Privacy Policy

Introduction

Vertica LLC ("we," "us," "our," or "Company") operates the VerticaIQ service. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our website, mobile applications, and related services (collectively, the "Service"). The Service is designed to provide business intelligence based on publicly available information, known as the VerticaIQ Score.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, do not use our Service. By accessing and using VerticaIQ, you acknowledge that you have read and understood this Privacy Policy.

Disclaimer: This Privacy Policy does not constitute legal advice. We recommend that you consult with a qualified attorney regarding your specific privacy obligations and rights under applicable law. Vertica LLC provides this policy as a guide to our practices and is not liable for any interpretation or application by third parties.

1. Overview: Public Data Collection and Processing

The VerticaIQ Score is computed entirely from publicly available business data that any member of the public can locate through online search or public records. We do not collect, process, or use any confidential, proprietary, private financial data, or information not readily accessible to the general public. The legal basis for our collection and processing of this public data rests on well-established principles of law: data that is publicly available and accessible to the general public carries no reasonable expectation of privacy and may be lawfully collected, aggregated, and analyzed.

This approach is consistent with landmark legal precedents including hiQ Labs, Inc. v. LinkedIn Corporation, 938 F.3d 985 (9th Cir. 2019), and United States v. Van Buren, 141 S. Ct. 1648 (2021), both of which establish that the collection of publicly available data does not violate the Computer Fraud and Abuse Act. Similarly, Associated Press v. Meltwater U.S. Holdings, Inc., 931 F. Supp. 2d 537 (S.D.N.Y. 2013), affirms that aggregating and analyzing publicly available information is a lawful exercise in content analysis and data processing.

2. Categories of Information We Collect

2.1 Information from Subscribers and Account Holders

When you create an account with VerticaIQ, request a Score report, or subscribe to our Service, we collect the following personal information:

• Name: Your full name, required for account creation and service delivery
• Email Address: Required for account management, authentication, billing communications, and delivery of Score reports
• Business Name: The business entity for which the Score is requested or managed
• Phone Number: Optional; collected only if voluntarily provided by you for account recovery or customer support purposes

We do not collect, request, or accept the following sensitive information: Social Security numbers, tax identification numbers, bank account details, credit card information (handled exclusively by our third-party payment processor), driver's license numbers, passport numbers, medical records, genetic data, or any biometric information.

2.2 Publicly Available Business Data

The VerticaIQ Score is constructed exclusively from publicly available information about your business that is already published online and accessible to the general public. This includes:

• Google Business Profile data, including ratings, review counts, profile completeness, photos, contact information, business hours, and customer response rates
• Review platform data from Google Reviews, Yelp, Facebook Reviews, Better Business Bureau (BBB), and similar public review sites
• Online business directories and listings (Yellow Pages, Thomasregister, industry-specific directories)
• Social media profiles and public social media activity (Facebook business pages, LinkedIn company pages, Twitter/X business accounts)
• Website content, performance metrics, security certificates (SSL/TLS status), and domain registration data
• Public records data, business registrations, and licensing information available through government or public sources
• News mentions, press releases, and publicly indexed web content related to your business

Important: This data is not private. It is the same information available to any member of the public who conducts an online search. Our collection and processing of this data does not involve accessing password-protected accounts, hacking, scraping in violation of terms of service, or circumventing any access controls. We process information that businesses have chosen to publish or that public agencies have made available.

2.3 Payment Information

We do not directly collect or store credit card numbers, bank account information, or other payment credentials. All payment processing is handled exclusively by Stripe, Inc., our third-party payment processor, which is compliant with the Payment Card Industry Data Security Standard (PCI-DSS). Stripe maintains all payment card information on their secure servers, and we receive only a payment confirmation and non-sensitive billing details (e.g., billing address, last four digits for reference). Stripe's privacy and security practices are governed by their own privacy policy, available at https://stripe.com/privacy.

