Privacy Policy

1.1 Personal Information: We collect information you provide directly to us, including your name, email address, phone number, company name, job title, and billing information when you create an account or use our services.

1.2 Document Data: We collect and process documents you upload, including content, metadata, signatures, and related information necessary to provide our document signing services.

1.3 Usage Information: We automatically collect information about how you use our platform, including IP addresses, browser type, device information, pages visited, time spent on pages, and interaction patterns.

1.4 Communication Records: We maintain records of communications between you and NextVerify, including support tickets, emails, and chat conversations for customer service purposes.

1.5 Cookies and Tracking: We use cookies, web beacons, and similar technologies to collect information about your browsing behavior and preferences on our website.

1.6 Third-Party Information: We may receive information about you from third-party services you connect to our platform, such as cloud storage providers or identity verification services.

2.1 Service Provision: We use your information to provide, maintain, and improve our document signing services, including processing signatures, managing workflows, and facilitating document distribution.

2.2 Account Management: We use your information to create and manage your account, authenticate your identity, and provide customer support services.

2.3 Communication: We use your contact information to send you service-related notifications, security alerts, administrative messages, and marketing communications (with your consent).

2.4 Analytics and Improvement: We analyze usage patterns and feedback to improve our platform's functionality, user experience, and develop new features.

2.5 Legal Compliance: We use your information to comply with applicable laws, regulations, legal processes, and to protect our rights and the rights of our users.

2.6 Security: We use your information to detect, prevent, and respond to fraud, security threats, and other harmful activities.

3.1 Encryption: All data is encrypted using AES-256 encryption both in transit (using TLS 1.3) and at rest. Document content is encrypted with unique keys for each document.

3.2 Access Controls: We implement strict access controls with multi-factor authentication, role-based permissions, and regular access reviews to ensure only authorized personnel can access your data.

3.3 Infrastructure Security: Our platform is hosted on secure, SOC 2 Type II compliant infrastructure with regular security audits, penetration testing, and vulnerability assessments.

3.4 Data Centers: We use enterprise-grade data centers with physical security measures, including biometric access controls, 24/7 monitoring, and redundant power and cooling systems.

3.5 Employee Training: All employees undergo comprehensive security training and sign confidentiality agreements. Access to customer data is limited to authorized personnel only.

3.6 Incident Response: We maintain a comprehensive incident response plan and will notify affected users within 72 hours of discovering any data breach that may affect their personal information.

4.1 No Sale of Data: We never sell, rent, or trade your personal information to third parties for marketing purposes or any other commercial purposes.

4.2 Service Providers: We may share your information with trusted third-party service providers who assist us in operating our platform, such as cloud hosting, payment processing, and customer support services.

4.3 User Consent: We only share your information with third parties when you explicitly consent to such sharing, such as when you integrate with third-party applications.

4.4 Legal Requirements: We may disclose your information when required by law, court order, or government request, or when we believe disclosure is necessary to protect our rights or comply with legal obligations.

4.5 Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to the same privacy protections.

4.6 Document Recipients: When you send documents for signature, we share necessary information with the intended recipients to facilitate the signing process.

5.1 Global Operations: NextVerify operates globally and may process your information in countries other than your country of residence, including the United States and European Union.

5.2 Adequate Protection: All international transfers are conducted with appropriate safeguards in place, including Standard Contractual Clauses approved by the European Commission.

5.3 GDPR Compliance: For users in the European Economic Area, we ensure all data transfers comply with GDPR requirements and provide adequate levels of protection.

5.4 Data Localization: Where required by local laws, we maintain data within specific geographic boundaries and comply with data residency requirements.

5.5 Cross-Border Agreements: We have established data processing agreements with all international partners to ensure consistent privacy protection standards.

5.6 Transfer Notifications: We will notify users of any significant changes to our international data transfer practices and obtain consent where required.

6.1 Retention Periods: We retain your personal information for as long as your account is active or as needed to provide services, typically for the duration of your subscription plus 7 years for legal compliance.

6.2 Document Retention: Signed documents are retained according to your subscription plan and legal requirements, with options for extended retention for compliance purposes.

6.3 Automatic Deletion: We automatically delete certain types of data after specified periods, including temporary files, logs older than 2 years, and inactive account data after 3 years.

6.4 User-Requested Deletion: You can request deletion of your account and associated data at any time. We will process such requests within 30 days, subject to legal retention requirements.

6.5 Legal Hold: We may retain information longer when required by law, legal proceedings, or to protect our legitimate business interests.

6.6 Secure Disposal: When data is deleted, we use secure deletion methods to ensure information cannot be recovered or reconstructed.

7.1 Access Rights: You have the right to access, review, and obtain copies of your personal information that we process.

7.2 Correction Rights: You can request correction of inaccurate or incomplete personal information at any time through your account settings or by contacting us.

7.3 Deletion Rights: You have the right to request deletion of your personal information, subject to legal retention requirements and legitimate business needs.

7.4 Portability Rights: You can request a copy of your data in a structured, machine-readable format for transfer to another service provider.

7.5 Objection Rights: You can object to certain types of processing, including direct marketing and automated decision-making.

7.6 Restriction Rights: You can request restriction of processing in certain circumstances, such as when you contest the accuracy of your data.

8.1 Privacy Officer: Our Data Protection Officer can be reached at privacy@nextverify.net for all privacy-related inquiries and requests.

8.2 Response Time: We will respond to all privacy requests within 30 days and provide regular updates on the status of your request.

8.3 Complaint Process: If you have concerns about our privacy practices, you can file a complaint with us or with your local data protection authority.

8.4 Contact Methods: You can reach us by email at privacy@nextverify.net, by phone at +1 (720) 741-4815, or by mail at 2448 Blake Street, Suite 210, Denver, CO 80205.

8.5 Supervisory Authority: EU residents have the right to lodge a complaint with their local supervisory authority if they believe we have violated GDPR requirements.

8.6 Resolution Process: We are committed to resolving privacy concerns promptly and will work with you to address any issues related to your personal information.