Privacy Policy

This Privacy Policy describes how Shajins Group LLC (“RefVerify”, “we”, “us”, or “our”) collects, uses, and protects your information when you use the RefVerify service at https://refverify.com/ (the “Service”).

Shajins Group LLC is a limited liability company registered in Cheyenne, Wyoming, United States. By using the Service, you consent to the practices described in this Policy.

1. Information We Collect

We collect only what is necessary to operate RefVerify:

• Account information. When you sign in via Google or Microsoft (through our authentication broker, Shajins Passport), we receive your email address and a unique account identifier. We do not store your password — authentication is handled by Google, Microsoft, or Shajins Passport.
• Verification content. The reference text you submit for verification is processed in order to return a result. We retain submitted references and their results for up to 90 days in your verification history, after which they are automatically deleted.
• Usage data. We log basic usage information such as verification counts, timestamps, IP address, and user agent for security, abuse prevention, and capacity planning.
• Billing metadata. When you purchase credits, we store the credit pack purchased, the amount, and a Stripe transaction reference. We do not store your full credit card number, CVV, or banking details — those are handled directly by Stripe.

2. How We Use Your Information

• To provide reference verification results.
• To maintain your credit balance and verification history.
• To process payments and send credit-purchase confirmations.
• To send transactional emails (e.g. welcome, receipt, account notices).
• To detect, investigate, and prevent abuse, fraud, and security incidents.
• To comply with applicable legal obligations.

We do not sell, rent, or trade your personal information to third parties. We do not use your verification content to train any AI model.

3. Service Providers (Sub-Processors)

RefVerify relies on the following service providers to operate. Each receives only the data needed to perform its function:

• Our AI verification engine — powers the reference verification logic. The reference text you submit is sent to our AI provider for processing. Our AI provider is contractually prohibited from using API inputs to train its models.
• Stripe, Inc. — payment processor for credit pack purchases. Card data is collected and stored by Stripe directly under their security and privacy controls. See Stripe’s Privacy Policy.
• Our transactional email provider — delivers receipts and account notifications on our behalf.
• Cloudflare, Inc. — DNS, CDN, and edge security. Cloudflare may process IP addresses and request metadata for security purposes. See Cloudflare’s Privacy Policy.
• Google LLC and Microsoft Corporation — identity providers used for sign-in (only when you choose them).
• Shajins Passport — our shared authentication broker (operated by Shajins Group LLC). It receives your email and account identifier from Google or Microsoft and issues session tokens to RefVerify.

4. Data Retention

• Verification jobs and submitted references: up to 90 days, then automatically deleted.
• Account information and credit balance: retained for as long as your account exists. Credits do not expire.
• Billing records: retained for the period required by U.S. tax and accounting law (typically 7 years).
• Server logs: retained for up to 90 days for security and debugging.

5. Your Rights

You may, at any time, request to:

• Access the personal information we hold about you.
• Correct inaccurate information.
• Delete your account and associated data.
• Export a copy of your data.
• Withdraw consent for non-essential processing.

To exercise any of these rights, email support@refverify.com from the email address associated with your account. We will respond within a reasonable timeframe consistent with applicable law.

6. Security

We use HTTPS/TLS for data in transit, encrypted database storage, scoped credentials for service providers, and standard web-application security practices. No system is perfectly secure; you use the Service at your own risk.

7. Children’s Privacy

RefVerify is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact support@refverify.com and we will delete it.

8. International Users

RefVerify is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the United States, which may have different data-protection laws than your country of residence.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest revision. Material changes will be communicated via email or a notice on the Service.

10. Governing Law

This Policy is governed by the laws of the State of Wyoming, United States, without regard to its conflict-of-laws rules. Any dispute arising from this Policy or the Service shall be resolved in the state or federal courts located in Wyoming, USA.

11. Contact

Shajins Group LLC
Cheyenne, Wyoming, United States
Email: support@refverify.com