Privacy Policy
1. Introduction
1. Introduction
Velyana (“we”, “our”, or “us”) is committed to protecting the privacy and security of personal data. This Privacy Policy describes how we collect, use, disclose, and safeguard information in connection with our website, platform, and services.
Velyana (“we”, “our”, or “us”) is committed to protecting the privacy and security of personal data. This Privacy Policy describes how we collect, use, disclose, and safeguard information in connection with our website, platform, and services.
This policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“PDPL”).
This policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (“PDPL”).
2. Data Controller
2. Data Controller
Velyana is the Data Controller for personal data collected through its website and services.
Contact Details:
Email: support@velyana.com
Location: Dubai, United Arab Emirates
Velyana is the Data Controller for personal data collected through its website and services.
Contact Details:
Email: support@velyana.com
Location: Dubai, United Arab Emirates
3. Categories of Data Collected
3. Categories of Data Collected
We collect only the data necessary to provide and improve our services.
3.1. Personal Data
Name
Business email address
Phone number
Company name
Job title
3.2. Technical and Usage Data
IP address
Browser type and version
Device identifiers
Access logs and timestamps
Interaction and usage patterns
3.3. Service and Security Data
Where applicable, we may process data related to interactions with AI systems, including prompts and responses, solely for:
security monitoring
threat detection
compliance enforcement
Such data is processed in accordance with strict access controls and security measures.
We collect only the data necessary to provide and improve our services.
3.1. Personal Data
Name
Business email address
Phone number
Company name
Job title
3.2. Technical and Usage Data
IP address
Browser type and version
Device identifiers
Access logs and timestamps
Interaction and usage patterns
3.3. Service and Security Data
Where applicable, we may process data related to interactions with AI systems, including prompts and responses, solely for:
security monitoring
threat detection
compliance enforcement
Such data is processed in accordance with strict access controls and security measures.
We collect only the data necessary to provide and improve our services.
3.1. Personal Data
Name
Business email address
Phone number
Company name
Job title
3.2. Technical and Usage Data
IP address
Browser type and version
Device identifiers
Access logs and timestamps
Interaction and usage patterns
3.3. Service and Security Data
Where applicable, we may process data related to interactions with AI systems, including prompts and responses, solely for:
security monitoring
threat detection
compliance enforcement
Such data is processed in accordance with strict access controls and security measures.
4. Legal Basis for Processing
4. Legal Basis for Processing
We process personal data on the following legal grounds:
Consent — where you have provided explicit consent
Security & Fraud Prevention: To detect, investigate, and mitigate security threats, fraud, and unauthorized access.
Contractual necessity — where processing is required to provide services
Legitimate interests — including system security, fraud prevention, and service improvement
Legal obligations — where required by applicable law
We process personal data on the following legal grounds:
Security & Fraud Prevention: To detect, investigate, and mitigate security threats, fraud, and unauthorized access.
Compliance Monitoring: To enforce content moderation policies, restricted topic rules, and ensure adherence to organizational guidelines.
User Authentication & Access Control: To allow secure login, Single Sign-On (SSO), and role-based access controls.
Subscription & Billing Management: To process payments, issue invoices, manage SEU usage, and notify users of billing updates.
Analytics & Reporting: To provide enterprises with insights into user activity, security trends, and flagged interactions.
User Support & Communication: To respond to inquiries, provide technical support, and notify users of policy or service changes.
5. Purpose of Processing
5. Purpose of Processing
Personal data is processed strictly for legitimate business purposes, including:
Provision and operation of services
Monitoring and securing systems and infrastructure
Detection and prevention of unauthorized or malicious activity
Customer support and communication
Compliance with legal and regulatory requirements
We do not process personal data for purposes incompatible with those listed above.
Personal data is processed strictly for legitimate business purposes, including:
Provision and operation of services
Monitoring and securing systems and infrastructure
Detection and prevention of unauthorized or malicious activity
Customer support and communication
Compliance with legal and regulatory requirements
We do not process personal data for purposes incompatible with those listed above.
6. Data Sharing and Disclosure
6. Data Sharing and Disclosure
We do not sell or rent personal data.
Data may be disclosed only where necessary and under appropriate safeguards:
To authorized service providers acting on our behalf
To comply with legal or regulatory obligations
To protect the rights, property, or safety of Velyana, its users, or third parties
All third-party processors are bound by confidentiality and data protection obligations.
