Privacy Policy
Effective Date: September 23, 2025
Last Updated: September 23, 2025
At Verk, we believe that intelligent productivity shouldn't come at the cost of your privacy. This Privacy Policy explains how Autodeus Technologies Private Limited ("Verk," "we," "us," or "our") collects, uses, protects, and shares your information when you use our AI-powered productivity platform designed to help teams Plan, Delegate, and Automate their work.
We're committed to transparency about how your data powers Verk's AI features while maintaining strict privacy controls. By using Verk, you're trusting us with your team's productivity data—and we take that responsibility seriously.
QUICK PRIVACY OVERVIEW
What We Collect: Account info, usage data, content you create, and integration data from connected tools
Why We Collect It: To provide AI-powered productivity features, workflow automation, and seamless integrations
How We Protect It: Enterprise-grade encryption, AWS security infrastructure, and strict access controls
What We Don't Do: Sell your data, train public AI models on your content, or share with advertisers
Your Control: Full data portability, deletion rights, and granular privacy settings
1. INFORMATION WE COLLECT
1.1 Account and Profile Information
When you join Verk, we collect:
Basic Details: Name, email address, profile photo, and timezone
Organization Info: Company name, industry, team size, and workspace preferences
Authentication Data: Secure login credentials via AWS Cognito, including encrypted passwords and session tokens
Billing Information: Payment details processed securely through Stripe (we never store full credit card numbers)
1.2 Productivity and Usage Data
To power Verk's AI features and improve your experience:
Project and Task Data: Projects, tasks, descriptions, due dates, custom schema fields, and completion status
Workflow Patterns: How you organize work, collaboration patterns, and productivity preferences
AI Interactions: Your conversations with Verk AI, agent configurations, and automation preferences
Usage Analytics: Feature usage, session duration, click patterns, and performance metrics
Team Collaboration: Member interactions, shared files, comments, and real-time chat messages
1.3 Content You Create and Store
User-Generated Content: Task descriptions, project notes, comments, and documents you create in Verk
File Uploads: Documents, images, and other files you store in Verk (securely stored in encrypted AWS S3 buckets)
AI-Generated Content: Content created by Verk's AI agents and automation workflows using your inputs
Custom Configurations: Workflow automations (Verk Flows), AI agent settings, and personalized dashboard layouts
1.4 Integration and Third-Party Data
When you connect external tools to Verk:
Connected Services: Data synced from Slack, GitHub, Google Workspace, Linear, Jira, Notion, Todoist, HubSpot, Airtable, and other integrated platforms
OAuth Tokens: Secure authentication tokens (encrypted and stored with minimal permissions)
Sync Data: Tasks, projects, and updates synchronized between Verk and your connected tools
Migration Data: Historical data imported when switching to Verk from legacy platforms
1.5 Technical and Device Information
Device Data: IP address, browser type, operating system, device identifiers, and screen resolution
Performance Data: API response times, feature load speeds, and error logs for system optimization
Security Data: Login attempts, unusual activity patterns, and security event logs
WebSocket Data: Real-time communication data for live collaboration features
2. HOW WE USE YOUR INFORMATION
2.1 Core Verk Functionality
We use your data to provide Verk's essential features:
Plan: Create intelligent project structures, suggest task schemas, and optimize resource allocation
Delegate: Power AI agents that learn your preferences and automate repetitive work
Automate: Enable workflow automation, smart integrations, and predictive insights
Collaborate: Facilitate real-time team communication, file sharing, and progress tracking
2.2 AI-Powered Features
Your data helps Verk's AI provide intelligent assistance:
