Privacy Policy
This Privacy Policy explains what personal data Veridict ("we", "us") collects when you use veridict.click and our newsletter and email services, why we collect it, how long we keep it, and the choices and rights you have. We try to keep this short and clear; if anything below is unclear, write to privacy@veridict.click.
1. Who we are
Veridict is an independent publisher of technology reviews. The data controller for the personal data described here is Veridict Media Ltd., registered in the State of Delaware, USA, with editorial operations in New York. You can reach our Data Protection Officer at privacy@veridict.click.
2. What we collect, and why
2.1 When you simply read the site
When you load a page on veridict.click, our servers automatically receive a small set of standard request data: your IP address, browser user-agent, the page you requested, and a referrer URL if your browser sends one. We use this only to deliver the page, detect abuse, and produce aggregate traffic statistics. We do not run third-party advertising trackers and we do not build behavioural profiles.
We use a single first-party cookie, vd_session, lasting for the length of your browser session, to remember preferences such as theme and consent state. No advertising or cross-site tracking cookies are set.
2.2 When you subscribe to the newsletter
If you subscribe to our newsletter we collect the email address you supply, the date you subscribed, the IP address used to subscribe (for spam protection), and aggregated open/click data so we can measure whether the newsletter is actually being read. You can unsubscribe at any time using the link in every email; doing so deletes your address from our active list within 7 days.
2.3 When you contact us
If you write to one of our editorial inboxes we'll receive whatever you choose to send. We retain that correspondence for as long as necessary to handle the matter and meet our recordkeeping obligations, typically up to 24 months.
2.4 What we don't collect
We do not collect payment data on this site. We do not run third-party advertising or analytics products that profile readers across other sites. We do not buy, sell, rent or "share" your personal data with third parties for their own marketing purposes.
3. Legal bases (UK / EU / EEA readers)
We rely on the following legal bases under UK GDPR and EU GDPR:
- Legitimate interests — operating and securing the website, producing aggregate analytics.
- Consent — sending the newsletter, setting non-essential cookies. You can withdraw consent at any time.
- Contract — fulfilling paid newsletter subscriptions.
- Legal obligation — meeting accounting, tax and lawful-request requirements.
4. How long we keep data
- Server access logs: 30 days, then aggregated.
- Newsletter email address: until you unsubscribe, plus a 12-month suppression list to avoid re-subscribing you by mistake.
- Editorial correspondence: up to 24 months unless we need it longer for a published correction or legal matter.
- Billing records (paid subscriptions): 7 years, as required by tax law.
5. Sharing & processors
We use a small number of carefully selected service providers ("processors") strictly to operate the site and our communications. Each is bound by a data-processing agreement and may only act on our instructions. Today these are:
- Hosting / CDN — to serve the website and keep it online.
- Email delivery — to send transactional and newsletter messages.
- Customer support — to manage editorial and reader email.
- Payments (paid subscriptions only) — to authorise charges; we never store card data ourselves.
A current list of processors is available on request from privacy@veridict.click.
6. International transfers
Our hosting and email infrastructure is located in the United States and the European Union. Where personal data of EU/UK residents is transferred to the United States, we rely on Standard Contractual Clauses (2021) with our processors and, where applicable, the EU-US Data Privacy Framework.
7. Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, port, or object to processing of your personal data. EU/UK readers also have the right to lodge a complaint with their supervisory authority. California residents have rights under the CCPA/CPRA, including the right to know what we collect and a right to delete; we do not "sell" or "share" personal information as those terms are defined in the CCPA.
To exercise any right, write to privacy@veridict.click from the address associated with your data, or include enough information for us to verify your identity. We respond within 30 days.
8. Cookies
See our Cookie Policy for the full list of cookies we set and the controls available to you. In short: one first-party session cookie, no third-party advertising cookies.
9. Children
Veridict is intended for an adult audience and is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please write to privacy@veridict.click and we will delete it.
10. Security
We maintain reasonable technical and organisational measures to protect personal data: TLS in transit, encryption at rest, role-based access on a need-to-know basis, mandatory MFA for staff, and an incident-response plan. No system is perfectly secure; if a breach affects you we will notify you and the relevant authorities as required by law.
11. Changes
If we change this policy we will update the "last updated" date above and, for material changes, notify newsletter subscribers by email at least 14 days before the change takes effect.
12. Contact
Questions, complaints, or requests: privacy@veridict.click. Postal address available on request.