Our position on privacy: Verif-AI handles two very different kinds of data — the personal account information you give us when you sign up, and the public company-register information published by Companies House. This page explains how we treat each one, what your rights are, and how to contact us.
1. Who we are
Verif-AI is owned and operated by KAISARK INNOVATIONS LTD ("we", "us", "our"). For the purposes of UK GDPR, KAISARK INNOVATIONS LTD is the data controller for the personal information we hold about Verif-AI users.
2. What we collect
We separate the data we hold into two clear groups:
2.1 Your account data
When you create a Verif-AI account we collect only what we need to give you access and keep the account secure:
- Identity: your name, the email address you sign up with, and a one-way hashed password (we never store the password itself).
- Usage and security logs: the searches you run, the pages you visit, your IP address and browser type — kept so we can investigate abuse, fix bugs, and bill correctly.
- Session cookies: the small number of cookies we need to keep you logged in.
2.2 Companies House public register data
Verif-AI republishes information about UK companies, their officers and their Persons with Significant Control (PSCs). This information is filed by companies themselves at Companies House and is required by law to be publicly available under the Companies Act 2006.
We obtain it through the official Companies House API and bulk feeds, under the Open Government Licence v3.0. The fields we mirror include:
- Full statutory name and active role (e.g., Director, Secretary, PSC).
- Historical timelines (appointment and resignation metrics).
- Partial date of birth constraints (we strictly limit display to month and year; full birth dates are never held or exposed).
- Declared nationality, country of residence, and professional occupation.
- Corporate network mapping (cross-referenced company associations).
- Registered service address (we never extract, hold, or display residential home addresses).
Note: We do not harvest this data directly from you. It is legally filed by companies at Companies House, as mandated by the UK Government.
3. Why we use it
3.1 Account data
- To give you access to Verif-AI and keep your account secure.
- To verify your login, manage your credit balance and bill you correctly.
- To improve the product and fix issues.
- To send service notifications, and (only with your explicit opt-in) occasional product updates.
3.2 Companies House data
- To make UK company information easier to search, read and act on.
- To support credit, KYC and counterparty due diligence by businesses, accountants, solicitors and investors.
- To highlight patterns that may indicate fraud or money laundering risk.
4. Our legal basis under UK GDPR
4.1 For your account data
- Contract (Art 6(1)(b)): we need this data to provide the Verif-AI service you signed up for.
- Legitimate interest (Art 6(1)(f)): to protect our service from abuse and to keep it running reliably.
- Consent (Art 6(1)(a)): for any non-essential marketing email, which you can withdraw at any time.
4.2 For Companies House data
- Public task (Art 6(1)(e)): we are republishing data from a statutory register that UK law requires to be made publicly available (Companies Act 2006, ss.1085-1087).
- Legitimate interest (Art 6(1)(f)): there is a clear public benefit in making this information easier to search and analyse, and the data is already public by law. We document our legitimate interest assessments and review them regularly.
5. Erasure and the right to be forgotten
You can ask us to erase the personal data we hold about your account at any time, and we will. The position is different for the Companies House public register data we republish.
Under UK GDPR Article 17(3)(b), the right to erasure does not apply where processing is required "for compliance with a legal obligation... or for the performance of a task carried out in the public interest." Because the Companies Act 2006 requires Companies House data to remain publicly available, we generally cannot remove or hide individual public register records on request.
5.1 The privacy guardrails we apply by default
- Service addresses only: every officer record on Verif-AI shows the official service (correspondence) address that already appears on the Companies House public register. We do not display residential addresses.
- Partial dates of birth: we show director dates of birth as month and year only, exactly as Companies House publishes them.
- No facial recognition, no biometrics, no behavioural profiling: we do not collect or generate any of these.
5.2 Tiered Access to Historical Officer Records (Bulk Prod195)
Verif-AI ingests the Companies House Bulk “Directors / LLP Members Snapshot” (Prod195) so we can maintain career-long director intelligence across the full UK register. A subset of historical Prod195 records — specifically those filed before the residential / service address split was introduced — carry residential addresses that are not exposed on the public Companies House website.
Verif-AI's posture on these residential addresses is store everything, expose nothing without lawful basis:
- By default, every API response and every page in the Verif-AI app shows residential address fields as
null with an explicit address_redacted: true flag.
- Access is gated by a per-account permission flag (
can_access_private_addresses) that defaults to false for every new user. The flag can only be enabled by a Verif-AI administrator after the requesting party documents a legitimate interest (e.g. statutory debt recovery, court-ordered service, regulated KYC). Each grant is audit-logged.
- Even authorised callers receive the data through a server-side SQL filter — the residential columns are replaced with
NULL at the database layer for unauthorised callers, so the data cannot leak via crash dumps, error logs or telemetry.
- If you are a director and you would prefer your historical Prod195 record removed from Verif-AI's authorised access tier entirely, contact privacy@verif-ai.co.uk. We honour every reasonable request within thirty days.
5.3 Section 1088 Address Suppression (Safety Exemptions)
If you face a genuine risk of intimidation or violence and require your service address hidden, you must apply directly to Companies House for suppression under Section 1088 of the Companies Act. Once approved, the official register will update, and Verif-AI will mirror the suppression at the next bulk-feed sync.
Initiate the process here: gov.uk — Apply for Address Suppression (Form SR01)
5.4 Register Corrections
Verif-AI is a reflection of the master register. If your statutory data is incorrect, you must file a correction with Companies House. Once the master record updates, our sync will pick up the change at the next bulk-feed run. File corrections via: gov.uk — File Changes.
6. How long we keep data
- User accounts: kept while your account is active. After you ask us to delete it, we hold the record for up to 30 days (so you can recover the account if you change your mind), then permanently delete it.
- Usage logs: automatically deleted after 90 days.
- Security audit logs: kept for 24 months so we can investigate fraud, abuse and compliance questions.
- Companies House register data: kept indefinitely, in line with how Companies House itself publishes it. Records of dissolved companies and former directors remain searchable so the historical register stays complete.
7. Your rights
UK GDPR gives you a number of rights over the personal data we hold on your account:
- Access (Art 15): ask for a copy of the data we hold about you.
- Rectification (Art 16): ask us to correct anything that is inaccurate.
- Erasure (Art 17): ask us to delete your account and the personal data linked to it.
- Restriction / objection (Art 18 & 21): ask us to stop or limit certain uses of your data.
- Portability (Art 20): ask for your data in a structured format (JSON or CSV) so you can take it elsewhere.
You can use most of these directly from the Privacy Dashboard in your account settings, or by contacting us using the details below.
8. Cookies
We use a small number of essential cookies to keep you logged in. To support our free tier, we also serve Google AdSense, which sets its own cookies to show relevant ads. For full details and opt-out options, see our Cookie Policy.
9. Contact and complaints
For any privacy question, or to exercise the rights above, please email support@verif-ai.co.uk.
If you are unhappy with how we have handled your data, you have the right to complain to the Information Commissioner's Office (ICO):