Dynamic Task Schemas: Analyze your workflow patterns to suggest relevant custom fields and structures
Intelligent Automation: Learn from your team's behavior to recommend workflow optimizations
Predictive Analytics: Identify project risks, bottlenecks, and opportunities for improved productivity
Multi-Provider AI: Route requests to optimal AI providers based on task requirements and performance
Content Generation: Create contextually relevant task descriptions, project summaries, and workflow suggestions
2.3 Platform Improvement and Innovation
Feature Development: Analyze usage patterns to build features that solve real productivity challenges
Performance Optimization: Monitor system performance to ensure fast, reliable AI responses and workflow automation
Security Enhancement: Detect and prevent security threats, fraud, and unauthorized access
User Experience: Improve interface design, onboarding flows, and feature discoverability
2.4 Communication and Support
Product Updates: Notify you about new features, improvements, and important platform changes
Technical Support: Provide assistance with account issues, integration problems, and feature questions
Onboarding: Help new teams migrate from legacy tools and optimize their Verk setup
Community: Share productivity tips, workflow best practices, and feature tutorials
2.5 Legal and Compliance
Terms Enforcement: Monitor compliance with our Terms of Service and prevent abuse
Legal Requirements: Respond to lawful requests, court orders, and regulatory compliance
Business Operations: Process billing, manage subscriptions, and handle account administration
3. VERK AI AND DATA PROCESSING
3.1 How Verk AI Works With Your Data
Verk's AI features are designed with privacy by design:
On-Demand Processing: AI analysis occurs only when you actively use features like task generation or workflow optimization
Contextual Understanding: AI considers your organization's data patterns while respecting team boundaries
Multi-Provider Architecture: We route AI requests to the best provider for your needs while maintaining data security
No Cross-Organization Learning: Your organization's data never influences AI recommendations for other Verk users
3.2 AI Model Training and Improvement
Private Models: Verk maintains organization-specific AI configurations that don't share learnings across customers
Aggregate Insights: We may analyze anonymized, aggregated usage patterns to improve general AI performance
No Personal Data Training: We never use your personal information, sensitive content, or confidential data to train public AI models
Opt-Out Options: You can limit AI data processing through your organization settings
3.3 AI Data Retention
Active Processing: AI processing data is held temporarily during active requests and then securely deleted
Learning Patterns: Anonymized workflow patterns may be retained to improve AI suggestions for your organization
User Control: You can reset AI learning data or request complete deletion through your account settings
4. INFORMATION SHARING AND DISCLOSURE
4.1 We Don't Sell Your Data
Verk's business model is built on subscription revenue, not data sales:
No Advertising: We don't use your data for advertising or sell it to advertisers
No Data Brokers: We never sell, rent, or license your personal information to data brokers
No Third-Party Analytics: We don't share your productivity data with external analytics companies
4.2 When We Share Data
We only share your information in these specific circumstances:
Service Providers and Infrastructure
AWS Infrastructure: Your data is processed and stored on secure AWS servers with enterprise-grade encryption
Stripe Payments: Billing information is processed through Stripe's PCI-compliant payment infrastructure
Email Services: Communication emails are sent through AWS SES with your explicit consent
Security Providers: Monitoring services help detect and prevent security threats
Connected Integrations (With Your Permission)
Third-Party Tools: Data flows only between Verk and services you explicitly connect (Slack, GitHub, etc.)
