Privacy

Transparent by design. Minimal by default.

What Vera Collects

Vera captures the minimum data needed to produce meaningful integrity evidence:

Process names, file paths, and publisher signatures — identifies what software was running
Loaded kernel driver inventory — surfaces drivers operating at the highest privilege level
Integrity posture flags — Secure Boot, HVCI, and testsigning status
Session timing and duration — establishes when activity occurred
Anonymous device identifiers — links sessions to hardware without personal info

What Vera Does NOT Collect

No keystrokes, mouse input, or controller data
No screenshots, screen recordings, or webcam capture
No personal files, documents, or browsing history
No network traffic inspection or packet capture
No memory scanning, code injection, or game modification

You Control Visibility

Every session starts private. Creators choose whether to make their profile public. Public profiles show game sessions, findings, and proof links. Private sessions are never exposed — even to Vera staff. You can toggle visibility at any time from your creator dashboard.

Data Retention

Session data for public proofs is retained indefinitely so proof links remain verifiable. Private sessions can be deleted by the creator at any time. Device provisioning tokens expire after use and are not stored long-term.

Third-Party Services

Vera uses AWS for cloud storage and database hosting, Vercel for web hosting, and Resend for magic-link authentication emails. No data is sold or shared with advertisers. No analytics trackers are embedded in the agent or web app.

← FAQSecurity →