Book a Demo

Legal

Privacy Policy

Last updated: May 27, 2026

This Privacy Policy explains how Colorado AI Consultants, LLC, doing business as Verodi.ai ("Verodi," "we," "us"), collects, uses, stores, and shares information when you interact with our website, our paralegal platform, and the SMS and email notifications we send on behalf of law firms that use our services.

Who we are

Verodi provides an AI-assisted medical-records platform that personal injury law firms use to request, track, and organize their clients' medical records. When we process protected health information (PHI) on behalf of a law firm, we do so as a Business Associate under HIPAA and operate under a Business Associate Agreement (BAA) with that firm. The law firm is the data controller for PHI; Verodi is the data processor.

Information we collect

From the law firms that use Verodi:

  • Account information — name, email, role, firm affiliation.
  • Case and provider data uploaded by the firm — client names, dates of birth, dates of loss, provider information, medical-records artifacts, and the firm's case-management notes.
  • Authentication and audit data — login times, IP addresses, multi-factor authentication events, and a log of actions taken inside the platform.

From the law firms' clients (data subjects):

  • Mobile phone number, when the firm provides it for SMS notifications related to the client's case.
  • Replies to our SMS messages (e.g., clarifications, opt-out requests).
  • Information the client provides when completing a HIPAA authorization e-signature link sent by their attorney.

From visitors to our website:

  • Information you voluntarily provide through our contact and demo forms.
  • Standard server logs (IP, user agent, timestamps) used for security and to keep the site running.

SMS / text messaging

Verodi sends SMS messages on behalf of law firms to their clients regarding the client's active legal matter. We only send SMS to phone numbers that the firm has confirmed were provided by the client at intake along with consent to receive case-related text messages.

What we send: records-request status updates, clarification questions when intake information is ambiguous, and secure links for the client to e-sign a HIPAA authorization. We never include protected health information in the body of an SMS; sensitive material is delivered behind authenticated portal links.

Message frequency: message frequency varies based on the activity in the recipient's case. Most clients receive fewer than ten messages over the life of a matter.

Charges: message and data rates may apply, as determined by the recipient's mobile carrier.

Opt-out: recipients can stop receiving SMS at any time by replying STOP, QUIT, END, CANCEL, or UNSUBSCRIBE. Opt-out is honored on the next message we attempt to send and is recorded as a hard stop on that phone number.

Help: reply HELP for support information, or email benny@verodi.ai.

We do not share mobile information collected for SMS with third parties or affiliates for marketing or promotional purposes. Information about your mobile opt-in status and the contents of your SMS exchanges with Verodi are not sold or rented. We share message metadata only with the SMS service provider (currently Sinch) and mobile carriers strictly as required to deliver the message you requested.

How we use information

  • To operate the Verodi platform for the firms that subscribe to it.
  • To send records requests to medical providers on behalf of the firm.
  • To send case-related SMS and email notifications to the firm's clients with the firm's authorization.
  • To monitor security, detect abuse, and maintain audit trails.
  • To respond to support requests and improve the product.

How we share information

We do not sell personal information. We share information only in the limited ways listed below:

  • The law firm that holds your case. The firm is our customer and has access to records and case data we store on their behalf.
  • Medical providers. When the firm directs us to request records from a provider, we transmit the request (and the firm's HIPAA authorization) to that provider.
  • Service providers under contract. Cloud hosting (Microsoft Azure), email delivery (Azure Communication Services), SMS delivery (Sinch), and fax delivery (Sinch). Each is bound by contractual confidentiality and, where applicable, a HIPAA BAA.
  • Legal compliance. When required to comply with valid legal process or to protect the rights, safety, or property of Verodi, our customers, or the public.

Security

Verodi runs on Microsoft Azure infrastructure in the United States. Data is encrypted in transit using TLS and at rest using industry-standard encryption. Access to PHI is restricted to authenticated, multi-factor-protected accounts and is logged. We maintain administrative, technical, and physical safeguards appropriate for a HIPAA Business Associate.

Data retention

We retain case data for as long as the law firm we serve directs us to, or as required by their record-retention policies and applicable law. SMS message logs are retained for a minimum of one year for carrier compliance and audit purposes. Account data is retained for the life of the customer relationship plus a reasonable archival window.

Your rights

If you are a client of a law firm that uses Verodi and you have questions about, or want to access, correct, or delete information held about you, please contact your attorney directly. The firm is the data controller and will direct Verodi to act on your behalf.

Depending on your state of residence, you may have additional rights (for example, under the California Consumer Privacy Act). Contact us at benny@verodi.ai and we will work with the relevant law firm to honor those rights.

Children's privacy

Verodi is not intended for use by children under 13, and we do not knowingly collect personal information from children. If we learn we have collected information from a child under 13 without verified parental consent, we will delete it.

Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated to active customers via email.

Contact us

Colorado AI Consultants, LLC
d/b/a Verodi.ai
Email: benny@verodi.ai