Privacy Policy
Versys Technologies Inc.
Effective Date: June 3, 2026
About This Policy
This policy explains how Versys Technologies Inc. handles personal information in connection with its Transportation Management System (TMS) and public website.
Privacy questions and requests: support@versysinc.com
Mailing address: 400 S. 4th St, Suite 318, Las Vegas, NV 89101
At a glance
- We do not sell personal information.
- We do not currently use cookies for advertising, analytics, or cross-site tracking.
- We do not send any text messages (SMS). All communications, including two-factor authentication codes, are delivered by email.
- The TMS is intended for trucking carriers, owner-operators, and their authorized team members.
1. Who we are
This privacy policy describes how Versys Technologies Inc. (Versys, we, us, or our) handles personal information.
- Legal entity: Versys Technologies Inc., a Nevada corporation
- Mailing address: 400 S. 4th St, Suite 318, Las Vegas, NV 89101
- Contact: support@versysinc.com
We currently provide a Transportation Management System (TMS) for trucking carriers and owner-operators. Our TMS software is provided at no charge.
This policy applies to the TMS and to the public website where this policy is posted. If we launch additional products or features in the future, we will update this policy with at least 30 days' advance notice before the new practices take effect (see Section 14).
2. Who this policy covers
This policy applies to:
- Account holders: a business or individual who opens a Versys account, such as a trucking carrier or owner-operator.
- Team members invited by an account holder: users a carrier adds to their company account, such as dispatchers or back-office staff.
- Visitors: anyone browsing our public website at versysinc.com.
This policy does not cover:
- Information that an account holder enters into our system about its own drivers, customers, or counterparties on its own behalf. The account holder controls that data; Versys processes it as a service provider on the account holder's behalf. See Section 9.
- The privacy practices of third parties whose services we integrate with. Each of those companies has its own privacy policy; we link to the most relevant ones in Section 18.
3. Information we collect
We collect only what we need to operate our product, comply with law, and communicate with you. This policy describes information that identifies you or could reasonably be linked to you. It does not cover:
- Publicly available information from government records (such as DOT, MC, or FMCSA registry data);
- Deidentified or aggregated information that cannot reasonably be linked back to you;
- Information covered by sector-specific privacy laws, for example, driver medical certificates (which may be subject to HIPAA-related rules and the ADA), driver background-check reports (which may be subject to the Fair Credit Reporting Act), and financial information (which may be subject to the Gramm-Leach-Bliley Act). Where those laws apply, the related obligations apply in addition to this policy.
a. Account and business profile
When you create or maintain an account:
- Full legal name, including any DBA or trade name;
- Business name and entity type;
- Mailing address and physical operating address;
- Phone number (collected for customer support contact only; not used for SMS or text messages of any kind) and email address;
- Trucking-industry identifiers: DOT number, MC number, EIN, and similar registrations where applicable;
- Username and password (your password is stored only as a one-way hash; we cannot read it);
- Authentication and security records: login events, two-factor verification timestamps, idle-session timeouts, and single-session enforcement state;
- Activity logs of meaningful actions you take in the product (uploading documents, creating loads, sending invoices, and similar events) for security, audit, and internal cost-tracking purposes.
b. Driver data provided by account holders
When an account holder adds drivers to their TMS account, we receive:
- Driver name and contact information;
- Documents the account holder uploads about the driver, for example, CDL, medical certificate, or other compliance records;
- Equipment and vehicle assignments.
The account holder is responsible for the accuracy of this information and for the legal basis on which they share it with us. See Section 9.
c. Communications
- Emails you send to or receive from support@versysinc.com;
- Customer-support correspondence and any attachments you provide.
d. Website and online activity
When you visit our public website or use the TMS:
- IP address, browser type, operating system, referring URL;
- Cookies and similar technologies, described below;
- Pages visited, features used, and timestamps.
Cookies and similar technologies we set:
- Authentication cookie: keeps you signed in. Required. Cleared on logout.
- Two-factor verification token: confirms you completed 2FA for the current session. Required for admin sessions. Cleared on session end.
- Idle-activity timestamp: tracks last activity to enforce the 30-minute idle logout. Required for security.
- Theme preference: remembers your light or dark mode choice. Optional. Long-lived.
