Frequently Asked Questions

Veristrom is a privacy-first AI chat platform that scans your prompts and files for sensitive data before they reach AI models like ChatGPT, Claude, and Gemini. You see exactly what's detected and decide what to redact, modify, or approve before anything is sent.

When you use ChatGPT, Claude, or Gemini directly, your data goes straight to the AI provider with no privacy checks. Veristrom sits between you and the AI model — scanning every message and file for PII, credentials, and confidential content before submission. Nothing leaves without your explicit review and approval.

No. Veristrom is a web application. Just open your browser, sign up, and start chatting. There's nothing to download or configure.

Veristrom supports:

• OpenAI — GPT-5.4, GPT-5.4 mini
• Anthropic — Claude Opus 4.6, Claude Sonnet 4.6, Claude Haiku 4.5
• Google — Gemini 3.1 Pro, Gemini 3.1 Flash Lite, Gemini 3 Flash

You can switch between models at any time during a conversation.

No. All PII and sensitive data scanning happens locally in your browser using our client-side detection engines. Your prompt is analyzed before it ever leaves your machine. Only after you review the findings and click Proceed does the message get sent to the AI provider.

Chat messages are stored encrypted in your account so you can access your conversation history. Files are processed locally for scanning, and if uploaded, are stored in encrypted S3 storage tied to your account. You can delete your chat history and files at any time.

No. Chat messages are encrypted at rest using per-user encryption keys managed through AWS KMS. Veristrom staff do not have access to your decrypted messages or files.

The item is sent as-is to the AI model. Veristrom shows you the detection so you can make an informed decision — we never silently block or alter your data. If you approve a detected SSN, for example, it goes to the AI provider exactly as written.

Veristrom runs three detection engines with 100+ rules and 200+ pattern checks:

• PII Engine — SSNs, credit cards, phone numbers, emails, dates of birth, driver's licenses, bank accounts, routing numbers, medical record numbers, insurance IDs, NPI numbers, DEA numbers, Medicare/Medicaid IDs, passports, addresses, and more.
• Document Classifier — Flags confidential clauses, proprietary content, financial terms, legal language, NDA provisions, insurance clauses, medical content, and HR data. Classifies documents into 11 types including Legal, Financial, Medical, and Internal/Confidential.
• Secrets Detector — API keys (OpenAI, Stripe, AWS, GitHub, etc.), database connection strings, private keys, JWT tokens, environment variables, internal hostnames, and cryptocurrency credentials.

Yes. Automated detection is not perfect. Some items may be missed (false negatives), and some non-sensitive text may be flagged (false positives). That's why Veristrom always shows you the results and lets you decide — we never auto-redact without your knowledge. The detection is an assistive tool, not a guarantee.

Yes. When you attach files (TXT, PDF, DOCX, CSV, JSON, XML, HTML, MD), Veristrom extracts the text content and runs all three detection engines on it. Detected items appear in the same review panel alongside prompt-level detections.

The detection engines are optimized for English-language patterns (US SSN, US phone formats, US driver's licenses, etc.). International formats like IBAN, Canadian SIN, and international phone numbers are also supported. Detection accuracy may vary for non-English text.

Yes. The free tier includes up to 50 messages per day, PII detection, file uploads, and access to base AI models (GPT-5.4 mini, Claude Haiku 4.5, Gemini 3.1 Flash Lite). No credit card required.

Pro ($20/month or $192/year) unlocks unlimited messages, premium AI models (GPT-5.4, Claude Opus 4.6, Gemini 3.1 Pro), team management with email invitations, file activity memory, export to PDF/DOCX/Excel, and multi-language AI responses.

Yes. You can downgrade from Pro to Free at any time. Your subscription remains active until the end of your billing period.

Yes. Pro users can create teams and invite members by email. Team members share the Pro subscription benefits under centralized billing.

Enterprise SSO integration is on our roadmap. Contact us for enterprise deployment options.

Yes. Enterprise plans include dedicated support, custom deployment options, audit logging, and volume pricing. Contact us at the Enterprise Access page for details.

Veristrom provides technical measures that support HIPAA compliance, including encryption at rest and in transit, per-user encryption keys, and local-first scanning that minimizes data exposure. However, HIPAA compliance is a shared responsibility between the platform and your organization. Contact us to discuss Business Associate Agreements and healthcare-specific requirements.

Veristrom supports GDPR data minimization by detecting personal data and giving users control over what is shared with AI providers. All scanning happens locally before data leaves the browser. For questions about data processing agreements, data subject rights, or EU-specific deployments, contact us.

Veristrom helps reduce the risk of accidental exposure of financial data to AI models by flagging account numbers, financial amounts, and confidential terms before submission. While Veristrom is not a SOX compliance tool, it supports your organization's data protection controls.