2.4 Automatically Collected Information

When you access our Service, certain information is automatically collected through standard web technologies:

• IP address and Internet Service Provider (ISP) information
• Browser type, operating system, and device type
• Pages visited, time spent on each page, and clickstream data
• Referring website or application
• Access time and duration of your visit

This information is collected via cookies, web beacons, and similar tracking technologies. We use this data to understand user behavior, improve the Service, and for analytics purposes. You may disable cookies through your browser settings, though this may limit certain Service functionality.

3. Legal Basis for Processing

We process subscriber personal information under the following legal bases:

• Contract: To perform our obligations to you under our Terms of Use and service agreements
• Legitimate Business Interest: To operate the Service, improve our offerings, conduct business analytics, and prevent fraud
• Consent: As given by you when you opt in to optional communications (e.g., marketing emails)
• Public Data Processing: The legal basis for collecting, processing, and publishing aggregated business intelligence from public sources is the absence of a reasonable expectation of privacy in publicly available data, as established in the case law cited above

4. How We Use Your Information

4.1 Subscriber Personal Information

We use your personal information (name, email, business name) exclusively for the following purposes:

• Service Delivery: To generate, compile, and deliver your VerticaIQ Score reports according to your subscription plan or one-time request
• Account Management: To create and maintain your account, authenticate your identity, reset passwords, and process account-related requests
• Billing and Payment: To process payments, send invoices, manage subscriptions, and handle billing inquiries
• Service Communications: To send you transactional communications related to your account, including account confirmations, service updates, security alerts, and scheduled Score deliveries
• Customer Support: To respond to your inquiries, provide technical support, and resolve disputes
• Legal Compliance: To comply with applicable law, court orders, regulatory requests, and our legal obligations

4.2 What We Do Not Do

Your personal information is never used to compute, influence, or modify any VerticaIQ Score. Your name, email address, and account details play no role in the scoring algorithm. Scores are computed entirely from the publicly available business data described in Section 2.2. This separation between personal account information and scoring data is fundamental to our design and practice.

We do not use your information to:

• Engage in discriminatory or unfair business practices
• Sell, lease, or trade your personal information to data brokers, advertising networks, or third-party marketers
• Build profiles used to manipulate, deceive, or unfairly target you
• Sell or transfer personal information in the event of a merger, acquisition, or bankruptcy (personal data is deleted; only aggregated, non-identifiable business intelligence may be transferred)

4.3 Legitimate Business Use of Public Data

We may use aggregated, non-identifiable public business data (the data that comprises the VerticaIQ Score) for the following purposes:

• Computing and updating VerticaIQ Scores for our subscribers
• Conducting industry benchmarking and publishing anonymized industry trends
• Improving our scoring algorithms and data processing methods
• Detecting fraud, abuse, or unauthorized use of our Service

5. Business Outreach and Email Communications

5.1 Outreach Using Public Contact Information

In addition to managing subscriber accounts, we conduct outreach to local businesses using publicly available contact information (email, phone, mailing address) to offer our Service, provide business insights, and introduce VerticaIQ. This outreach is conducted in strict compliance with the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act, 15 U.S.C. § 7704) and the Telephone Consumer Protection Act (TCPA, 47 U.S.C. § 227) to the extent applicable.

5.2 CAN-SPAM Compliance

All commercial email messages sent by VerticaIQ include:

• Accurate and non-misleading subject line information
• Clear identification of the message as an advertisement or solicitation
• A valid physical postal address for Vertica LLC
• A clear and conspicuous mechanism to opt out or unsubscribe (unsubscribe link, reply instructions, or email address)
• Prompt processing of opt-out requests (within ten business days)

We maintain an internal do-not-contact list and cross-reference it against all outreach campaigns. Recipients who have requested not to receive further communications will not be contacted again.

