Effective: May 27, 2026  ·  Last Updated: May 27, 2026

1. Introduction

Veranda Digital Inc. ("Veranda," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the Veranda mobile application ("App").

By using the App, you consent to the practices described in this Privacy Policy. If you do not agree with this Policy, please do not use the App.

This Privacy Policy applies to users in Canada and the United States and is designed to comply with applicable privacy laws, including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable US state privacy laws.

2. Information We Collect

2.1 Information You Provide Directly

Data Type Description
Name First and last name provided during account registration
Email Address Used for authentication, account management, and notifications
Password Stored in hashed/encrypted form; never stored in plain text
Lock Sharing Contacts Email addresses you enter when sharing lock access with other users

2.2 Information Collected Automatically

Data Type Description
Lock Activity Logs Records of lock/unlock events, timestamps, and the user who triggered them
Lock Schedules Access schedules you create for your locks
Telemetry Data Temperature readings and battery level data from your lock hardware
Bluetooth Usage The App uses your device's Bluetooth to communicate with lock hardware. Lock command events are logged; raw Bluetooth signals are not stored.
Push Notification Data Device tokens used to deliver push notifications about lock events
App Usage Data Session activity, feature interactions, and error logs used for diagnostics and improvement

2.3 Information We Do Not Collect

We do not collect:

  • Location/GPS data
  • Camera or microphone data
  • Contacts from your device address book
  • Biometric data

3. How We Use Your Information

Purpose Legal Basis (PIPEDA)
Providing and operating the App Contractual necessity
Authenticating your identity Contractual necessity
Delivering lock control commands Contractual necessity
Sending push notifications about lock events Consent (you may opt out in device settings)
Displaying lock activity history to you Contractual necessity
Enabling lock sharing between users Consent (you initiate each share)
Diagnosing technical issues and improving the App Legitimate interest
Complying with legal obligations Legal obligation
Communicating account-related information Contractual necessity / Legitimate interest

We do not sell your personal information to third parties. We do not use your data for targeted advertising.

4. Lock Sharing and Other Users

When you use the lock sharing feature:

  • The email address of the person you are sharing with is transmitted to our servers to identify their account.
  • That user will be able to see that you have granted them access and will be able to operate the lock.
  • Activity by shared users on your lock will be visible to you in your activity log.
  • The names and emails of users sharing your lock are displayed within the App.

If another user adds your email to share a lock with you, we will process your information to facilitate that access grant. You may contact us to request removal of such access records.

5. Data Storage and Transfer

5.1 Where Your Data is Stored

Your data is stored on servers managed through Amazon Web Services (AWS), located in:

  • Canada (AWS ca-central-1 region)
  • United States (AWS us-east-1 and/or us-west-2 regions)

By using the App, you consent to your data being stored and processed in both Canada and the United States.

5.2 Cross-Border Transfers

If you are located in Canada, your data may be transferred to and processed in the United States. When such transfers occur, we take steps to ensure your data is afforded substantially similar protection through contractual safeguards with our service providers, including AWS Standard Contractual Clauses where applicable.

5.3 Data Security

We implement industry-standard security measures to protect your personal information, including:

  • Encryption of data in transit (TLS/HTTPS)
  • Encryption of passwords at rest (hashing with bcrypt or equivalent)
  • Access controls limiting who within Veranda can access user data
  • Regular security monitoring of our infrastructure

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

Data Type Retention Period
Account information (name, email) Until account deletion, then 30 days for backup expiry
Lock activity logs 12 months of rolling history
Telemetry data (temperature, battery) 12 months of rolling history
Lock schedules Until deleted by you or account termination
Push notification tokens Until you uninstall the App or revoke notification permissions
Diagnostic/error logs 90 days

After the retention period, data is permanently deleted or anonymized.

7. Sharing Your Information

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

7.1 Service Providers

We share data with trusted third-party service providers who assist us in operating the App, including:

  • Amazon Web Services (AWS) — cloud infrastructure, database storage, and server hosting

These providers are contractually obligated to protect your data and may only use it for the specific services they provide to us.

7.2 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to:

  • Comply with a legal obligation
  • Protect the rights, property, or safety of Veranda, our users, or the public
  • Detect, investigate, or prevent fraud or security incidents

7.3 Business Transfers

If Veranda is involved in a merger, acquisition, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice in the App if such a transfer occurs.

7.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

8. Your Privacy Rights

8.1 Canadian Users (PIPEDA)

Under PIPEDA, you have the right to:

  • Access — Request a copy of the personal information we hold about you
  • Correction — Request that we correct inaccurate or incomplete information
  • Withdrawal of Consent — Withdraw consent for processing where consent is the legal basis (note: this may limit your ability to use certain features)
  • Complaint — File a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca

8.2 US Users

Depending on your state of residence, you may have additional rights under applicable state privacy laws, including the right to:

  • Know what personal information we have collected about you
  • Request deletion of your personal information
  • Opt out of the sale of personal information (note: we do not sell personal information)
  • Non-discrimination for exercising your privacy rights

8.3 Exercising Your Rights

To exercise any of the above rights, please contact us at: software@getveranda.com

We will respond to verifiable requests within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.

9. Children's Privacy

The App is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a person under 18, we will promptly delete that information. If you believe we have collected information from a minor, please contact us at software@getveranda.com.

10. Push Notifications

The App may send push notifications to your device regarding lock events (e.g., lock opened, lock closed, schedule triggered). You can manage or disable push notifications at any time through your device's operating system settings. Disabling notifications does not affect your ability to use the App.

11. Bluetooth

The App uses your device's Bluetooth capabilities to establish a local connection with your Veranda lock hardware. Bluetooth communication happens directly between your device and the lock. We do not transmit raw Bluetooth data to our servers; only the resulting lock command events (e.g., "lock activated via Bluetooth at [timestamp]") are logged.

12. Third-Party Links and Services

The App may reference or link to third-party services or websites. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party service you use.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this document and, where required by law, notify you by email or through a notice in the App.

Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:

Veranda Digital Inc.
Privacy Officer
Email: software@getveranda.com
Website: www.getveranda.com

For Canadian privacy complaints that we are unable to resolve, you may also contact:

Office of the Privacy Commissioner of Canada
Website: www.priv.gc.ca
Phone: 1-800-282-1376

Sign up to receive updates and availability announcements for the Veranda System.