Privacy Policy

We collect information necessary to provide and improve our Service. The categories include:

1.1 Information you provide directly

• Contact information: name, company name, email address, phone number, and similar identifiers.
• Business information: details about your business processes, workflows, documents, and data.
• Communications: correspondence, support requests, and feedback.
• Account credentials: login information for accounts on our platform.

1.2 Information collected automatically

• Usage data: pages visited, features used, actions performed, session duration.
• Device and connection data: IP address, browser type, operating system, device identifiers.
• Cookies and similar technologies.

1.3 Information from third parties

When you authorize integrations (such as Google Workspace), we receive information from those services according to the permissions you grant.

We use the information we collect for the following purposes:

• Providing, operating, and maintaining the Service.
• Processing your requests and automating business processes.
• Communicating with you about the Service.
• Improving the Service and developing new features.
• Ensuring security and preventing fraud.
• Complying with legal obligations.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

• Performance of a contract: when processing is necessary to provide the Service.
• Legitimate interests: where we have a legitimate business interest.
• Consent: where you have given us specific consent.
• Legal obligation: where we are required to process data to comply with law.

We do not sell your personal data. We share information only in the following circumstances:

• Service providers: with trusted third parties who help us operate the Service.
• Integrations: with services you explicitly authorize.
• Legal requirements: when required by law or governmental authority.
• Business transfers: in connection with a merger, acquisition, or sale of assets.
• With your consent: in other cases where you have given explicit permission.

Our infrastructure is hosted within the European Union. We use third-party providers, including Supabase, Vercel, and Railway.

For users outside the EEA, your data may be transferred to and processed in countries other than your own. When we transfer personal data from the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

AI-related processing involves enterprise agreements with zero data retention provisions.

We retain personal data for as long as necessary to provide the Service and fulfill the purposes described in this Policy.

When you terminate your account or cease using the Service, we retain your data for a maximum of 30 days, after which it is deleted from our active systems.

We use cookies and similar technologies to operate the Service, remember your preferences, analyze usage, and improve performance. You can control cookies through your browser settings.

We use a privacy-friendly analytics tool that does not require cookies for tracking and does not collect personal identifiers.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of access to your data.
• Right to rectification of inaccurate data.
• Right to erasure of your data.
• Right to restrict processing.
• Right to data portability.
• Right to object to processing.
• Right to withdraw consent.
• Right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us at hi@vairelix.com. We will respond within 30 days.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of the sale of personal information. We do not sell personal information.

The Service is intended for business use and is not directed to individuals under the age of 16. We do not knowingly collect personal data from children.

We implement reasonable technical and organizational measures designed to protect personal data, including encryption in transit and at rest, access controls, and regular security reviews.

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date and, where appropriate, by providing additional notice. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

VAIRELIX

Warsaw, Poland

Email: hi@vairelix.com