5.3 No Pretexting or Deceptive Practices

All outreach communications clearly identify Vertica LLC as the sender and describe our Service honestly. We do not use false identities, misleading headers, or deceptive subject lines. Opt-out requests made through any method (email reply, unsubscribe link, direct email to our contact address) are honored.

6. Data Sharing and Disclosure

6.1 No Sale of Personal Information

Vertica LLC does not sell, rent, lease, or trade your personal information to any third party. We have never engaged in such practices, and we have no plans to do so. This applies universally across all applicable privacy laws, including the California Consumer Privacy Act, Colorado Privacy Act, Florida Digital Bill of Rights, Virginia Consumer Data Protection Act, and comparable statutes in other jurisdictions.

6.2 Service Providers and Data Processing Agreements

We share your personal information only with the following categories of service providers, who are contractually obligated to process your data exclusively for the purposes of providing services to us and to maintain the confidentiality and security of your information:

• Payment Processor: Stripe, Inc. (handles all payment card processing; see Section 2.3 for details)
• Email Delivery: Mailgun Technologies, Inc. (transactional emails: magic links, report-ready notifications, team invitations, billing receipts)
• Hosting & Storage: Netlify, Inc. (web hosting, CDN, serverless functions, and Netlify Blobs for report and profile data at rest)
• AI Report Generation: Anthropic PBC (Claude API) processes scraped business data to produce summaries, action items, and drafted review responses. No personally identifying information is sent — only business-presence data such as listing metadata, reviews, and public profile information.
• Business Data Enrichment: Google LLC (Places API and search rankings) and SerpAPI, LLC (local search results) are used to fetch public business listing information.
• Analytics: We use only privacy-conscious, cookie-light analytics. Where used, analytics tools may collect aggregated, non-identifying device information (IP address, browser type, referrer) for service performance monitoring. We do not enable cross-site tracking or advertising audiences.

All service providers are required to execute Data Processing Agreements that:

• Restrict their use of your data to providing the contracted services only
• Prohibit them from selling, disclosing, or sharing your data with other third parties
• Require them to maintain administrative, physical, and technical safeguards
• Require them to cooperate with our compliance and audit obligations

6.3 Legal Disclosure and Regulatory Compliance

We may disclose your personal information if required by law or legal process, including in response to court orders, subpoenas, government investigations, or national security requests. We may also disclose information if we reasonably believe disclosure is necessary to:

• Comply with applicable laws, regulations, or court orders
• Protect the safety, rights, or property of Vertica LLC, our users, or the public
• Detect, prevent, or address fraud, security, or technical issues
• Enforce our Terms of Use and other agreements

Where legally permissible, we will provide you with notice of such disclosure, unless we are legally prohibited from doing so.

6.4 No Data Broker Activity

Vertica LLC is not a data broker. We do not compile, retain, buy, receive, or sell personal information about consumers for the purpose of furnishing that information to third parties. Any sharing of information is limited to the service provider relationships described above.

7. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (Cal. Civ. Code § 1798.100 et seq.):

7.1 Right to Know

You have the right to request that we disclose:

• What categories of personal information we have collected about you
• The sources from which we collected that information
• The purpose for which we collected it
• The categories of third parties with whom we share that information

7.2 Right to Delete

You have the right to request deletion of personal information we have collected from you, subject to certain exceptions (e.g., information needed to complete a transaction, comply with law, or exercise other legal rights).

7.3 Right to Opt-Out of Sale or Sharing

Although we do not sell personal information, you have the right to opt out of any hypothetical future sale. This right is exercised automatically by our policy of not selling.

7.4 Right to Non-Discrimination

We will not deny you goods or services, charge different prices, or provide different quality of service based on your exercise of these rights.

7.5 How to Exercise CCPA Rights

To exercise any of the above rights, please email us at info@verticaiq.com with your request. Please include:

• Your full name and email address associated with your account
• A clear description of what you are requesting
• Any additional information needed to identify you (e.g., account ID)

We will respond to your request within forty-five (45) days of receipt. If we need more time, we will notify you and explain the reason. We may also verify your identity before processing your request.

