This Privacy Policy explains how Virtual Glow Ltd (Company No. 14428785, with its registered office at 167-169 Great Portland Street, 5th Floor, London, United Kingdom, W1W 5PF) (“Veryfo,” “we,” “us,” or “our”) collects, uses, stores, and protects personal information when you use our website and services.

We are committed to protecting your privacy and handling your personal data in compliance with the UK Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and, where applicable, the EU GDPR.

1. Who We Are

This Privacy Policy explains how Virtual Glow Ltd (trading as Veryfo) collects, uses, and protects your personal information when you use our website and services.

We’re committed to handling your personal data lawfully, transparently, and securely.

2. Information We Collect

a. Personal Information You Provide

We may collect personal data you voluntarily provide when you:

• Register for an account.
• Purchase token packages.
• Submit contact forms.
• Communicate with us.

This may include:

• Name
• Email address
• Company details (if applicable)
• Contact information

b. Log Data and Usage Information

We automatically collect certain data when you visit or use our website, including:

• IP address
• Browser type and version
• Operating system
• Referring URLs
• Pages viewed and actions on the site
• Access times and dates

This information is used for security monitoring, diagnostics, analytics, and improving our website and services.

3. Payment and Transaction Processing

• We use third-party payment processors to handle transactions securely.
• Your payment information (e.g. credit or debit card details) is processed directly by these providers and is not stored or retained on our servers.
• Our payment partners are required to comply with applicable data protection laws and Strong Customer Authentication (SCA) requirements under the EU Revised Payment Services Directive (PSD2).
• Payment processing is performed in accordance with their own privacy policies and security standards.

4. How We Use Your Information

We use collected information for the following purposes:

• To provide and operate our verification services.
• To manage your account and deliver purchased token packages.
• To respond to your inquiries and provide customer support.
• To send important service-related communications (e.g. account updates, technical notices).
• To analyse usage data to improve our website, services, and user experience.
• To detect, prevent, and address fraud, abuse, security risks, or technical issues.
• To comply with legal obligations.

5. Legal Basis for Processing

We process your personal data only when permitted by law, including:

• Performance of a contract: To provide our services and fulfill purchases you make.
• Legitimate interests: For security, analytics, and service improvements.
• Consent: When you voluntarily provide data or opt in to communications.
• Legal obligations: To comply with laws and regulations.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Authorized service providers and partners who assist in delivering our services, such as payment processors and hosting providers.
• Legal and regulatory authorities if required by law or necessary to protect our rights, safety, or the safety of others.
• These providers are contractually required to protect your data and use it only for the services we specify.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the UK or EU. In such cases, we ensure appropriate safeguards are in place, such as standard contractual clauses or other lawful transfer mechanisms, to protect your data.

8. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but strive to protect your data to the best of our ability.

9. Data Retention

We retain personal data only as long as necessary to fulfill the purposes described in this Policy or as required by law.

• Account-related information may be retained for compliance and legal obligations.
• Transaction records are kept as necessary for accounting and legal purposes.

10. Your Rights

Under the UK GDPR and EU GDPR, you have the right to:

• Access your personal data.
• Correct or update inaccurate data.
• Request erasure of your data in certain circumstances.
• Restrict or object to processing in certain circumstances.
• Data portability (where applicable).
• Withdraw consent at any time (where processing is based on consent).
• Lodge a complaint with the Information Commissioner’s Office (ICO) or other applicable data protection authority.

To exercise your rights, please contact us at support@veryfo.com.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be effective upon posting the updated policy on our website. We encourage you to review this Policy regularly to stay informed about our practices.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@veryfo.com