Legal and trust

Privacy Policy

How Verified Hikes handles accounts, private hiking evidence, payments, partner workflows, and public certificate metadata.

Last updated July 10, 2026Questions about this policy

1. Who we are

The Verified Hikes Registry operates an independent evidence-review and certificate verification service. Privacy requests can be sent to support@verifiedhikes.com or Verified Hikes, Red Dingo Homestead, Podkylava, 916 16, Slovak Republic.

2. Information we collect

We collect account and contact details, trail and completion information, privacy choices, application status, support correspondence, consent records, and technical security events. We also process the evidence you choose to submit and reviewer decisions associated with it.

3. Evidence files and GPS

Raw GPS files, photos, permits, guide confirmations, uploaded documents, filenames, storage keys, EXIF data, contact details, payment details, and reviewer notes are private by default and are not shown on public verification pages.

GPS can reveal sensitive locations, routines, dates, and movement. We use it only for the requested review, security, fraud prevention, retention, and audit purposes. Remove unrelated private material before upload.

4. How information is used

We use information to secure accounts, process applications and payments, scan files, review evidence, request clarification, issue and verify certificates, provide support, prevent abuse, meet accounting or legal duties, and improve aggregate service performance. The legal basis depends on the activity and location and may include contract, consent, legitimate interests, and legal obligations.

5. Public verification

A public verification page may show certificate ID, status, trail, privacy-controlled recipient display, completion dates, verification level, issue date, PDF fingerprint, signature state, and safe certificate history. It does not expose raw evidence or internal review material. Public PDF availability is controlled separately.

6. Payments

Payment providers process card and checkout data under their own terms. Verified Hikes stores limited status, amount, tax, refund, receipt, and reconciliation records. Public APIs and certificate pages never show provider payment identifiers or payment details.

7. Partners and providers

Approved partner reviewers can access only submissions in their permitted scope. Partner Confirmed wording does not expand public evidence disclosure. Infrastructure providers may process data for authentication, database hosting, private storage, payments, email, scanning, rate limiting, and monitoring under controlled access.

8. Analytics and cookies

Essential cookies support authentication, security, and session continuity. Optional analytics should operate only under the configured consent posture. Analytics events must avoid raw evidence, email addresses, payment identifiers, GPS coordinates, filenames, storage keys, and private notes.

9. Retention and deletion

Rejected evidence is normally deleted after 90 days and approved evidence after 730 days, subject to disputes, incidents, legal duties, or preservation requirements. A public certificate can remain verifiable after private evidence deletion. Some audit, accounting, fraud-prevention, or registry-integrity records may need to remain.

10. International processing and security

Providers may process information in more than one country. We use available contractual and technical safeguards. Controls include private storage, expiring upload access, role-based review, file scanning posture, audit events, hashing, signed metadata, and restricted public response schemas.

11. Children and rights

The service is not designed for children to submit evidence independently. Depending on applicable law, you may have rights to access, correct, delete, restrict, object, or receive information about processing. Contact us without emailing sensitive evidence so we can locate the relevant record safely.