8. Florida Digital Bill of Rights (FDBR) Compliance

As of July 1, 2024, Florida residents enjoy new privacy rights under the Florida Digital Bill of Rights (Fla. Stat. § 501.701 et seq.). These rights include:

• Right to Know: The right to request what personal information we collect, use, retain, and share
• Right to Delete: The right to request deletion of personal information collected from you
• Right to Correct: The right to correct inaccurate personal information
• Right to Access: The right to obtain and review the personal information we maintain about you
• Right to Opt-Out of Processing: The right to opt out of the processing of personal information for targeted advertising, sale of personal information, or profiling

To exercise any of these rights, please contact us at info@verticaiq.com. We will respond within forty-five (45) days. The FDBR also provides that if you believe we have violated your rights, you may file a complaint with the Florida Attorney General.

9. Colorado Privacy Act (CPA) Compliance

If you are a Colorado resident, you have the following rights under the Colorado Privacy Act (Colo. Rev. Stat. § 6-1-1301 et seq.):

• Right to know what personal information we collect and how we use it
• Right to delete personal information collected from you
• Right to correct inaccurate personal information
• Right to opt out of targeted advertising and sale of personal information
• Right to obtain a copy of the personal information we have collected from you

To exercise these rights, contact us at info@verticaiq.com. We will respond within forty-five (45) days.

10. Data Retention and Deletion

10.1 Active Subscriber Accounts

We retain your personal account information (name, email, business name, phone) for as long as your account is active or as necessary to provide you the Service. This includes retention necessary to maintain your subscription, process billing, and comply with legal or tax obligations.

10.2 Account Deletion

If you wish to delete your account and associated personal information, please email info@verticaiq.com with a written request to delete your account. We will delete your personal information within thirty (30) days of receiving a verified deletion request. Note that we may retain aggregated, de-identified data and backup copies for limited periods as required by law or legitimate business operations.

10.3 Public Business Data Retention

The publicly available business data used in VerticaIQ Scores (public listings, reviews, ratings, etc.) may be retained for longer periods for purposes of benchmarking, trend analysis, and aggregated business intelligence. This data is retained in non-identifiable, aggregated form and is not linked to your personal account information.

10.4 Legal Hold and Compliance

Notwithstanding the above, we may retain your personal information if necessary to comply with law, enforce our agreements, or respond to legal process.

11. Information Security

11.1 Security Measures

Vertica LLC employs industry-standard administrative, physical, and technical safeguards to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS) 1.2 or higher
• Secure Hosting: Our Service is hosted on Netlify's enterprise-grade infrastructure with redundant security controls, firewalls, and intrusion detection systems
• Access Controls: Access to personal information is restricted to authorized personnel on a need-to-know basis. All staff with access to personal data are required to maintain confidentiality
• Authentication: We require strong password practices and, where applicable, multi-factor authentication for account access
• Payment Security: Payment card data is processed exclusively by Stripe, which is PCI-DSS Level 1 certified

11.2 Limitations and No Absolute Guarantee

While we implement robust security measures, no system is absolutely secure. No method of transmission over the Internet or electronic storage is 100% secure. Although we take reasonable steps to protect your information, we cannot guarantee absolute security. Any transmission of data is at your own risk. You are responsible for maintaining the confidentiality of your account credentials.

