⚡ Visual update in progress - our services continue as usual. Expect a fresh look soon.

Vellora

AI Design Studio

Privacy Policy

Last updated: Feb 2026

  1. Overview

This Privacy Policy explains how Vellora (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you visit our website, use our services, or communicate with us. We are committed to protecting your privacy in accordance with the European General Data Protection Regulation (GDPR) and other applicable data protection laws.

By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy.

  1. Data Controller

The data controller responsible for processing your personal data is:

Vellora - AI Design Studio
Email: support@vellora.info

If you have any questions about how we handle your data, please contact us at the email address above.

  1. What Personal Data We Collect

We collect and process the following categories of personal data, depending on how you interact with us:

3.1 When You Visit Our Website

•       Technical data: IP address, browser type, operating system, device information, pages visited, time spent on site, and referring URL. This data is collected automatically by our hosting provider (Framer) for the purpose of delivering and securing the website.
•       Cookies: Our website may use strictly necessary and functional cookies set by our hosting platform. These are required for the website to function properly and do not track you for advertising purposes. See Section 7 for details.

3.2 When You Place An Order

•       Contact information: Your name, email address, company name (if applicable), and any other details you provide in your project briefing.
•       Payment data: Payment processing is handled entirely by Stripe, Inc. We do not store your credit card number, bank details, or other financial information on our servers. Stripe processes your payment data in accordance with PCI DSS standards. Please refer to Stripe’s Privacy Policy (stripe.com/privacy) for details on how they handle your payment information.
•       Project data: Brand guidelines, reference imagery, briefing notes, feedback, and any other materials you share with us during a project.

3.3 When You Contact Us

•       Communication data: Your name, email address, and the content of your messages when you reach out via email or any contact form on our website.

  1. How We Use Your Data

We process your personal data for the following purposes:

•       Service delivery: To fulfil your order, produce your deliverables, manage revisions, and communicate project updates.
•       Payment processing: To process transactions via our payment provider, Stripe.
•       Communication: To respond to your enquiries, provide support, and send project-related updates.
•       Website operation: To ensure the technical functionality, security, and performance of our website.
•       Legal compliance: To comply with legal obligations, including tax and accounting requirements.

We do not use your personal data for automated decision-making or profiling. We do not sell your personal data to third parties. We do not use your data for advertising or marketing purposes unless you have given explicit consent.

  1. Legal Basis for Processing

Under the GDPR, we process your personal data on the following legal bases:

•       Contractual necessity (Art. 6(1)(b) GDPR): Processing your data is necessary to fulfil the service agreement between you and Vellora, including order processing, delivery, and revision management.

•       Legitimate interest (Art. 6(1)(f) GDPR): We have a legitimate interest in operating and securing our website, analysing technical performance data, and improving our services. These interests do not override your fundamental rights and freedoms.

•       Legal obligation (Art. 6(1)(c) GDPR): We are required to retain certain data (e.g. invoices, transaction records) to comply with tax and accounting regulations.

•       Consent (Art. 6(1)(a) GDPR): Where applicable, we may ask for your explicit consent before processing data for specific purposes (e.g. portfolio showcasing of your project). You may withdraw consent at any time.

  1. Third-Party Service Providers

We use a limited number of third-party services to operate our business. These providers may process personal data on our behalf:

6.1 Framer (Website Hosting)

Our website is hosted on Framer (Framer B.V., Netherlands). Framer may collect basic technical and analytics data (IP addresses, page views, device data) to provide hosting services. Framer processes data in accordance with its own privacy policy (framer.com/privacy) and is subject to GDPR as an EU-based company.

6.2 Stripe (Payment Processing)

Payments are processed by Stripe, Inc. (USA) and Stripe Payments Europe, Ltd. (Ireland). Stripe handles all payment data, including card details, in a PCI DSS-compliant environment. We do not have access to your full payment details. Stripe may transfer data to the United States under Standard Contractual Clauses (SCCs) approved by the European Commission. For more information, see stripe.com/privacy.

6.3 Email Provider

We use standard email services to communicate with you. Emails may be processed and stored by our email provider. We do not use email tracking pixels or read-receipt tracking.

We do not share your personal data with any other third parties unless required by law.

  1. Cookies

Our website uses only cookies that are strictly necessary for the website to function or that are set by our hosting platform (Framer) for basic analytics and performance purposes.

We do not use:

•       Advertising or retargeting cookies

•       Social media tracking pixels

•       Third-party analytics tools (such as Google Analytics)

 

If this changes in the future, we will update this policy and implement a cookie consent mechanism before deploying any non-essential cookies.

  1. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:

•       Project data: Retained for 12 months after final delivery to support potential follow-up orders, disputes, or revision requests. After this period, project data is deleted unless you request earlier deletion.
•       Communication data: Retained for 12 months after the last communication, then deleted.
•       Financial records: Invoices and transaction records are retained for up to 10 years as required by tax and accounting regulations.
•       Technical/website data: Automatically purged by our hosting provider in accordance with their retention policies (typically 30–90 days).

  1. Your Rights Under GDPR

As a data subject within the European Economic Area, you have the following rights:

•       Right of access: You may request a copy of all personal data we hold about you.
•       Right to rectification: You may request correction of inaccurate or incomplete personal data.
•       Right to erasure: You may request deletion of your personal data, subject to legal retention obligations.
•       Right to restriction: You may request that we restrict the processing of your personal data in certain circumstances.
•       Right to data portability: You may request a copy of your data in a structured, machine-readable format.
•       Right to object: You may object to processing based on legitimate interest at any time.
•       Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at support@vellora.info. We will respond to your request within 30 days. If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority.

  1. . Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, loss, or destruction. These measures include encrypted data transmission (SSL/TLS), secure hosting infrastructure, and limited access to personal data on a need-to-know basis.
However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your personal data, we cannot guarantee its absolute security.

  1. International Data Transfers

Your data is primarily processed within the European Economic Area. Where data is transferred to providers outside the EEA (e.g. Stripe in the United States), such transfers are safeguarded by Standard Contractual Clauses (SCCs) or other mechanisms approved by the European Commission to ensure an adequate level of data protection.

  1. Children´s Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a minor, we will take steps to delete it promptly.

  1. . Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on our website with the revised “Last updated” date. We encourage you to review this page periodically.

  1. Contact

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Vellora - AI Design Studio
Email: support@vellora.info

By using Vellora’s website and services, you acknowledge that you have read and understood this Privacy Policy.

Get in touch

Let's Connect

Have a project in mind? We'd love to hear from you. Reach out for collaborations or questions

Start a Project

© Vellora, 2026

ToS

Privacy

Get in touch

Let's Connect

Have a project in mind? We'd love to hear from you. Reach out for collaborations or questions

Start a Project

© Vellora, 2026

ToS

Privacy

Get in touch

Let's Connect

Have a project in mind? We'd love to hear from you. Reach out for collaborations or questions

Start a Project

© Vellora, 2026

ToS

Privacy