Data Security and Transparency at VRIFY

Exploration data is highly proprietary and often represents years of investment and technical expertise. Working with hundreds of exploration companies has shown VRIFY first-hand just how valuable and sensitive this data is. 

At the same time, the growing use of cloud-based platforms and AI technologies has raised conversations and expectations around cybersecurity and data governance. Exploration companies need confidence that their data is stored securely, protected against unauthorized access, and managed according to industry-recognized standards.

As AI becomes more integrated into mineral exploration workflows, it is important for companies to understand how their data is used, and what safeguards are in place to support transparency and responsible AI practices. The following outlines VRIFY’s approach in ensuring clients' data is handled responsibly

‍

How VRIFY Securely Uses Client Data to Train AI Models

AI and machine learning algorithms are designed to continuously improve over time. It's crucial for the models used in VRIFY Predict to be exposed to large and diverse datasets in order to strengthen their ability to identify patterns and generate higher-quality, more accurate insights. 

To support this improvement, aggregated and anonymized data may be used to help train and enhance VRIFY’s AI models. However, protecting client privacy remains a top priority throughout this process. Individual client data always remains private and inaccessible to third parties, and no identifiable company or project information is ever exposed, including during model training. 

Before any data is used to improve algorithms, it undergoes a rigorous anonymization process that removes identifying details and ensures the information cannot be traced back to a specific company or project. This approach allows VRIFY to continuously strengthen the technology and improve predictive capabilities while ensuring data remains protected and confidential.

Assigning a unique identifier to each asset is a critical step in the anonymization process. Each asset is assigned a numerical identifier, replacing all original naming conventions, while Coordinate Reference System information, raster names, and other potentially identifying metadata are removed. This ensures that assets cannot be traced back to their original sources while preserving the integrity and usability of the data for analysis.

^{Pedro Ivo Odon, Lead Geodata Scientist at VRIFY}

More information regarding how VRIFY uses anonymized data to train AI models can be found in VRIFY’s Terms and Conditions.

‍

How VRIFY Keeps Data Safe

Beyond responsible AI practices, VRIFY maintains strict security standards across the company to ensure client data is protected across all software. VRIFY is SOC 2 Type II compliant, meaning its systems and operational controls are independently audited against rigorous standards. Developed by the American Institute of Certified Public Accountants (AICPA), SOC 2 is an industry-recognized framework that evaluates how organizations securely manage client data and maintain ongoing operational accountability through independently verified security controls. As of January 2026, VRIFY covers all five SOC 2 Type II Trust Services Criteria (TSC): security, availability, processing integrity, confidentiality, and privacy. This certification reflects VRIFY’s ongoing commitment to maintaining strong security practices and continuous monitoring across all software. 

VRIFY stores client data in cloud environments including databases and S3 buckets¹ that can only be accessed through secure channels. This approach helps protect against unauthorized access and risks associated with local storage. Further, data stored within VRIFY's cloud infrastructure is encrypted at rest² using AES-256 encryption³ through AWS-native encryption mechanisms — processes that are considered best in class. This approach applies to storage services such as databases, object storage, and backups. Within the VRIFY cloud environment, access controls are tightly restricted to ensure sensitive information is only available to authorized personnel when required. Along with this, all VRIFY employees have to complete regular security training and checks to ensure all standards are being upheld and work devices are up to date.   

When data contributes to AI model training and improvement, VRIFY applies multiple layers of anonymization and transformation to maintain customer privacy. First is data aggregation, where raw geospatial data is aggregated and stripped of identifying information such as company names and project specifications while remaining within each company’s secure data environment. Spatial coordinates are masked by transforming them into normalized indices so datasets cannot be traced back to their original locations. For image-based deep learning models, datasets are further converted into numerical matrix formats that no longer retain coordinates, data types, or project-specific identifiers. These measures allow VRIFY to continuously improve its technology while ensuring client data remains private and inaccessible to any third parties.

‍

Transparent Security Practices

VRIFY believes that innovation should never come at the expense of privacy, which is why responsible data practices are built into every aspect of the software and development process.

VRIFY’s approach to creating AI software is guided by strong privacy protections and continuous security improvements. By maintaining clear data handling practices, implementing rigorous anonymization processes, and adhering to industry-recognized security standards, VRIFY ensures clients can confidently leverage AI insights while maintaining control over their data.

While aggregated and anonymized data may be used to improve the performance and accuracy of VRIFY’s AI models, individual client data remains confidential and protected. Through a combination of SOC 2 Type II compliance, secure cloud infrastructure, strict access controls, and rigorous anonymization practices, VRIFY is committed to safeguarding client information at every stage.

<hr />

Data security and privacy are central to how VRIFY operates, with the key principles above guiding how the technology is managed and continuously improved upon. As AI continues to transform mining and exploration, the industry can trust that VRIFY is committed to balancing innovation with transparency, security, and privacy, ensuring that the benefits of AI can be realized while confidentiality is upheld and data remains protected.