Privacy Policy

Effective date: 14 June 2026

Velindor is a net worth tracker and scenario engine. It is not live yet. Today this site does two things: it lets you join a launch list, and it lets you optionally reserve a founding seat. This policy explains what data that involves, where it goes, and how to get it removed.

1. Who we are

Velindor ("we", "us") is operated by Cove Innovations, s.r.o. For any privacy-related question, including a request to see or delete your data, contact us at hello@velindor.com.

2. What data we collect

At this pre-launch stage we collect only what the two steps above require:

• Subscription email address, if you join the launch list through a form on the site. We collect your email address and, briefly via our email provider, your IP address for spam-prevention purposes.
• Payment record, if you reserve a founding seat. Your card details are entered on Stripe, not on this site, so we never see or store them. From Stripe we receive a record that a payment happened: your email, the amount, and a reference that ties the payment back to the launch list.
• Aggregate visit data, through privacy-friendly analytics (see Section 4).

We do not collect or store:

• Bank or broker connections, account-aggregator data, or API keys. Not now, and not in the product.
• Financial statements, uploads, or screenshots.
• Cookies on site visitors. The velindor.com site sets no cookies of its own.
• Any personal information not listed above.

When the product itself ships, the balances you track will live in your browser by default, with encrypted sync on EU servers only if you choose it. Prices and currency rates flow in from public sources; your numbers do not flow out.

3. How we use your data

We use your email to send you updates about Velindor, including launch news, product news, and progress on what we are building, and for nothing else. We use the payment record to fulfil your founding seat and to meet our accounting duties. We do not sell your data, share it with third parties for marketing, or use it to train machine learning models. Our legal basis for processing your email is your consent, given by submitting a form and confirming it via the opt-in email. Every email we send includes a one-click unsubscribe link.

4. Where your data is stored and who processes it

We use a small number of third parties to run the basics. Each one only sees what it needs:

• Kit (operated by ConvertKit, Inc., headquartered in the United States) stores the launch list and sends our emails. When you subscribe, your email address and the metadata of your interaction (subscribed-at and confirmed-at timestamps, and any applied tags) are transmitted to and stored by Kit. We rely on Standard Contractual Clauses for the transfer to the United States.
• Stripe processes payments and holds your card details under its own privacy terms. Stripe is headquartered in the United States; we rely on Standard Contractual Clauses for any transfer outside the European Union.
• GoatCounter records page-view counts, the country a visit came from, the referrer URL, and basic browser and screen information. It sets no cookies, does not store IP addresses (the IP is used briefly for country lookup and discarded), and does not track visitors across sessions or sites.
• GitHub Pages hosts and serves this site.

5. How long we keep your data

We keep your subscription email until you unsubscribe or ask us to delete it. We keep payment records for as long as tax and accounting law requires. You may request permanent deletion of any record we hold about you at any time by emailing hello@velindor.com.

6. Your rights

If you are in the European Economic Area, the United Kingdom, or a jurisdiction with similar laws, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Object to or restrict processing.
• Request data portability.
• Withdraw consent at any time, including via the unsubscribe link in any email.
• Lodge a complaint with your local data protection authority.

We will act on any request within 30 days.

7. Security

We protect your data with industry-standard practices: TLS for all network traffic, access controls on the services that hold your email and payment records, and principle-of-least-privilege across the third parties listed above.

8. Changes to this policy

We may update this policy from time to time. When we do, we will update the "Effective date" above and, for material changes, notify the launch list by email or by a notice on this page.

9. Contact

For any question about this policy or your data, email hello@velindor.com.