Privacy Policy

Last Updated: [21/10/2025]

Website: https://veloryai.com/

1. Introduction

This Privacy Policy describes how VeloryAI (“we”, “our”, or “us”) collects, uses, and protects personal data in connection with our AI automation services, including AI agents for communication, scheduling, review management, lead reactivation, and related business solutions.

Until formal company registration is completed, VeloryAI is a trading name operated by Miguel Baía, based in Portugal, who acts as the Data Controller for all personal data processed under this policy.

VeloryAI is committed to safeguarding personal data in compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act (“CCPA”), and applicable laws.

By using our services, you acknowledge and agree to the terms of this Privacy Policy.

2. Data Controller Contact

Data Controller: Miguel Baía (operating as VeloryAI)
Email (General Contact): [email protected]
Email (Privacy Requests): [email protected]
Jurisdiction: Portugal (European Union)

3. Information We Collect

VeloryAI may collect the following categories of personal data:

Category Examples User Inputs & Conversation Data Messages submitted to AI agents, chatbot interactions, call transcripts Contact Information Name, email, phone number Account & Billing Info Payment details (processed through third-party providers) Technical Data Cookies, device data, browser type, IP address Service Usage Data Logs, timestamps, communication metadata

4. How We Use Personal Data

Personal data is processed solely for the following purposes:

To deliver and operate AI automation services

To respond to customer support requests

To improve system performance and service quality

To perform billing and payment processing

To comply with legal and regulatory obligations

For marketing communications (only with consent)

Personal data is NOT used to train AI models.
Our AI systems may process the data to generate responses, but personal data is not stored or reused beyond service delivery.

5. Legal Basis for Processing (GDPR)

We rely on the following legal bases under GDPR:

Legal Basis Purpose Contractual Necessity Providing and maintaining our services Legitimate Interest Improving functionality, preventing abuse Consent Marketing communications and cookie storage Legal Obligation Compliance with applicable laws

6. Automated Processing and AI

VeloryAI uses automated systems and AI models to handle communications, schedule appointments, send notifications, and process user inputs.

However:

No automated processing produces legal or similarly significant effects on individuals.

Users can request human review of automated interactions at any time.

Personal data processed by AI is not used for model training.

7. Third-Party Service Providers

We share data only with trusted third-party processors necessary to provide our services, including:

GoHighLevel (CRM & communication workflows)

OpenAI / Grok (AI model processing)

Twilio (SMS/voice communication infrastructure)

Make.com (automation workflows and integrations)

These providers may process limited personal data strictly under our instructions. We do not sell personal data to third parties.

8. Cookies and Analytics

Our website may use cookies and analytics tools to improve user experience, monitor performance, and enhance security. Users may disable cookies through their browser settings.

9. International Transfers

VeloryAI does not intentionally transfer personal data outside the EU. If a future transfer becomes necessary, we will implement GDPR-compliant safeguards, such as Standard Contractual Clauses (SCCs).

10. Data Retention

We retain personal data only for as long as necessary to provide our services, or until a user requests deletion. After that, data is securely erased.

11. User Rights

Under GDPR, users have the right to:

Access their personal data

Request correction or deletion

Object to processing or request restriction

Opt-out of marketing

Request data portability

Withdraw consent at any time

To exercise these rights, contact: [email protected]

12. Security Measures

We implement industry-standard security measures, including:

Data encryption in transit and at rest

Access controls and authentication safeguards

Secure servers and encrypted communication channels

No system is 100% secure, but we maintain reasonable and appropriate protections.

13. Children’s Privacy

VeloryAI does not knowingly collect personal data from individuals under the age of 16. If such data is discovered, it will be deleted promptly.

14. Changes to This Policy

We may update this Privacy Policy as necessary. The latest revision date will always appear at the top of this page. Continued use of our services constitutes acceptance of the updated policy.

15. Contact for Privacy Concerns

If you have questions, requests, or complaints, please contact:

Email: [email protected]
Jurisdiction: Portugal (EU)