OAuth Scope: Integrations access only the specific data needed for functionality you've authorized
User Control: You can disconnect any integration and revoke data access at any time
Legal and Safety Requirements
Legal Compliance: We may disclose data when required by law, court order, or government regulation
Safety Threats: We may share information to prevent harm, illegal activity, or security threats
Business Transfers: In the event of a merger or acquisition, user data may transfer with appropriate privacy protections
4.3 International Data Transfers
Primary Storage: Your data is primarily stored in AWS US East region (Virginia)
Global Access: Verk is accessible worldwide, and your data may be accessed from various locations for service delivery
Transfer Safeguards: International transfers are protected by AWS's global security infrastructure and compliance certifications
Data Localization: Enterprise customers may request specific data residency requirements
5. DATA SECURITY AND PROTECTION
5.1 Infrastructure Security
Verk uses enterprise-grade security measures:
AWS Security: Military-grade encryption, secure data centers, and continuous security monitoring
Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256) with regular key rotation
Access Controls: Role-based permissions, multi-factor authentication, and principle of least privilege
Network Security: Firewalls, intrusion detection, and DDoS protection
5.2 Application Security
Secure Development: Regular security audits, penetration testing, and vulnerability assessments
API Security: Rate limiting, input validation, and secure authentication for all API endpoints
Session Management: Secure session handling with automatic timeouts and token refresh
File Security: Virus scanning, malware detection, and secure file storage with access controls
5.3 Organizational Security
Employee Training: Regular security awareness training and privacy protection protocols
Background Checks: Comprehensive screening for employees with data access
Incident Response: 24/7 security monitoring with rapid incident response procedures
Compliance: SOC 2, GDPR, and other relevant security and privacy certifications
5.4 Your Security Responsibilities
Strong Passwords: Use unique, complex passwords and enable two-factor authentication when available
Account Monitoring: Regularly review account activity and report suspicious behavior
Team Management: Properly manage team member access and remove access for departing employees
Integration Security: Only connect trusted third-party services and regularly review connected integrations
6. YOUR PRIVACY RIGHTS AND CONTROLS
6.1 Data Access and Portability
View Your Data: Access all your personal information through your Verk account settings
Export Data: Download your projects, tasks, files, and other content in standard formats (JSON, CSV)
API Access: Use Verk's API to programmatically export your organization's data
Integration Exports: Export data from connected services through their respective platforms
6.2 Data Correction and Updates
Profile Updates: Modify your personal information, preferences, and organization details at any time
Data Accuracy: Report and correct any inaccurate information in your account
Bulk Updates: Use Verk's bulk operations to efficiently update large amounts of organizational data
6.3 Data Deletion and Account Closure
Account Deletion: Permanently delete your account and associated data through account settings
Selective Deletion: Delete specific projects, tasks, or files while maintaining your account
Organization Departure: Remove yourself from organizations while preserving team data
Data Retention: Some data may be retained for legal compliance or legitimate business purposes (as outlined in our retention policy)
6.4 Privacy Controls and Preferences
AI Settings: Control how Verk's AI processes your data and generates suggestions
Integration Permissions: Manage which third-party services can access your Verk data
Communication Preferences: Choose which notifications and communications you receive
Visibility Settings: Control what information is visible to team members and external collaborators
6.5 Regional Privacy Rights
For European Union Residents (GDPR)
Right to Access: Request a copy of all personal data we hold about you
Right to Rectification: Correct inaccurate or incomplete personal information
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Restrict Processing: Limit how we process your personal data
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Opt out of certain types of data processing
Automated Decision Making: Opt out of purely automated decision-making processes
For California Residents (CCPA/CPRA)
Right to Know: Learn what personal information we collect, use, and disclose
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: Opt out of the sale or sharing of personal information (Note: Verk doesn't sell personal information)
Right to Limit: Restrict the use of sensitive personal information
Non-Discrimination: We won't discriminate against you for exercising your privacy rights
For Other Jurisdictions
We comply with applicable data protection laws in your region
Contact us for specific information about privacy rights in your jurisdiction
7. CHILDREN'S PRIVACY
Verk is designed for professional and business use by adults:
