Data Retention Policy

Scope

This policy applies to U.S. users of VeriLabz. We retain data to operate the platform, comply with legal obligations, and resolve disputes.

How can I comply with data privacy rules?

When you run a successful mission or challenge on VeriLabz, you will receive some personally identifiable information (PII) from your funders, which may include their email address and survey responses if applicable. Under VeriLabz’s Terms of Service and Privacy Policy, all executors are required to keep funder information confidential, except as strictly necessary to communicate with funders directly and fulfill challenge/mission requirements. No information provided by or about funders should be used for any other purpose without first receiving consent from the funder as required by applicable data privacy laws.

In addition, the European Union and United Kingdom’s General Data Protection Regulation (GDPR), and the California Privacy Rights Act (CPRA), provides citizens or residents of the European Economic Area (EEA), the UK, and California, with certain rights over their personal data. This includes a right to access, correct, delete, and restrict processing of their data and requires a “lawful basis” for collecting and retaining their personal information. Any successful project on VeriLabz may have funders that are EEA, UK, or California residents and handling of their funder information would be subject to GDPR or CPRA.

All executors and any collaborators with whom executors share funder personal information are required to comply with requirements and laws set forth in VeriLabz’s Privacy Policy. This includes being prepared to respond to funder requests to provide or delete their personal information stored or used off of VeriLabz’s site, including but not limited to any copies of funder surveys you’ve downloaded. We also urge executors to review the GDPR and CPRA rules and consider consulting with a lawyer for guidance on how these rules and other applicable data privacy regulations could directly affect them.

Typical retention periods

• Account records: retained while your account is active.
• Mission, application, payout, and audit logs: at least 7 years.
• Wallet and payment records: at least 7 years for compliance.
• Dispute records and evidence: retained while disputes are active, then archived.
• Support communications: typically 2 years.

Storage of uploaded files

Uploaded documents and attachments are stored while needed for verification, disputes, or platform operations. Resolved items may be deleted after 30–90 days depending on compliance needs.

Legal holds

We may retain data longer if required by law, regulation, or legal process.

Deletion requests

You may request deletion via the Help page. We will honor requests where possible, but certain records must be retained for compliance and audit purposes.

Updates

We may update this policy. Material changes will be posted on this page.