Venussian

Data Protection

Privacy for corporate customers and isolated end-user processing.

This Privacy Policy explains how Venussian handles information in connection with its authentication and Identity Verification Services. It is designed for corporate customers and reflects core data protection principles, including GDPR-aligned processing, security safeguards, encrypted logs, and isolated handling of end-user data.

Primarily B2B

This policy is written mainly for business customers, authorized personnel, procurement teams, and compliance reviewers.

Controller and Processor Roles

Corporate customers generally act as controllers for their end-user data, while Venussian acts as a processor or service provider for covered processing activities.

Noindex

This page includes a noindex directive, which is common for legal and compliance-oriented documentation.

01

Scope and Roles

Venussian provides authentication and identity verification infrastructure to corporate customers. In most cases, the customer determines why end-user data is collected and how it is used in the customer's own product, which means the customer acts as the data controller. Venussian generally processes such data on the customer's instructions as a processor or service provider.

  • This policy covers customer account, operational, support, billing, and service data.
  • Customers remain responsible for their own notices, lawful bases, and end-user disclosures.
  • Separate data processing terms may apply where required.
02

Information We Process

We process only the categories of information reasonably needed to provide, secure, support, and improve the services.

Corporate customer data

Business contact details, account ownership information, billing records, support messages, and configuration data for customer environments.

Authentication and verification data

Phone numbers, email destinations, verification event metadata, timestamps, delivery status, device or risk signals, and related transactional records needed to operate the service.

Technical logs

Security logs, audit events, API request metadata, and system diagnostics used to detect abuse, maintain reliability, and investigate incidents.

Website and communications

Information submitted through contact channels, procurement discussions, and business communications with Venussian.

03

How We Use Information

We use information to operate the platform, provide authentication and verification services, prevent abuse, respond to support requests, meet legal obligations, and improve service security and performance.

  • Provisioning accounts, APIs, integrations, and support access.
  • Sending transactional verification messages and enforcing authentication workflows.
  • Detecting spam, phishing, fraud, unauthorized access, and misuse of the platform.
  • Generating logs, metrics, and audit trails for compliance and operational integrity.
04

End-User Data Isolation

Venussian is built to process end-user data in isolated service contexts associated with the relevant corporate customer. We do not use end-user verification data from one customer to profile, market to, or enrich another customer environment.

  • End-user data is processed for the customer's verification and authentication workflows.
  • Operational access is limited to authorized personnel with a business or security need.
  • Isolation measures are designed to reduce unauthorized cross-customer access.
05

Sharing and Service Providers

We may share information with infrastructure vendors, messaging providers, analytics or monitoring tools, support tools, payment processors, and professional advisers where needed to operate the service or comply with law.

  • Service providers are expected to handle data under confidentiality and security obligations.
  • We may disclose information when required by law, regulation, legal process, or to protect rights and security.
  • We do not sell personal information received through the service.
06

Security Measures

We use reasonable technical and organizational safeguards designed to protect information against unauthorized access, disclosure, alteration, and destruction. This includes access controls, monitoring, environment segregation, and encrypted logging or encrypted log storage where appropriate to the system and risk profile.

  • Administrative access is restricted to authorized personnel.
  • Security logs are retained for fraud detection, lawful use monitoring, and incident response.
  • No system is perfectly secure, and customers should secure their own environments and credentials as well.
07

Retention

We retain information only for as long as needed to provide the services, meet contractual and legal obligations, resolve disputes, maintain records, and detect abuse or security events. Retention periods may vary depending on the type of data and the customer's configuration.

  • Support, billing, and audit records may be kept for legitimate business and compliance reasons.
  • Verification event data and logs may be retained for fraud prevention, abuse review, and regulatory needs.
  • We may delete or anonymize data when it is no longer required.
08

GDPR and Data Rights

Where GDPR or similar laws apply, Venussian supports the relevant rights framework and handles personal data according to applicable legal bases, processor obligations, and security standards. Requests relating to end-user data should usually be directed to the relevant corporate customer acting as controller.

Customer contacts

Business contacts may request access, correction, deletion, or restriction where applicable by contacting Venussian.

End users

End users should normally contact the company whose service triggered the verification flow, because that company usually determines the purpose of the processing.

09

International Transfers

Because service providers and infrastructure may operate in more than one country, information may be processed internationally. When applicable, Venussian uses reasonable safeguards for cross-border processing, which may include contractual measures or equivalent protections.

10

Contact and Updates

Questions about this Privacy Policy may be sent to support@venussian.com. We may update this policy from time to time to reflect operational changes, new legal requirements, or security improvements.

  • Material updates may be posted on this page or communicated through business contact channels.
  • Last updated: April 16, 2026.
  • Customers should have privacy counsel review this policy for production and procurement use.

Legal Review

This policy is intentionally concise and operational. It should be reviewed by qualified privacy counsel, especially if you need formal GDPR annexes, sector-specific language, or customer-facing data processing terms.