Verify, Inc. uses the third-party providers below to operate the service. We share only the data necessary for each provider's function. We do not sell customer data, and we do not use uploaded content to train third-party AI models.
Infrastructure providers
| Provider | Purpose | Data involved |
|---|
| MongoDB Atlas | Primary application database (managed hosting) | All stored application data, including account, contract, party, report, and verification records |
| Railway | Application and API hosting | Processed in-transit during request handling; uploaded files stored on the application host |
AI providers
| Provider | Purpose | Data involved |
|---|
| Anthropic | AI-assisted party extraction and contract analysis | Contract text submitted for analysis |
Identity & screening providers
| Provider | Purpose | Data involved |
|---|
| People Data Labs | Person identity resolution | Party identifiers (e.g., name, and where provided phone/email/location) |
| Enformion | Person background / public-records enrichment | Party identifiers |
| CourtListener | Litigation and federal court-record search | Party name as a search query |
Payment providers
| Provider | Purpose | Data involved |
|---|
| Stripe | Payment processing and card storage | Billing identifiers and payment method (full card numbers are handled by Stripe, not stored by Verify) |
Communications providers
| Provider | Purpose | Data involved |
|---|
| Resend | Transactional email (e.g., verification, report delivery, password reset) | Recipient email address and message content |
| DocuSign | Optional e-signature integration (only when you connect it) | Envelope/agreement data you choose to send through the integration |
Analytics providers
| Provider | Purpose | Data involved |
|---|
| PostHog | Marketing-website usage analytics (consent-gated) | Marketing-page usage only — never contract contents, reports, or party identifiers |
Public data sources
To perform verifications, Verify queries or downloads from public and governmental record sources. Sanctions and watchlists are downloaded and matched within Verify, so no party data is sent to those sources; registry and litigation lookups send a party name or identifier as a search query.
| Provider | Purpose | Data involved |
|---|
| OFAC (US Treasury) sanctions | Sanctions / watchlist screening | List downloaded and matched within Verify (no data shared) |
| EU / UK / UN sanctions lists | Sanctions / watchlist screening | Lists downloaded and matched within Verify (no data shared) |
| SEC EDGAR | Securities / entity filings | Business name as a search query |
| California Secretary of State | Business registry verification | Business name as a search query |
| Delaware Division of Corporations | Business registry verification | Business name as a search query |
| BizProfile | Business profile enrichment | Business name as a search query |
| Public web search | Adverse-media / open-source signals | Party name as a search query |
Enterprise customers
Enterprise customers may request additional detail — including provider legal entities, processing regions, security commitments, and a Data Processing Addendum (DPA) — by contacting legal@verify.inc.
[Founder/legal decision: maintain provider legal-entity names, sub-processing regions, and a change-notification commitment in the enterprise DPA package.]
