At Veridica Global, the security of your sensitive information is paramount. This document provides a transparent overview of the measures we take to protect your data throughout the authentication process.

1. Guiding Principles

Our security framework is built on the principles of least privilege, defense-in-depth, and end-to-end encryption. We treat all client data as highly confidential.

2. Data Encryption

• Encryption in Transit: All data transmitted between your browser and our servers, and between our internal systems, is encrypted using industry-standard TLS 1.2 or higher.
• Encryption at Rest: All digital copies of your documents and sensitive data stored on our servers are protected with AES-256 encryption, one of the strongest block ciphers available.

3. Access Control

• Role-Based Access: Access to client data is strictly limited to trained personnel who require it to perform their job functions.
• Multi-Factor Authentication (MFA): All internal access to systems containing client data requires MFA, adding a critical layer of security against unauthorized access.
• Audit Trails: We maintain detailed logs of access to sensitive data to ensure accountability and for security monitoring.

4. Physical Document Security

Your physical documents are handled with the utmost care in our secure processing facility. Access to the facility is restricted, and documents are stored in secure locations when not being actively processed. We use trusted, bonded courier services for all shipments.

5. Secure Infrastructure & Vendor Management

• Secure Hosting: Our infrastructure is hosted with leading cloud providers that comply with top-tier security standards like SOC 2 and ISO 27001.
• PCI Compliance: We use a PCI DSS compliant third-party payment processor to handle all credit card transactions. Your full payment details are never stored on our servers.
• Vendor Vetting: All third-party service providers who may handle your data are vetted to ensure they meet our stringent security requirements.

6. Document Retention & Disposal

We retain your data only as long as necessary. Digital copies of documents are securely and permanently deleted after a set period. For more information, please see our Document Retention Policy.