Security Policy

Last Updated: May 25, 2025

At Verification Book, we take the security of your documents and personal information seriously. We implement strict technical and organizational safeguards to protect against unauthorized access, data breaches, and fraud.

Data Encryption

• All documents and personal data are encrypted using AES-256 while at rest.
• Data in transit is secured with SSL/TLS encryption (HTTPS) at all times.

Infrastructure & Storage

• Data is stored on Canadian servers (AWS and Hostinger - Toronto) with EU backups for GDPR users (Hostinger - Lithuania).
• Servers are housed in ISO 27001-certified data centers with 24/7 physical security and monitoring.

Access Controls

• Only authorized Verification Book personnel can access user data.
• Access is granted based on role-based permissions, subject to multi-factor authentication (MFA).

Security Testing

• Our platform undergoes periodic vulnerability scans and code audits.
• We are actively working toward SOC 2 Type II compliance.

Breach Notification Policy

In the unlikely event of a data breach:

• Affected users will be notified within 72 hours of detection.
• A detailed incident report will be shared, and remedial steps will be taken immediately.

Responsible Disclosure

We welcome ethical security researchers to report vulnerabilities:

Email: [email protected]