Privacy and cookies

Who this applies to

This notice is for visitors to verilicense.co.uk and for people who contact us, request a quote, register as a broker or place an order. Most VeriLicense enquiries are business-to-business — for enterprise IT licences, server memory, networking and AI server builds — so the information involved is typically business contact details rather than consumer personal data.

VeriLicense Ltd is the data controller. Company number 16056643, registered in the United Kingdom.

Information we collect

When you contact us, submit a form or place an order, we may collect:

• Contact and business details you submit through forms — name, business email address, company name, phone number, VAT number where supplied.
• Quote requirements — product names, SKUs, quantities, server models and compatibility information you provide.
• Broker programme details — purchasing volume bands, product interests, business type and qualifying answers from the broker registration form.
• Order, invoice and fulfilment details where a purchase is made, and licence-key delivery records.
• Basic website analytics and security logs used to operate the site (see Cookies and analytics below).

We do not ask for unnecessary personal information, and we never ask for payment-card details by email or over the phone.

Why we use your information

We use the information you provide to respond to enquiries, prepare quotes, discuss product availability, fulfil orders, support brokers, manage the customer relationship and maintain accurate accounting and business records. Our lawful bases under UK GDPR are legitimate interests (running the supplier relationship), contract (where you have asked us to quote or supply) and legal obligation (tax and accounting record-keeping).

Forms, email and where data is stored

When you submit the quote form, the broker registration form or add an item to the basket and proceed to checkout, the details are processed so we can respond. Form submissions are written to our database (Supabase, hosted in the EU) and a notification is sent to the VeriLicense sales inbox via our transactional email provider (Resend). Replies from our team go from a VeriLicense email address.

The website itself is hosted on Vercel. Database access is restricted to authenticated staff via our admin area; the database has row-level security enabled and no public read access to enquiries, quotes or broker records.

Who we share it with

Where it is genuinely necessary to handle your enquiry, quote or order, we may share relevant information with:

• Trusted suppliers, distributors and manufacturers — to check availability, source product or arrange licensing.
• Fulfilment and delivery providers — for physical hardware shipments and licence-key delivery.
• Payment providers — when a paid order goes through (see Orders and payments below).
• Service providers that run the website on our behalf — currently Vercel (hosting and analytics), Supabase (database), Resend (email) and Google (Analytics). Each acts on our instructions under their own data-processing terms.

We only share what is necessary for the specific purpose. We do not sell your information, and we do not share it for third-party marketing.

Orders and payments

Card payments are processed by Stripe, our active payment processor. Card details are entered into a Stripe-hosted payment page, handled by Stripe, and never stored directly by VeriLicense. We receive a transaction reference, an indicator of card type, the billing details you supplied, and (if you entered them on the Stripe page) your company name and VAT number for the receipt. We do not receive your full card number.

Stripe processes UK and EU cardholder data under UK GDPR and the Data Protection Act 2018 as a separate data controller for the payment information you enter on its hosted page. Stripe's privacy policy explains how it handles that data: stripe.com/gb/privacy.

Order, invoice and fulfilment records are kept so we can complete the transaction, issue documentation, deliver licence keys, and meet accounting and tax obligations.

Cookies and analytics

On your first visit we show a cookie banner. Nothing non-essential is set until you choose. Specifically:

• Essential — small bits of storage we need to make the site work, for example to keep your basket between pages or to keep you signed in to the broker area after you log in. These are set whatever you choose on the banner.
• Analytics — only if you accept.We use Google Analytics 4 to understand which pages are useful and where people drop off, and Vercel Analytics to monitor performance. We implement Google's Consent Mode v2: until you accept, no analytics or advertising storage is set, and any signals Google receives are cookieless. Accept on the banner and analytics cookies are set; reject and they are not. You can change your choice at any time by clearing your browser's site data for verilicense.co.uk; the banner will reappear and you can choose again.
• Performance & security — Vercel Speed Insights records page-performance timings to help us keep the site fast. The hosting platform also keeps short-lived security logs (IP addresses, request paths) used to operate the site and rate-limit form abuse.

We do not run third-party advertising trackers, and we do not currently use Facebook, LinkedIn or TikTok pixels on this site. If that changes, this notice will be updated before they go live.

How long we keep information

We keep enquiry, quote and order records for as long as needed to manage the relationship, answer follow-up questions and meet accounting requirements (typically six years from the end of the relevant tax year for financial records). Broker accounts are kept while the broker relationship is active and for a reasonable period afterwards. Analytics data is held by Google Analytics on the default retention window we have configured.

Your rights

Under UK GDPR you have the right to ask what we hold about you, to ask us to correct it, to ask us to delete it where we no longer need it, to object to processing based on legitimate interests, and to ask for a copy of your data in a portable format. We will respond within one month.

If you are unhappy with how we have handled your information, you can complain to the Information Commissioner's Office (ICO) at ico.org.uk. We would always prefer the chance to put things right first — please contact us before you do.

Contact us about privacy

For anything in this notice — a question, a correction, a request to stop being contacted about a specific enquiry, or a formal data-rights request — email sales@verilicense.co.uk with enough detail for us to identify the enquiry or account. We read this inbox during UK business hours and will reply within one working day.

Changes to this notice

We update this notice when the site or how we handle data meaningfully changes — for example, if we add a new analytics or marketing provider, or change payment processor. The “Last reviewed” date at the top of the page records the most recent change.