Veriscope
VeriscopeTerms of Service

Privacy Policy

Last updated: June 2026

Veriscope is operated by Rapid Policies Australia (“Veriscope”, “we”, “us”, “our”). This Privacy Policy explains how we collect, hold, use and disclose personal information when you use our compliance management platform, and how we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It also describes how we handle information relating to NDIS participants and aged care recipients in line with the NDIS Practice Standards and the Aged Care Quality Standards.

Information we collect

We collect personal information that is reasonably necessary to provide the service, including:

  • Account & organisation details — your name, work email, role, organisation name, ABN, registration groups and billing contact.
  • Content you upload — policies, procedures, incident records, evidence and other documents you submit for compliance checking, which may contain personal or sensitive information about your workers and the participants you support.
  • Usage & technical data — log data, device and browser information, IP address and activity needed to operate, secure and improve the service.

Where you provide personal information about other individuals (such as workers or participants), you confirm you are authorised to do so and have made those individuals aware of this Policy.

How we use your information

We use personal information to deliver and improve the service, run AI-assisted compliance checks, generate policies and reports, administer your account and billing, provide support, send service communications, and meet our legal and regulatory obligations. We do not sell your personal information, and we do not use the content you upload to train publicly available AI models.

Disclosure and third-party providers

We disclose personal information only as needed to run the service. We use the following trusted sub-processors, each bound by confidentiality and data-protection obligations:

  • Railway — application hosting and PostgreSQL database storage.
  • Stripe — subscription billing and payment processing.
  • Resend — transactional and account email delivery.
  • Third-party AI providers — to perform compliance analysis on documents you submit.

We may also disclose information where required by law or to protect our legal rights.

Data storage, security and overseas disclosure

Your data is encrypted in transit (TLS) and at rest. Our application and PostgreSQL database are hosted on Railway infrastructure; we use Australian-region hosting where available, and some processing or storage may occur on Railway or other sub-processors located in the United States. Where data is disclosed outside Australia, we take reasonable steps under APP 8 to ensure the recipient handles your information consistently with the APPs. We apply appropriate technical and organisational measures — including access controls, encryption and auditing — to protect information against unauthorised access, loss or misuse.

Participant and sensitive information

Some content you upload may include sensitive information about NDIS participants or aged care recipients. We treat this information with additional care, restrict access to authorised personnel and systems, and handle it consistently with the NDIS Practice Standards relating to privacy, dignity and the management of participant information. You remain the controller of your participants’ records and are responsible for obtaining any consents required for their collection and use.

Data retention

We retain personal information for as long as your account is active and as needed to provide the service and meet legal, accounting and audit obligations. When information is no longer required, we securely delete or de-identify it. On account closure you may request export or deletion of your data.

Cookies

We use essential cookies to keep you signed in and to keep the service secure. We do not use third-party advertising cookies. You can control cookies through your browser settings, though disabling essential cookies may affect functionality.

Your rights and how to complain

Under the APPs you may request access to, or correction of, the personal information we hold about you, and you may ask us to delete it where we are not required to retain it. Contact our Privacy Officer at privacy@veriscope.com.au. We will respond within a reasonable period. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Changes to this policy

We may update this Policy from time to time. We will post the updated version on this page and revise the “Last updated” date above. Material changes will be communicated to account holders.

Contact us

For any privacy enquiry, contact our Privacy Officer at privacy@veriscope.com.au or write to Rapid Policies Australia, Privacy Officer, Australia.

← Back to home