11.3 Data Breach Notification

In the unlikely event of a security breach that compromises your personal information, we will:

• Notify affected individuals without unreasonable delay and, where required by law, within seventy-two (72) hours of discovery
• Provide notice in writing, by email, or by telephone (if we have your phone number)
• Include a description of the breach, the types of information involved, and steps we are taking to remediate the issue
• Notify relevant regulatory authorities as required by applicable law

12. Children's Privacy and COPPA Compliance

The VerticaIQ Service is not intended for children under the age of thirteen (13), and we do not knowingly collect personal information from children under thirteen. If we become aware that we have collected personal information from a child under thirteen, we will promptly delete such information. The Children's Online Privacy Protection Act (COPPA, 15 U.S.C. § 6501 et seq.) imposes requirements on operators of online services directed at children under thirteen. VerticaIQ is a business intelligence tool designed for business owners and decision-makers, and is not directed at children. If you believe we have inadvertently collected information from a child under thirteen, please contact us immediately at info@verticaiq.com.

13. International Users and GDPR Notice

13.1 Geographic Scope

VerticaIQ is operated from the United States and is intended primarily for users located in the United States. If you access our Service from outside the United States, you do so at your own risk and are responsible for compliance with your local laws.

13.2 European Union / General Data Protection Regulation (GDPR)

If you are located in the European Union, United Kingdom, or European Economic Area, the General Data Protection Regulation (GDPR) may apply to our processing of your personal information. Our legal basis for processing personal information from EU residents includes:

• Contractual Necessity: Processing necessary to fulfill our contract with you for the provision of the Service
• Legitimate Interests: Processing for our legitimate business interests in providing and improving the Service, preventing fraud, and ensuring security
• Consent: Where we have obtained your explicit consent for specific processing activities (e.g., marketing emails)
• Lawful Basis for Public Data: Our processing of publicly available business data is based on the absence of a reasonable expectation of privacy in data that has been made public by businesses or government agencies

If you are an EU resident, you have the right to:

• Request access to your personal data
• Request correction of inaccurate data
• Request erasure ("right to be forgotten")
• Request restriction of processing
• Object to processing
• Request portability of your data
• Lodge a complaint with your supervisory authority

To exercise these rights, please contact us at info@verticaiq.com. Our data controller contact information is provided at the end of this policy.

14. Third-Party Links and Services

Our Service may contain links to third-party websites and applications, including social media platforms, payment processors, and business data sources. We are not responsible for the privacy practices of third-party services. We encourage you to review the privacy policies of any third-party services before providing your information. Your use of third-party services is governed by their privacy policies, not this one.

15. Your Privacy Rights Summary

To summarize, you have the right to:

• Know what personal information we collect and how we use it
• Request access to and a copy of your personal information
• Request correction or amendment of inaccurate information
• Request deletion of your personal information
• Opt out of any sale of your personal information (though we do not sell)
• Opt out of targeted advertising (where applicable)
• Withdraw consent at any time for optional communications

To exercise any of these rights, contact us at info@verticaiq.com.

16. Changes to This Privacy Policy

Vertica LLC may update this Privacy Policy from time to time to reflect changes in our practices, technology, applicable law, or other factors. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date at the top of this page. Your continued use of the Service following the posting of changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

17. Contact Information and Data Controller

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your privacy rights, please contact us:

Vertica LLC
Email: info@verticaiq.com
Address: United States
Service: VerticaIQ (Business Intelligence Platform)

We will respond to your inquiries within five (5) business days of receipt. If you are not satisfied with our response, you may have the right to lodge a complaint with your local privacy regulatory authority.

18. Legal Disclaimers and Governing Law

This Privacy Policy does not constitute legal advice. The information contained herein is provided for informational purposes only and should not be construed as legal counsel. Vertica LLC is not a law firm, and nothing in this policy should be interpreted as creating an attorney-client relationship. We strongly recommend that you consult with a qualified attorney regarding your specific privacy obligations, rights, and compliance requirements under applicable law.

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Florida, United States, without regard to conflict of law principles. Any legal action or proceeding shall be brought exclusively in the state or federal courts located in Florida, and you irrevocably consent to the jurisdiction and venue of such courts.

Copyright Notice: This Privacy Policy is the exclusive property of Vertica LLC and is protected by copyright law. Unauthorized reproduction, distribution, or use is prohibited.

Last Updated: April 2026