Skip to content
VerifyED
Legal Document

Privacy Policy

Effective: February 5, 2026 · Last updated: February 5, 2026

This Privacy Policy explains how VerifyED LLC (“VerifyED,” “we,” “us,” or “our”) collects, uses, and shares information when you use the VerifyED “School Lookup” website and API (the “Service”).

If you are using the Service on behalf of an organization, this Policy applies to that organization’s use, and administrators may be able to access and manage your account.

1. Summary

  • We collect account, usage, and query information to operate and secure the Service.
  • Do not submit personal data (PII) in queries or messages.
  • We retain data for limited periods (details below) and keep aggregated analytics longer.

2. Information we collect

2.1 Account information

If you create an account (now or in the future), we may collect information like your name, email address, organization name, and user preferences.

2.2 Usage information (logs)

When you use the Service, we automatically collect information such as IP address, user agent, request timestamps, pages/endpoints accessed, approximate location derived from IP, and other diagnostic/security data.

2.3 Query information

We collect and store search/enrichment queries and timestamps to monitor usage, prevent abuse, debug issues, and improve the Service. We design our analytics workflows to minimize personal identifiers, and we may use de-identified or aggregated query data for product improvement.

2.4 Cookies and similar technologies

We use login/session cookies and similar technologies that are necessary to provide the Service (e.g., to keep you signed in and maintain session state). We may also use cookies or local storage for preferences (e.g., theme).

2.5 Feedback and support communications

If you use our feedback button or contact us, we collect the information you provide (such as message content and contact details). Do not include personal data in these messages.

2.6 Billing information

If you purchase a paid plan, we (and our payment processors) collect billing and transaction information. Payment card details are typically handled by our payment processor; we do not store full card numbers ourselves.

3. Prohibited data (no PII)

The Service is not intended to process personal data. Do not submit personal data (including student names, dates of birth, student IDs, transcript records, home addresses, emails, phone numbers, or government identifiers).

If we detect personal data in queries or messages, we may delete it (and related logs) and may suspend the related account or API key.

4. How we use information

We use information to:

  • provide, maintain, and improve the Service;
  • operate features you request (including enrichment);
  • authenticate users and administer accounts;
  • monitor usage, enforce limits, and prevent fraud/abuse;
  • provide customer support and respond to inquiries;
  • send service-related communications (e.g., important updates, billing notices); and
  • comply with legal obligations and protect our rights and users.

5. How we share information

We do not sell personal information.

We share information in limited circumstances, including:

  • Service providers (processors) who help us operate the Service, such as hosting/CDN, analytics, database and infrastructure, payment processing, email delivery, customer support tooling, mapping/geocoding, and AI research providers.
  • We maintain a list of current service providers and can provide it upon request (subject to reasonable confidentiality and security restrictions).
  • Legal and safety: to comply with law, respond to lawful requests, or protect rights, safety, and security.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets.
  • Aggregated or de-identified data: we may share data that cannot reasonably be used to identify you or an individual.

6. Data retention

We retain information for as long as reasonably necessary for the purposes described in this Policy. Our typical retention periods are:

  • Account/profile data: while the account is active, plus up to 24 months after deactivation.
  • Billing and tax records: up to 7 years.
  • Raw API and website logs (e.g., IP + request metadata): up to 90 days.
  • Security/audit logs: up to 12 months.
  • Query analytics (de-identified/aggregated): up to 24 months for query-level analytics; aggregates may be retained longer.

We may retain data longer where required by law, for litigation/security purposes, or to maintain abuse-prevention records.

7. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. International data transfers

VerifyED is based in the United States. Information may be processed and stored in the United States and other locations where our service providers operate.

9. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or obtain a copy of your information, and to object to or restrict certain processing.

You can request help by contacting us at hello@verifyed.org. We may need to verify your identity and/or authority to act on behalf of your organization.

10. US state disclosures (California and others)

If applicable law in your state provides privacy rights (e.g., California), you may have the right to request access to, deletion of, or correction of certain personal information.

We do not sell personal information, and we do not knowingly share personal information for cross-context behavioral advertising.

11. EEA/UK disclosures

If you are located in the EEA or UK and applicable law applies, we process personal data based on:

  • performance of a contract (to provide the Service);
  • legitimate interests (e.g., security, abuse prevention, and improving the Service); and/or
  • compliance with legal obligations.

You may also have the right to lodge a complaint with your local supervisory authority.

12. Changes to this Policy

We may update this Policy from time to time. If changes are material, we will provide reasonable notice (for example, by posting the updated Policy on the Service or by email). The “Last updated” date above indicates when this Policy was last revised.

13. Contact

Privacy questions or requests: hello@verifyed.org.