Veriox is built on a principle of deliberate, minimal data storage. Every piece of data we store is a conscious decision — nothing accumulates silently.
Operational data
This is the data Veriox uses to run the service and produce your usage reports.
| Data | Why | Personal data? | Retention |
|---|
| Verification result (pass/fail) | Audit trail, usage billing | No | 90 days |
| Timestamp of verification | Usage reporting | No | 90 days |
| Domain the verification was for | Usage reporting, per-worker billing | No | 90 days |
| Session ID | Links a verified session cookie to its record | No | 90 days |
| Age threshold checked | Records what was actually required at the time | No | 90 days |
| Verification attempt events | Funnel analytics for your dashboard | No | 90 days |
Audit evidence
So that each verification has a complete, self-contained, and independently checkable audit trail, Veriox also stores the proof material for the verification and anchors a hash of it on the Concordium blockchain. See On-Chain Anchoring for how and why.
| Data | Why | Personal data? | Retention |
|---|
| Verification request | The exact signed challenge shown to the visitor (age threshold, accepted issuers, nonce) | No | With the verification record |
| Zero-knowledge proof | The proof the visitor submitted — attests the claim was met, contains no date of birth or identity | Pseudonymous | With the verification record |
| Audit record | The request and proof bound together; its hash matches the on-chain audit anchor | Pseudonymous | With the verification record |
| On-chain anchor references | The Concordium transaction hashes (CCDVRA, CCDVAA) for this verification | No | With the verification record |
“Pseudonymous” means the proof material contains no directly identifying data — no name, date of birth, address, or account address. It only attests that the claim was satisfied. It cannot be re-linked to a person without separate access to the Concordium identity layer, which is outside Veriox’s control and protected by Concordium’s own legal safeguards.
What Veriox does NOT store
- Date of birth
- Name
- Address
- Concordium account address
- Any document or image
- Any biometric data
- IP address of the visitor
The zero-knowledge proof is designed so that this information is never transmitted to Veriox in the first place — it is not a case of receiving and discarding it.
What you (the merchant) store
Nothing. The Veriox worker issues a signed session cookie on your domain, but this cookie contains only a verification timestamp and a session ID — no personal data. It is not accessible to your JavaScript and is never sent to your servers.
Implications for your privacy policy
Because no personal data passes through Veriox’s systems (or yours), you typically do not need to update your privacy policy to cover the Veriox verification process. We recommend confirming this with your own legal counsel for your specific jurisdiction and use case. 
