Legal
Privacy
Our externally-published privacy policy is being finalized with counsel. Below is what we can share today; the full current draft is available on request.
What we can tell you today
- We collect only what's needed to operate Atlas: account info, agency and client records you enter, product-usage analytics, and security logs.
- We do not sell personal data and we do not use customer data to train third-party AI models.
- Customer data is confined to US regions across all subprocessors.
- Subject access, rectification, and deletion requests are honored within 30 days.
- Security controls: encryption at rest (AES-256), TLS 1.3 in transit, SOC 2 Type II audited, HIPAA-ready with BAA.
Final policy targeted Q2 2026. Customers with active contracts receive the current draft directly from their account manager.
For the current draft or to start a review
privacy@velora.com