Skip to main content
VerifyThisSeal.com
A Seal CodeA Professional
Stamps Center Documents Center Brand Center User Guides
Pricing Contact
Login

Privacy Policy

View History

Version 0.5 (Effective: July 11, 2025)

Changes Summary: The Privacy Policy has been updated to include a new section (Section 7) addressing compliance requirements under Kansas public records law.

Introduction

Welcome to VerifyThisSeal.com (the "Site"), owned and operated by Wharton Consulting LLC ("we," "us," or "our"). This Privacy Policy describes our practices regarding the collection, use, processing, disclosure, and safeguarding of your information when you use our Services.

By accessing or using our Site and Services, you acknowledge and agree to the terms of this Privacy Policy. If you do not agree with the terms, do not access or use the Services.

A. Scope and Application

This Privacy Policy applies to all Personal Information collected through our Site, applications, and any other services we provide (collectively, the "Services"). It applies primarily to individuals residing in the United States who interact with our Services, including registered account holders ("Account Holders"), individuals whose data is processed as part of our verification services, and public visitors who may use the Site without an account ("Public Users"). Collectively, all such individuals are referred to as "Users," "you," or "your." Our Services are intended solely for U.S. residents. While users located outside the United States may access the Services, we strongly discourage them from providing Personal Information, and we encourage compliance with this preference through self-governance. Any submission of Personal Information by non-U.S. residents is at their sole risk, as we do not target or solicit such users. Non-U.S. residents acknowledge that their rights under international data protection laws (e.g., GDPR) may not be fully enforceable due to our U.S.-focused operations. We reserve the right to reject or delete such data to the extent permitted by law.

B. Definitions

"Personal Information" (or "Personal Data") means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, business, or household.

"Processing" means any operation or set of operations which is performed on Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

"Controller" means the entity that determines the purposes and means of the Processing of Personal Information. For the purposes of this policy, Wharton Consulting LLC is the Controller.

"Processor" means an entity that Processes Personal Information on behalf of the Controller.

"Services" refers to the VerifyThisSeal.com website, applications, and all related services provided by us.

1. Information We Collect

We collect information essential for providing, improving, and securing our Services. The term "provide," in the context of information you provide, refers to any data transmitted to our Services, whether you do so actively and knowingly (e.g., by typing into a form) or passively and unknowingly (e.g., as part of a data transmission from your browser).

A. Information You Provide or We Collect Directly From You

Account and Profile Information: When you register for an account, we collect identifiers such as your name, email address, password, and other contact information you provide. You may also provide additional profile information. Our Services are intended solely for U.S. residents, and you are responsible for ensuring you are located in the United States when providing Personal Information. While non-U.S. residents may access the Services, we strongly discourage them from providing Personal Information, and any such submission is at their sole risk. We reserve the right to reject or delete such data.

Payment and Identity Information: We utilize secure, third-party processors for payment and identity verification services. When you make a payment or verify your identity, you provide information directly to these processors, which may include payment card information or sensitive Personal Information, such as biometric data, Social Security Numbers, or data from government-issued identification documents. We engage processors that, where applicable, maintain SOC 2 or ISO 27001 certification and implement robust security measures to protect sensitive data. We adhere to data minimization principles, collecting and retaining only the sensitive data necessary for the intended purpose and deleting it after verification unless required for ongoing administrative or legal purposes. We do not store your full payment card details or raw identity documents on our servers, but we may receive and store transaction confirmations, verification results, and partial information for administrative and record-keeping purposes. Sensitive data is not used for monitoring unlawful or harmful activities unless strictly required by law. Our Services are intended solely for U.S. residents, and you are responsible for ensuring you are located in the United States when providing such information.

Communications: When you contact us for support, provide feedback, or otherwise communicate with us, we collect not only the content of your message but also associated metadata, communication history, and any information derived from such interactions.

Survey and Research Information: If you choose to participate in our surveys, promotions, or research studies, we will collect the information you provide in your responses.

B. Information We Collect Automatically

We automatically collect a wide range of information about your interactions with our Services. This information includes, but is not limited to:

Device and Network Information: Information about the device(s) and network you use to access our Services, including hardware model, operating system and version, unique device identifiers, mobile network information, IP address, and browser type.

Log and Usage Data: Technical information about your use of the Site, including pages visited, features used, links clicked, time and date of your visit, time spent on pages, crash data, and other diagnostic data. This non-sensitive data may be used to monitor, prevent, identify, report, and investigate unlawful or harmful activities, as described in Section 2.

Information from Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and other tracking technologies to operate our service, analyze performance, ensure security, and manage user sessions. For more details, see Section 5.

Location Information: We may approximate your location based on your IP address. We will not collect your precise geolocation data without your explicit consent.