Age Requirement: Verk is not intended for children under 18 years of age
No Intentional Collection: We don't knowingly collect personal information from children under 18
Parental Notification: If we discover we've collected a child's information, we'll delete it immediately and notify parents/guardians
Educational Use: Schools and educational institutions must ensure appropriate consent and supervision for student accounts
8. SPECIAL CATEGORIES OF PERSONAL DATA
8.1 Sensitive Personal Information
Verk may process certain categories of sensitive personal information in specific circumstances:
Biometric Data: If you choose to use biometric authentication features (fingerprint, face ID) on supported devices
Health Information: Any health-related data you voluntarily include in task descriptions or project notes
Financial Information: Business financial data included in projects or integrated from connected accounting systems
Location Data: Approximate location based on IP address for security and service optimization
8.2 Processing Legal Basis
We process sensitive personal information only when:
Explicit Consent: You provide clear, specific consent for processing
Legitimate Business Interest: Processing is necessary for core Verk functionality
Legal Obligation: Required by applicable laws or regulations
Vital Interests: Necessary to protect health, safety, or security
8.3 Additional Protections
Enhanced Security: Sensitive data receives additional encryption and access restrictions
Limited Access: Only authorized personnel can access sensitive information for specific purposes
Audit Trails: Comprehensive logging of all access to sensitive personal information
Regular Review: Periodic assessment of sensitive data processing practices
9. DATA RETENTION
9.1 Active Account Data
Ongoing Use: We retain your data as long as your account is active and you continue using Verk
Service Delivery: Data necessary for core functionality is retained throughout your subscription
Legal Requirements: Some data may be retained longer for compliance, security, or legal purposes
9.2 Account Closure and Data Deletion
Immediate Deletion: Most personal data is deleted within 30 days of account closure
Backup Systems: Data in backup systems may take up to 90 days to be completely removed
Legal Retention: Some records may be retained for tax, legal, or regulatory requirements (typically 7 years)
Anonymized Data: Aggregated, anonymized usage statistics may be retained indefinitely for product improvement
9.3 Specific Data Types
AI Processing Data: Deleted immediately after processing completion
Integration Data: Removed when you disconnect third-party services
Billing Records: Retained for accounting and tax purposes as required by law
Support Communications: Kept for quality assurance and training purposes (typically 2 years)
10. AUTOMATED DECISION MAKING AND PROFILING
10.1 AI-Powered Automation
Verk uses automated processing and AI for several features:
Task Schema Generation: AI analyzes your workflow patterns to suggest custom task fields
Workflow Optimization: Automated recommendations for improving team productivity
Risk Assessment: AI identifies potential project delays or resource conflicts
Content Suggestions: Automated generation of task descriptions and project summaries
Resource Allocation: AI-powered suggestions for task assignment and workload distribution
Anomaly Detection: Automated identification of unusual patterns that may indicate security issues
Performance Insights: Automated analysis of team productivity and project health metrics
10.2 Human Oversight and Control
Human Review: All automated decisions can be reviewed and overridden by users
Explanation Rights: You can request explanations for AI-generated recommendations
Opt-Out Options: Disable automated processing for specific features through your settings
Appeal Process: Contest or request review of automated decisions that significantly impact you
Manual Override: Users maintain full control over accepting or rejecting AI suggestions
Transparency: Clear labeling of AI-generated content and automated recommendations
10.3 Profiling Activities
We may create profiles based on your usage patterns to:
Personalize Experience: Customize Verk's interface and features for your workflow preferences
Improve AI Suggestions: Enhance the relevance of automated recommendations
Predict Needs: Anticipate productivity challenges and suggest proactive solutions
Optimize Performance: Adjust system resources and AI routing based on usage patterns
Team Insights: Analyze collaboration patterns to suggest team optimization strategies
Integration Recommendations: Suggest relevant third-party integrations based on usage patterns
10.4 Legal Basis and Safeguards
Legitimate Interest: Automated processing serves legitimate business purposes and user benefits
User Consent: Explicit consent obtained for sensitive automated decisions
Regular Review: Automated systems undergo regular accuracy and fairness assessments
Bias Prevention: Active measures to prevent discriminatory outcomes in AI decisions
Data Minimization: Only necessary data is used for automated processing
Accuracy Measures: Regular testing and calibration of automated systems
11. CROSS-BORDER DATA TRANSFERS
11.1 International Operations
As a global platform, Verk transfers data internationally:
Primary Servers: Located in AWS US East (Virginia) region
