Privacy Policy

Draft — not yet finalized. This document is being reviewed by counsel. The current version is a starting point and may change before launch.

Vela — Privacy Policy

Last updated: [DATE]

Vela ("Vela," "we," "us") is operated by Zephyrshop, L.L.C. This policy explains what we collect, how we use it, and your choices. By using Vela you agree to this policy.

1. Who can use Vela

Vela is only for people 18 and older. We do not knowingly collect data from anyone under 18. If we learn an account belongs to a minor, we delete it.

2. Information we collect

  • Account data: email, password (hashed), and authentication records.
  • Profile data: name/display name, age, gender and orientation, location (city/area), bio and prompt answers, and intent.
  • Photos you upload for your profile.
  • Voice recordings: your ~20-second voice introduction and any voice messages. These are audio recordings of you and may be treated as biometric or sensitive data under some laws. We also create a text transcript of your voice intro to power matching and accessibility.
  • Identity verification data: to confirm you are a real adult, our verification provider processes a government ID and a selfie/liveness check. We receive a pass/fail result and limited metadata; the provider handles the underlying documents and biometric checks.
  • Payment data: handled by Stripe. We do not store your full card number; we keep subscription/credit status and a Stripe customer reference.
  • Usage and device data: app interactions, approximate location/IP, device identifiers, and logs, used for safety, fraud prevention, and product improvement.
  • Communications: messages, mini-game activity, and date plans you create with matches (processed for delivery, safety screening, and the AI features below).

3. How we use your information

  • To create your profile and run matching (Daily Spark and Discover).
  • To power AI features: a matchmaker that suggests compatible people and writes introductions, an optional in-chat coach that suggests message drafts, and automated safety screening of messages. These features use AI providers (see §4).
  • To verify identity and keep the community real and safe.
  • To process subscriptions and Date Credits.
  • To detect, prevent, and respond to scams, abuse, and policy violations, including maintaining safety risk signals and a moderation queue.
  • To send service notifications (new matches, messages, your Daily Spark) per your settings.
  • To comply with law and enforce our Terms.

4. How we share information

We do not sell your personal information. We share it with service providers who process it on our behalf under contract:

  • Supabase — database, authentication, file storage, realtime.
  • Anthropic (Claude) and OpenAI (Whisper) — to generate intros/coach suggestions, transcribe your voice intro, and screen messages for safety.
  • Stripe — payments (and, if used, identity verification).
  • [Verification provider — e.g. Persona / Stripe Identity] — identity checks.
  • Other matched users see your profile, photos, voice intro, and what you choose to share in conversation. We may share limited information with law enforcement when legally required or to protect users from imminent harm.

5. Your choices and rights

Depending on where you live (e.g. California, EU), you may have rights to access, correct, export, or delete your data, and to object to or restrict certain processing.

  • Access/export: request a copy of your data.
  • Delete: delete your account in Settings; we delete or anonymize your data and remove your photos and voice recordings from storage, subject to limited legal/safety retention.
  • Voice/biometric data: [describe consent, how to withdraw, and retention period — counsel to complete per applicable biometric laws].
  • Contact us at info@zephyrshop.online (or [privacy@vela.dating]) to exercise rights.

6. Data retention

We keep data while your account is active and as needed for the purposes above. After deletion we remove or anonymize personal data within [TIMEFRAME], except where law or safety (e.g. records of banned users, fraud, or legal holds) requires longer retention.

7. Security

We use industry-standard measures (encryption in transit, access controls, hashed passwords). No system is perfectly secure; we cannot guarantee absolute security.

8. International users

Vela's pilot is U.S.-based (Austin, TX). If you access Vela from outside the U.S., your data may be processed in the U.S. [Add transfer mechanisms if/when serving EU/UK users.]

9. Changes to this policy

We may update this policy and will post the new date above; material changes will be notified in-app or by email.

10. Contact

Zephyrshop, L.L.C. — info@zephyrshop.online — [mailing address].