Inferences and Automated Decision-Making: We may analyze your interactions with our Services to infer preferences (e.g., preferred features) to enhance user experience. Currently, our Services do not use automated decision-making that produces legal or similarly significant effects. We may explore automated decision-making in the future to improve efficiency. If implemented, we will update this Privacy Policy to provide details, and any decisions with significant effects, such as verification outcomes, will include human review to ensure accuracy. For questions about our use of automated processes, contact privacy@verifythisseal.com.

We do not use sensitive Personal Information (e.g., biometric data) for monitoring purposes unless strictly necessary and permitted by law.

C. Information We Collect from Third Parties

Analytics Providers: We partner with analytics providers to collect and analyze usage data.

Service Providers: Our third-party service providers (e.g., for payment processing or identity verification) may provide us with information about you, including transaction details, verification results, or fraud risk assessments.

Mandating Authorities: When your use of our Services is required by a third-party entity (e.g., a professional licensing board), we receive Personal Information directly from that entity to create or manage your account. This may include your name, license number, and other professional identifiers. Mandating Authorities are expected to provide data only for U.S. residents, in line with our Services’ U.S.-only focus. We encourage self-governance by Mandating Authorities to comply with this expectation, and we strongly discourage submission of non-U.S. resident data. We reserve the right to reject or delete any international data received to the extent permitted by law. Data from Mandating Authorities may be used to monitor, prevent, identify, report, and investigate unlawful or harmful activities, as described in Section 2, only to the extent necessary and proportionate to protect our Services and users.

Publicly Available Sources: To provide and enhance our verification services for non-mandated users, or to supplement existing records, we may collect professional information about individuals from publicly available sources, such as state licensing board websites and other public registries. This may include names, license numbers, professional status, and any other available information.

2. Purposes and Legal Bases for Processing Personal Information

We use the information we collect for legitimate business and commercial purposes, including:

To Provide, Operate, and Maintain our Services, such as creating your account and authenticating you as a user. Our legal basis for this is the Performance of a Contract with you.

To Process Transactions and Facilitate Identity Verification, we Process your data based on the Performance of a Contract, to comply with our Legal Obligations, and for our Legitimate Interests in fraud prevention.

To Communicate with You regarding service announcements, support, and transactional matters. This is based on the Performance of a Contract and our Legitimate Interests in keeping you informed.

To Monitor, Prevent, Identify, Report, and Investigate Unlawful or Harmful Activities, we collect and process only the data necessary and proportionate to detect, mitigate, and report activities that may harm our Services, users, or the public, including potential unlawful or state-sponsored activities (e.g., fraud, security threats, or violations of our Terms of Service). We rely on our Legitimate Interests to protect our Services and users, as well as our Legal Obligations to comply with applicable laws and authorities. For questions about our monitoring practices, contact privacy@verifythisseal.com.

To Personalize and Improve Our Services, including analytics, research, and development, we rely on our Legitimate Interests to enhance user experience and our offerings.

To Serve Advertisements and Measure Their Effectiveness, we rely on your Consent for the use of non-essential cookies and tracking technologies.

To Enforce our Terms and Policies, Comply with Legal Obligations, and Respond to Lawful Requests from Public Authorities, for which our bases are Legal Obligation and our Legitimate Interests in protecting our legal rights.

Our Services are intended solely for U.S. residents, and you are responsible for ensuring compliance with this restriction when providing data.

3. How We Share and Disclose Your Information

We do not sell your Personal Information. We may share information with the following categories of third parties only for the purposes described in this policy:

Service Providers (Processors): We engage third-party companies and individuals to perform services on our behalf. These services include:

- Payment and identity verification processors for secure transaction and verification services.

- Email service providers for communication delivery.

- Analytics providers for usage insights and service improvement.

These providers are contractually obligated to protect your data, use it only for the purposes we specify, and comply with applicable data protection laws through Data Processing Agreements or equivalent safeguards. Where applicable, we engage only third-party service providers that maintain SOC 2 or ISO 27001 certification to ensure robust security and compliance standards.

Mandating Authorities: As described in Section 6.C, if your use of the Services is mandated, we will share necessary information, such as your verification status, your use of our system, and associated data, with the relevant Mandating Authority to fulfill our contractual obligations.

Business Transfers: In the event of a merger, acquisition, divestiture, bankruptcy, or asset sale, your information may be transferred as part of the transaction. We will provide notice before your Personal Information is transferred and becomes subject to a different privacy policy.

With Your Consent or at Your Direction: We may share your information with third parties when we have your explicit consent to do so.

Aggregated or De-Identified Information: We may aggregate or de-identify your data by removing direct identifiers (e.g., names, license numbers, email addresses) and applying technical safeguards to prevent re-identification. De-identified data may be used or shared for analytics, research, or other purposes. Seal code data, integral to our public verification system, is retained for the lifetime of the Service as a permanent record to ensure public trust and compliance with professional licensing requirements and is not subject to de-identification or privacy rights requests, except in rare cases where strictly required by law.

