Trust Center
Our Principles
These documents reflect the principles under which Veriti is designed, operated and continuously improved.
Our Commitment
Veriti is built on the principle that schools should retain full control over their data while benefiting from secure, reliable and transparent cloud software. We design our platform with security, privacy and operational resilience as foundational requirements rather than optional features. Our Trust Center provides visibility into our practices, governance and ongoing commitment to protecting the information entrusted to us.
Our Principles
Security by Design
Security requirements are considered during design and implementation, not only at the end of a release cycle.
Privacy by Design
Privacy implications are assessed as features are planned, so personal information is handled purposefully and carefully.
Least Privilege
Users and services receive only the permissions required to perform their role.
Data Minimisation
We design the platform to minimise the collection and retention of personal information wherever practical.
Customer Ownership
Schools own their data. Veriti never claims ownership of customer information.
Transparency
We publish clear information about our practices and provide deeper documentation during procurement under appropriate confidentiality arrangements.
Continuous Improvement
Controls, documentation and operational processes mature over time in response to risk, feedback and customer expectations.
Operational Resilience
Monitoring, backups, recovery planning and incident communication support reliable school operations.
Customer Commitments
Enterprise customers should be able to rely on clear, non-technical commitments about how Veriti treats school information:
- We never sell customer data.
- Schools retain ownership of all data entered into Veriti.
- Veriti never claims ownership of customer data.
- Customer data is never used to train AI models.
- We only process data necessary to provide the agreed service.
- Customers may export their data through authorised administrator capabilities and supported offboarding processes.
- Customers may request deletion upon termination, subject to contractual and lawful retention requirements.
- Access to production customer data is restricted to authorised personnel when required to provide support or maintain the service.
Secure Development
Security considerations are incorporated throughout product design, implementation, testing and deployment. New functionality is reviewed for security implications before release.
Responsible Disclosure
Security vulnerabilities can be reported confidentially to operations@codeweave.io with the subject line “Security vulnerability”. We ask researchers not to publicly disclose issues until we have had a reasonable opportunity to investigate and remediate.
Customer Transparency
Where appropriate, Veriti provides customers with documentation regarding security controls, architecture summaries and operational practices under appropriate confidentiality arrangements.
Procurement Support
Security questionnaires, architecture summaries and supporting documentation are available during active procurement processes. Deeper evidence may be shared under NDA where appropriate.
Compliance Position
Veriti aligns its privacy practices with the principles of POPIA and continually improves operational controls as the platform matures. We are not presenting this Trust Center as a formal certification; it describes how we operate and the principles that guide us.
Contact Roles
Security Contact
Security questions, vulnerability reports and control enquiries: operations@codeweave.io (subject: Security).
Email this rolePrivacy Contact
Privacy, POPIA Operator questions and data-subject coordination with schools: operations@codeweave.io (subject: Privacy).
Email this roleSales & Procurement Contact
Evaluations, questionnaires and commercial discussions: use the Contact page or email operations@codeweave.io (subject: Procurement).
Open Contact pageContact Security Team
Questions about security, privacy or procurement questionnaires.