Veylan

Privacy Policy Last updated Sept 25, 2025

This Privacy Policy (“Privacy Policy”) explains our privacy practices for the activities described herein. We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy. Please read this Privacy Policy carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”), and to learn about your rights and choices regarding your Personal Data.  A reference to “we,” “us” or “our” is a reference to Veylan, Inc. (“Veylan”) and its relevant subsidiaries or affiliates.

  1. Processing Activities Covered – This Privacy Policy applies when you visit our website, interact with us through social media, receive communications from us (including email, phone, or text), attend our events, use our software, or engage us to provide services.

Our website, software, and services may contain links to other websites, applications, and services maintained by third parties. The information practices of other services, or of social media platforms that host our branded social media pages, are governed by their Privacy Policies, which you should review to better understand their privacy practices.

  1. Personal Data Collected – The Personal Data we collect may include account information, billing information, contact information and profile information as described below:
    • If you express an interest in obtaining additional information about our software or services; request customer support; use our “Contact Us” or similar features; sign up for and/or attend an event or webinar; download certain content.
    • If you purchase a subscription for our software or register for a webinar or event, we may require that you provide to us your financial and billing information, such as billing name and address, credit card number or bank account information.
    • If you interact with our website or emails, we may automatically collect information about your device and your usage of our website or emails, IP addresses or other identifiers, which may qualify as Personal Data using cookies, web beacons, or similar technologies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. We may use cookies, pixels, SDKs, and similar technologies for analytics, performance, and advertising. Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
    • If you use and interact with our software or services, we may automatically collect certain information about your usage of our services, including: log data such as IP address, browser type and version, operating system, referring/exit pages, and date/time stamps; device information such as device type and settings, operating system, unique device identifiers, and mobile network information; general location information inferred from your IP address or more precise location information if you grant permission to access your device’s location services; and service usage data, some of which may qualify as Personal Data.
    • If you voluntarily submit certain information to our software or services, such as filling out a survey about your user experience, we collect the information you have provided as part of that request.
    • If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy.
  2. If you believe that your Personal Data has been provided to us improperly, or if you want to exercise your rights relating to your Personal Data, please contact us immediately.
  3. Using Personal Data – We may collect and process your Personal Data for the following purposes: providing, maintaining, and improving services; processing transactions including confirmations and invoices; responding to comments, questions and requests and to provide customer service; promoting security; reviewing compliance; handling support and to detect, prevent and address technical issues; providing functionality; managing payments; improving products and developing new features and functionality; managing events; assessing opportunities; sending marketing communications; and complying with legal obligations. Submitted Data and Customer Output are not used to train our proprietary AI models, and AI outputs may require verification.

If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform the services.

  1. Sharing Your Personal Data – While we strive to keep your Personal Data private, we may share your Personal Data as necessary for reasons such as those set forth below:
    • To fulfill the purpose for which you provide it.
    • With our and/or your contracted service providers, who provide services such: as cloud hosting and infrastructure, IT and system administration and hosting, payment processing, research and analytics, data analysis, marketing, customer support and data enrichment for the purposes set forth above and to fulfill any agreements we may have with you.
    • If you use our website to register for an event or webinar organized by us or one of our affiliates, we may share your Personal Data with any event sponsors as well as any affiliate to the extent this is required on the basis of the affiliate’s contract with you to process your registration and ensure your participation in the event.
    • We may share your Personal Data with professional advisors such as lawyers, auditors, accountants and insurers to the extent we are legally obliged to share or have a legitimate need to share the Personal Data.
    • We may share anonymized and aggregated data in the normal course of operating our business; for example, we may share information for industry analysis and research, marketing and advertising, improving the service or developing new products and services. We may also share such information with our subsidiaries and affiliates.
    • If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a business unit, or if all or a portion of our business, assets are acquired by a third party, with such third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
    • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  2. International transfer of Personal Data – We may transfer Personal Data outside your jurisdiction. We rely on safeguards such as the EU–U.S. Data Privacy Framework, the UK Extension (data bridge), and Standard Contractual Clauses with Transfer Impact Assessments.
  3. Personal Data Retention – We may retain your Personal Data for a period of time consistent with the original purpose of collection or as long as required to fulfill our legal obligations and purposes outlined in this policy.

