This Privacy Policy explains how Vela ("we") collects, uses and protects personal data when you use the Service. We aim to be consistent with the EU General Data Protection Regulation (GDPR).
1. Who is responsible
For personal data you provide as a Vela account holder, we act as data controller. For data you upload about your own clients or counterparties, you are the controller and we act as processor on your behalf.
2. What we collect
- Account data: name, email, organisation, and authentication data.
- Usage data: logs needed to operate and secure the Service (e.g. request metadata, audit events).
- Content you submit: the financial and transaction data you enter or upload to run analyses.
We also record product usage as feature-level events (for example that a solution was launched, computed or exported — never the contents of your analyses, and without IP addresses) solely to operate and improve the Service; we use no third-party analytics.
3. Why we use it (legal bases)
- To provide the Service (performance of a contract).
- To secure the Service and keep audit records (legitimate interests / legal obligation).
- To communicate with you about your account (performance of a contract).
4. Sharing
We do not sell personal data. We share it only with service providers who help us run Vela (e.g. hosting, email delivery, error monitoring) under appropriate contractual safeguards, and where required by law.
5. International transfers and hosting
We aim to host data within the EU/EEA. Where any transfer outside the EEA occurs, we rely on appropriate safeguards such as Standard Contractual Clauses.
6. Retention
We keep account and content data for as long as your account is active and as needed to provide the Service. Audit records may be retained longer where required for security, accounting or legal reasons. You can request erasure (see below).
7. Your rights
Subject to applicable law, you may request access to, correction of, export of, or erasure of your personal data, and object to or restrict certain processing. Vela includes user- and organisation-level data-erasure tooling to support these requests. To exercise your rights, email privacy@vela-analytics.com.
8. Security
We use technical and organisational measures including encryption in transit, access controls, tenant isolation and an append-only audit log. No system is perfectly secure, but we work to protect your data and to respond promptly to incidents.
9. Cookies
See our Cookie Policy.
10. Contact
Privacy questions or requests: privacy@vela-analytics.com.