We do not currently use cookies for advertising, analytics, or cross-site tracking. We honor the Global Privacy Control browser signal as a request to opt out of any sale or sharing of your information.
e. Data shared when you use the broker credit-check feature
Our TMS includes an optional broker credit-check feature powered by an integration with brokercredit.com. When you initiate a credit check on a broker through the TMS, we transmit to brokercredit.com only:
- The broker identifier you provided (such as the broker's MC number);
- A Versys-internal request identifier used for tracking the query.
We do not send brokercredit.com any of your driver records, employee data, financial account information, or other carrier-side personal information when you initiate a credit check. Credit information returned by brokercredit.com is displayed to you within the TMS for your reference only. Versys is not a factoring company and does not vouch for, verify, or guarantee the accuracy of credit information provided by brokercredit.com, and Versys does not assume any liability for business decisions you make based on that information. Your use of credit information returned by brokercredit.com is subject to brokercredit.com's own terms and privacy policy.
4. How we use information
We use the information described above to:
- Provide and operate the TMS;
- Authenticate users, secure accounts, and prevent fraud;
- Communicate with you about your account, security alerts, customer support, product updates, and (with your consent) marketing, by email only;
- Operate, improve, and develop our services;
- Comply with applicable law, respond to lawful requests from authorities, and enforce our agreements.
We do not currently use artificial intelligence or machine-learning systems to make automated decisions about you that produce legal or similarly significant effects without a human in the loop. If we add AI-powered features in the future, we will update this policy with at least 30 days' advance notice (see Section 14).
5. How we share information
We do not sell personal information.
We share information with the following categories of service providers, only as necessary to run the TMS and only under contracts that require them to protect what they receive. Our current sub-processors are:
| Provider | Purpose | Where data is processed |
|---|---|---|
| Supabase | Database, authentication, and file storage | United States |
| Vercel | Application hosting and content delivery | United States |
| Resend | Transactional email delivery (verification codes, account alerts, password resets) | United States |
| brokercredit.com | Broker credit-check data, returned to the carrier on demand. We send only a broker identifier and an internal request identifier; no carrier driver, employee, or financial data is transmitted. | United States |
We may also share information with:
- Professional advisors: auditors, accountants, and lawyers who help us operate the business;
- Government authorities when we are legally required to disclose information;
- Other parties in connection with a corporate transaction such as a merger, acquisition, or financing. In that case, the receiving party will be bound to honor this policy or give you notice and a chance to opt out before any new use.
Business customers who require a Data Processing Agreement (DPA) for their own compliance obligations may request one by emailing support@versysinc.com.
6. Data retention
We keep different categories of information for different lengths of time.
| Category | Retention |
|---|---|
| Active account information | While your account is active |
| Personal information after account cancellation | Deleted within 90 days (automated) |
| Documents you uploaded to the TMS (load documents, driver documents, invoices, rate confirmations) | Deleted within 90 days of account cancellation (automated), unless a legal hold applies |
| Audit logs (login events, profile edits, document uploads) | 3 years |
| Backups | Overwritten on a 30-day rolling basis |
| Marketing email lists | Until you unsubscribe |
We may keep information longer if a legal hold, dispute, regulatory inquiry, or pending obligation requires it. Where we keep information past the periods above, we limit access to those who need it for that specific purpose.
7. Your rights
You can ask us to:
- Access the personal information we hold about you;
- Correct inaccurate or incomplete information;
- Delete information we no longer need to keep, subject to the legal retention requirements in Section 6;
- Export your information in a portable format;
- Opt out of marketing emails at any time.
To make a request, email support@versysinc.com. Only you, or someone legally authorized to act on your behalf, may make a request. You may submit a request to know up to twice within a 12-month period.
Identity verification. We verify your identity before fulfilling a request. We match the requestor's email to an active account and may ask for one additional piece of information already on file (such as your DOT number or business name). We use information you provide in a request only to verify your identity.
Response timing. We confirm receipt of your request within 10 business days. We provide a substantive response within 45 days of receiving a verifiable request. If your request is complex or we need more time, we may extend our response by an additional 45 days and will inform you in writing of the reason and the new deadline. If we cannot fulfill a request, for example, because we are required by law to keep certain records, we will tell you why.
Format of disclosures. Data exports are provided in a machine-readable format (typically CSV or JSON).
