and prompts you submit.
  • Outputs: the results generated by the Service.
  • Responsibility: you are responsible for ensuring you have the rights and permissions to submit Inputs and to use Outputs.

6.2 Model training and improvement

We may use a combination of (a) aggregate usage patterns, (b) de-identified or anonymized signals, and (c) limited samples for quality and safety review to improve the Service. Where required by law, we will obtain your consent or provide opt-out choices within the product or via support.

6.3 Human review

We generally rely on automated systems. However, authorized personnel may review limited data to investigate abuse, respond to support requests, resolve technical issues, or comply with legal obligations.

Important: Detection results are probabilistic signals, not conclusive proof of authorship. Please interpret them carefully.

7. Cookies & analytics

We use cookies and similar technologies to operate the Service, remember preferences, and understand how the Service is used. Cookies may be “session” cookies (deleted when you close your browser) or “persistent” cookies (stored for longer).

7.1 Types of cookies

  • Essential cookies: required for login, security, and core site functionality.
  • Preference cookies: remember settings such as language or display preferences.
  • Analytics cookies: help us understand usage and improve performance.

7.2 Your choices

You can control cookies through your browser settings and, where available, our cookie banner or preference tools. Blocking certain cookies may affect site functionality.

8. Sharing & disclosure

We may share personal data with:

  • Service providers: hosting, storage, security, email delivery, analytics, and customer support tools (acting under contract and instructions).
  • Payment processors: to process transactions and prevent fraud.
  • API and infrastructure partners: where needed to deliver features (for example, external AI or verification APIs you invoke via the Service).
  • Business transfers: if we are involved in a merger, acquisition, financing, or sale of assets, subject to appropriate safeguards.
  • Legal and safety: where required by law, court order, or where necessary to protect users, our rights, and the integrity of the Service.

We do not sell personal data in the ordinary course of business. If that ever changes, we will clearly disclose it and, where required, offer opt-outs.

9. International transfers

VeriHuman operates globally. Your personal data may be processed in Kenya and in other countries where we or our service providers operate. Where cross-border transfers occur, we use reasonable safeguards such as contractual protections, vendor due diligence, and security controls.

Note: If your jurisdiction requires additional safeguards for international transfers, we will implement appropriate measures consistent with applicable law.

10. Data retention

We retain personal data only as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, comply with legal obligations, resolve disputes, enforce agreements, and maintain security.

  • Account data: retained while your account is active, and for a limited period after closure where necessary.
  • Billing records: retained as required by tax/accounting rules and dispute handling.
  • Logs and security data: retained for security, fraud prevention, and reliability monitoring, then deleted or anonymized.
  • Inputs: may be retained to provide the Service, for troubleshooting, abuse prevention, and as described in Section 6 (subject to your settings and lawful requirements).

11. Security

We implement technical and organizational measures designed to protect personal data from unauthorized access, loss, misuse, alteration, and disclosure. Measures may include access controls, encryption in transit, secure key management, monitoring, and staff confidentiality obligations.

No security system is perfect. You are responsible for using strong passwords, safeguarding your devices, and protecting your API keys.

12. Your rights

Depending on your jurisdiction, you may have rights regarding your personal data. These may include:

  • Access: request a copy of personal data we hold about you.
  • Rectification: correct inaccurate, incomplete, or outdated personal data.
  • Erasure: request deletion of personal data in certain circumstances.
  • Objection/restriction: object to or restrict certain processing in some cases.
  • Data portability: request your data in a structured, commonly used, machine-readable format where applicable.
  • Withdraw consent: where processing is based on consent.

12.1 How to exercise your rights

Email us at privacy@verihumanai.com with your request. For security, we may verify your identity before responding. We may refuse requests where permitted by law (for example, to protect the rights of others, comply with legal obligations, or maintain security).

12.2 Complaints

If you have a concern, please contact us first so we can try to resolve it. You may also have the right to lodge a complaint with your local data protection authority. In Kenya, this is the Office of the Data Protection Commissioner (ODPC).

13. Children

The Service is not intended for children under 13. If you are under 18, you should use the Service only with parental/guardian consent and supervision. If you believe a child has provided personal data without appropriate consent, contact us and we will take reasonable steps to address it.

14. Marketing communications

We may send service-related messages (such as billing notices, security alerts, and essential updates). Where permitted by law, we may also send marketing communications. You can opt out of marketing emails at any time by using the unsubscribe link or by contacting us at privacy@verihumanai.com.

15. Automated decisions

Some features may use automated processing (for example, abuse detection, rate limiting, or detection scoring). These systems are designed to protect the Service and provide results, but they may not be perfect. If an automated decision significantly affects you (for example, an account restriction), you may contact us to request review where applicable.

16. Third-party links

The Service may contain links to third-party websites or services. We do not control those third parties and are not responsible for their content or privacy practices. Review their privacy policies before using them.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date at the top of this page. If changes are material, we will take reasonable steps to notify you (for example, by posting a notice on our website or within your account). Your continued use of the Service after the changes take effect means you accept the updated Privacy Policy.

18. Contact

Company: VeriHuman Limited
Email: contact@verihumanai.com
Address: Nairobi, Kenya

If you are an enterprise customer and need a data processing addendum (DPA), security questionnaire responses, or vendor documentation, contact us at contact@verihumanai.com.

Plain language note: We wrote this policy to be clear and readable. It still has legal meaning. If anything is unclear, please reach out.