Verata Logo

Privacy Policy

Last updated on December 12, 2025

Verata, Inc. (“Verata,” “we,” or “us”) provides a B2B SaaS intelligence platform that aggregates financial and professional data to assist Private Equity firms, investors, and corporate strategists.

This Privacy Policy describes how we collect, use, and disclose information when you use our web-based application, API, and associated services (collectively, the “Platform”). It also describes how we process data regarding the executives and professionals profiled in our database.

1. Scope of this Policy

This policy covers two distinct groups of individuals:

  • Subscribers: Users who log in to the Verata Platform to conduct research (our customers).
  • Profiled Professionals: Executives, operators, and advisors whose professional information is included in the Verata intelligence database.

2. Information We Collect

A. Information About Subscribers (Our Customers)

When you register for access to Verata, request a demo, or use the Platform, we collect:

  • Account Credentials: Name, business email address, password, and username.
  • Commercial Information: Company affiliation, job title, and billing details (handled via third-party payment processors).
  • Device Telemetry: IP address, browser type, operating system, and session duration.

B. Information About Profiled Professionals (Our Database)

To provide market mapping and executive assessment tools, Verata aggregates "Professional Intelligence Data." This includes:

  • Identity Data: Name and professional headshots.
  • Career History: Current and past employment, job titles, and tenure.
  • Financial & Deal Metrics: Publicly available information regarding deal history, investment size, board seats held, and the corporate performance of companies managed.
  • Education & Affiliations: Universities attended, degrees earned, and professional memberships.

C. Cookies and Tracking Technologies

We and our third-party partners use cookies, web beacons, pixel tags, and similar technologies to collect information about your browsing activities and to distinguish you from other users. This aids in:

  • Functionality: Keeping you logged in.
  • Analytics: Understanding how users navigate our Platform (e.g., Google Analytics).
  • Security: detecting abnormal traffic patterns.

You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Platform, but your ability to use some features may be limited.

3. Sources of Data

Verata builds its Professional Intelligence Data from a variety of sources:

  • Public Government Records: SEC filings, regulatory disclosures, and corporate registries.
  • Public Online Sources: Publicly Available Information: Professional profiles, news articles, and websites where the data subject has manifestly made the information public or where the information is a matter of public record.
  • Third-Party Data Partners: We license data from vendors who aggregate business and financial information.
  • Inferred Data: We use proprietary algorithms to analyze public data and generate insights, such as estimated deal flow or industry expertise.

4. How We Use Your Information

For Subscribers

  • To grant access to the Platform and manage user authentication.
  • To process payments and manage subscriptions.
  • To provide customer support and training.
  • To monitor system health and prevent fraud.

For Profiled Professionals

  • Core Product Functionality: To allow PE firms and investors to source deals, find operating partners, and map talent markets.
  • Market Research: To generate aggregate statistics on industry trends (e.g., "Executive turnover in the Fintech sector").
  • Due Diligence: To help investors verify the track records of potential hires or advisors.

Important Notice Regarding FCRA Compliance

Verata is not a consumer reporting agency as defined by the Fair Credit Reporting Act (FCRA). The Professional Intelligence Data we provide is for general business intelligence and market research purposes only. Subscribers are strictly prohibited from using our Platform or data for the purpose of serving as a factor in establishing an individual's eligibility for employment, credit, insurance, or other purposes authorized under the FCRA.

5. Sharing and Disclosure of Information

We do not sell Subscriber personal data (your login info) to third parties. However, the core purpose of our business is licensing access to Professional Intelligence Data. As such, we share data as follows:

  • With Our Customers: Paying subscribers have access to the Professional Intelligence Data as part of their subscription.
  • Infrastructure Providers: We host our Platform and database on Amazon Web Services (AWS) and Microsoft Azure. These providers secure the physical and digital infrastructure where data resides.
  • Business Transfers: If Verata is involved in a merger, acquisition, or asset sale, data may be transferred as a business asset.
  • Legal Compliance: We may disclose information if required by law, subpoena, or other legal process.

6. Data Retention

  • Subscriber Data: Retained for the duration of the customer agreement plus a reasonable period for financial auditing and re-activation.
  • Professional Intelligence Data: Retained as long as the information remains professionally relevant and public. We periodically refresh data to ensure accuracy and remove obsolete records.

7. Security

Verata utilizes enterprise-grade security measures to protect data. Our Platform is hosted in the United States on AWS and Azure cloud infrastructure, utilizing encryption at rest and in transit. While we strive to protect your information, no software service is immune to potential threats.

8. Your Privacy Rights (U.S. States)

Depending on your state of residency (including but not limited to California, Colorado, Connecticut, Utah, Virginia, and Texas), you may have specific rights regarding your personal information.

