Privacy Policy

1. Introduction

Vela Cloud Ltd, operating as AlliancesAdvisor ("we," "us," or "our"), is committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the rights available to you.

This policy applies to all users of the Vela platform, visitors to our website at usevela.io, and anyone who contacts us for support. By using our services, you agree to the practices described in this policy.

You must be at least 18 years old to use Vela. We do not knowingly collect personal data from anyone under the age of 18.

2. Data Controller and Processor

Vela Cloud Ltd acts as a data controller for account registration data (your name, email, and billing information). For data you upload or sync into the platform from your own CRM systems — such as customer records, opportunity data, and contact information — Vela Cloud Ltd acts as a data processor on your behalf. In this capacity, we process that data solely according to your instructions and our Data Processing Agreement.

3. Information We Collect

Account information: When you register, we collect your name, email address, and organisation name via our identity and authentication provider.

Billing information: Payment details (card number, billing address) are collected and stored directly by our payment processor. We do not store full card numbers or CVV codes on our systems.

CRM and pipeline data: When you connect a CRM integration, your platform authorises read/write access on your behalf. OAuth tokens are encrypted before storage. We access only the data scopes you explicitly authorise.

AI conversation history: Conversations you have with the in-platform AI Assistant are stored on our servers to enable conversation continuity. You may delete individual conversations at any time from within the platform.

Support conversations: If you contact us via our support chat widget, those conversations are stored by our support chat provider and may be reviewed by our team to resolve your query.

Usage data: We collect anonymised data about features accessed, pages visited, and actions taken. This data cannot identify you individually and is used solely to improve the platform.

4. How We Use Your Information

• Providing, maintaining, and improving the Vela platform
• Authenticating your identity and managing your account
• Processing subscription payments and sending billing-related notices
• Sending transactional notifications (funding expiration alerts, sync status)
• Responding to support requests and resolving technical issues
• Generating anonymised, aggregated analytics to improve product features
• Complying with applicable laws and legal obligations

We do not sell, rent, or trade your personal information to any third party for marketing purposes.

5. Sub-Processors and Third Parties

We engage trusted third-party service providers to operate the platform. Each is contractually bound to handle your data securely and only for the purpose stated:

• Identity and authentication provider — manages user login, session tokens, and MFA
• Cloud infrastructure provider — hosts all platform data and compute. Holds SOC 2 Type II and ISO 27001 certifications
• Payment processor — handles all billing and subscription management. We share only what is required to process your subscription
• AI service provider — powers the AI Assistant feature. Data submitted to AI features is not used to train third-party models and is not retained by the provider beyond the immediate request
• Customer support chat provider — stores support conversations initiated via the chat widget on our website

We do not share your data with any other third parties except where required by law.

6. Data Retention

We retain your account data for as long as your subscription is active. AI conversation history is retained until you delete it or your account is closed. If you cancel your subscription or request account deletion, your personal data is permanently removed from our systems within 30 days, except where a longer retention period is required by law (e.g. financial records required for tax compliance).

In the event of a corporate transaction such as a merger, acquisition, or asset sale, your data may be transferred to the successor entity. We will provide notice before your data becomes subject to a different privacy policy.

7. Data Security

We implement industry-standard technical and organisational measures to protect your data. All data is encrypted in transit and at rest. Access to production systems is restricted to authorised personnel only. However, no system is completely immune to risk. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

8. Cookies

We use only session cookies that are strictly necessary for authentication and platform functionality. We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies. For full details, see our Cookie Policy.

9. Your Rights — GDPR (EEA and UK Users)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under applicable data protection law:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Portability: Receive your data in a structured, machine-readable format
• Restriction: Request that we limit how we process your data
• Objection: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent, withdraw it at any time

To exercise any of these rights, email privacy@usevela.io. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10. Your Rights — CCPA (California Residents)

California residents have the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information. To submit a request, email privacy@usevela.io. We will not discriminate against you for exercising your CCPA rights.

11. Marketing Communications

We may send you product updates and feature announcements by email. You can unsubscribe at any time by clicking the unsubscribe link in any email or by contacting privacy@usevela.io. Transactional emails (billing notices, security alerts) cannot be opted out of while your account is active.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via an in-platform notice at least 14 days before the change takes effect. Your continued use of the platform after the effective date constitutes acceptance of the updated policy.

13. Contact

For privacy-related questions or to exercise your rights:

Vela Cloud Ltd, operating as AlliancesAdvisor
Email: privacy@usevela.io