Global Access: Service accessible worldwide with data potentially accessed from various locations
CDN and Edge: Content delivery networks may cache data in multiple countries for performance
Support Operations: Customer support may access data from different geographic locations
AI Processing: Multi-provider AI may process data in various approved data centers globally
Integration Sync: Third-party service data may be processed in their respective regions
11.2 Transfer Safeguards
Adequacy Decisions: Rely on European Commission adequacy decisions where available
Standard Contractual Clauses: Use EU-approved Standard Contractual Clauses (SCCs) for transfers to countries without adequacy decisions
AWS Global Compliance: Benefit from AWS's comprehensive international compliance certifications including ISO 27001, SOC 2, and PCI DSS
Data Processing Agreements: Ensure all service providers sign appropriate data protection agreements
Regular Audits: Periodic assessment of transfer safeguards and compliance measures
Encryption in Transit: All international transfers use TLS 1.3 encryption
11.3 Specific Transfer Scenarios
Integration Data: Third-party service data may be processed in their respective regions
AI Processing: AI providers may process data in their approved data centers globally
Customer Support: Support interactions may involve staff in different countries
Business Continuity: Disaster recovery procedures may involve temporary data processing in alternative regions
Analytics Processing: Anonymized usage data may be processed in various locations for service improvement
Security Monitoring: Threat detection services may analyze data from multiple geographic locations
11.4 Your Rights Regarding Transfers
Notification: Material changes to data transfer practices will be communicated in advance
Objection Rights: EU residents may object to transfers under certain circumstances
Data Localization: Enterprise customers may request specific data residency requirements
Transfer Documentation: Copies of transfer safeguards available upon request
Alternative Processing: We may offer alternative processing locations for specific compliance requirements
12. COOKIES AND TRACKING TECHNOLOGIES
12.1 How Verk Uses Cookies
We use cookies and similar technologies to enhance your experience:
Essential Cookies: Required for basic functionality like authentication and security
Performance Cookies: Help us understand how you use Verk to improve performance and features
Preference Cookies: Remember your settings, preferences, and customizations
Security Cookies: Protect against fraud, abuse, and unauthorized access
12.2 Third-Party Cookies
Payment Processing: Stripe may set cookies for secure payment processing
Integration Services: Connected services may set cookies according to their own policies
Analytics: We use minimal, privacy-focused analytics that don't track personal information across sites
12.3 Cookie Management
Browser Controls: You can control cookies through your browser settings
Opt-Out Options: Disable non-essential cookies through your Verk account preferences
Mobile Settings: Control mobile app tracking through your device's privacy settings
12.4 Local Storage and Session Data
Browser Storage: We use local storage to cache user preferences and reduce server requests
Session Storage: Temporary storage for active session data that's cleared when you close your browser
Offline Functionality: Some data may be stored locally to enable offline access to recent work
Cache Management: Cached data is automatically cleared based on your browser settings and our retention policies
12.5 Tracking Technologies Beyond Cookies
Web Beacons: Small image files that help us understand email engagement and feature usage
Fingerprinting: We don't use device fingerprinting for tracking across sessions
Analytics Pixels: Minimal use of pixels for conversion tracking and performance measurement
API Analytics: We track API usage patterns to optimize performance and detect abuse
13. INCIDENT RESPONSE AND DATA BREACHES
13.1 Security Monitoring
24/7 Monitoring: Continuous monitoring of systems for security threats and unauthorized access
Automated Detection: AI-powered systems detect unusual patterns and potential security incidents
Regular Audits: Periodic security assessments and penetration testing by third-party experts
Threat Intelligence: Integration with security feeds to stay ahead of emerging threats
13.2 Incident Response Process
Immediate Response: Security incidents are assessed and contained within 1 hour of detection
Investigation: Thorough investigation to determine scope, cause, and impact of any security incident
User Notification: Affected users notified within 72 hours as required by applicable privacy laws
Regulatory Reporting: Compliance with breach notification requirements in all applicable jurisdictions
13.3 Data Breach Procedures
Containment: Immediate steps to prevent further unauthorized access or data loss
Assessment: Rapid evaluation of what data was affected and potential harm to individuals
Notification Timeline: Users and authorities notified according to the following schedule:
Immediate: Internal security team and senior management
Within 4 hours: Law enforcement (if criminal activity suspected)
Within 72 hours: Regulatory authorities (GDPR, state AGs, etc.)