Sale of Data Notice

Under definitions in the California Consumer Privacy Act (CCPA) and similar laws, providing our subscribers access to Professional Intelligence Data for a fee constitutes a "Sale" of personal data.

Your Rights

  • Right to Know/Access: You may request a report of the specific personal data Verata holds about you.
  • Right to Delete: You may request that we delete your profile from our database.
  • Right to Correct: You may request that we update incorrect professional information.
  • Right to Opt-Out: You have the right to opt out of the sale of your personal data.

How to Exercise These Rights

To submit a request or opt-out, please email privacy@veratainsight.com or visit https://veratainsight.com/opt-out.

9. Information for Users in Europe and the UK (GDPR)

Verata, Inc. is a United States-based company operating a global market intelligence platform. While our primary focus is the North American market, our database includes professional information regarding executives and entities located in the European Economic Area (EEA) and the United Kingdom (UK).

If you are located in these regions, the following disclosures apply to our processing of your personal data under the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

A. Our Roles: Controller vs. Processor

To understand your rights, it is important to distinguish how we handle data:

  • Verata as a Processor (Subscriber Data): When our customers (investment firms) log in to the Platform, create user accounts, or input their own proprietary notes, Verata acts as a Data Processor. We process this data strictly under the instructions of our customers and our binding Terms of Service.
  • Verata as a Controller (Professional Intelligence Data): Regarding the profiles of executives and operators in our database, Verata acts as a Data Controller. We determine the means and purposes of collecting this public professional data to generate market intelligence.

B. Lawful Basis for Processing

We process Professional Intelligence Data based on Legitimate Interests (Article 6(1)(f) GDPR).

We have conducted an internal assessment to balance these interests against individual privacy rights. Our processing is necessary to support the legitimate interests of the investment and business communities to:

  • Conduct professional due diligence and verify executive track records.
  • Facilitate capital allocation and deal sourcing in a global market.

Mitigating Factors: We strictly limit collection to professional data (B2B email addresses, career history, deal metrics) that is already manifestly made public by the data subject or available in government filings. We do not process special categories of data (e.g., health, biometric, or political data) nor private domestic contact details.

C. International Data Transfers

Verata is headquartered in the United States, and our infrastructure is located in US-based data centers. By using our Services or appearing in our database, your data is transferred to the United States.

We rely on Standard Contractual Clauses (SCCs) and appropriate data transfer addendums to ensure that such transfers comply with GDPR requirements. We further safeguard this data through technical measures, including encryption at rest and in transit, to ensure security during and after transfer to the US.

D. Security Measures

While Verata leverages the certified physical security of our cloud providers (AWS and Azure), we do not rely solely on their certifications. We implement our own application-level security controls, including:

  • Encryption: All database volumes are encrypted at rest (AES-256) and all traffic is encrypted in transit (TLS 1.2+).
  • Access Control: We enforce Multi-Factor Authentication (MFA) and strict Role-Based Access Control (RBAC) for all administrative access to our production environment.
  • Data Minimization: We restrict data ingestion to fields strictly necessary for professional market mapping.

E. Your Rights (and How to Exercise Them)

We respect the rights of EU/UK residents to control their data. You possess the following rights:

  • Right to Object: You have the absolute right to object to our processing of your data for direct marketing or profiling purposes. If you request removal, we will honor it immediately.
  • Right of Access & Rectification: You may request a copy of the data we hold on you or ask us to correct professional inaccuracies.
  • Right to Erasure: You may request the deletion of your profile from our intelligence database.

To exercise these rights, please email us directly at privacy@veratainsight.com.

F. Notice regarding Third-Party Collection (Article 14)

Verata aggregates data from public sources (such as regulatory filings and professional networks). Due to the scale of public data aggregation and the lack of direct contact information for some individuals, it may involve disproportionate effort (per GDPR Article 14(5)(b)) to individually notify every data subject at the moment of collection. This Privacy Policy serves as our public notice regarding our data processing activities. If you discover your profile on our platform and wish for it to be removed, please contact us, and we will promptly delete your data.

10. Children’s Privacy

Verata is a professional business tool. We do not knowingly collect information regarding individuals under the age of 18.

11. Changes to This Policy

We may update this policy to reflect changes in our tech stack or legal requirements. We will notify Subscribers of material changes via email or a platform notification.

Contact Us

For any privacy-related questions, please contact:

Verata Privacy Team
Email: privacy@veratainsight.com

Drive Returns Through Better Hires

Join leading private equity firms using Verata to make data-driven decisions with unprecedented confidence and efficiency

Request a DemoTalk to Sales