Trust Center
Security, privacy, and compliance information for BillionVerify customers
Last updated: May 30, 2026
This Trust Center describes the controls, workflows, and public policy pages BillionVerify uses to help protect customer accounts, verification data, billing records, and uploaded files. It is intended for customer security reviews, GDPR-related questions, and vendor onboarding. Formal commitments are made only in the applicable service terms, signed agreements, or written terms that apply to a customer relationship.
Trust Documents
Security OverviewInfrastructure, access control, monitoring, incident response, and backup practices.GDPRController and processor roles, data subject rights, deletion behavior, and transfers.Data Processing AgreementDPA review information, processing scope, subprocessors, deletion, and SCC reference.SubprocessorsService providers and processing recipients involved in operating BillionVerify.Data RetentionHow account data, verification records, uploaded files, logs, billing, and backups are retained.Privacy PolicyPersonal data collection, use, sharing, retention, and user rights.Cookie PolicyEssential cookies, consent storage, optional analytics, support tools, and browser controls.Terms of ServiceService rules, acceptable use, billing terms, and legal terms.
Compliance Status
| Item | Status |
|---|---|
| GDPR | Operational support is documented through role definitions, DSAR/GDPR workflows, deletion handling, retention notes, and audit logging for GDPR-related actions. |
| DPA | Customers that need data processing terms should contact us; legal review and execution are handled outside this public page. |
| SOC 2 | BillionVerify does not currently maintain a completed SOC 2 attestation. |
| Subprocessors | Published for review; customer-specific notice requirements should be handled through the DPA process. |
| Data Retention | Documented by data category; fixed deletion periods are published only where supported by enforceable product or infrastructure controls. |
Operational Commitments
- Customer-facing verification history and credit history are minimized to statistics by default.
- Account deletion removes the active account identity and access credentials while preserving required historical business records under restricted internal access.
- Uploaded source or original file downloads are available for 1 day, and verification result details and result file downloads are available for 7 days.
- DSAR exports and GDPR-related support actions are separated from dashboard history and recorded in the GDPR audit workflow.
Request Documents
For procurement reviews, DPA questions, security questionnaires, or requests for clarification about subprocessors and retention, contact the BillionVerify team at support@billionverify.com.
BillionVerify Support
Email: support@billionverify.com
Website: billionverify.com