Legal center

Privacy policy

This page explains how Versalist handles personal information, product usage data, and security-related records needed to run the platform responsibly.

Legal centerContact legal
Focus
Data handling
What we collect, why we collect it, and who processes it.
Model
Minimum necessary
Collection should map to a real product or security need.
Requests
Privacy support
Reach out when a compliance, deletion, or access issue needs review.

Overview

The privacy policy exists to explain what data enters the system and why.

Versalist collects the minimum data needed to operate accounts, protect the platform, improve product quality, and deliver paid or enterprise functionality. We do not position the product around selling user data.

When a route or feature needs more context, such as API keys, usage analytics, or challenge traces, the page should make that dependency legible. Privacy should not be hidden behind abstract legal wording.

Information we collect

Data collection maps directly to account operation, product delivery, and safety review.

  • Account identifiers such as name, email, and authentication metadata.
  • Usage records such as challenge attempts, workspace activity, prompt history, and product interactions.
  • Technical information such as device, browser, approximate session diagnostics, and security logs.
  • Billing and subscription metadata handled through integrated payment infrastructure.

How we use information

The platform uses collected data to run the product, secure the product, and improve the product.

  • Operate authentication, billing, certificates, progress tracking, and saved workspaces.
  • Detect abuse, protect protected routes, and investigate suspicious or harmful activity.
  • Improve evaluation quality, recommendation quality, and feature reliability.
  • Communicate critical account, billing, product, or security information.

Sharing and processors

Data may be processed by infrastructure and service providers necessary to operate the product.

Versalist may share data with subprocessors that provide hosting, analytics, authentication, payments, communications, or product infrastructure. Those providers act to support the service, not to acquire independent rights over user data.

Information may also be disclosed when legally required, during a business transition, or when necessary to enforce platform safety and contractual obligations.

User controls and requests

Users can request help with access, correction, deletion, or policy clarification.

Depending on jurisdiction and account type, users may request access to their information, correction of inaccurate data, deletion of stored information, or clarification about how specific feature data is handled.

The fastest route for privacy-specific requests is the contact address listed below. Enterprise customers may also work through their assigned contact.

Security posture

Security measures exist to reduce unauthorized access, misuse, or accidental disclosure.

Versalist uses technical and organizational safeguards appropriate to the service, including transport security, access control, platform monitoring, and provider-level protections where applicable.

No public internet service can honestly promise perfect security. What matters is having reasonable controls, clear ownership, and a direct channel when customers need answers.