Privacy Policy

Last updated: March 5, 2026

Vera CI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Playwright test results visualization and analysis service.

1. Information We Collect

1.1 Information You Provide

Account Information: When you register for Vera CI, we collect:

  • Name and email address
  • Organization name and details
  • Authentication credentials (managed securely by our authentication provider, Clerk)
  • Billing information (processed securely through Stripe)

Team and Project Data: Information about your teams, projects, and test configurations that you create within the service.

Communications: When you contact us for support or provide feedback, we collect the information you provide in those communications.

1.2 Information Collected Automatically

Usage Data: We automatically collect information about how you interact with our service:

  • IP addresses
  • Browser type and version
  • Operating system
  • Pages visited and features used
  • Time and date of visits
  • Referring URLs
  • Device identifiers

Cookies and Similar Technologies: We use cookies and similar tracking technologies to track activity on our service and store certain information. You can instruct your browser to refuse cookies or indicate when a cookie is being sent, though some features of our service may not function properly without cookies.

1.3 Test Data We Process on Your Behalf

Playwright Test Results: When you use our reporter plugin, we collect and process:

  • Test execution results (pass/fail status, error messages, execution times)
  • Screenshot images and visual snapshots
  • Test metadata (test names, suite names, file paths, browser configurations)
  • Git commit information (commit SHA, branch name, author, commit message)
  • GitHub pull request data (PR number, title, author, when configured)

Important: We act as a data processor for this test data. You control what test data is collected and sent to Vera CI through your test configuration. We process this data solely to provide our visual regression testing and test analysis services.

2. How We Use Your Information

We use the information we collect to:

  • Provide and Maintain Services: Create and manage your account, process test runs, generate visual diffs, store test history, and deliver notifications
  • Improve Our Service: Analyze usage patterns, identify bugs, develop new features, and enhance user experience
  • Communicate: Send service-related emails, respond to support requests, and provide important updates about our service
  • Process Payments: Handle billing and subscription management through our payment processor
  • Security and Fraud Prevention: Detect and prevent unauthorized access, abuse, and fraudulent activity
  • Legal Compliance: Comply with legal obligations and protect our legal rights

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3. How We Share Your Information

We share information only in the following limited circumstances:

3.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our service, including providers for:

  • Authentication and user management
  • Payment processing (Stripe)
  • Cloud storage and hosting infrastructure
  • Database services
  • Background job processing
  • Logging and monitoring

These providers are contractually obligated to protect your information and use it only for the purposes we specify. All providers are carefully vetted for security and compliance standards.

3.2 GitHub Integration

When you configure GitHub integration, we may post commit statuses and pull request comments on your behalf using your authorized GitHub access. This integration is optional and can be disabled at any time.

3.3 Team Members

Information within your organization and teams is shared with other members according to the permissions you configure.

3.4 Legal Requirements

We may disclose information when required by law, such as:

  • In response to valid legal processes (subpoenas, court orders)
  • To protect our rights, property, or safety, or that of our users or the public
  • To detect, prevent, or address fraud, security, or technical issues
  • In connection with a merger, acquisition, or sale of assets (with notice to affected users)

4. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using SSL/TLS
  • Encryption at Rest: Sensitive data including API keys and secrets are encrypted using industry-standard encryption algorithms
  • API Key Security: API keys are hashed using secure one-way hashing algorithms before storage
  • Access Controls: Role-based access controls limit who can access your data
  • Secure Infrastructure: We use enterprise-grade infrastructure providers with industry-standard security practices
  • Regular Security Updates: We keep our dependencies and infrastructure updated with security patches

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide you services:

  • Account Data: Retained while your account is active
  • Test Results and History: Retained according to your subscription plan limits and retention settings
  • Billing Records: Retained for tax and regulatory compliance (typically 7 years)
  • Logs and Analytics: Retained for up to 90 days for security and operational purposes

You may request deletion of your account and associated data at any time by contacting us. Upon account deletion, we will remove or anonymize your personal information within 30 days, except where retention is required by law.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You can access your account information at any time through your account settings. You can export your data directly from your account profile.

6.2 Correction and Update

You can update your account information through your account settings or by contacting us.

6.3 Deletion

You may request deletion of your account and personal information. Note that some information may be retained as required by law or for legitimate business purposes.

6.4 Opt-Out

You can opt out of marketing communications by following the unsubscribe link in emails or updating your notification preferences.

6.5 Cookie Preferences

You can control cookies through your browser settings, though some features may not work properly if cookies are disabled.

6.6 EU and UK Users

If you are located in the European Union or United Kingdom, you have additional rights under the GDPR, including:

  • Right to object to processing
  • Right to restrict processing
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, contact us.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

8. Children's Privacy

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

9. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about the personal information we collect, use, and disclose
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: You can opt out of the sale of personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice in the application

Your continued use of the service after changes become effective constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us.

For EU/UK data protection inquiries, please use our contact form and select "Privacy" as the topic, or reach out to our Data Protection Officer through the same form.