Skip to main content

Data Processing Policy

Effective Date: March 1, 2024

This Data Processing Policy explains how Voice of Reason LLC ("VoR," "we," "our," or "us") processes information in connection with access to and use of our website, applications, APIs, and verification services (the "Services").

This Policy is provided for transparency and does not replace or modify contractual data processing terms agreed to separately with customers.

1. Processing Principles

VoR processes information in accordance with applicable data protection laws and the following principles:

Lawfulness and Purpose

Data is processed only for legitimate purposes related to providing, securing, and maintaining the Services.

Data Minimization

We seek to limit processing to information reasonably necessary for service operation and integrity.

Security and Confidentiality

Data is protected through appropriate administrative, technical, and organizational safeguards.

Retention Limitation

Data is retained only for as long as reasonably required for operational, contractual, or legal purposes.

2. Categories of Data Processed

Depending on how the Services are used, VoR may process the following categories of information:

a) Information Provided by Users or Organizations

  • Account and contact information
  • Organizational identifiers and configuration data
  • Content submitted to the Services, including documents, records, or structured inputs

b) System and Usage Information

  • Interaction logs and service usage data
  • System metadata associated with submitted inputs
  • Service outputs generated for authorized users

c) Technical Information

  • Device, browser, and session information
  • Network and security data used for access control and fraud prevention

VoR does not require the submission of sensitive personal data unless explicitly agreed under a separate contract.

3. Purpose of Processing

VoR processes information for the following purposes:

  • Operating, maintaining, and securing the Services
  • Authenticating users and managing access
  • Presenting verification outputs to authorized users
  • Monitoring system performance and reliability
  • Complying with legal and regulatory obligations

Processing is limited to what is reasonably necessary to support these purposes.

4. Processing Activities

As part of service operation, VoR may perform activities such as:

  • Receiving and storing user-submitted information
  • Structuring and relating submitted information to referenced standards
  • Logging system events for reliability and audit purposes
  • Restricting access through role-based controls
  • Deleting or anonymizing data in accordance with retention requirements

VoR does not disclose detailed processing architecture for security and integrity reasons.

5. Data Security

VoR implements reasonable safeguards designed to protect data against unauthorized access, loss, or misuse. These measures may include:

  • Encryption in transit and at rest
  • Access controls and authentication mechanisms
  • Monitoring for anomalous or unauthorized activity
  • Segmentation of systems and environments

Security controls are periodically reviewed and updated as appropriate.

6. Subprocessors

VoR may engage third-party service providers to support infrastructure, hosting, or operational functions.

Subprocessors are contractually required to:

  • Process data only on VoR's instructions
  • Maintain confidentiality
  • Apply appropriate security measures
  • Comply with applicable data protection laws

Information about subprocessors may be provided to customers where contractually required.

7. International Data Transfers

Where processing involves cross-border transfers, VoR relies on recognized legal mechanisms to ensure appropriate protection.

Primary processing operations are based in the United States.

8. Data Subject Rights

Depending on applicable law, individuals may have rights related to their personal data, including access, correction, or deletion.

Requests may be submitted to:
📧 privacy@vors.ai

VoR may require verification of identity and may decline requests where permitted by law.

9. Data Retention

Data is retained only for as long as reasonably necessary to:

  • Provide the Services
  • Meet contractual obligations
  • Comply with legal or regulatory requirements

Data may be deleted, anonymized, or aggregated when no longer required.

10. Changes to This Policy

VoR may update this Policy to reflect legal, operational, or technical changes. Updates will be posted on our website and take effect upon publication.

Contact

Questions regarding this Policy may be directed to:
📧 privacy@vors.ai