Privacy Policy
Last updated: January 27, 2026
CarlyOS Inc. ("Verit," "we," "us," or "our") is committed to protecting the privacy of our customers, their end users, and visitors to our website. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our fraud prevention platform and related services.
Verit provides identity verification, income validation, and vehicle history services to auto lenders, dealerships, and financial institutions. We act as a service provider to these organizations in processing verification requests.
Information We Collect
| Category | Examples | Purpose |
|---|---|---|
| Identity Information | Name, date of birth, government ID images, facial photographs | Identity verification and document authentication |
| Contact Information | Email, phone number, mailing address | Communication and verification processes |
| Financial Information | Bank account connections, income data, employment details | Income and employment verification |
| Vehicle Information | VIN, vehicle history, title status | Vehicle verification and title checks |
| Device Information | IP address, device fingerprint, browser type | Fraud detection and security |
Sensitive Personal Information
We process sensitive data including Social Security Numbers (SSN) for verification purposes. SSNs are encrypted using AES-256 at rest, stored as cryptographic hashes for matching, never displayed in full, and retained only as long as necessary.
How We Use Your Information
- Process identity, income, and vehicle verification requests
- Detect and prevent fraud in vehicle financing transactions
- Generate risk scores and fraud signals for our customers
- Maintain audit trails for compliance purposes
- Improve our fraud detection models and services
- Communicate with customers about their accounts
- Comply with legal obligations and law enforcement requests
SMS Messaging
Verit may send SMS messages to end users (e.g., dealership customers) when a dealership staff member initiates an identity verification request through the platform. These messages contain a one-time, secure link for the recipient to complete their identity verification.
How consent is obtained
SMS messages are sent only when a dealership representative enters a customer's phone number into the Verit dashboard to initiate a verification. The dealership is responsible for obtaining verbal or written consent from the customer, who is typically present at the dealership, before entering their phone number.
Message frequency and content
- • Each verification generates a single SMS — these are not recurring messages
- • Messages contain: the dealership name, a brief description, and a verification link
- • Standard message and data rates may apply
Opting out
Recipients can reply STOP at any time to opt out of future SMS messages from Verit. Reply HELP for assistance. We do not share phone numbers with third parties for marketing purposes. Phone numbers are used solely for delivering verification links.
Information Sharing
Service Providers
We share data with trusted third-party verification providers who perform identity, income, and vehicle checks on our behalf. All providers are contractually bound to protect your information and use it only for the specified verification purposes.
Our Customers
We provide verification results, fraud scores, and related data to the lenders and dealerships who initiated the verification request on your behalf.
Legal Requirements
We may disclose information when required by law, subpoena, court order, or to protect our rights and safety.
Data Security
We implement industry-standard security measures to protect your information:
For more details, visit our Security page.
Data Retention
We retain verification data for 7 years to comply with regulatory requirements and support fraud investigations. After this period, data is securely deleted or anonymized.
Audit logs are retained indefinitely and are immutable to ensure compliance with Red Flags Rule requirements.
Your Rights
Depending on your location, you may have the following rights regarding your personal information:
Right to Know
Request information about what personal data we collect and how it's used
Right to Access
Obtain a copy of your personal information in a portable format
Right to Correct
Request correction of inaccurate personal information
Right to Delete
Request deletion of your data (subject to legal retention requirements)
Right to Opt-Out
Opt-out of data sale — note: we do not sell personal information
Non-Discrimination
Exercise your rights without receiving discriminatory treatment
Contact Us
For privacy-related inquiries or to exercise your rights, please contact us:
We may update this Privacy Policy from time to time. Material changes will be communicated via email or dashboard notification.