Privacy Policy
Last updated: May 28, 2026
Overview
Veesta offers a range of Services that may differ in functionality, user type, and deployment model, including services designed for individual users, developers, and enterprise customers.
This document provides a centralized overview of the privacy policies that apply to our products and services, including Lexis (our compliance infrastructure platform), Continum (our enterprise compliance orchestration service), and Focal (our specialized compliance language models) (collectively, the "Services"), and is intended to help you identify which privacy policy applies to the Services you use and locate the information relevant to your use of those Services.
Because our Services may differ in functionality, features, and deployment models, the privacy practices applicable to each Service may also differ. You should carefully review the privacy policy applicable to each Service you access or use in order to understand the specific practices, conditions, and considerations that apply to that Service.
This document is provided for informational purposes only. It does not constitute a contract, agreement, or legally binding terms, and it does not form part of our Terms of Service.
Scope of Privacy Information
The privacy policies for our Services typically provide detailed information about:
- the categories of personal information that may be collected;
- how personal information may be used, processed, or disclosed;
- how long information may be retained;
- the involvement of service providers or third parties;
- applicable security practices and safeguards; and
- the choices or rights that may be available to users under applicable law.
These details may vary by Service and are described in the relevant privacy policy.
Product Privacy Policies
You should carefully review the privacy policy for each Service you access or use in order to understand how personal information is handled in connection with that Service.
Lexis
Privacy Policy applicable to Lexis compliance infrastructure platform and API services.
View Lexis Privacy Policy →Continum
Privacy Policy applicable to Continum enterprise compliance orchestration services.
View Continum Privacy Policy →Focal
Privacy Policy applicable to Focal specialized compliance language models and inference services.
View Focal Privacy Policy →Enterprise Services
Privacy Policy applicable to custom enterprise deployments, on-premise solutions, and dedicated infrastructure.
View Enterprise Privacy Policy →Additional Privacy Notices
Certain Services, features, enterprise offerings, or jurisdictions may be subject to additional privacy notices or disclosures. Where applicable, those notices will supplement the relevant product-specific privacy policy.
For example, if you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, additional information about data processing practices under GDPR may apply. Similarly, if you are a California resident, additional disclosures under the California Consumer Privacy Act (CCPA) may be relevant.
Data Residency and Sovereignty
Veesta recognizes that data residency and sovereignty are critical considerations for enterprises operating in regulated industries. Our Services are designed with flexible deployment options to meet your compliance requirements:
- Cloud Deployments: Data processed through our cloud services may be stored and processed in data centers located in regions you specify.
- On-Premise Deployments: Enterprise customers may deploy Veesta Services within their own infrastructure, maintaining complete control over data location and processing.
- Hybrid Deployments: Combine cloud and on-premise components to balance flexibility with control.
For specific information about data residency options for your deployment, please consult the privacy policy for the specific Service you use or contact our enterprise team.
Security Practices
Veesta implements industry-leading security practices to protect the confidentiality, integrity, and availability of data processed through our Services. Our security program includes:
- Encryption of data in transit and at rest using industry-standard protocols
- Regular security assessments, penetration testing, and vulnerability management
- Access controls and authentication mechanisms, including multi-factor authentication
- Continuous monitoring and incident response capabilities
- Compliance with SOC 2 Type II, ISO 27001, and other relevant security standards
- Regular employee security training and awareness programs
Detailed information about security practices for specific Services can be found in the relevant product-specific privacy policy or security documentation.
Changes
We may update this overview from time to time to help you understand the privacy practices of our Services.
Because this document is informational in nature, updates to this overview do not modify any applicable privacy policy. Please refer to the privacy policy for each Service for details about the relevant privacy practices and how we communicate changes to those policies.
Material changes to product-specific privacy policies will be communicated in accordance with the notice provisions described in those policies.
Contact
If you have questions about our privacy practices, please contact us using the contact information provided in the applicable privacy policy for the Service you use.
For general privacy inquiries or questions about this overview, you may contact us at:
Veesta Privacy Team
Email: privacy@veesta.co
For enterprise customers with dedicated support agreements, please use your designated support channels for privacy-related inquiries.
Our Commitment to Compliance
At Veesta, compliance isn't just what we build—it's how we operate. We hold ourselves to the same rigorous standards we help our customers achieve. Our privacy practices are designed to meet or exceed the requirements of major regulatory frameworks including GDPR, CCPA, HIPAA, and emerging AI-specific regulations.
We believe that privacy and compliance should be foundational to AI infrastructure, not afterthoughts. This philosophy guides every aspect of how we design, build, and operate our Services.