Legal document
Version 3.2
Privacy policy
We take your privacy seriously. This policy explains what data we collect, why we collect it, how we use it, and the choices you have. We've written it in plain language, no legalese.
Overview
Veltio Technologies, Inc. ("Veltio", "we", "our", or "us") operates the Veltio platform a business operations and intelligence software service available at veltio.io and via our mobile and desktop applications. This Privacy Policy applies to all personal data we collect and process in connection with our products and services.
We believe privacy is a right, not a feature. We collect only what we need, we protect it with industry-leading security practices, and we give you meaningful control over your data at every step. We do not sell your personal data to third parties. We never have, and we never will.
By using Veltio, you agree to the collection and use of information in accordance with this policy. If you are accessing Veltio on behalf of an organisation, you represent that you have the authority to bind that organisation to these terms.
Key facts at a glance
We collect data to operate and improve our service. We do not sell your data. You can export, correct, or delete your data at any time. We are GDPR and CCPA compliant. Our DPO can be reached at privacy@nexus.io.
Information we collect
We collect information in three ways: information you provide directly, information collected automatically when you use our services, and information we receive from third parties.
Information you provide directly
Account information: Your name, email address, password, profile photo, job title, and company name when you register for or update a Veltio account.
Payment information: Billing address, credit or debit card details, and transaction history when you subscribe to a paid plan. Payment card data is handled by our PCI-DSS certified payment processor and never stored on Veltio servers.
Communications: Any messages, emails, or feedback you send us, including support requests and survey responses.
Content and workspace data: Tasks, projects, automations, integrations, and any other content you create, upload, or import into Veltio.
Team and member information: Names and email addresses of colleagues you invite to your workspace.
Information collected automatically
Usage data: features accessed, pages visited, actions taken, time spent, and interaction patterns within the Veltio platform.
Device and technical data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
Log data: server logs including error reports, access timestamps, and API request details.
Performance data: load times, crash reports, and diagnostic information used to maintain service reliability.
Location data: country and region inferred from your IP address. We do not collect precise GPS location.
Information from third parties
Integration data: when you connect third-party services (Salesforce, Slack, Stripe, GitHub, etc.) to Veltio, we receive data from those services as authorised by you during the connection process.
Single Sign-On (SSO): if you sign in via Google, Microsoft, or another identity provider, we receive profile information from that provider in accordance with your settings there.
Analytics partners: aggregated, anonymised analytics data from our analytics providers to help us understand product usage patterns.
How we use your data
We use the information we collect for the following purposes:
Purpose
Providing the service
Account management
Customer support
Product improvement
Security & fraud prevention
Marketing communications
Legal compliance
Examples
Running your workspace, processing automations, syncing integrations, generating reports
Creating and managing your account, verifying identity, processing payments, sending receipts
Responding to support tickets, diagnosing issues, providing technical assistance
Analysing usage patterns, testing new features, fixing bugs, improving performance
Detecting abuse, preventing unauthorised access, monitoring for security threats
Sending product updates, newsletters, and promotional offers (opt-out available anytime)
Meeting legal obligations, responding to lawful government requests, enforcing our terms
We do not use your workspace content (tasks, projects, documents, or integration data) for training AI or machine learning models without your explicit consent. Our AI features operate on your data to serve you, not to build models from it
How long we keep your data
We retain your personal data for as long as necessary to provide our services and fulfil the purposes described in this policy, subject to legal obligations to retain data for longer periods.
Active accounts: Your data is retained for the lifetime of your account and for 30 days after account closure, during which you can export or request deletion.
Deleted workspace data: When you delete workspace content (tasks, projects, automations), it is permanently deleted from our systems within 30 days, except where required for legal or security purposes.
Account closure: Upon account closure, we retain minimal account information (name, email, and billing records) for 7 years to comply with financial record-keeping obligations, after which it is permanently deleted.
Backup copies: Deleted data may persist in encrypted backups for up to 90 days before being permanently purged from all backup systems.
Support communications: Support tickets and communications are retained for 3 years to assist with ongoing support quality and dispute resolution.
Security logs: Security and access logs are retained for 12 months to support fraud detection and incident investigation.
You may request early deletion of your data at any time by contacting hello@veltio.com. We will process your request within 30 days, subject to any legal retention obligations.
Children's privacy
Veltio is a business software platform intended for use by adults in professional contexts. Our services are not directed to individuals under the age of 16 (or the applicable minimum age in your jurisdiction).
We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at hello@veltio.com, and we will take prompt steps to delete the information from our systems.
If we discover that we have inadvertently collected personal data from a child under the applicable age threshold, we will delete such information from our systems as quickly as possible.
Privacy updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of material changes through one or more of the following methods:
Email notification sent to the address associated with your account, at least 30 days before the change takes effect.
In-product notification displayed prominently within the Veltio platform.
A notice posted prominently on our website at veltio.com/privacy.
We encourage you to review this policy periodically to stay informed about how we protect your data. The "Last updated" date at the top of this page indicates when this policy was most recently revised.
Your continued use of Nexus after the effective date of any updated policy constitutes your acceptance of the revised terms. If you do not agree to the updated policy, you should discontinue use of our services and contact us to close your account.
Previous versions of this Privacy Policy are available upon request by contacting privacy@veltio.com
Contact our privacy team
If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us. We respond to all privacy inquiries within 2 business days. 🔐
If you are located in the European Economic Area and are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu. For UK residents, the relevant authority is the Information Commissioner's Office (ICO) at ico.org.uk.