Privacy Policy

• Account and Contact Data: name, email, phone, role, organization details, and credentials.
• Operational Data: inventory items, recipes/ingredients, vendor records, orders, menu items, pricing, wastage, schedules, attendance logs (non-biometric by default), and related business records you submit.
• Usage Data: log files, device and browser information, IP address, timestamps, feature usage, and diagnostic data.
• Communications: support tickets, emails, calls, and training/implementation notes.
• Marketing Preferences: opt-in/opt-out status for product updates or reminders.

If biometric features are enabled, the Customer is responsible for required notices/explicit consents and compliance with applicable law.

• Provide, operate, and maintain the Services (including implementation, migration, and training).
• Improve and develop features, including analytics, forecasting, and AI-assisted capabilities.
• Secure the Services, prevent fraud/abuse, troubleshoot, and enforce our Terms and AUP.
• Send service messages (billing, security, support).
• Send marketing or reminders where permitted by law and your preferences.
• Create aggregated and anonymized insights for product and business improvement.

Velorithm retains all right, title, and interest in and to any aggregated and anonymized data derived from Customer Data.

Depending on jurisdiction, we process information based on contract necessity (to provide the Services), legitimate interests (security and improvement), consent (where required for marketing), and compliance with legal obligations.

• Service Providers: cloud hosting (e.g., AWS), email and messaging providers, analytics, payment processors, and customer support tools.
• Professional Advisors: auditors, lawyers, accountants, and insurers where necessary.
• Legal: to comply with law, respond to lawful requests, or protect rights and safety.
• Business Transfers: in connection with a merger, acquisition, financing, or sale of assets.

We may process and store data in India, the US, Canada, or other regions where we or our service providers operate. For international transfers, we use safeguards such as standard contractual clauses (or equivalent contractual frameworks) to help ensure data protection across borders.

In the event of a confirmed security incident involving unauthorized access to personal data, we will notify affected customers and/or users within the timelines required by applicable law, unless restricted by law enforcement or legal process.

• Update Account information through the Services or by contacting support.
• Opt out of marketing communications using unsubscribe links or by contacting us.
• Where applicable by law, you may request access, correction, deletion, or portability of personal data.

We may require verification and may deny requests where permitted by law (e.g., legal retention, security, fraud prevention, maintaining backups/archives, exercising legal rights, or resolving disputes).