Privacy Policy

Effective date:

This Privacy Policy describes what data Variel collects, why we collect it, and your rights over it. Every claim below is grounded in the actual code — we do not claim to do things we do not do. This is a draft pending legal review — not yet binding.

What we collect and why

We collect only what is needed to provide the service:

- Your Clerk user id — the primary identifier across your account, projects, and brand data. Set by Clerk on sign-up. - Project and brand data you create — stored in Postgres via our data access layer. Includes positioning input, generated brand objects, and scan results. - First-party telemetry events — action names (e.g. brand_generated, checkout_started), the surface they occurred on, and your Clerk user id. No IP address, no user-agent string, no referrer, no device fingerprint is stored in telemetry. Anonymous telemetry rows carry no user identifier.

We do not collect IP addresses or user-agent strings beyond what Clerk records for its own auth session. We do not build behavioural profiles. We do not fingerprint devices.

Cookies

Variel uses exactly two cookies:

1. Clerk session cookies (__session, __client_uat, and related Clerk-managed names) — essential cookies required to authenticate you and provide the service. Set by the Clerk SDK and middleware, not by application code.

2. vrl_anon — a functional, first-party cookie. Set only when you use the free generation limit. Contains an HMAC-signed random opaque 16-byte identifier: no name, no email, no IP, no device fingerprint. Used exclusively to enforce the daily free-tier generation cap. httpOnly, SameSite=Lax, Secure in production.

No analytics cookie. No advertising cookie. No cross-site tracking cookie. No third-party cookie set by Variel application code.

Re-open invariant: if any future change adds a non-essential or tracking cookie, the no-consent-banner decision is void and a consent mechanism becomes a required new ticket before deployment.

Third parties and processors

We share data with the following processors only to the extent necessary to provide the service:

- Clerk (auth.com) — authentication and session management. Your email and Clerk user id are held by Clerk under their privacy policy. - Stripe (via Clerk Billing) — payment processing for paid plans. Billing is processed by Stripe; Variel does not store card data. - Anthropic — AI model inference. Your positioning input and brand generation requests are processed by Anthropic models. Anthropic's data use is governed by their API terms. - Sentry — error monitoring, when enabled in the deployment environment. Error reports may include stack traces and the Clerk user id of the authenticated user at the time of the error.

We do not sell your personal data. We do not share your data with advertisers. We do not use your data to train models.

Your rights

You have the right to access, export, and delete your data.

- Export (portability): while signed in, you can download a JSON archive of all your project and brand data. The export endpoint requires an active session. - Deletion (erasure): deleting your account via your Clerk user profile triggers a hard-delete cascade that removes your personal projects, brand objects, scans, token proposals, generation jobs, and telemetry events from our database in a single transaction. This is a permanent hard-delete, not a soft-delete or anonymisation.

Important caveat: data belonging to an organisation (projects and brand objects where your org is the owner, not your personal account) is not deleted when you delete your personal account. Org-owned data is governed by the org and is out of scope for personal account erasure. Contact your org administrator or us at the address below if you need org data removed.

Anonymous telemetry rows (where no user id is recorded) carry no personal identifier and are not within scope of a personal data deletion request.

Data retention

Your data is retained while your account is active. On account deletion, personal data is permanently removed via the hard-delete cascade described above — not archived, not anonymised. Stripe and Clerk retain billing and auth records per their own policies.

We do not sell personal data

We do not sell, rent, or trade your personal data to third parties for their own marketing or advertising purposes. This applies to both individual and aggregated data.

Contact

Privacy questions, data access requests, and deletion requests outside the automated flow: privacy@variel.ai