Legal

[1] Privacy Policy

[2] Platform Terms

Legal

[1] Privacy Policy

[2] Platform Terms

Privacy Policy

Beltic Inc. (“Beltic,” “we,” “us,” or “our”) operates a global verification and compliance platform that enables businesses to identify, verify, and monitor individuals and entities to prevent fraud and satisfy regulatory obligations (the “Service”).

This Privacy Policy (“Policy”) explains how we collect, use, disclose, and protect personal information in connection with the Service and our corporate operations. It also describes your rights and choices regarding that information.

This Policy applies to:

  • Visitors to our websites (including beltic.com and related subdomains), marketing pages, and dashboards;
  • Individuals or entities whose information is processed through the Service (“End Users”);
  • Representatives of our Customers (businesses that contract with Beltic); and
  • Job applicants and professional contacts interacting with Beltic.

This Policy also governs how we collect and use information through online forms, newsletter sign-ups, cookies, and other tracking technologies on our websites.

When Beltic processes information collected through the website or for marketing purposes, it acts as a data controller.

When Beltic processes verification data on behalf of a Customer through our KYB (“Know Your Business”) or KYC (“Know Your Customer”) platform, it acts as a data processor or service provider.

We collect information in several categories and through several means.

Information You Provide

  • Identification Documents and Proof-of-Address Data:

    Passports, national IDs, driver’s licenses, tax identifiers, business registration certificates, and supporting address documentation (utility bills, rental agreements, bank statements, or government letters). Extracted fields may include name, date of birth, address, nationality, identification number, issuing authority, and expiration date.

  • Contact Information:

    Email address, phone number, company role, and any communications you send to us.

  • Business Information:

    Company name, tax ID, registration number, industry, jurisdiction, and ownership structure.

  • Support Content:

    Messages, attachments, and metadata submitted to our support channels or Slack workspace.

Information We Automatically Collect

  • Technical Data:

    IP address, browser type, device identifiers, operating system, and session timestamps.

  • Usage Data:

    Logs of authentication events, navigation paths, clicks, API requests, and error messages.

  • Security Metadata:

    Indicators of suspicious or malicious activity, geolocation approximations derived from IP, and timing patterns used to detect automated fraud.

Information from Third Parties

  • Customer Integrations:

    Customers may provide reference data (e.g., internal IDs, transaction history) to link Beltic results with their systems.

  • Public Sources and Registries:

    We may supplement verification with publicly available corporate records, sanctions lists, and government databases.

  • Vendors and Service Providers:

    We receive information from our subprocessors (such as secure file-transfer or analytics providers) to operate the Service.

We use personal information solely for legitimate, specified purposes:

  • Provide and Operate the Service – to receive uploads, perform verification, and return structured results.

  • Fraud Detection and Security – to analyze document authenticity, detect anomalies, and prevent identity or company impersonation.

  • Compliance with Law – to satisfy anti-money-laundering (AML), know-your-business (KYB), and sanctions-screening obligations.

  • Customer Support and Communications – to respond to requests, notify Customers about platform updates, and resolve incidents.

  • Research and Improvement – to develop fraud-detection models and enhance data-quality pipelines using aggregated or de-identified information only.

  • Corporate Operations – to manage billing, accounting, audits, and business continuity.

  • Recruiting and Partnerships – to evaluate job candidates and manage professional contacts.

When laws like the GDPR (EU/UK) or LGPD (Brazil) apply, Beltic relies on:

  • Performance of Contract — to provide Services requested by Customers or users.

  • Legal Obligation — to comply with AML, fraud-prevention, and record-keeping requirements.

  • Legitimate Interests — to secure our platform, prevent misuse, and improve Service quality (without overriding individual rights).

  • Consent — when required (for example, certain optional communications or cookies).

Marketing & Communications

We may collect and use contact details that you voluntarily provide on our website, for example, when requesting a demo, subscribing to our newsletter, or downloading whitepapers.

We use this information to send relevant updates about Beltic’s products, events, and research. You can opt out of these communications at any time using the “unsubscribe” link in our emails or by contacting privacy@beltic.com.

We never sell or share marketing lists with third parties, and we only send communications in accordance with applicable anti-spam and privacy laws (including CAN-SPAM, GDPR, and LGPD).

We disclose personal data only as necessary and under binding protections.

Service Providers and Subprocessors

We engage vetted vendors for cloud hosting, database infrastructure, monitoring, analytics, and email delivery. All subprocessors are contractually bound by confidentiality, security, and restricted-use clauses.

Professional Advisors and Authorities

We may share information with auditors, lawyers, accountants, regulators, or law enforcement if required by law or to defend legal claims.

Corporate Transactions

If Beltic is involved in a merger, financing, acquisition, or sale of assets, relevant data may be transferred under confidentiality agreements ensuring equivalent protections.

Customer Direction

When Beltic acts as processor, we share or delete information strictly in accordance with the Customer’s documented instructions. We never disclose personal data to advertisers or data brokers.

We keep personal information only as long as necessary for:

  • providing the Service;

  • fulfilling legal or regulatory obligations; and

  • maintaining audit trails for dispute resolution or fraud analysis.

Typical retention: uploaded documents and derived results are securely deleted or irreversibly anonymized within 30 days unless our Customer instructs otherwise. Aggregated logs and security metadata may be stored longer for compliance and platform defense.

Given the sensitivity of verification data, Beltic maintains an information-security program aligned with SOC 2.

  • Encryption: All data is encrypted using AES-256 at rest and TLS 1.2+ in transit.

  • Access Management: Role-based, least-privilege policies; MFA for all privileged accounts.

  • Monitoring & Audit: Comprehensive logging, anomaly detection, and regular reviews.

