Privacy Policy

Effective 8 July 2026

Veralith (“Veralith”, “we”, “us”) provides a hosted service that diagnoses and helps fix failures in retrieval-augmented generation (RAG) systems. This policy explains what we collect and how we use it.

1. Information we collect

2. How we use information

3. Sub-processors & sharing

We share data only with providers who help us run Veralith:

We do not sell your data. We may disclose information where required by law.

The content of your traces is sent to our evaluation provider (OpenAI) for grading. Do not send data you are not permitted to process this way.

4. Data retention

We retain traces, evaluations, and heal data while your project exists or as needed to provide the service. Delete a project to remove its data; limited backups may persist for a short period.

5. Security

We use industry-standard measures (encryption in transit, access controls). No method of transmission or storage is 100% secure.

6. Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data. You can delete projects and your account at any time, or contact us to exercise these rights.

7. International transfers

Your data may be processed in countries other than your own, including the United States.

8. Children

Veralith is not directed to children under 16, and we do not knowingly collect their data.

9. Changes

We may update this policy; we’ll post the new effective date here.

10. Contact

Questions? Email hello@veralithai.com.