Privacy Policy

Last Updated: [Insert Date]

This Privacy Policy describes how Vara Security Inc., a Delaware corporation (“Vara Security,” “Company,” “we,” “our,” or “us”) collects, uses, discloses, and safeguards personal information in connection with our website, software, APIs, SDKs, dashboards, and related services (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies to:

  • Visitors to our website;
  • Representatives of organizations using our Services;
  • Individuals whose data may be processed through our platform on behalf of our business customers.

In most cases, Vara Security acts as a data processor on behalf of our enterprise customers (such as financial institutions). Our customers are responsible for determining the purposes and legal basis for processing personal data.

2. Information We Collect

We may collect the following categories of information:

A. Information You Provide Directly

  • Name
  • Email address
  • Company name
  • Job title
  • Contact details
  • Communications with us

B. Account and Business Information

  • Organization name
  • Billing details
  • Administrative user credentials

C. Technical and Usage Information

  • IP address
  • Device type and browser information
  • Operating system
  • Log data
  • Interaction data within our Services
  • API and SDK usage data

D. Behavioral and Risk Signals (When Provided Through Customers)

When integrated by our enterprise customers, our technology may process:

  • Behavioral interaction patterns
  • Session activity data
  • Device signals
  • Transaction-related metadata
  • Risk scoring outputs

We do not intentionally collect sensitive personal data unless provided by our customers in accordance with their own privacy obligations.

3. How We Use Information

We use information to:

  • Provide, operate, and maintain the Services;
  • Improve performance and security;
  • Generate fraud risk insights and behavioral assessments;
  • Communicate with customers and website visitors;
  • Comply with legal and regulatory obligations;
  • Prevent misuse, fraud, and security incidents.

We do not sell personal information.

4. Legal Basis for Processing (GDPR)

Where applicable under the General Data Protection Regulation (GDPR), we rely on:

  • Performance of a contract;
  • Legitimate interests (such as fraud prevention and security);
  • Compliance with legal obligations;
  • Consent (where required).

When acting as a data processor, we process personal data only on documented instructions from our customers.

5. Data Sharing and Disclosure

We may share information with:

  • Service providers and infrastructure partners (e.g., cloud hosting providers);
  • Professional advisors (legal, accounting, compliance);
  • Regulatory or governmental authorities when required by law;
  • In connection with a merger, acquisition, or corporate transaction.

All third-party service providers are required to maintain appropriate confidentiality and security measures.

6. International Data Transfers

Vara Security Inc. is incorporated in the United States. Information may be processed in the United States or other jurisdictions where our service providers operate.

Where required by law, we implement appropriate safeguards for international data transfers.

7. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction.

However, no system can guarantee absolute security.

8. Data Retention

We retain personal information only as long as necessary to:

  • Provide the Services;
  • Fulfill contractual obligations;
  • Comply with legal requirements;
  • Resolve disputes;
  • Enforce agreements.

Enterprise customers determine retention periods for data processed on their behalf.

9. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access your personal data;
  • Correct inaccurate data;
  • Request deletion;
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent (where applicable).

If Vara Security processes your data on behalf of one of our customers, you should direct your request to that organization.

You may contact us at legal@varasecurity.io for privacy-related inquiries.

10. Cookies and Tracking Technologies

We may use cookies and similar technologies to:

  • Improve website functionality;
  • Analyze traffic;
  • Enhance user experience;
  • Maintain security.

You may adjust browser settings to refuse cookies, though some features may not function properly.

11. Children’s Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date.

Continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Information

If you have questions about this Privacy Policy, please contact:

Vara Security Inc.
Delaware, United States
Email: legal@varasecurity.io

Footer Logo

Subscribe for our newsletter

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Product

Home V1
Home V2
Features
Pricing
Pricing details CMS

Resources

About
Blog
Blog details CMS
Contact

Utilities

Style Guide
License
Changelog
Protected
404

© 2025  Vara Security All rights reserved.

Terms
Privacy
Cookies