Privacy Policy

Last updated: 18 December 2025

This Privacy Policy explains how Verifex Security Services Ltd ("Verifex" "we," "our," or "us") collects, uses, discloses, and protects personal information when you use our website (including www.verifexglobal.com) and related services (together, the "Services"). It also describes your rights and choices regarding your personal data.

By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, please do not use our Services.

1. Who We Are and How to Contact Us

Verifex Security Services provides a QR-code based product authentication and anti-counterfeiting platform used by brand owners and their customers to verify whether products are genuine.

If you have any questions about this Privacy Policy or our data practices, or if you wish to exercise your privacy rights, you can contact us at:

  • Email: privacy@verifexglobal.com
  • Postal address: Verifex Security Services Ltd, Kaduna 1 Plaza, Shop D05 Trade Fair Complex, Lagos, Nigeria

2. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our websites and landing pages.
  • Consumers who scan Verifex QR codes on products and access our verification pages.
  • Brand customers and their authorized users who log into our dashboards or administration tools.

It does not apply to third-party websites, apps, or services that may be linked to or from our Services. Those services have their own privacy policies.

3. Information We Collect

The exact information we collect depends on how you interact with Verifex Securities. We aim to collect only what is necessary to provide and improve our Services and to protect brands and consumers from counterfeit products.

3.1 Information You Provide to Us Directly

  • Account and profile data (brand customers): Name, email address, password, job title, company name, contact details. Preferences, settings, and communications with our support team.
  • Reports of suspected counterfeit products (consumers or brand users): Name and contact details (if you choose to provide them). Purchase location, seller name, invoice or receipt details (where applicable). Photos or descriptions of the product and packaging. Any other information you decide to share in free-text fields.
  • Contact and communication data: Email address and any content you send us when you request information, support, or a demo.

3.2 Information We Collect Automatically

When you scan a Verifex QR code or use our website, we automatically collect certain technical and usage information, including:

  • Device and technical data: IP address, browser type and version, device type, operating system, language settings, and referring URLs.
  • Usage and interaction data: Pages visited, features used, date and time of access, time spent, clicks, and other diagnostic information.
  • Scan event data (product authentication): The unique verification code scanned. Scan outcome (e.g., genuine, repeated, or invalid/fake). Exact time and approximate location of the scan.

3.3 Location Information

To support brand protection and fraud detection, we collect approximate location related to scan events:

  • IP-based location (e.g., city, region, country) derived from your IP address.
  • More precise device location (where enabled) collected via your browser or device permissions. You can control whether to share precise location via your device or browser settings.

We do not use location information to track individuals for unrelated marketing without consent. It is used primarily to detect unusual scan patterns and support brand protection and safety.

4. How We Use Your Information

We use personal information for the following purposes, in each case based on applicable legal grounds such as contract performance, legitimate interests, consent, and/or legal obligations.

4.1 To Provide and Operate the Services

  • Authenticate products when QR codes are scanned and display verification results (genuine, repeated, or fake).
  • Show product images, brand information, scan time, and approximate location where appropriate.
  • Create and manage brand customer accounts and admin dashboards.

4.2 To Improve Security and Fight Counterfeiting

  • Detect repeated use of the same code, especially from different locations, and generate fraud alerts for brand owners and Verifex admins.
  • Analyze scan patterns over time and by geography to identify suspicious activity and high-risk regions.
  • Support brand owners and, where appropriate, law enforcement agencies in investigating counterfeit products.

4.3 To Communicate With You

  • Respond to your inquiries and support requests.
  • Send service-related communications, such as security notices, changes to our terms, or system updates.
  • Send onboarding, training, or feature information to registered brand users.

4.4 To Maintain and Improve Our Services

  • Monitor usage trends, performance, and stability.
  • Debug and troubleshoot technical issues.
  • Develop new features and enhancements based on aggregate usage patterns.

4.5 To Comply With Legal and Regulatory Obligations

  • Maintain records required by law.
  • Respond to lawful requests from authorities, regulators, or law enforcement.
  • Enforce our terms of service and protect our rights, privacy, safety, or property, and that of our users and partners.

We do not sell personal data to third parties.