4. Disclosures for Legal and Regulatory Compliance

We may disclose your information if we believe in good faith that it is necessary to:

Comply with a Lawful Request: Respond to a valid legal process, such as a subpoena, court order, search warrant, or other binding request from law enforcement, government agencies, or other public authorities.

Protect Rights and Safety: Protect the rights, property, or safety of Wharton Consulting LLC, our users, or the public. This includes, but is not limited to, voluntarily sharing information with law enforcement, regulatory bodies, or other third parties to investigate, prevent, identify, or report unlawful or harmful activities, including potential state-sponsored activities, or to otherwise pursue regulatory or law enforcement objectives.

Enforce Our Policies: Enforce our Terms of Service and other agreements, including for billing and collection purposes.

5. Cookies, Tracking, and Your Choices

We use cookies and similar technologies to provide, secure, and analyze our Services.

What are Cookies? Cookies are small data files, typically of letters and numbers, downloaded onto your device when you access certain websites. They are widely used to make websites work, or work more efficiently, as well as to provide reporting information.

How We Use Cookies:

- Strictly Necessary: Essential for the Services to function (e.g., authentication, security, session management). These cannot be disabled.

- Performance and Analytics: Help us understand how you interact with our Services so we can improve them.

- Functional: Enable enhanced functionality and personalization.

- Advertising/Targeting: Used to deliver advertisements that may be relevant to you.

Your Choices: We use analytics providers for usage insights, which may include targeted advertising. You can opt out of analytics tracking via your browser settings, third-party opt-out tools (e.g., browser add-ons), or by enabling Global Privacy Control (GPC) signals, which we honor in all jurisdictions where required by law. If you encounter issues exercising opt-out preferences, contact privacy@verifythisseal.com for assistance.

6. Your Privacy Rights

You have specific rights regarding your Personal Information, which may vary depending on your jurisdiction. To exercise any of these rights, please contact us at privacy@verifythisseal.com. We will verify your identity using reasonable measures (e.g., confirming account details) to ensure the security of your request and will respond within one month for GDPR requests or 45 days for U.S. state law requests, with possible extensions as permitted by law. If you disagree with our response, you may contact our Data Protection Officer at dpo@verifythisseal.com to resolve disputes.

A. Your U.S. State Privacy Rights

If you are a resident of a U.S. state with an applicable privacy law (e.g., California, Colorado, Virginia), you may have the following rights:

- The Right to Know and Access: You have the right to request information about the categories and specific pieces of Personal Information we have collected about you, the sources of that information, the purposes for which we use it, and the categories of third parties with whom we share it.

- The Right to Deletion: You have the right to request that we delete your Personal Information. However, this right is not absolute. Information that you have authorized for public verification—such as your name, professional license details, the status of your verification seal, the information related to seal codes you generate, and other information integral to the public record—becomes part of a permanent, public-facing record on our Service. To protect the integrity, reliability, and historical accuracy of our verification system, this core verification data cannot be deleted and will be retained for the lifetime of the Service. You may request the deletion of other personal account information not integral to the public seal (e.g., billing details, password).

- The Right to Correction: You have the right to request that we correct inaccurate Personal Information we maintain about you.

- The Right to Opt-Out of Sale/Sharing: We do not sell Personal Information. Under some state laws, sharing information for cross-context behavioral advertising may be considered "sharing." You have the right to opt-out of this activity, which can be exercised through browser settings or third-party opt-out tools as described in Section 5.

- The Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of your sensitive Personal Information. You may exercise this right by contacting us at our designated privacy email address. Upon receiving your request, we will limit the use of such data to that which is necessary to perform the Services or as otherwise permitted by law.

B. Your European & UK Privacy Rights (GDPR)

If you are in the EEA or UK, you have the following rights:

- The Right of Access: To receive a copy of your Personal Information, subject to our successful verification of your identity and other applicable legal requirements.

- The Right to Rectification: To correct inaccurate Personal Information.

- The Right to Erasure ('Right to be Forgotten'): To have your Personal Information deleted. This right is subject to limitations where the processing is necessary for reasons of public interest or for archiving purposes in the public interest. Information committed to our public verification service is processed to ensure public trust and transparency in professional credentials. As such, core verification data forms a permanent record and is not subject to erasure, as this would undermine the integrity of the Service. This constitutes a legitimate basis for retaining the data that may override the right to erasure.

- The Right to Restrict Processing: To limit how we process your Personal Information.

- The Right to Data Portability: To receive your Personal Information in a structured, commonly used, and machine-readable format.

- The Right to Object: To object to the processing of your Personal Information, particularly where we rely on Legitimate Interests as our legal basis.

