1. Who We Are
EthosVerify ("we," "our," or "us") operates the website ethosverifys.web.id and provides an identity and business verification platform. We are a B2B SaaS company serving online marketplace operators, freelance platforms, and digital service providers. For questions about this policy, contact us at hello@ethosverifys.web.id.
2. Information We Collect
2.1 Information You Provide Directly
When you create an EthosVerify account (as a platform operator), we collect:
- Full name — to identify your account
- Email address — for account communication, verification, and login
- Password — stored as a salted hash, never in plaintext
- Company name and business information — if you choose to provide it
When your end-users undergo verification through our platform, we may process:
- Government-issued identification documents (KTP, SIM, passport) — uploaded by the end-user
- Name, date of birth, and address as extracted from identity documents
- Email address and phone number — for verification purposes
- Business registration documents — for business verification
2.2 Information Collected Automatically
- Log data: IP address, browser type, operating system, referring URL, pages visited, timestamps
- Device information: device type, screen resolution, language settings
- Usage analytics: feature usage, API call counts, error rates (aggregated, not tied to individual users)
2.3 Information We Do NOT Collect
- We do not purchase or rent email lists from third parties
- We do not scrape email addresses from websites or public sources
- We do not collect sensitive personal data beyond what is required for verification services
- We do not use tracking cookies for advertising or cross-site tracking purposes
3. How We Use Your Email Address
Email addresses collected by EthosVerify are used exclusively for the following purposes:
- Account creation and management: confirming registration, password resets, login security alerts
- Verification services: sending email verification links to confirm ownership
- Service notifications: billing receipts, plan changes, scheduled maintenance, policy updates
- Security alerts: new device login notifications, suspicious activity warnings
We never use email addresses for marketing to third parties, selling to data brokers, or sending unsolicited commercial email. Every email address in our system was provided voluntarily by its owner during account registration or verification.
For detailed information about our email practices, see our Email Communication Policy.
4. How We Use Identification Data
Identity documents and personal data submitted for verification are used exclusively for the verification process:
- Extracting data fields (name, ID number, date of birth) to compare against user-provided information
- Checking document authenticity through automated fraud detection
- Generating a verification result and trust score for our customer (the platform operator)
We do not use verification data for any purpose other than providing the verification service to our customer.
5. Data Sharing and Disclosure
We do not sell, rent, or trade personal data. We may share data only in these limited circumstances:
- With our customers (platform operators): Verification results are shared with the platform that requested the verification. This is the core purpose of our service.
- Service providers: We use AWS (Amazon Web Services) for hosting and Amazon SES for email delivery. Data is processed on AWS infrastructure in the ap-southeast-1 (Singapore) region.
- Legal compliance: If required by law, court order, or government regulation, we may disclose data. We will notify affected users unless prohibited by law.
6. Data Retention
- Account data: Retained for the life of your account plus 30 days after account deletion.
- Verification documents: Retained for 90 days after verification completion, then automatically purged. Our customers may configure shorter retention periods.
- Email logs: Delivery logs retained for 30 days for troubleshooting. Email content is not stored after delivery.
- Backup archives: Encrypted backups retained for up to 12 months for disaster recovery purposes.
You may request deletion of your data at any time by contacting support@ethosverifys.web.id. We will process deletion requests within 30 days.
7. Security Practices
We implement industry-standard security measures to protect your data:
- All data transmitted between your browser and our servers is encrypted using TLS 1.3
- Data at rest is encrypted using AES-256
- Passwords are hashed using bcrypt with per-user salts
- We enforce multi-factor authentication for all internal administrative access
- Regular security audits and vulnerability assessments are conducted
For more detail, see our Security page.
8. User Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Correct inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to certain processing of your data
To exercise any of these rights, contact us at privacy@ethosverifys.web.id. We will respond within 30 days.
9. Cookies
EthosVerify uses only essential cookies required for the platform to function:
- Session cookies: Maintain your authenticated session while using the platform. These expire when you close your browser.
- Preference cookies: Remember your language and display preferences. These are optional.
We do not use advertising cookies, tracking cookies for third-party analytics, or any cookies that track you across other websites.
10. Children's Privacy
EthosVerify is a B2B service not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify registered users via email at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact Information
For privacy-related inquiries:
- Email: privacy@ethosverifys.web.id
- General inquiries: hello@ethosverifys.web.id
- Support: support@ethosverifys.web.id
- Website: ethosverifys.web.id