Privacy Policy
Last Updated: February 16, 2026
1. Introduction
Verifore Technologies LLC operates FileSworn, a secure evidence sharing platform. This Privacy Policy explains what data we collect, how we use it, how long we retain it, and your rights regarding your personal information.
By using FileSworn, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Email address (required for registration)
- Name (if you register via Google or Microsoft OAuth)
- Supabase Auth user ID (a unique identifier for your account)
- Authentication method (email/password, Google OAuth, or Microsoft OAuth)
2.2 Usage Data
To maintain chain of custody for legal evidence, we collect:
- IP address (for every file access event)
- Browser type and device information (user agent)
- Timestamp of every access event
- Pages visited and features used within the platform
This usage data is essential for forensic attribution and chain of custody documentation. It is used to generate access logs and FRE 902(13) certificates for legal proceedings.
2.3 Evidence Files
When you upload files to FileSworn, we store:
- Files (videos, images, audio) in encrypted Supabase Storage buckets
- File metadata: name, size, MIME type, upload timestamp
- SHA-256 hash (cryptographic fingerprint for integrity verification)
- Thumbnail previews for visual identification
- Expiration dates (Temporary Access files expire automatically; Preserved Evidence files are retained until released)
2.4 Payment Information
Payment processing is handled by Stripe. We do not store credit card numbers on our servers. We only store:
- Stripe customer ID (links your account to Stripe)
- Subscription plan (Essential, Professional, or Enterprise)
- Subscription status (active, past_due, canceled, etc.)
For information on how Stripe handles your payment data, see Stripe's Privacy Policy.
3. How We Use Your Information
We use the information we collect to:
- Provide the Service: Authentication, file storage, sharing, and watermarking
- Chain of Custody: Log access events with IP address, timestamp, and user agent for legal compliance
- Forensic Watermarking: Embed viewer email address in video playback for identity attribution
- Generate Certificates: Compile FRE 902(13) self-authenticating evidence certificates
- Billing: Manage subscriptions via Stripe
- Communication: Send service announcements, security notifications, and billing updates
- Platform Improvement: Analyze usage patterns to improve the Service (aggregated, anonymized data only)
We do NOT sell, rent, or share your personal information with third parties for marketing purposes.
4. Data Storage and Security
Storage Infrastructure:
- Files stored in private Supabase Storage buckets with encryption at rest
- Database protected by Row Level Security (RLS) policies
- All data transmitted over HTTPS/TLS
- Authentication managed by Supabase Auth with industry-standard security
- SHA-256 hashing verifies file integrity
Access Controls: Your files and data are accessible only to you and individuals you explicitly share with via share links. Verifore Technologies LLC staff do not access your files except when legally required (e.g., law enforcement requests with valid warrants) or to provide technical support at your request.
Security Measures: While we implement industry-standard security measures, no system is 100% secure. You are responsible for maintaining the security of your account credentials and for notifying us immediately if you believe your account has been compromised.
5. Data Retention
Temporary Access Files:
- Automatically deleted after expiration (24 hours, 48 hours, or 7 days based on your selection)
- Can be manually shredded at any time before expiration
- Deleted files cannot be recovered
Access Logs (Chain of Custody):
- Retained for 7 years for legal compliance purposes
- Include viewer identity, timestamp, IP address, user agent
- Cannot be deleted even if you delete your account (legal retention requirement)
Certificates:
- Retained for 7 years after generation
- Available for download even after the original file is deleted
Account Data:
- Retained while your account is active
- Retained for 30 days after you close your account (grace period)
- Permanently deleted after 30-day grace period, except for access logs and certificates (retained for 7 years)
Stripe Billing Records: Retained per Stripe's data retention policies. We do not control Stripe's retention practices.
6. Your Rights
You have the following rights regarding your personal data:
- Access: Request a copy of your personal data by emailing anthony@filesworn.com
- Correction: Update your account information at any time in your dashboard settings
- Deletion: Request account deletion (subject to legal retention requirements for access logs)
- Export: Download your files and certificates at any time
- Opt-Out: Unsubscribe from marketing emails (service emails cannot be opted out of while your account is active)
California Residents (CCPA): You have the right to know what personal information we collect, the right to delete your information (subject to legal exceptions), and the right to opt-out of the sale of your information. We do not sell your personal information.
EU Residents (GDPR): You have the same rights as listed above, plus the right to data portability and the right to object to processing. To exercise these rights, contact anthony@filesworn.com.
7. Third-Party Services
FileSworn uses the following third-party services to provide our platform:
- Supabase (authentication, database, storage): Privacy Policy
- Stripe (payment processing): Privacy Policy
- Vercel (hosting and content delivery): Privacy Policy
We do NOT use:
- Advertising networks
- Analytics tracking pixels (beyond basic server logs)
- Social media tracking pixels
- Third-party cookies for tracking
8. Cookies
FileSworn uses cookies for essential functionality only:
- Supabase Auth session cookies (required for authentication)
- Session cookies (required for maintaining your login state)
We do NOT use:
- Third-party tracking cookies
- Advertising cookies
- Analytics cookies (beyond essential server logs)
9. Children's Privacy
FileSworn is not intended for users under the age of 18. We do not knowingly collect personal information from minors.
If you believe we have inadvertently collected information from a minor, please contact us immediately at anthony@filesworn.com and we will delete that information.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email with 30 days advance notice.
The "Last Updated" date at the top of this page indicates when this policy was last revised. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.
11. Contact Information
Verifore Technologies LLC
Metairie, Louisiana 70001
For privacy questions or to exercise your rights, contact:
anthony@filesworn.com