Privacy Policy

Effective date: April 1, 2026

1. Introduction

Veevo is operated by Kotsas ("Company", "we", "us", or "our"), a company registered in the Netherlands. We operate getveevo.com and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. If you disagree with this policy, please discontinue use of the Service. For questions, contact us at hello@getveevo.com.

2. Information We Collect

We collect the following categories of information:

  • Account information — name, email address, and profile data collected via Clerk during sign-up and sign-in
  • Billing information — payment method details and subscription status processed by Stripe; we do not store raw card numbers
  • Usage data — page views, feature interactions, and performance metrics collected via Vercel Analytics and Speed Insights
  • Content data — brand kits (colors, fonts, logos), charts, reports, and API keys that you create and store in the Service
  • Technical data — IP address, browser type, device information, and log data collected automatically when you access the Service

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the Service
  • Process payments and manage your subscription
  • Send transactional emails (account confirmation, billing receipts, security alerts)
  • Analyze usage patterns to improve product features and performance
  • Detect, prevent, and respond to fraud or security threats
  • Comply with legal obligations and enforce our Terms of Service

We do not sell your personal data to third parties.

4. Third-Party Service Providers

We share data with the following sub-processors to deliver the Service:

  • Clerk — identity and authentication management (stores email, name, session data)
  • Stripe — payment processing and subscription management
  • Neon — serverless PostgreSQL database hosting (stores your account and content data)
  • Upstash — Redis caching for rate limiting and session data
  • Railway — cloud hosting for the MCP server
  • Vercel — web hosting, edge network, and analytics for the web application
  • Sentry — error monitoring and crash reporting (collects stack traces and session context on errors)

Each provider has its own privacy policy and data processing agreement. We only share the minimum data necessary for each provider to perform their service.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account termination, we retain your data for 30 days to allow for re-activation or export, after which it is deleted. Billing records may be retained longer where required by applicable law (typically 7 years for tax purposes). Aggregated, anonymized analytics data may be retained indefinitely.

6. Your Rights

As we are based in the Netherlands, our data processing is subject to the EU General Data Protection Regulation (GDPR). You have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure (GDPR Art. 17) — request deletion of your personal data
  • Portability — receive your data in a structured, machine-readable format
  • Opt-out of sale (CCPA) — we do not sell personal data, so this right is satisfied by default
  • Objection — object to processing of your data for direct marketing purposes

To exercise these rights, email us at hello@getveevo.com. We will respond within 30 days as required by GDPR. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

7. Cookies

We use cookies and similar tracking technologies to operate the Service. This includes:

  • Essential cookies — required for authentication sessions (managed by Clerk)
  • Analytics — Vercel Analytics uses privacy-friendly, cookieless analytics by default

You can control cookie behavior through your browser settings. Disabling essential cookies will prevent you from signing in.

8. Data Security

We implement industry-standard security measures including TLS encryption in transit, encrypted storage at rest, strict access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials.

9. Children's Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately at hello@getveevo.com and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice in the Service at least 14 days before changes take effect. The "Effective date" at the top of this page indicates when the policy was last revised.

11. Contact

For privacy-related requests or questions, contact us at: hello@getveevo.com