Privacy Policy for ScamVerify™ LLC

ScamVerify™ LLC ("we," "us," or "our") operates the ScamVerify.ai website (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide

• Phone Numbers: When you use our phone number verification service, you submit phone numbers for analysis. We store these numbers to provide our service and improve scam detection.
• Community Reports: If you submit a report about a phone number, we collect the report type, any comments you provide, and whether you answered the call.
• Contact Information: If you contact us directly, we may receive additional information such as your name, email address, and the contents of your message.
• Account Information: When you create an account, we collect your first name, last name, email address, and password (stored as a secure hash). If you sign in with Google, we receive your name, email, and profile picture from Google.
• Watchlist Data: If you add phone numbers to your watchlist, we store these numbers along with the risk score at the time you added them and when they were added.
• Lookup History: When you are logged in, we store your phone number search history including the numbers searched, risk scores at the time of lookup, and timestamps.
• Notification Preferences: We store your preferences for email alerts, alert frequency, and alert thresholds.

1.2 Information Collected Automatically

• Device Information: We collect information about your device, including browser type, operating system, and device identifiers.
• Usage Data: We collect information about how you use our Service, including pages visited, time spent on pages, and click patterns.
• IP Address: We collect and hash your IP address for rate limiting, fraud prevention, and to prevent duplicate reports. We do not store your raw IP address.
• Cookies: We use essential cookies for site functionality. We also use cookies from third-party advertising partners (see Section 11: Advertising below).
• Session Data: We store session tokens to keep you logged in. If you select "Remember me," your session persists for 30 days.

1.3 Analytics

We use PostHog Analytics to understand how visitors use our site and to improve our service. PostHog collects aggregated and anonymous data including page views, referral sources, browser type, and general location. This data helps us understand usage patterns and improve our service. For more information, visit posthog.com/privacy.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our phone number verification service
• Analyze phone numbers for scam likelihood using AI and community data
• Display aggregated community reports and risk assessments
• Prevent fraud, abuse, and duplicate submissions
• Respond to your comments, questions, and requests
• Monitor and analyze trends, usage, and activities
• Comply with legal obligations
• Send you email notifications about changes to phone numbers on your watchlist (if you have enabled alerts)
• Track changes to phone numbers including risk score changes, new complaints, and carrier changes to provide watchlist alerts
• Authenticate your account and maintain your session

3. How We Share Your Information

We may share your information in the following circumstances:

• Aggregated Data: We display aggregated, anonymized community report data publicly on our website to help other users identify potential scams.
• Service Providers: We share data with third-party service providers who perform services on our behalf, including Twilio (phone number verification) and Anthropic (AI analysis).
• Authentication Providers: If you choose to sign in with Google, we exchange data with Google to authenticate your account. We receive your name, email, and profile picture. See Google's Privacy Policy for more information.
• Email Service Provider: We use Resend to send transactional emails including account verification, password reset, and watchlist alert notifications.
• Legal Requirements: We may disclose information if required by law, regulation, or legal process.
• Protection of Rights: We may disclose information to protect the rights, property, or safety of ScamVerify™ LLC, our users, or others.

4. Data Retention

We retain phone number lookup data and community reports indefinitely to maintain our database of scam phone numbers and help protect future users. Rate limiting data is retained for 24 hours. You may request deletion of specific data by contacting us.

• Account data is retained until you delete your account.
• Watchlist data and lookup history are retained until you delete them or delete your account.
• Email verification tokens expire after 24 hours.
• Password reset tokens expire after 1 hour.

5. Your Privacy Rights

5.1 California Residents (CCPA)

If you are a California resident, you have the right to:

• Know what personal information we collect about you
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising your privacy rights

5.2 European Residents (GDPR)

If you are a resident of the European Economic Area, you have the right to:

• Access your personal data
• Correct inaccurate personal data
• Request erasure of your personal data
• Object to processing of your personal data
• Data portability
• Withdraw consent at any time

5.3 Account Data Management

You can manage your data through your account settings:

• View and edit your profile information
• Clear your lookup history
• Remove numbers from your watchlist
• Delete your account and all associated data

To delete your account, go to Settings > Privacy & Data > Delete Account. This permanently removes your account, watchlist, lookup history, and all associated data.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure.

7. Third-Party Services

Our Service uses the following third-party services:

• Twilio: For phone number verification and carrier lookup. Twilio Privacy Policy
• Anthropic: For AI-powered scam analysis. Anthropic Privacy Policy
• Google Sign-In: For authentication if you choose to sign in with Google. Google Privacy Policy
• Resend: For sending transactional emails (verification, password reset, alerts). Resend Privacy Policy

We also access publicly available government databases:

• FTC Do Not Call Complaints: Public consumer complaint data from the Federal Trade Commission
• FCC Consumer Complaints: Public complaint data from the Federal Communications Commission

Accessing these federal databases does not involve sharing your personal information with these agencies. We query their public data to enhance scam detection.

8. Children's Privacy

Our Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13, we will delete that information promptly.

9. Do Not Track

We do not track users across third-party websites ourselves and therefore do not respond to Do Not Track (DNT) signals. However, our advertising partners (Google AdSense) may use cookies to serve personalized ads. See Section 11 for your advertising choices.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Advertising

We use Google AdSense to display advertisements on our website. Google AdSense uses cookies and similar technologies to serve ads based on your prior visits to our website and other websites on the internet.

11.1 How Google Uses Your Data

Google and its advertising partners may:

• Use cookies to personalize the ads you see based on your interests
• Collect information about your visits to this and other websites to provide relevant advertisements
• Use device identifiers and browsing data for ad targeting and measurement

11.2 Your Advertising Choices

You have several options to control advertising:

• Ad Personalization Settings: You can opt out of personalized advertising by visiting Google's Ads Settings at https://www.google.com/settings/ads
• European Users (GDPR): If you are in the European Economic Area, UK, or Switzerland, you will see a consent dialog when first visiting our site allowing you to accept or decline personalized ads
• California Users (CCPA): If you are in California, you can opt out of the sale of personal information through the "Do Not Sell My Personal Information" option in our cookie settings
• Industry Opt-Out: You can opt out of third-party vendor cookies for personalized advertising by visiting www.aboutads.info/choices or www.networkadvertising.org/choices

11.3 Advertising Partners

Our advertising is provided by Google AdSense. For more information about how Google uses data when you use our site, visit: https://policies.google.com/technologies/partner-sites

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your privacy rights, please contact us.