  • Network Protection: Firewalls, WAFs, intrusion detection, and vulnerability scans.

  • Data Segregation: Logical isolation of Customer environments and separate encryption keys.

  • Employee Controls: Background checks, confidentiality agreements, and recurring security training.

Although no system is perfectly secure, Beltic continuously tests and improves its defenses to mitigate risk.

Beltic’s public sites and dashboards use cookies and similar technologies to ensure functionality, security, and analytics. Cookies are small data files placed on your device that enable us to recognize your browser and improve your experience. We categorize cookies as follows:

  • Essential Cookies — Required for authentication, fraud prevention, and session continuity.

  • Analytics Cookies — Collect aggregated, de-identified metrics about website usage (e.g., Google Analytics).

  • Preference Cookies — Remember choices such as language, theme, or region.

  • Marketing and Retargeting Cookies — Track interactions with our website and ads (e.g., Meta Pixel, LinkedIn Insight Tag) to measure performance and deliver relevant content.

Where required by law, a cookie banner appears when you visit our site, allowing you to accept, reject, or customize your preferences. You may also disable cookies through your browser settings; however, some website features may not function properly. We do not use cookies to collect sensitive personal data or to make automated decisions that have legal or similar effects.

Cookie Management and Preferences

If Beltic is involved in a merger, financing, acquisition, or sale of assets, relevant data may be transferred under confidentiality agreements ensuring equivalent protections.

Type Purpose Retention
Essential Enables login, load balancing, fraud prevention Session
Analytics Understand how users navigate our website 13 months
Marketing Measure ad performance and retarget ads 12 months
Preferences Save interface settings (language, mode) 12 months

You can update your cookie preferences at any time through the banner or by clearing cookies in your browser. For EU/UK and Brazilian visitors, Beltic relies on consent for non-essential cookies and legitimate interest for strictly necessary cookies.

Beltic employs automated systems to assist in document verification and fraud scoring.

These systems analyze file metadata, visual features, registry matches, and risk signals. However:

  • human reviewers validate uncertain or high-risk outcomes;

  • Beltic does not make decisions with legal or similarly significant effects solely through automation;

Depending on your jurisdiction, you may have the right to:

Right Description
Access Obtain confirmation and a copy of your personal data.
Correction Rectify inaccurate or incomplete information.
Deletion / Erasure Request deletion, subject to legal retention duties.
Restriction Limit processing in certain circumstances.
Portability Receive data in a structured, machine-readable format.
Objection Object to processing based on legitimate interests.
Withdraw Consent Withdraw consent for optional uses at any time.

If You Interacted via a Customer

Please contact that Customer (the data controller). Beltic will support them in fulfilling your request.

If You Interacted Directly with Beltic

Email data@beltic.com. We will verify your identity, respond within statutory timeframes, and inform you if an exemption applies.

GDPR (EU / UK)

Beltic Inc. acts as data controller for direct interactions and data processor for Customer-related processing.

Where required, Beltic may appoint an EU/UK representative.

Data-subjects may lodge complaints with their local supervisory authority.

CCPA / CPRA (California Residents)

We do not sell or share personal information as defined under the CCPA.

California residents may request:

  • disclosure of categories or specific pieces of information collected;

  • deletion of personal information; or

  • correction of inaccurate data.

LGPD (Brazil)

Beltic complies with Brazil's Lei Geral de Proteção de Dados. Data subjects may request:

  • confirmation of processing;

  • access, correction, anonymization, blocking, or deletion;

  • data portability;

  • information about data-sharing.

Contact our Brazil DPO: privacidade@beltic.com.

If you are unsatisfied, you may petition the ANPD (National Data Protection Authority).

To ensure lawful and accurate processing:

  • Submit only the requested information;

  • Confirm its accuracy;

  • Do not include unrelated sensitive data (e.g., health records, biometric templates, or financial account numbers) unless explicitly requested;

  • If you submit data about another person, you warrant that you are authorized to do so.

The Service is not intended for individuals under 18 years of age (or the minimum legal age in their jurisdiction). We do not knowingly collect information from minors. If you believe a minor’s information has been submitted, contact privacy@beltic.com for prompt deletion.

Our websites and dashboards may contain links or embedded integrations from third-party platforms, for example, analytics providers, payment processors, developer documentation tools, or social networks. When you interact with these third-party tools (e.g., by watching an embedded video or clicking a LinkedIn ad), those providers may collect data under their own privacy policies. Beltic does not control their practices and encourages you to review each third party’s policy before engaging.

All Beltic personnel with data access are bound by:

  • signed confidentiality agreements;

  • least-privilege and need-to-know principles;

  • annual privacy training; and

  • disciplinary policies for violations.

Access is logged.

Beltic has appointed a Data Protection Officer responsible for overseeing compliance and serving as the contact for regulators and individuals.

Data Protection Officer: Isha Bhatnagar

Beltic Inc.

Email: privacy@beltic.com

Our infrastructure is designed for high availability and geographic redundancy.

Backups are encrypted and tested regularly.

Beltic conducts internal reviews and external audits to verify compliance with this Policy and contractual obligations. We maintain records of processing activities and subprocessor listings available to Customers upon request.

We may revise this Policy periodically to reflect legal or operational changes.

When material changes occur, we will:

  • update the “Last Updated” date;

  • post the revised version on our website; and

  • where required, notify Customers or users via email or dashboard notice.

Continued use of the Service after an update constitutes acceptance of the revised Policy.

If you have questions, concerns, or complaints about this Policy or Beltic’s privacy practices, please contact:

Beltic Inc.

751 Duncan St.

San Francisco, CA 94131 USA

privacy@beltic.com

Updated on November 28th 2025