- Rights Related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects on you.

- The Right to Withdraw Consent: Where we rely on consent, you may withdraw it at any time.

- The Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority.

Note: Our Services are intended solely for U.S. residents. If you are located in the EEA or UK and submit Personal Information despite our discouragement, you acknowledge that your rights under GDPR may not be fully enforceable, and any data submitted is at your sole risk.

C. Limitations on Rights for Mandated Use

If your use of the Services is required or mandated by a third-party entity, such as a professional licensing board or employer ("Mandating Authority"), your ability to exercise privacy rights may be restricted, potentially including all privacy rights (e.g., access, deletion, or restriction of data), to the extent necessary to comply with our contractual obligations to the Mandating Authority. Non-essential data, such as billing details, may still be subject to certain rights where permitted by law. The Mandating Authority is responsible for informing you of these requirements. This Privacy Policy serves as your notice of potential rights restrictions.

7. K.S.A. 45-220(c) Compliance

Pursuant to Kansas K.S.A. 45-220(c), we only show results for Kansas design professionals who actively use our system. The absence of a result does not indicate licensing status.

By using our system and claiming a Kansas license/seal, Kansas seal owners expressly permit us to make available to the public information about their license, including its status and their personally identifiable information (first name, last name, and email, should they choose to share it). Your action of claiming a Kansas license on our platform provides explicit permission for this public display. We may retain additional information you provide in accordance with the other terms of this Privacy Policy.

8. Data Security and Retention

A. Data Security

We implement and maintain robust administrative, technical, and physical security measures designed to protect your data from unauthorized access, destruction, use, modification, or disclosure. These measures include data encryption, access controls, secure software development practices, and regular security assessments.

B. Data Retention

We retain Personal Information, including verification data (e.g., seal codes, professional status), for the lifetime of the Service to ensure the integrity, reliability, and historical accuracy of our verification system, which serves as a permanent public record for professional credentials. In the event of Service termination, data will be handled in compliance with applicable legal requirements, such as deletion, transfer, or archiving as mandated by law. Other data, such as account or analytics information, is retained as long as necessary to fulfill the purposes outlined in this policy, comply with legal or contractual obligations, or resolve disputes. We implement robust security measures, including encryption and access controls, to protect your data throughout its lifecycle.

C. Data Breach Notification

If a data breach occurs that may compromise your Personal Information, including data collected for monitoring unlawful or harmful activities, we will notify affected users, including non-U.S. residents where feasible, primarily via email to the address provided in your account, within 45 days, or as required by applicable law. You are responsible for maintaining an updated and valid email address to ensure timely notifications. Additionally, a prominent notice will be posted on our status page at status.verifythisseal.com. We encourage users to subscribe to status.verifythisseal.com for real-time updates. We will also inform relevant regulatory authorities in accordance with legal obligations.

9. International Data Transfers

Our Services are intended solely for U.S. residents, and we do not target or solicit Personal Information from individuals located outside the United States. Your information is processed in the United States, where our servers and primary operations are located. While non-U.S. residents may access the Services, we strongly discourage them from providing Personal Information and encourage compliance with this preference through self-governance. If Personal Information is received from non-U.S. residents, we will not process it for monitoring or other purposes unless strictly required by U.S. law, and we will reject or delete such data immediately upon discovery to align with our U.S.-focused operations.

10. Children's Privacy

Our Services are not intended for or directed at children under the age of 16. We do not knowingly collect Personal Information from children under this age. If you believe we have inadvertently collected such information, please contact us immediately so we can take steps to investigate and delete it.

11. Industry Standards and HIPAA Compliance

We are working toward compliance with industry standards like SOC 2 and ISO 27001 to enhance our data security practices. We prioritize engaging third-party service providers with SOC 2 or ISO 27001 certification, where applicable, and ensure all providers implement equivalent security safeguards through contractual agreements. Per our Terms of Service, users are strictly prohibited from submitting sensitive health data covered by HIPAA, and we strongly discourage non-U.S. residents from submitting any Personal Information, including health data. We do not scan for, knowingly process, or use such data in our monitoring processes for unlawful or harmful activities. Our systems are designed to minimize the collection of sensitive health information. You are responsible for ensuring compliance with this prohibition through self-governance. Any submission of HIPAA-covered data is at the user’s sole risk, and we will delete such data upon discovery. Users should contact privacy@verifythisseal.com immediately to report inadvertent submissions.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify you by posting the new policy on this page, updating the "Last Updated" date, and, where appropriate, through other means such as email or a prominent notice on our Site.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our privacy team:

Wharton Consulting LLC
Attn: Privacy Officer
PO Box 541
Columbus, Ohio 43216

Email: privacy@verifythisseal.com

For GDPR-related inquiries, contact our Data Protection Officer at dpo@verifythisseal.com.