Privacy Policy
Effective date:
This Privacy Policy describes what data Variel collects, why we collect it, and your rights over it. Every claim below is grounded in the actual code — we do not claim to do things we do not do. This is a draft pending legal review — not yet binding.
What we collect and why
We collect only what is needed to provide the service:
- Your Clerk user id — the primary identifier across your account, projects, and brand data. Set by Clerk on sign-up. - Project and brand data you create — stored in Postgres via our data access layer. Includes positioning input, generated brand objects, and scan results. - First-party telemetry events — action names (e.g. brand_generated, checkout_started), the surface they occurred on, and your Clerk user id. No IP address, no user-agent string, no referrer, no device fingerprint is stored in telemetry. Anonymous telemetry rows carry no user identifier.
We do not collect IP addresses or user-agent strings beyond what Clerk records for its own auth session. We do not build behavioural profiles. We do not fingerprint devices.
Legal basis for processing
We process your data under two bases: contract (processing necessary to deliver the service you signed up for) and legitimate interest (first-party telemetry to understand how the service is used and to detect abuse).
[PLACEHOLDER — counsel to confirm legal-basis framing for each processing activity before this section is binding, particularly for EU/UK GDPR and equivalent regimes.]
Third parties and processors
We share data with the following processors only to the extent necessary to provide the service:
- Clerk (auth.com) — authentication and session management. Your email and Clerk user id are held by Clerk under their privacy policy. - Stripe (via Clerk Billing) — payment processing for paid plans. Billing is processed by Stripe; Variel does not store card data. - Anthropic — AI model inference. Your positioning input and brand generation requests are processed by Anthropic models. Anthropic's data use is governed by their API terms. - Sentry — error monitoring, when enabled in the deployment environment. Error reports may include stack traces and the Clerk user id of the authenticated user at the time of the error.
We do not sell your personal data. We do not share your data with advertisers. We do not use your data to train models.
Your rights
You have the right to access, export, and delete your data.
- Export (portability): while signed in, you can download a JSON archive of all your project and brand data. The export endpoint requires an active session. - Deletion (erasure): deleting your account via your Clerk user profile triggers a hard-delete cascade that removes your personal projects, brand objects, scans, token proposals, generation jobs, and telemetry events from our database in a single transaction. This is a permanent hard-delete, not a soft-delete or anonymisation.
Important caveat: data belonging to an organisation (projects and brand objects where your org is the owner, not your personal account) is not deleted when you delete your personal account. Org-owned data is governed by the org and is out of scope for personal account erasure. Contact your org administrator or us at the address below if you need org data removed.
Anonymous telemetry rows (where no user id is recorded) carry no personal identifier and are not within scope of a personal data deletion request.
Data retention
Your data is retained while your account is active. On account deletion, personal data is permanently removed via the hard-delete cascade described above — not archived, not anonymised. Stripe and Clerk retain billing and auth records per their own policies.
We do not sell personal data
We do not sell, rent, or trade your personal data to third parties for their own marketing or advertising purposes. This applies to both individual and aggregated data.
Contact
Privacy questions, data access requests, and deletion requests outside the automated flow: privacy@variel.ai