Within 72 hours: Affected users via email and in-app notification
Documentation: Comprehensive incident reports maintained for regulatory compliance
13.4 Post-Incident Actions
Remediation: Implementation of additional security measures to prevent similar incidents
User Support: Dedicated support for affected users including identity monitoring services if appropriate
Security Improvements: Updates to security policies, procedures, and technical controls
Regular Reviews: Post-incident analysis to improve future response capabilities
14. ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING
14.1 AI Technology Stack
Verk employs various AI and machine learning technologies:
Large Language Models: Integration with leading providers like Anthropic Claude, OpenAI GPT, and others
Natural Language Processing: For understanding and generating human-readable content
Pattern Recognition: ML algorithms that identify workflow patterns and optimization opportunities
Predictive Analytics: AI models that forecast project outcomes and resource needs
Computer Vision: For document analysis and image processing when applicable
Reinforcement Learning: Continuous improvement of AI suggestions based on user feedback
14.2 AI Data Processing Principles
Purpose Limitation: AI only processes data necessary for the specific feature you're using
Data Minimization: AI models receive only the minimal data required for accurate results
Temporary Processing: Most AI processing is real-time with no persistent storage of inputs
Organization Boundaries: AI never learns from or shares insights across different organizations
User Control: Users can opt out of AI features or limit AI data processing at any time
14.3 AI Model Training and Improvement
Federated Learning: Where possible, AI improves without centralizing personal data
Differential Privacy: Statistical noise added to protect individual privacy in model training
Anonymized Insights: Only aggregated, anonymized patterns used for general model improvement
No Personal Training: Individual conversations, documents, or tasks never used to train public models
Vendor Agreements: All AI providers bound by strict data protection agreements
14.4 AI Bias and Fairness
Bias Testing: Regular evaluation of AI outputs for potential bias or discrimination
Diverse Training: Ensuring AI models are trained on diverse, representative datasets
Fairness Metrics: Monitoring AI performance across different user groups and use cases
Human Oversight: Human review processes for AI decisions that significantly impact users
Feedback Mechanisms: Users can report problematic AI behavior for investigation and correction
14.5 AI Transparency and Explainability
AI Disclosure: Clear labeling when content is generated by AI rather than humans
Decision Explanations: Where technically feasible, explanations for how AI reached specific recommendations
Confidence Levels: AI suggestions include confidence scores to help users make informed decisions
Source Attribution: When AI draws from specific data sources, appropriate attribution is provided
Limitation Awareness: Clear communication about what AI can and cannot do reliably
15. UPDATES TO THIS PRIVACY POLICY
15.1 Policy Changes
Regular Updates: We may update this policy to reflect new features, legal requirements, or business practices
Material Changes: Significant changes will be communicated 30 days in advance through email and in-app notifications
Minor Updates: Small clarifications or additions may be made with immediate effect
Version History: Previous versions of this policy are available upon request
15.2 Notification Methods
Email Alerts: Important privacy updates sent to your registered email address
In-App Notifications: Prominent notices within Verk about privacy policy changes
Website Banner: Temporary banners on verkapp.com highlighting major privacy updates
Account Dashboard: Privacy policy updates displayed in your account settings
15.3 Continued Use
Your continued use of Verk after policy updates constitutes acceptance of the changes. If you don't agree with updates, you may close your account before the changes take effect.