We do not sell or rent personal data.
Data may be disclosed only where necessary and under appropriate safeguards:
To authorized service providers acting on our behalf
To comply with legal or regulatory obligations
To protect the rights, property, or safety of Velyana, its users, or third parties
All third-party processors are bound by confidentiality and data protection obligations.
7. International Data Transfers
7. International Data Transfers
Where personal data is transferred outside the European Economic Area or the UAE, we ensure that appropriate safeguards are in place, including:
Standard contractual clauses
Adequacy decisions (where applicable)
Equivalent security and privacy protections
Where personal data is transferred outside the European Economic Area or the UAE, we ensure that appropriate safeguards are in place, including:
Standard contractual clauses
Adequacy decisions (where applicable)
Equivalent security and privacy protections
8. Data Retention
8. Data Retention
Personal data is retained only for as long as necessary to:
Fulfill the purposes outlined in this policy
Comply with legal and regulatory obligations
Resolve disputes and enforce agreements
Data that is no longer required is securely deleted or anonymized.
Personal data is retained only for as long as necessary to:
Fulfill the purposes outlined in this policy
Comply with legal and regulatory obligations
Resolve disputes and enforce agreements
Data that is no longer required is securely deleted or anonymized.
9. Data Subject Rights
9. Data Subject Rights
Subject to applicable law, individuals have the right to:
Access personal data
Request correction of inaccurate data
Request erasure of personal data
Restrict or object to processing
Withdraw consent at any time
Request data portability (where applicable)
Requests may be submitted to:
support@velyana.com
We will respond within the timeframes required by applicable law.
Subject to applicable law, individuals have the right to:
Access personal data
Request correction of inaccurate data
Request erasure of personal data
Restrict or object to processing
Withdraw consent at any time
Request data portability (where applicable)
Requests may be submitted to:
support@velyana.com
We will respond within the timeframes required by applicable law.
10. Data Security
10. Data Security
We implement appropriate technical and organizational measures to protect personal data, including:
Encryption of data in transit and at rest
Access control mechanisms
Continuous monitoring and threat detection
Security audits and system hardening
While we take reasonable steps to protect data, no system can guarantee absolute security.
We implement appropriate technical and organizational measures to protect personal data, including:
Encryption of data in transit and at rest
Access control mechanisms
Continuous monitoring and threat detection
Security audits and system hardening
While we take reasonable steps to protect data, no system can guarantee absolute security.
11. Cookies and Tracking Technologies
11. Cookies and Tracking Technologies
We use cookies and similar technologies to:
Ensure proper functionality of the website
Analyze usage and performance
Improve user experience
Users may control cookie preferences through browser settings.
We use cookies and similar technologies to:
Ensure proper functionality of the website
Analyze usage and performance
Improve user experience
Users may control cookie preferences through browser settings.
12. Third-Party Services
12. Third-Party Services
Our services may integrate with third-party systems or platforms.
We are not responsible for the privacy practices of such third parties.
Our services may integrate with third-party systems or platforms.
We are not responsible for the privacy practices of such third parties.
13. Children’s Data
13. Children’s Data
Our services are not intended for individuals under the age of 18.
We do not knowingly collect personal data from minors.
Our services are not intended for individuals under the age of 18.
We do not knowingly collect personal data from minors.
14. Updates to this Policy
14. Updates to this Policy
This Privacy Policy may be updated from time to time.
The updated version will be published with a revised effective date.
This Privacy Policy may be updated from time to time.
The updated version will be published with a revised effective date.
15. Contact
15. Contact
For any questions, requests, or concerns regarding this Privacy Policy:
Email: support@velyana.com
Location: Dubai, United Arab Emirates
For any questions, requests, or concerns regarding this Privacy Policy:
Email: support@velyana.com
Location: Dubai, United Arab Emirates
16. AI Data Protection Commitment
16. AI Data Protection Commitment
Velyana maintains strict controls over all data processed within its platform.
Customer data is not used to train public or external AI models
Processing is limited to security, monitoring, and compliance purposes
Access to data is restricted and auditable
Velyana maintains strict controls over all data processed within its platform.
Customer data is not used to train public or external AI models
Processing is limited to security, monitoring, and compliance purposes
Access to data is restricted and auditable