Fees. We do not charge a fee for processing or responding to a request unless it is excessive, repetitive, or manifestly unfounded. If a fee is warranted, we will tell you why and provide a cost estimate before completing your request.
Non-discrimination. We will not deny you services, charge you different prices, or provide a different level of quality because you exercised any of these rights.
8. California residents (CCPA and CPRA)
This section provides additional disclosures for California residents under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.
Categories of personal information collected
In the past 12 months we have collected the following categories of personal information about California residents, as defined under the CCPA and CPRA. We disclose information only to the service providers listed in Section 5 and only for the purposes described in Section 4. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.
| CCPA category | Collected? | Disclosed to service providers? |
|---|---|---|
| A. Identifiers (name, email, postal address, phone number, account name, online identifiers, IP address) | Yes | Yes |
| B. Customer-records information (Cal. Civ. Code 1798.80(e)): business contact information, trucking-industry identifiers (DOT, MC, EIN) | Yes (limited) | Yes |
| C. Protected classification characteristics under California or federal law (race, religion, national origin, etc.) | No | No |
| D. Commercial information (records of services obtained, transactions inside the product) | Yes | Yes |
| E. Biometric information (fingerprints, faceprints, voiceprints, iris scans, etc.) | No | No |
| F. Internet or other electronic-network activity (browsing on our site, app usage, cookie data) | Yes | Yes |
| G. Geolocation data | Approximate only (derived from IP address); precise geolocation NOT collected | Yes (approximate only) |
| H. Sensory data (audio, electronic, visual, thermal, olfactory) | No | No |
| I. Professional or employment-related information (job title, employer associated with account) | Yes | Yes |
| J. Non-public education information (FERPA records) | No | No |
| K. Inferences drawn from any of the above | Limited (used internally for account management; we do not build profiles for advertising or sale) | No |
| L. Sensitive personal information (SPI) under CPRA | Limited: your account password, stored as a one-way hash, used solely to authenticate you. We do NOT collect SSN, driver's license numbers, precise geolocation, biometric information, financial-account credentials, racial or ethnic origin, religious beliefs, contents of communications, genetic data, health information, or sexual-orientation information | No |
Sources. We collect this information directly from you and automatically through your use of our services.
Purposes. We use this information for the purposes described in Section 4.
Sale or sharing. We do not sell or share personal information for monetary value or for cross-context behavioral advertising. We honor the Global Privacy Control browser signal as a request to opt out of any future sharing. If we ever begin selling or sharing personal information in the future, we will wait at least 12 months before asking you to re-authorize that activity after you have opted out.
Your rights as a California resident
You have the right to:
- Know what personal information we have collected, used, disclosed, and shared;
- Delete personal information we have collected;
- Correct inaccurate personal information;
- Opt out of any sale or sharing;
- Limit our use of sensitive personal information;
- Be free from retaliation for exercising any of these rights.
To exercise any of these rights, email support@versysinc.com. You may designate an authorized agent to make a request on your behalf; we may require proof of authorization and verify your identity directly.
Other state residents
Residents of other states with consumer-privacy laws, including Colorado, Connecticut, Texas, Utah, and Virginia, have similar rights to access, correct, delete, and opt out of certain processing. To exercise any of those rights, email support@versysinc.com. We will verify your identity and respond within the time period required by your state's law.
California Shine the Light Law
California Civil Code Section 1798.83 permits California residents to request information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose your personal information to third parties for their direct marketing purposes. To request more information, email support@versysinc.com.
9. Information about drivers added by account holders
When a carrier or owner-operator uses the TMS, they may upload records about their own drivers (name, contact information, license number, compliance documents, equipment assignments). For that information, the account holder, not Versys, controls the data and is the privacy-law controller. Versys processes that data as a service provider on the account holder's behalf.
When you provide us with personal information about another person (a driver, employee, customer, or counterparty), you represent and warrant that:
- You have a lawful basis to share that information with us, for example, an employment relationship, a signed authorization, or another lawful basis under applicable law;
- You have provided any notices to that person required by applicable law, and obtained any consents required by applicable law;
- You will honor that person's requests to access, correct, or delete their information, and you will inform us if that person makes such a request.
If you are a driver, employee, or other individual whose information was uploaded by a Versys account holder, contact the account holder first to access, correct, or delete that information. If they do not respond or you cannot reach them, contact us at support@versysinc.com and we will help.
