Legal & Privacy

VERVE CLOUD, INC.

PRIVACY POLICY

LAST UPDATED: March 9, 2026

 

This Privacy Policy (“Policy”) describes how Verve Cloud, Inc. and its affiliates (collectively “Verve”, or “us”, or “our” or “we”) collects and processes information about you when you visit our website https://vervecloud.com/ (“Website”), or use our services (collectively with the Website, the “Services”).  Data protection laws in certain U.S. states, including the California Consumer Privacy Act (“CCPA”), require us to provide consumers with a privacy policy that contains a comprehensive description of our online and offline practices regarding our collection, use, disclosure, and retention of their personal information, along with a description of the rights they have regarding their personal information. This Policy provides the information the CCPA requires, together with other useful information regarding our collection and use of personal information. We collect and use your personal information as described in this Policy. This Policy provides notice to consumers, at or before the time of collection of consumers’ personal information, of the categories of personal information we collect from them, the business purposes for which those categories of personal information will be used and whether the information is sold or shared.

PLEASE READ THIS POLICY CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR PERSONAL INFORMATION. IF YOU DO NOT AGREE TO THIS POLICY, PLEASE DO NOT ACCESS OUR WEBSITE OR SERVICES. 

 

     1.     CATEGORIES OF INFORMATION WE COLLECT

 

We collect and use information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). Personal information does not include:

  • Publicly available information, including from government records, through widely distributed media, or that the consumer made publicly available without restricting it to a specific audience.
  • Lawfully obtained, truthful information that is a matter of public concern.
  • Deidentified or aggregated consumer information.

We collect and process personal information on behalf of our customers who use our Services, and those customers act as the data controllers that determine the purposes and means of processing. In the course of Verve’s processing and protection of such data, all use will be in conformity with the data controller’s instructions. Verve also collects and uses personal information on its own behalf and acts as the controller of such data. The following list contains the categories of information that we may collect and that we have collected from consumers over the last 12 months.  

  • Identifiers: such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, and telephone number.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”): such as name, address, telephone number, credit card number, debit card number, or any other financial information. 
  • Professional or employment-related information: such as current or past job history; performance evaluations; resume; cover letter; work-related licenses, permits and certifications; reference information; compensation information or background check information. You are responsible for providing any notices and obtaining any consents necessary for us to collect and use personal information of your references as described in this Policy.

Sensitive Personal Information 

Sensitive personal information is a subtype of personal information consisting of the specific information categories listed below. The list below identifies which sensitive personal information categories, if any, we have collected from consumers in the last 12 months. We use sensitive personal information only for purposes permitted by the CCPA and its regulations and do not use sensitive personal information to infer characteristics about consumers.

  • Complete account access credentials, such as usernames, account logins, account numbers, or card numbers combined with required access/security code or password.

Cookies and Tracking Technologies 

The term “cookie” refers to files that are placed on your computer or mobile device by websites and mobile applications that you visit or use. At this time, Verve does not use cookies or similar tracking technologies on our Services.

 

     2.     SOURCES OF PERSONAL INFORMATION

 

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you when you create an account, contact support, or submit information through forms or other interactions with our Services.
  • Indirectly from you, such as from your interactions with our Website, Services, and mobile application. 
  • From our service providers that support the operation of our platform, such as providers that assist with hosting infrastructure, authentication or account management, messaging delivery services, and other technical functions necessary to operate the Services. 

 

     3.     PURPOSE FOR COLLECTING PERSONAL INFORMATION

 

Your personal information is collected for specified, legitimate purposes and not processed further in ways incompatible with those purposes. Collected personal information is relevant to and not excessive for the purposes for which it is collected and used. We may use your personal information for the following purposes:

  • To develop, operate, and provide our Services, including our cloud-based communication and messaging platform and related features.
  • To facilitate communications transmitted through the platform, such as routing calls and messages, transmitting images attached to chat or MMS messages, and maintaining message history where applicable.
  • To manage your consumer relationship with us, including online account creation, account access, maintenance, and customer support.
  • Meet our obligations and enforce our rights arising from any contracts with you, including for billing or collections, or to comply with legal requirements.
  • Fulfil the purposes for which you provided your personal information or that were described to you at collection, and as applicable law otherwise permits.
  • Improve our Services, marketing, or customer relationships and experiences.
  • Notify you about changes to our Services.
  • Administer our systems and conduct internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes.
  • Enable your participation in our Website’s or mobile apps’ interactive features.
  • Protect our company, employees, or operations.
  • Perform analytics to monitor, maintain, and improve the performance and functionality of our Services, such as analyzing system usage patterns, service reliability, and platform performance.
  • Administer and maintain our systems and operations, including for safety purposes.
  • Engage in corporate transactions requiring review of consumer records, such as for evaluating potential mergers and acquisitions.
  • Comply with all applicable laws and regulations.
  • Exercise or defend our legal rights or the legal rights of our employees, affiliates, customers, service providers, and agents. 
  • Respond to law enforcement requests and as required by applicable law or court order.

