VerseVault markVerseVault

GDPR Information

Last updated: April 15, 2026. This page explains how VerseVault supports users' rights under the EU General Data Protection Regulation (GDPR).

1. Data Controller

VerseVault acts as a data controller for account and product usage data processed to provide the VerseVault platform.

2. Categories of Personal Data

We may process account details, workspace and collaboration data, AI interaction data, and technical/service logs required for security and reliability.

  • Identity/account data such as email and profile fields.
  • User-generated content such as drafts, notes, split sheets, and messages.
  • Operational and security data needed to run and protect the platform.
  • AI interaction and pipeline diagnostics required for feature reliability and support.

3. Legal Bases for Processing

  • Performance of a contract to provide VerseVault services.
  • Legitimate interests in service security, quality, fraud prevention, and troubleshooting.
  • Compliance with legal obligations.
  • Consent where required by law.

4. Processing Purposes

  • Deliver account access, data storage, and collaboration features.
  • Provide AI-assisted drafting and support workflows.
  • Protect service integrity and investigate abuse, fraud, or incidents.
  • Comply with legal obligations and respond to valid legal requests.

5. Data Recipients

Personal data may be shared with processors and infrastructure providers who help us provide hosting, authentication, analytics, and AI capabilities under appropriate contractual safeguards.

6. Your GDPR Rights

  • Right of access to your personal data.
  • Right to rectification of inaccurate data.
  • Right to erasure in applicable circumstances.
  • Right to restriction of processing.
  • Right to data portability.
  • Right to object to certain processing.
  • Right to withdraw consent where processing depends on consent.

7. How to Exercise Your Rights

Submit a request through our Contact page. Please include the account email and request type (access, deletion, correction, export, or objection).

8. Identity Verification for Requests

To protect account security, we may request additional verification before fulfilling sensitive requests such as full data exports or deletion.

9. Retention and Deletion

We retain personal data for as long as needed to provide services, maintain security, and satisfy legal obligations. Data can be deleted or anonymized when retention is no longer required.

10. International Transfers

Where data is transferred outside the EEA/UK, VerseVault uses appropriate safeguards as required by GDPR, such as contractual commitments with service providers.

11. Complaints

You may lodge a complaint with your local supervisory authority if you believe your GDPR rights have been violated.

12. Contact for GDPR Matters

You can contact us for GDPR-related matters via the Contact page.