Privacy Policy

What we collect

• Email address (for account identification and communication)
• Password (stored only as a one-way hash — we never store your password in plain text)
• Prompts you save (title, content, tags)
• Session cookie issued when you sign in (NextAuth.js)
• Account metadata such as plan tier, email verification status, and timestamps

How we use your data

We use this information only to operate Vellio: to authenticate you, store and display your prompts, send transactional emails (such as verification and password reset) via Resend, and enforce fair use and security. We do not sell your data, use it for advertising profiling, or share it with third parties for their marketing.

Third-party processors

We rely on the following services to run the product:

• Neon — PostgreSQL hosting for your account and prompts
• Resend — transactional email delivery
• Vercel — application hosting and delivery
• Upstash Redis — rate limiting to protect against abuse

Each processor receives only what is needed to provide the service (for example, your email address for mail delivery).

Data retention & deletion

We keep your data for as long as your account is active. You can delete your account and all associated prompts at any time from the dashboard (Account settings). After deletion, your user record and prompts are removed from our database. You may also contact us to request deletion or to exercise your rights below.

Your rights

Depending on where you live, you may have the right to access, correct, or delete your personal data, or to object to or restrict certain processing. To exercise these rights, contact us at the email below. We will respond within a reasonable time.

Contact

For privacy questions or requests: jameshutson68@gmail.com