 

Sensitive Personal Information Use and Disclosure Purposes

We may use or disclose sensitive personal information for the following reasons permitted by the CCPA and its regulations (“Permitted SPI Purposes”):

  • Performing actions that are necessary for our consumer relationship and that an average consumer in a relationship with us would reasonably expect. 
  • Preventing, detecting, and investigating security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information. 
  • Defending against and prosecuting those responsible for malicious, deceptive, fraudulent, or illegal actions directed at us. 
  • Services performed for us, including maintaining or servicing accounts, processing or fulfilling transactions, verifying consumer information, processing payments, or providing financing, analytic services, storage, or similar services. 
  • Activities required to verify or maintain the quality or safety of a product, service, or device that we own, manufacture, had manufactured, or control, or improve, upgrade, or enhance the service or device that we own, manufacture, had manufactured, or controlled. 

We do not use or disclose sensitive personal information for purposes other than the Permitted SPI Purposes. 

 

Additional Categories or Other Purposes

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose.

We may collect, process, and disclose aggregated or de-identified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not to attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.

 

     4.     PERSONAL INFORMATION DISCLOSED FOR BUSINESS PURPOSES

 

We may disclose the personal information we collect, including sensitive personal information, to third parties for the business purposes described in the Purpose for Collecting Personal Information section above and in the table below, such as to engage third parties to support our business functions. For example, we may disclose relevant account or communication information to a cybersecurity consultant to help investigate suspected fraudulent activity, unauthorized access, or other misuse of the platform. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, prohibit using the disclosed information for any purpose except performing the contract, and meet the CCPA’s other contract requirements for engaging service providers or contractors. 

The chart below identifies the categories of entities to whom we have disclosed our consumers’ personal information for a business purpose over the preceding 12 months, along with the personal information categories disclosed and the disclosure’s business purposes.

 

Category of Business Purpose Disclosure Recipients Personal Information Categories Disclosed Sensitive Personal Information Categories Disclosed Business Purpose Disclosures
Cloud Hosting and Infrastructure Providers A. Identifiers. None To host, maintain, and operate the Verve platform and related systems.
Customer Support and Technical Service Providers A. Identifiers.
B. California Customer Records.		 L.2. Complete account access credentials (when necessary to assist with account access or troubleshooting) To support customers with using our Services, including online account management and troubleshooting.
Customer Feedback and Email Marketing Providers A. Identifiers.
B. California Customer Records.		 None To collect customer satisfaction feedback and analyze consumer experiences.
To send marketing communications, newsletters, and product updates to consumers who have opted in to receive such communications.
Security and Fraud Prevention Service Providers A. Identifiers. L.2. Complete account access credentials (when necessary to investigate security incidents) To monitor and maintain the security and integrity of the platform and investigate potential fraud, misuse, or security incidents.
Payment Processing Providers A. Identifiers.
B. California Customer Records.		 L.2. Complete account access credentials or financial account information (if applicable) To process credit card transactions and complete purchases made through our services.

 

     5.     PERSONAL INFORMATION SOLD OR SHARED

 

We do not sell your personal information, including sensitive personal information, to third parties and have not sold it in the preceding 12 months. We do not share your personal information with third parties for cross-context behavioral advertising purposes and have not shared your personal information in the preceding 12 months. 

 

     6.     YOUR RIGHTS AND CHOICES

 

Right to Know and Data Portability Requests

You have the right to request that we disclose certain information to you about our collection and use of your personal information (the “right to know”), including the specific pieces of personal information we have collected about you. Once we receive your request and confirm your identity (see How to Exercise Your Rights), we will disclose to you:

  • The categories of:  
    • personal information we collected about you; and
    • sources from which we collected your personal information.
  • The business or commercial purpose for collecting your personal information and, if applicable, selling or sharing your personal information.
  • If applicable, the categories of persons, including third parties, to whom we disclosed your personal information, including separate disclosures identifying the categories of your personal information that we:
    • disclosed for a business purpose to each category of persons; and
    • sold or shared to each category of third parties.
  • When your right to know submission includes a data portability request (the “right to data portability”), a copy of your personal information subject to any permitted redactions.

Right to Delete and Right to Correct

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions and limitations (the “right to delete”). Once we receive your request and confirm your identity, we will delete your personal information from our systems unless an exception allows us to retain it. We will also notify our service providers to take appropriate action.

You also have the right to request correction of personal information we maintain about you that you believe is inaccurate (the “right to correct”). We may require you to provide documentation, if needed, to confirm your identity and support your claim that the information is inaccurate. Unless an exception applies, we will correct personal information that our review determines is inaccurate and notify our service providers to take appropriate action. 

Right to Limit Sensitive Personal Information Use and Disclosure to Permitted SPI Purposes

You have a right to ask businesses that use or disclose your sensitive personal information to limit those actions to just the Permitted SPI Purposes (the “right to limit”). As we do not use or disclose sensitive personal information beyond the Permitted SPI Purposes, we do not currently provide this consumer right.

