Privacy Policy

Last Updated: 23rd of February, 2026
This Age Verification Privacy Notice (“Notice”) explains how Veritage (“we”, “us”, or “our”), a company registered in Ireland, collects, uses, shares and protects personal data when providing age verification services for our clients (“Client”) that use our systems to confirm whether a person meets specified minimum age requirements before accessing products, services, content or features.
Veritage is responsible as a data processor on behalf of the Client (the entity requesting you to complete an age check). The Client is the data controller for personal data processed for age verification purposes.  As data controller, the Client determines the purposes and means of processing and is responsible for responding to data subject rights requests.

For purposes of EU data protection laws (including the GDPR), Veritage operates as a joint data importer/processor acting under instructions from the Client.

 

1. What is Veritage Age Verification Service?

Veritage offers a privacy-focused age verification service that enables websites or apps to confirm whether a person is over or under an age threshold set by the Client. The service is designed to minimise data collection, share only the age result with the Client, and process personal data securely and transiently.

2. Information We May Collect

Depending on the age-checking method chosen by the Client, Veritage may collect:Age Verification Methods:
  1. Facial Age Estimation: a selfie or facial image used to estimate age.
  2. Identity Document Verification (IdV): scanning an official ID document (passport, driver’s license, national ID card) to extract date-of-birth data.
  3. Digital ID App Check: using a third-party digital ID or credential that provides age attributes.
  4. Credit Card Check: card details to infer age (handled by a payment processor).
  5. Mobile Provider Check: phone number and basic contact details to infer age through a third-party provider.
  6. Database Check: name, address and date of birth shared with credit or verification data providers.
  7. Email Address Check: email metadata used to estimate age.
  8. Partner Age Check: age check via a partner identity verifier.
  9. Reusable Tokens / Keys: local browser tokens or identity keys for repeat age verification.

Personal data may include, only as necessary:• Face image / selfie• ID document images and extracted details• Date of birth or age estimate• Mobile phone number• Email address• Name and address• Credit card cardholder data (limited)• Device or browser identifiers

All personal data is processed only according to the Client’s configuration and for age verification purposes. We do not use this information for unrelated internal research, marketing, profiling, or advertising purposes.

 

3. How We Use Your Personal Data

We use your data only to:
  • Perform the age check requested by the Client;
  • Provide a result to the Client of whether you are “over” or “under” the required age, or your age in years;
  • Improve reliability and security of the verification process.
We do not share unnecessary personal details with the Client — only the outcome of the check (e.g., “18+” / “Under 18”).
4. Data Retention
Personal information used to perform the age verification is deleted as soon as the check is complete except where the Client requests manual review.
  • In manual review cases, data may be retained for up to 28 days before deletion.
  • The Client may choose to retain the results of age checks for longer; retention of age check results is at the Client’s discretion.
We comply with EU GDPR data minimisation and storage limitation principles and will retain personal data only as long as necessary for the purposes outlined and to meet legal obligations.

5. Information Sharing

Veritage shares:With the Client
  • Only the result of the age verification check (e.g., over/under age threshold or age in years).

With Third-Party Providers:

To conduct certain age checks we share limited personal data with trusted, vetted third-party service providers, including but not limited to:
  • Identity verification specialists
  • Payment processors
  • Mobile verification services
  • Database age verification partners

These third parties process personal data only to support the age check and are contractually bound to handle it in accordance with GDPR and other applicable law.

Legal Obligations:

We may disclose personal data if required by Irish or EU law, regulation, judicial process, or to protect rights, property or safety.

6. Security and Data Location

Veritage implements appropriate technical and organisational security measures (encryption, access controls, secure servers) to protect personal data against unauthorised access, disclosure, alteration or destruction.
Data may be processed and stored in servers located within the EU or in jurisdictions providing adequate protections consistent with GDPR requirements.

7. Cookies and Similar Technologies

We may use necessary cookies or similar technologies to operate the age verification service and manage session information. These do not contain directly identifiable personal data.

8. Your Rights Under GDPR

You have rights under EU data protection law, including:
  • Right of access to your personal data;
  • Right to rectification or erasure;
  • Right to restriction of processing;
  • Right to data portability;
  • Right to lodge a complaint with a supervisory authority.
As the age check Controller, the Client is responsible for responding to your rights requests. You should contact the Client that requested the age verification for queries about your personal data processed for that check.

9. Contact InformationIf you have questions about this Privacy Notice or our age verification practices, you may contact:

VeritageEmail: privacy@veritage.ioAddress: Spaces, Suite 186, Donnybrook House, Dublin D04 WN59, Ireland

 

10. Updates to this NoticeWe may update this Privacy Notice to reflect changes in our practices or legal requirements. The updated version will be published with a revised “Last updated” date.