5. How We Share Your Information

We may share personal information in the limited circumstances described below.

5.1 With Brand Customers

When you scan a code related to a specific brand or submit a counterfeit report, certain information is shared with that brand, such as:

  • Scan events (time, approximate location, code outcome).
  • Details you choose to provide in a counterfeit report (e.g., purchase location, photos, comments).

Brands use this information to verify authenticity, investigate suspicious activity, and protect consumers and their reputation.

5.2 With Service Providers

We use trusted third-party providers to help us operate the Services, such as:

  • Cloud hosting and data storage
  • Email and notification delivery
  • Analytics, logging, and performance monitoring
  • Customer support tools

These service providers are contractually bound to use personal data only as necessary to provide services to us and to protect it appropriately.

5.3 For Legal Reasons

We may disclose personal information if required to do so by law or in the good-faith belief that such action is necessary to:

  • Comply with a legal obligation, court order, or government request.
  • Protect and defend our rights or property.
  • Prevent or investigate possible wrongdoing or fraud in connection with the Services.
  • Protect the personal safety of users or the public.

5.4 Business Transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, personal information may be transferred as part of that transaction, subject to appropriate protections and continuity of this Privacy Policy or a similar standard.

6. Cookies and Similar Technologies

We may use cookies and similar technologies (such as local storage, pixels, or analytics tags) to:

  • Remember user preferences and sessions.
  • Analyze site traffic and usage patterns.
  • Improve user experience and security.

You can manage cookies via your browser settings, and some browsers allow you to block or delete cookies altogether. If you disable cookies, certain features of the Services may not function properly. For more details, see our Cookie Policy.

7. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including:

  • Providing the Services and supporting brand protection.
  • Meeting legal, regulatory, tax, or accounting requirements.
  • Resolving disputes and enforcing our agreements.

Scan events and counterfeit reports may be retained for extended periods to support brand protection, investigations, and legal compliance, subject to applicable law.

8. Data Security

We implement technical and organizational measures designed to protect personal information against unauthorized access, loss, misuse, alteration, or destruction. These measures include:

  • Encryption in transit (e.g., TLS/HTTPS) and, where appropriate, at rest.
  • Access controls, role-based permissions, and strong authentication for admin accounts.
  • Regular monitoring, logging, and security updates.

However, no system can be 100% secure. We cannot guarantee absolute security, but we are committed to maintaining industry-standard protections and responding promptly to any identified risks or incidents.

9. International Data Transfers

Depending on where you are located and where our infrastructure or service providers are based, your personal information may be transferred to and processed in countries other than your own.

Where required by law, we use appropriate safeguards (such as standard contractual clauses or similar mechanisms) to protect personal data when it is transferred across borders.

10. Your Rights and Choices

Your rights may vary depending on your jurisdiction, but may include:

  • Access – Request a copy of the personal data we hold about you.
  • Correction – Ask us to correct inaccurate or incomplete information.
  • Deletion – Request deletion of personal data, subject to legal and contractual limitations.
  • Restriction – Ask us to restrict certain processing, for example while a complaint is investigated.
  • Objection – Object to processing based on legitimate interests, including certain profiling.
  • Portability – Request a copy of your data in a structured, commonly used, machine-readable format where technically feasible.
  • Withdraw consent – Where processing is based on consent, you may withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

To exercise your rights, contact us at privacy@verifexglobal.com. We may need to verify your identity before fulfilling your request.

You also have the right to lodge a complaint with a data protection authority if you believe our processing violates applicable law.

11. Children's Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under that age.

If you believe a child has provided us with personal information, please contact us so we can take appropriate steps to delete such information where required.

12. Third-Party Links and Services

Our website and verification pages may contain links to third-party websites, services, or content. We are not responsible for the privacy practices or content of those third parties.

We encourage you to review the privacy policies of any third-party services you access.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.

When we make material changes, we will:

  • Update the "Last updated" date at the top of this page, and
  • Take additional steps required by law, such as notifying registered users or posting a prominent notice on our website.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

By continuing to use Verifex after any updates to this Privacy Policy, you acknowledge and agree to the revised terms.

Questions About Privacy?

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@verifexglobal.com