Privacy Policy
Last updated 2026-05-21
1. The short version
We collect the minimum information needed to run Vector Edge Alpha. We don't sell your data. We don't share it with advertisers. You can request a copy of your data or delete your account at any time.
2. What we collect
Account data. Your email address, and (if you sign in with Google) your name and profile picture.
Billing data. If you subscribe, Stripe handles your payment details. We never see your card number. We do see your billing email, the tier you're on, and your subscription state.
Usage data. Pages you visit, picks you view, and basic device metadata (IP address, browser, OS). We use this to make the product better and to detect abuse.
Communications. Emails you send us, and our responses.
3. How we use it
- To authenticate you and provide the service
- To process subscriptions and refunds
- To send transactional emails (magic links, billing receipts, alerts you opt into)
- To improve the model and the product
- To enforce these terms and prevent abuse
- To comply with the law
4. Who we share it with
We use a small set of sub-processors. Each is contractually bound to protect your data:
- Supabase — authentication and database
- Stripe — payment processing
- Amazon Web Services — hosting (App Runner, S3, CloudFront)
- Cloudflare — DNS
- Resend — transactional email delivery
- Google — only if you choose Google Sign-In
We share data with these vendors only to the extent needed to run the service. We don't sell, rent, or trade your data with anyone for advertising purposes.
We'll also share data when legally required (subpoena, court order) or to protect rights, safety, or property.
5. Cookies
We use a small number of first-party cookies for authentication (keeping you signed in) and for basic CSRF protection. We don't use third-party advertising cookies or cross-site tracking pixels.
6. How long we keep it
Active accounts: for as long as your account exists.
Closed accounts: we keep the minimum necessary for tax, accounting, and abuse-prevention purposes (typically up to 7 years), then delete or anonymize.
Logs: request and access logs are retained for up to 90 days.
7. Your rights
Wherever you live, you can ask us to:
- Show you a copy of the data we have about you
- Correct anything that's wrong
- Delete your account and the personal data tied to it
- Export your data in a portable format
- Opt out of marketing emails (we don't send many)
If you're in California, the EU, or the UK, you have additional rights under CCPA, GDPR, or UK GDPR. Email us and we'll honor them.
To exercise any of these rights, email support@vectoredgealpha.com.
8. Security
We use TLS for all traffic, encrypt data at rest, and store secrets in a dedicated secrets manager. We follow least-privilege access for employees and contractors. No system is perfectly secure — if we ever have a breach affecting your data, we'll notify you and the relevant authorities in line with applicable law.
9. Children
VEA is not for anyone under 18 (or the local legal age, whichever is higher). We don't knowingly collect data from minors. If you believe a minor has signed up, email us and we'll delete the account.
10. Changes
We'll post any updates to this policy here with a new "Last updated" date, and email you if the changes are material.
11. Contact
Questions about privacy? Email support@vectoredgealpha.com.