Contact Sales

Privacy Policy

Effective Date: January 1, 2026

Veridian Systems Pte. Ltd. ("Veridian", "we", "our", or "us"), headquartered at 71 Robinson Road, #14-01, Singapore 068895, is committed to safeguarding the privacy and data security of the end-consumers and enterprise partners utilizing our cryptographic hardware tags, mobile software development kits (SDKs), and enterprise trace platforms (collectively, the "Services").

This Privacy Policy governs the collection, use, transmission, and retention of data associated with our Services. By interacting with any Veridian-provisioned hardware tag (VeriTag), integrating the VeriScan SDK, or logging into the VeriTrace dashboard, you explicitly acknowledge and consent to the data practices described herein. We adhere rigorously to the Singapore Personal Data Protection Act 2012 (PDPA) and strictly apply the General Data Protection Regulation (GDPR) parity standards globally.

1. Information We Collect

We operate on the principle of absolute data minimization. Our infrastructure is fundamentally designed to authenticate products, not to track personal consumer identities. The data we process is bifurcated into two categories:

1.1. Core Authentication Telemetry (Anonymous Data)

  • Hardware Cryptographic Metadata: Rolling dynamic CMAC (Cipher-based Message Authentication Code) outputs, tag UID, and scan iteration counters generated entirely by the NFC/QR tag hardware logic.
  • Non-Precise Geolocation Data: IP-derived or coarse-grained GPS location (typically accurate only to the city or postal code level) fetched upon the point of scan.
  • Temporal Logic: UTC timestamps representing the exact moment an authentication threshold was queried and resolved.
  • Device Hardware Footprint: Base OS configuration (e.g., iOS or Android version) strictly for anomaly detection, SDK integrity, and anti-spoofing verification vectors.

1.2. Enterprise & Partner Data (Identifiable Data)

  • Account Details: For users accessing VeriTrace and VeriShield, we collect corporate emails, billing information, IP bounds, and operational credentials.
  • Blockchain Identity Links (Op-In): Should an end-user opt into partner token-reward networks (e.g. Torium Network's "Scan & Earn"), an encrypted wallet address pointer will be transmitted to verify reward disbursements. **Veridian mathematically segregates the hardware verification nonces from any personally identifiable cryptographic addresses.**

2. How We Use the Information

The aggregated telemetry and verification sequences are utilized exclusively to:

  • Perform Real-Time Authentication: Determine whether the scanned hardware tag yields a mathematically sound private-key signature.
  • Detect and Prevent Counterfeiting: Utilizing the VeriShield platform to actively identify simultaneous geographical anomalies (e.g., identical tags scanned globally at once) or unauthorized mass-scan automation botnets.
  • Supply Chain Reconciliation: Provide our enterprise brand-partners with obfuscated visual dashboards verifying how products flow through legitimate retail networks.

3. Blockchain and Permanent Ledgers

Data immutability represents the foundation of verifying truth. To ensure that our manufacturers can prove compliance in perpetuity, specific scan verifications may be cryptographically hashed (SHA-256) and anchored to public or consortium blockchain networks (such as Cosmos-based app chains). Because cryptographic hashes are one-way functions, it is computationally impossible to reverse-engineer personal locations or personal data from the ledger. Once published, these records are immutable.

4. Sharing of Information

We unconditionally do not sell, rent, or broker your personal behavior tracking data to advertising networks or external third parties. Data is shared only under strict NDAs in the following scenarios:

  • Enterprise Clients: The manufacturer whose product was scanned will receive the coarse location and authentication state.
  • Judicial Authorities & Law Enforcement: Interpol, WHO compliance boards, or federal entities inquiring into transnational counterfeit operations impacting public health and safety.

5. Contact and Subject Access Requests

As an end-user, under GDPR and similar global statutes, you retain the active right to request data erasure (Right to be Forgotten), port your operational metrics, or restrict data profiling. To enact any privacy rights, reach out directly to our Data Protection Officer (DPO).

Email: privacy@veridiansystems.net
Address: Veridian Systems DPO, 71 Robinson Road, #14-01, Singapore 068895