Personal Information Sales or Sharing Opt-Out and Opt-In Rights

You have the right to request that businesses stop selling or sharing your personal information at any time (the “right to opt-out”), including through a user-enabled opt-out preference signal. Similarly, the CCPA prohibits businesses from selling or sharing the personal information of consumers it actually knows are under 16 years old without first obtaining consent from consumers who are between 13 and 15 years old or the consumer’s parent or guardian for consumers under age 13 (the “right to opt-in”).

As we do not sell or share consumers’ personal data, we do not currently provide these consumer rights. 

Right to Non-Discrimination

You have the right not to be discriminated or retaliated against for exercising any of your privacy rights.

 

     7.     HOW TO EXERCISE YOUR RIGHTS

 

Exercising the Rights to Know, Delete or Correct

To exercise the right to know, data portability, delete or correct described above, please submit a verifiable request to us by either: 

Please describe your request with sufficient detail so we can properly understand, evaluate, and respond to it. You or your authorized agent may only submit a request to know, including for data portability, twice within a 12-month period.

We will confirm receipt of your request within ten business days. We endeavor to substantively respond to a verifiable request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing. Our substantive response will tell you whether or not we have complied with your request. If we cannot comply with your request in whole or in part, we will explain the reason, subject to any legal or regulatory restrictions. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, deleted, or made your personal information anonymous in compliance with our record retention policies and obligations. 

Any disclosures we provide will cover information for the 12-month period preceding the request’s receipt date. We will consider requests to provide a longer disclosure period that do not extend past January 1, 2022, unless providing the longer timeframe would be impossible or involves disproportionate effort. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. 

 

     8.     DATA SECURITY 

 

We use commercially reasonable and appropriate administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and availability of your personal information. However, no website, mobile application, system, electronic storage, or online service is completely secure, and we cannot guarantee the security of your personal data transmitted to, through, using, or in connection with the Services. In particular, e-mail, texts, and chats sent to or from the Services may not be secure, and you should carefully decide what information you send to us via such communications channels. Any transmission of personal data is at your own risk. The safety and security of your information also depends on you. You are responsible for taking steps to protect your personal data against unauthorized use, disclosure, and access.

 

     9.     DATA RETENTION

 

We retain your personal information for as long as necessary to fulfill the purposes for which we collect it, such as to provide you with the service you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we process your information and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

     10.     CHILDREN UNDER THE AGE OF 18

 

Our Website is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us as indicated in this policy.

 

     11.     INTERNATIONAL ACCESS TO OUR WEBSITES AND SERVICES

 

Our Website and Services are hosted in and provided from the United States, and your use of our Website and Services is governed by United States law. If you are using our Website or Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our systems and facilities, and those of our third-party providers and recipients of information, are located. By using our Website and Services, you consent to your information being transferred to our systems and facilities, and to the systems and facilities of those third parties to whom we disclose information as described in this policy.

If you are located in the European Union, United Kingdom, or Switzerland, you may be entitled to exercise the rights set forth above in the section Your Rights and Choices. See the section above titled How to Exercise Your Rights for information on submitting a privacy rights request. You can also lodge a complaint with the data protection authority in your country.

The legal bases for our use of your personal information are as follows:

  • Where use of your information is necessary in order to fulfill our commitments to you under our agreements with you, such as to provide requested Services;
  • Where use of your information is necessary for compliance with a legal obligation, such as reporting criminal or fraudulent activity or for complying with tax, employment, or other applicable laws;
  • Where use of your information is necessary for the exercise or defense of legal claims, such as if you bring a claim against us or we bring a claim against you;
  • Where use of your information is necessary for our legitimate interests or the legitimate interests of others, such as, for example, to secure, update, and improve our Website and Services; to communicate with you and respond to your requests and inquiries; to monitor and prevent any problems with our Services; to personalize your experience with our Website or Services; for fraud prevention; and to establish, exercise, or defend legal claims; or
  • Where we have your consent, in accordance with applicable law, such as, for example before we send you marketing messages.

 

     12.     THIRD-PARY WEBSITES

 

Our Websites and Services may contain links to third-party websites, services, or resources that are not covered under this Policy. Upon visiting or using those third-party websites, services, or resources, we recommend that you review their privacy policy, terms and conditions, and terms of use before providing your personal information.

 

     13.     TRANSFER OF CORPORATE ASSETS

 

If we are acquired by or merged with a third-party entity, we reserve the right to transfer or assign the personal information you provided to us as part of such merger, acquisition, sale, or other change of control to the new entity. In the event of bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditor’s rights generally, we may not be able to control how your personal information is processed. If such a situation arises, we would request that all applicable privacy laws and protection standards at least as stringent as ours be applied to your personal information originally in our possession. In the event of a transfer of corporate assets, the information regarding the transfer will be posted on our Website.

 

     14.     CHANGES TO THIS PRIVACY STATEMENT

 

We reserve the right to update this Policy to accurately disclose changes as necessitated by applicable laws and other events. If those changes are material in nature, we will notify you by a notice placed on our public facing Website, a notification within our Services, and/or by electronic mail.

 

     15.     CONTACT US

 

If you become aware of any violation by any person, including users, that have accessed the Services through your account, please notify us at support@vervecloud.com

Should you have other questions or concerns about this Policy, please direct them to Verve Support at support@vervecloud.com.