Privacy Policy
Data Controller
This privacy policy describes how Velumisphere AB (organisation number 556999-0699), hereinafter referred to as "Velumi", collects and processes personal data in connection with the use of our website and services.
For questions about how we handle your personal data, or to exercise your rights, contact us at [email protected].
What Data We Collect
To provide our services, we collect the following personal data:
- Account data — name and email address provided when you register an account.
- Billing data — payment method details and billing address, processed by our payment provider Stripe. Velumi does not store full card numbers.
- Log data — when you visit our website or use our platform, we automatically collect technical information such as your IP address, browser type, pages visited, and timestamps.
- Support data — messages and information you share when contacting us via our support chat.
How We Use Your Data
We use your personal data to:
- Create and manage your account and projects;
- Process payments and issue invoices;
- Provide technical support;
- Maintain security and prevent abuse;
- Comply with legal obligations.
Cookies
Cookies are small text files stored in your browser. Velumi uses cookies to enable login, remember your preferences, and provide support chat functionality.
You can manage your cookie preferences at any time via the cookie settings on our website. Cookies that are not strictly necessary require your consent before being set.
For a full list of the cookies we use, their purpose, and their duration, see our cookie settings panel.
Third-Party Service Providers
We use carefully selected third-party providers to operate our services. These providers process personal data on our behalf and are contractually obligated to handle it only for the purposes we specify.
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Stripe | Payment processing | stripe.com/privacy |
| Crisp | Customer support chat | crisp.chat/privacy |
| Simple Analytics | Privacy-friendly website analytics | simpleanalytics.com/privacy |
| Cloudflare | Content delivery and DDoS protection | cloudflare.com/privacy |
| Hetzner | Infrastructure and data hosting (EU) | hetzner.com/legal/privacy-policy |
All infrastructure used by Velumi is located within the European Union.
Data Retention
We retain your personal data for as long as necessary to fulfil the purposes described in this policy, or as required by law. You may request deletion of your data at any time; see the section below.
Your Rights
Under the GDPR you have the right to:
- Access the personal data we hold about you;
- Correct inaccurate or incomplete data;
- Delete your data ("right to be forgotten");
- Restrict or object to certain processing;
- Data portability — receive your data in a structured, machine-readable format;
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at [email protected].
If you believe we are not handling your data correctly, you have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) at imy.se.
Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or damage. Authentication sessions are encrypted and transmitted over HTTPS only.
Changes to This Policy
We update this policy as needed. The latest version is always available on this page. The effective date at the top of this page indicates when the current version took effect.