10. Children
Our services are intended for businesses and the adult employees of those businesses. We do not knowingly collect personal information from anyone under 18 years of age. If you believe a minor has provided information to us, contact support@versysinc.com and we will delete it.
11. Communications and SMS
All communications from Versys to you are delivered by email. This includes transactional messages (verification codes, account alerts, password resets, invoices, security notifications, and similar) and any marketing communications you have opted into.
We do not currently send any text messages (SMS), not for two-factor authentication, not for transactional notifications, and not for marketing. Your phone number is collected during onboarding only for customer support contact. If we begin sending any SMS in the future, we will collect express consent first and update this policy.
You cannot opt out of transactional emails while your account is active. Marketing emails are sent only if you opt in, and every marketing email includes a one-click unsubscribe link. You can also opt out by emailing support@versysinc.com.
12. International transfers
Our services are operated from and intended for the United States. The infrastructure providers and other service providers we use are also based in the United States.
Our services are not directed at residents of the European Union, the United Kingdom, or other jurisdictions outside the United States. If you access our services from outside the United States, you understand and agree that your information will be transferred to and processed in the United States, which may have different data-protection laws than your jurisdiction.
13. Security
We take reasonable administrative, technical, and physical safeguards to protect personal information. Our current safeguards include:
- Encryption in transit: all data exchanged with the TMS travels over HTTPS and TLS.
- Encryption at rest: data stored in our database and file storage is encrypted at the storage layer using industry-standard AES-256 encryption provided by our infrastructure platform.
- Tenant isolation: every database table that holds tenant data is protected by row-level security policies that prevent one carrier's data from being visible to another carrier.
- Two-factor authentication (2FA): required for any user with administrator privileges, delivered by email code.
- Single-session enforcement: signing in on a new device automatically signs you out everywhere else, so a stolen session cannot run in parallel.
- Idle-session timeout: sessions automatically expire after 30 minutes of inactivity.
- Audit logging: security-relevant events (logins, profile edits, document uploads, role changes) are logged and retained.
- Least-privilege access controls: Versys staff can only access tenant data when necessary to deliver support or operate the service, and access is logged.
- Infrastructure security: we use major U.S.-based infrastructure providers (Supabase, Vercel, Resend) that maintain SOC 2 (or equivalent) compliance and undergo independent security audits.
Breach notification. No system is perfectly secure. If we experience a security incident that compromises personal information, our notification practices follow two timelines depending on the recipient:
- Business customers who have entered into a Data Processing Addendum with Versys will be notified without undue delay and in any event within seventy-two (72) hours of confirmation of an incident affecting their data.
- Individuals and regulators will be notified as required by applicable state and federal breach notification laws, within the timeframes those laws prescribe (typically within 30 to 60 days, depending on the jurisdiction and the nature of the incident).
If you believe your account has been compromised, contact support@versysinc.com immediately.
14. Changes to this policy
We may update this policy from time to time. For material changes, meaning changes that affect the types of information we collect, how we use it, or your rights, we will give at least 30 days' notice by email and through an in-app banner before the change takes effect. The Last updated date at the top of this page always reflects the most recent revision.
If you do not agree with a material change, you may close your account before the change takes effect.
15. Disputes and governing law
Disputes relating to your use of our services, and the governing law for the commercial relationship between you and Versys, are addressed in our Terms of Service. This privacy policy describes our data-handling practices and does not itself create the contractual relationship between you and Versys.
16. Other terms
If any provision of this policy is found invalid or unenforceable, the rest stays in effect. Our failure to enforce any provision is not a waiver of our right to enforce it later.
This policy is the entire understanding between you and Versys about how we handle your personal information. It supersedes any prior privacy notices.
17. Contact us
For privacy questions, requests, or complaints:
- Email: support@versysinc.com
- Mail: Versys Technologies Inc., 400 S. 4th St, Suite 318, Las Vegas, NV 89101
18. Third-party privacy policies
When you use our TMS, your data is processed by the service providers listed in Section 5. Each maintains its own privacy and security commitments. Links to their privacy policies:
- Supabase: https://supabase.com/privacy
- Vercel: https://vercel.com/legal/privacy-policy
- Resend: https://resend.com/legal/privacy-policy
- brokercredit.com: https://brokercredit.com/privacy
Versys Technologies Inc. All rights reserved.