In determining the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and applicable legal requirements.
In addition, consistent with the California Privacy Rights Act (CPRA) and similar state laws, we disclose the following specific retention periods or criteria by category:

  • Account data: Retained for the duration of your account and up to six months after inactivity for non-paying users.
  • Transactional data: Retained for at least seven years to comply with legal and accounting obligations.
  • Marketing data: Retained for three years unless you opt out sooner.
  • Other categories: Retained as long as reasonably necessary to fulfill the purposes for which they were collected, consistent with business needs and legal requirements. When we no longer need to use Personal Data as described in this policy, we will take steps to securely delete it where possible or anonymize it.
  1. Rights Relating to Your Personal Data – Depending on your location, you may have rights to: know and access, delete, correct, opt out of the sale or sharing of personal information, limit the use of sensitive personal information, opt out of targeted advertising or profiling, and appeal denied requests. We will honor recognized universal opt-out mechanisms, including Global Privacy Control. Requests will be handled consistent with applicable law.
  2. Data Security – We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use. However, the safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website.
  3. Changes to this Privacy Policy – We may update this Privacy Policy periodically. The ‘Last Updated’ date reflects the most recent revision. Material changes will be posted conspicuously on our website.
  4. Contact – To exercise your rights regarding your Personal Data, or if you have questions regarding this Privacy Policy or our privacy practices, please email us at privacy@veylan.com.
  5. Children – Our services are not intended for individuals under 18. We do not knowingly collect personal information from minors, and will delete such information if discovered.
  6. Additional Disclosures for U.S. State Residents – If you are a resident of California, Colorado, Connecticut, Delaware, Oregon, Texas, Utah, Virginia, or other states with comprehensive consumer privacy laws, you may have certain rights regarding your personal information. These rights are in addition to the disclosures elsewhere in this Privacy Policy.
  7. Your Rights.

Depending on your state of residence, you may have the following rights:

Right to Know/Access – to request details about the categories and specific pieces of personal information we collect, use, disclose, sell, or share.

Right to Delete – to request that we delete personal information we collected from you, subject to exceptions.

Right to Correct – to request that we correct inaccurate personal information about you.

Right to Opt Out of Sale or Sharing/Targeted Advertising – to opt out of the sale or sharing of personal information and the use of your personal information for targeted advertising or cross-context behavioral advertising.

Right to Limit Sensitive Personal Information / Sensitive Data – if we use sensitive data for purposes beyond those permitted by law. (As noted above, we use sensitive data only for limited purposes such as providing services, security, fraud prevention, and compliance, and therefore generally do not offer a separate right to limit such use except where required by law.)

Right to Appeal – to appeal our denial of a rights request.

Right to Non-Discrimination – you will not be discriminated against for exercising your privacy rights.

  1. How to Exercise Your Rights.
    You may exercise these rights by contacting us at privacy@veylan.com or through our online request form.
    If you are a California resident, you may also use an authorized agent to make a request on your behalf, provided that we can verify the agent’s authority.

    We will respond to verifiable requests within the timeframes required by applicable law.

    We honor recognized universal opt-out mechanisms, such as Global Privacy Control (GPC), where required.

  2. Categories of Personal Information Disclosed.
    We disclose personal information for business purposes, such as with service providers, affiliates, and business partners. We do not sell personal information for direct monetary consideration. However, certain transfers of personal information may be considered a “sale” or “sharing” under applicable state laws. You may opt out of such transfers at any time by using our “Do Not Sell or Share My Personal Information” link or by sending a Global Privacy Control (GPC) signal, which we honor where required by law. Opting out will not affect our ability to provide core services, including authentication, billing, security, or support.
  3. Retention.
    We retain each category of personal information only as long as reasonably necessary for the purposes disclosed, consistent with applicable law. Please see Section 7 (“Personal Data Retention”) above for details.
  4. Shine the Light (California-Specific).
    California residents may also request information under Civil Code § 1798.83 (“Shine the Light”) regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at privacy@veylan.com or by mail at: Veylan, Inc., 315 Main Street, Second Floor, Huntington, NY, 11743.