Privacy policy

Account information: When you sign up, we collect your email address. If you sign in with a third-party provider (Google, Microsoft, LinkedIn, or X), we receive basic profile information from that provider including your name and email.

Authentication data: We store authentication tokens and session data required to maintain your logged-in state and secure access to your account.

Browser and device data: When you access our services, we collect standard browser and device information including user agent, IP address, and device identifiers. This data helps us detect suspicious activity and prevent fraud.

Usage data: We collect information about how you interact with our service, including API requests, verification attempts, and feature usage.

Payment information: Payment processing is handled by our third-party payment provider (Stripe). We do not store credit card or bank account details on our servers.

Support data: If you contact us for support, we retain those communications to assist you.

Service delivery: We use your email and account data to provide identity verification services, maintain your account, and process your requests.

Security and fraud prevention: Browser data, IP addresses, and usage patterns help us detect unauthorized access, fraudulent activity, and abuse of our services.

Communication: We may send you account-related emails, security notifications, and service updates. You can opt out of non-essential communications.

Legal compliance: We retain certain data to comply with legal obligations, respond to lawful requests, and enforce our terms.

Essential cookies: These cookies are required for authentication, session management, and security features such as CSRF protection. They cannot be disabled.

Third-party cookies: When you sign in with OAuth providers (Google, Microsoft, LinkedIn, X), those providers may set their own cookies. We do not control those cookies.

Analytics: We do not use third-party analytics services that track your activity across websites.

Third-party service providers: We use trusted providers for infrastructure hosting, payment processing, and customer support. These providers are contractually obligated to protect your data and use it only for the services they provide to us.

Legal requirements: We may disclose information if required by law, in response to legal process, or to protect the rights, safety, or property of Relentless, our users, or the public.

Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you of any such change.

We do not sell or rent your personal information. We do not share your data with third parties for their own marketing purposes.

Encryption: All data transmitted between your browser and our services is encrypted using TLS (HTTPS).

Access controls: Access to personal data is restricted to authorized personnel only.

Security monitoring: We monitor for suspicious activity and security threats.

While no service can guarantee absolute security, we employ industry-standard practices to protect your information.

Active accounts: We retain account data as long as your account remains active.

Deleted accounts: When you delete your account, we remove your personal data within 30 days, subject to legal, contractual, and security retention requirements (such as fraud prevention and legal holds).

Logs and security data: Security logs are retained for a limited period to detect and investigate security incidents.

Billing data: Payment records are retained as required by financial regulations.

Access: You can request a copy of the personal data we hold about you.

Correction: You can ask us to correct inaccurate or incomplete data.

Deletion: You can request deletion of your personal data, subject to legal retention requirements.

Data portability: You can request your data in a machine-readable format.

Opt-out: You can opt out of non-essential communications.

To exercise these rights, contact us at data@relentlessidentity.com. We will respond within 30 days.

Relentless Identity is not intended for users under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will delete it.

We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

If you have questions or concerns about this privacy policy or our data practices, please contact us at:

Email: data@relentlessidentity.com