Privacy Policy
Effective: May 27, 2026 · Last Updated: May 27, 2026
1. Introduction
Veranda Digital Inc. ("Veranda," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use the Veranda mobile application ("App").
By using the App, you consent to the practices described in this Privacy Policy. If you do not agree with this Policy, please do not use the App.
This Privacy Policy applies to users in Canada and the United States and is designed to comply with applicable privacy laws, including Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable US state privacy laws.
2. Information We Collect
2.1 Information You Provide Directly
| Data Type | Description |
|---|---|
| Name | First and last name provided during account registration |
| Email Address | Used for authentication, account management, and notifications |
| Password | Stored in hashed/encrypted form; never stored in plain text |
| Lock Sharing Contacts | Email addresses you enter when sharing lock access with other users |
2.2 Information Collected Automatically
| Data Type | Description |
|---|---|
| Lock Activity Logs | Records of lock/unlock events, timestamps, and the user who triggered them |
| Lock Schedules | Access schedules you create for your locks |
| Telemetry Data | Temperature readings and battery level data from your lock hardware |
| Bluetooth Usage | The App uses your device's Bluetooth to communicate with lock hardware. Lock command events are logged; raw Bluetooth signals are not stored. |
| Push Notification Data | Device tokens used to deliver push notifications about lock events |
| App Usage Data | Session activity, feature interactions, and error logs used for diagnostics and improvement |
2.3 Information We Do Not Collect
We do not collect:
- Location/GPS data
- Camera or microphone data
- Contacts from your device address book
- Biometric data
3. How We Use Your Information
| Purpose | Legal Basis (PIPEDA) |
|---|---|
| Providing and operating the App | Contractual necessity |
| Authenticating your identity | Contractual necessity |
| Delivering lock control commands | Contractual necessity |
| Sending push notifications about lock events | Consent (you may opt out in device settings) |
| Displaying lock activity history to you | Contractual necessity |
| Enabling lock sharing between users | Consent (you initiate each share) |
| Diagnosing technical issues and improving the App | Legitimate interest |
| Complying with legal obligations | Legal obligation |
| Communicating account-related information | Contractual necessity / Legitimate interest |
We do not sell your personal information to third parties. We do not use your data for targeted advertising.
4. Lock Sharing and Other Users
When you use the lock sharing feature:
- The email address of the person you are sharing with is transmitted to our servers to identify their account.
- That user will be able to see that you have granted them access and will be able to operate the lock.
- Activity by shared users on your lock will be visible to you in your activity log.
- The names and emails of users sharing your lock are displayed within the App.
If another user adds your email to share a lock with you, we will process your information to facilitate that access grant. You may contact us to request removal of such access records.
5. Data Storage and Transfer
5.1 Where Your Data is Stored
Your data is stored on servers managed through Amazon Web Services (AWS), located in:
- Canada (AWS ca-central-1 region)
- United States (AWS us-east-1 and/or us-west-2 regions)
By using the App, you consent to your data being stored and processed in both Canada and the United States.
5.2 Cross-Border Transfers
If you are located in Canada, your data may be transferred to and processed in the United States. When such transfers occur, we take steps to ensure your data is afforded substantially similar protection through contractual safeguards with our service providers, including AWS Standard Contractual Clauses where applicable.
5.3 Data Security
We implement industry-standard security measures to protect your personal information, including:
- Encryption of data in transit (TLS/HTTPS)
- Encryption of passwords at rest (hashing with bcrypt or equivalent)
- Access controls limiting who within Veranda can access user data
- Regular security monitoring of our infrastructure
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information (name, email) | Until account deletion, then 30 days for backup expiry |
| Lock activity logs | 12 months of rolling history |
| Telemetry data (temperature, battery) | 12 months of rolling history |
| Lock schedules | Until deleted by you or account termination |
| Push notification tokens | Until you uninstall the App or revoke notification permissions |
| Diagnostic/error logs | 90 days |
After the retention period, data is permanently deleted or anonymized.
7. Sharing Your Information
We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:
7.1 Service Providers
We share data with trusted third-party service providers who assist us in operating the App, including:
- Amazon Web Services (AWS) — cloud infrastructure, database storage, and server hosting
These providers are contractually obligated to protect your data and may only use it for the specific services they provide to us.
7.2 Legal Requirements
We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to:
- Comply with a legal obligation
- Protect the rights, property, or safety of Veranda, our users, or the public
- Detect, investigate, or prevent fraud or security incidents
7.3 Business Transfers
If Veranda is involved in a merger, acquisition, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice in the App if such a transfer occurs.
7.4 With Your Consent
We may share your information for any other purpose with your explicit consent.
8. Your Privacy Rights
8.1 Canadian Users (PIPEDA)
Under PIPEDA, you have the right to:
- Access — Request a copy of the personal information we hold about you
- Correction — Request that we correct inaccurate or incomplete information
- Withdrawal of Consent — Withdraw consent for processing where consent is the legal basis (note: this may limit your ability to use certain features)
- Complaint — File a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca
8.2 US Users
Depending on your state of residence, you may have additional rights under applicable state privacy laws, including the right to:
- Know what personal information we have collected about you
- Request deletion of your personal information
- Opt out of the sale of personal information (note: we do not sell personal information)
- Non-discrimination for exercising your privacy rights
8.3 Exercising Your Rights
To exercise any of the above rights, please contact us at: software@getveranda.com
We will respond to verifiable requests within 30 days (or as required by applicable law). We may need to verify your identity before processing your request.
9. Children's Privacy
The App is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a person under 18, we will promptly delete that information. If you believe we have collected information from a minor, please contact us at software@getveranda.com.
10. Push Notifications
The App may send push notifications to your device regarding lock events (e.g., lock opened, lock closed, schedule triggered). You can manage or disable push notifications at any time through your device's operating system settings. Disabling notifications does not affect your ability to use the App.
11. Bluetooth
The App uses your device's Bluetooth capabilities to establish a local connection with your Veranda lock hardware. Bluetooth communication happens directly between your device and the lock. We do not transmit raw Bluetooth data to our servers; only the resulting lock command events (e.g., "lock activated via Bluetooth at [timestamp]") are logged.
12. Third-Party Links and Services
The App may reference or link to third-party services or websites. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party service you use.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last Updated" date at the top of this document and, where required by law, notify you by email or through a notice in the App.
Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Privacy Officer:
Veranda Digital Inc.
Privacy Officer
Email: software@getveranda.com
Website: www.getveranda.com
For Canadian privacy complaints that we are unable to resolve, you may also contact:
Office of the Privacy Commissioner of Canada
Website: www.priv.gc.ca
Phone: 1-800-282-1376
Sign up to receive updates and availability announcements for the Veranda System.