Verace — Privacy Policy

Last updated: April 4, 2026

What We Access

Verace connects to your knowledge base (Google Drive, Confluence) via OAuth with read-only permissions. We request only the minimum scopes necessary:

Google Drive: drive.readonly (read document content and metadata), userinfo.email (identify your account)
Confluence: read:confluence-content.all (read page content), read:confluence-space.summary (list spaces)

We never request write access to your documents. We cannot modify, delete, or share your files.

What We Store

For each scanned document, Verace stores: document title, source URL, extracted text snippets containing verifiable claims, computed quality scores (Signal, Trust, Conflict, Value), and zone classification. We do not store full document bodies.

How We Use Your Data

Your data is used exclusively to detect contradictions and compute quality scores within your knowledge base. We do not sell, share, or transfer your data to third parties. We do not use your data for advertising. We do not use your data for training machine learning models.

Google API Services Limited Use Disclosure

Verace's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

We only use Google user data to provide the contradiction detection service you requested.
We do not transfer Google user data to third parties unless necessary to provide the service, required by law, or with your explicit consent.
We do not use Google user data for serving advertisements.
We do not allow humans to read Google user data unless: we have your explicit consent, it is necessary for security purposes, or it is required by law.

Data Storage

Data is stored on servers in the EU (Hetzner, Germany). All data is encrypted in transit (TLS) and at rest. Access is restricted to authorized personnel only. OAuth tokens are encrypted with Fernet symmetric encryption.

Data Retention

Scan results are retained for the duration of your subscription. You may request deletion of all your data at any time by contacting us. Upon deletion request, all stored documents, scan results, and OAuth tokens are permanently removed within 30 days.

Third-Party Services

Google OAuth: authentication and document access. Google does not retain your document content beyond the API call.
Atlassian OAuth: authentication and Confluence page access.
Anthropic Claude API: optional conflict verification. Document snippets (not full documents) are sent for analysis. Anthropic does not store or train on this data per their API terms.

Your Rights

You may disconnect your knowledge base at any time, which revokes our OAuth access. You may request export or deletion of all stored data. You may request information about what data we hold.

Contact

For privacy questions: privacy@verace.ai