16. INTERNATIONAL COMPLIANCE
16.1 Global Privacy Standards
Verk complies with major international privacy frameworks:
GDPR: European Union General Data Protection Regulation
CCPA/CPRA: California Consumer Privacy Act and California Privacy Rights Act
PIPEDA: Canada's Personal Information Protection and Electronic Documents Act
PDPA: Singapore's Personal Data Protection Act
SOC 2: System and Organization Controls for service organizations
16.2 Data Transfer Mechanisms
Adequacy Decisions: We rely on EU adequacy decisions where applicable
Standard Contractual Clauses: Use EU-approved clauses for international transfers
AWS Global Infrastructure: Benefit from AWS's global compliance and security certifications
Local Requirements: Comply with specific data localization requirements when legally required
17. BUSINESS TRANSFERS
In the event of a merger, acquisition, or sale of Verk:
User Notification: We'll provide 30 days' notice before any business transfer affecting your data
Privacy Protection: The acquiring entity must agree to honor this privacy policy
User Choice: You'll have the option to delete your account before the transfer
Data Continuity: Your privacy settings and preferences will transfer with your account
18. CONTACT US ABOUT PRIVACY
18.1 Privacy Questions and Requests
We're here to help with any privacy-related questions or requests:
Primary Contact:
Email: privacy@verkapp.com
Response Time: We respond to privacy inquiries within 72 hours
Data Protection Officer:
Email: dpo@verkapp.com
Role: Handles GDPR requests and privacy compliance questions
General Support:
Email: support@verkapp.com
For: Account settings, feature questions, and general assistance
18.2 Company Information
Autodeus Technologies Private Limited
4th Floor, GIFT Tower One, GIFT City, Gandhinagar - 382355, Gujarat, India
Regulatory Compliance:
We comply with applicable privacy laws in all jurisdictions where we operate
Regulatory representatives will be appointed as required by local laws when we meet applicable thresholds
18.3 Exercise Your Rights
To exercise any privacy rights:
Email: Send requests to privacy@verkapp.com with "Privacy Request" in the subject line
Include: Your full name, email address, and specific request details
Verification: We may ask for additional information to verify your identity
Timeline: Most requests are processed within 30 days (extended to 60 days for complex requests)
19. DATA PROCESSING ADDENDUM FOR ENTERPRISE CUSTOMERS
19.1 Controller-Processor Relationship
For enterprise customers where Verk acts as a data processor:
Your Role: You act as the data controller, determining the purposes and means of processing
Our Role: Verk acts as your data processor, processing personal data on your instructions
Processing Instructions: Processing limited to providing Verk services as outlined in your subscription agreement
Sub-processors: List of approved sub-processors available upon request with 30-day notice for changes
19.2 Enterprise Data Protection Obligations
Lawful Basis: You ensure lawful basis for processing personal data through Verk
Data Subject Rights: You handle data subject requests with our assistance as needed
Impact Assessments: We assist with privacy impact assessments when Verk processing presents high risks
Cross-Border Transfers: Enterprise-specific transfer safeguards available upon request
19.3 Enterprise Security and Audit Rights
Security Documentation: Detailed security documentation provided under appropriate confidentiality agreements
Audit Rights: Annual security attestations provided; on-site audits available for large enterprise customers
Incident Notification: Enhanced incident notification procedures for enterprise customers
Data Location: Specific data residency options available for enterprise customers with qualifying requirements
20. ADDITIONAL RESOURCES AND SUPPORT
20.1 Privacy Documentation
Data Processing Agreement: Available for enterprise customers
Security Documentation: Detailed security white papers available for qualified prospects
Compliance Certifications: Current SOC 2, privacy framework compliance available upon request
Privacy Impact Assessment Support: Available for enterprise implementations
20.2 Training and Best Practices
Privacy Training: Resources for teams on privacy-conscious use of productivity tools
Data Governance: Best practice guides for implementing data governance with Verk
Team Privacy Settings: Comprehensive guides for configuring organization-wide privacy controls
Integration Privacy: Specific guidance for privacy-conscious third-party integrations
20.3 Community and Feedback
Privacy Community: Join discussions about privacy in productivity tools at community.verkapp.com
Feature Requests: Request privacy-enhancing features through our product roadmap process
Feedback Channels: Regular privacy feedback sessions for enterprise customers
Privacy Advocacy: Verk's commitment to advancing privacy standards in the productivity software industry
CONCLUSION
Your privacy is fundamental to how we build and operate Verk. We're committed to earning and maintaining your trust through transparent data practices, strong security measures, and respect for your rights.
As we continue to innovate with AI-powered productivity features, privacy remains at the core of our platform design. We believe that the future of work should be both intelligent and private.
Questions? We're always happy to discuss our privacy practices. Reach out to privacy@verkapp.com anytime.
This Privacy Policy is effective as of September 23, 2025, and supersedes all prior privacy policies and practices of Autodeus Technologies Private Limited regarding the Verk platform.