Compliance Summary
| Health Data Encryption | Zero-knowledge (client-side encrypted, server cannot read) |
| Data Sales | Never — subscription-only revenue model |
| Health Data in Ads | Never — health data is never used for advertising or shared with advertisers |
| CCPA/CPRA | Compliant — health data classified as SPI |
| PIPEDA/BC PIPA | Compliant — explicit consent for health data |
| FTC HBNR | Compliant — encrypted health data, no unauthorized sharing |
| WA MHMDA | Compliant — consent-based health data collection |
| Breach Response | 60-day notification (FTC), ASAP (PIPEDA) |
| Data Deletion | Immediate permanent deletion upon request |
| Third-Party Sharing | None for health data — ever |
Vela ("we," "us," or "our") operates the Vela mobile application and the website at veladate.app. This Privacy Policy explains what information we collect, how we use it, and what rights you have over your data.
We built Vela for people who deserve privacy more than most. We take that seriously.
1. Information we collect
Information you provide
- Account information: email address, phone number, display name (not your legal name), age
- Profile information: city, photos, biography, relationship intent, gender identity, sexual orientation, pronouns
- Health conditions: self-reported STD or chronic condition status (e.g., HSV-1, HSV-2, HPV, HIV+, Hepatitis B/C). This data is encrypted on your device before it reaches our servers. See Section 3 for full details.
- Photos: profile photos and optional private album photos you upload
- Face verification selfie: a selfie taken during sign-up to verify you are a real person. This photo is temporarily uploaded to secure storage for verification and permanently deleted immediately after the verification check completes, or after manual review if additional verification is required. It is not retained or used for any other purpose.
- Messages: text messages and photos you send in chat
- Location data: city name and approximate GPS coordinates (latitude/longitude) used for distance-based matching. We do not track your location in real time.
- Payment information: processed by our payment provider. We do not store your credit card number.
- Consent records: timestamps of your consent to this policy, health data handling, and terms of service
Information collected automatically
- Device information: device model, operating system version, app version
- Usage data: anonymized interaction data (screens viewed, features used) collected via our analytics provider. No health condition data is ever included in analytics events.
- Crash reports: error logs collected via our error monitoring service to help us fix bugs. No health condition data is ever included in crash reports.
- Push notification tokens: a device identifier used to deliver push notifications. Notification content does not include message text or health data.
Inferential health data: We recognize that your use of Vela may itself suggest information about your health status. We treat your account existence and all associated data with the same level of protection as explicitly provided health information.
Information we do NOT collect
- We do not collect or process your plaintext health conditions on our servers
- We do not use advertising SDKs or tracking pixels
- We do not collect browsing history, contacts, or data from other apps
- We do not use cookies in the mobile app
2. How we use your information
| Purpose |
Data used |
Legal basis |
| Create and manage your account |
Email, phone number, display name, age |
Contract performance |
| Verify your phone number via SMS (anti-bot) |
Phone number |
Legitimate interest (preventing fraudulent accounts) |
| Show your profile to potential matches |
Photos, bio, city, age, gender, relationship intent |
Contract performance |
| Match you with compatible people |
Location, preferences, intent (NOT health conditions) |
Contract performance |
| Enable messaging between matches |
Messages, photos |
Contract performance |
| Verify you are a real person |
Face verification selfie |
Legitimate interest (safety) |
| Moderate content for safety |
Messages, photos (AI-scanned for policy violations) |
Legitimate interest (safety) |
| Improve the app |
Anonymized usage data, crash reports |
Legitimate interest |
| Send push notifications |
Device push token (no message content or health data) |
Consent |
| Communicate with you |
Email (account notifications, support) |
Contract performance |
3. Health condition data and zero-knowledge encryption
Vela cannot read your health conditions. Your health data is encrypted on your device before it ever reaches our servers. We store only encrypted ciphertext that is unintelligible without your personal device key. Even if our servers were compromised, your health conditions would remain private.
Vela is not a healthcare provider. We do not diagnose, treat, or provide medical advice. Health condition data on Vela is entirely self-reported.
How encryption works
When you enter your health conditions during onboarding or profile editing:
- Your conditions are encrypted on your device using industry-standard authenticated encryption (xsalsa20-poly1305, via the tweetnacl library)
- A unique encryption key is generated for your device and stored in your phone's secure hardware keychain (iOS Keychain or Android Keystore). This key never leaves your device.
- Only the encrypted ciphertext is sent to and stored on our servers
- When you open the app, your device decrypts the data locally so you can view your own conditions
What this means for your privacy
- We cannot read your health conditions -- our servers store only encrypted data
- Our staff cannot access your health conditions -- even with full database access
- Health conditions are never used for matching -- matching is based on location, age, intent, and preferences only
- Health conditions are never sent to analytics or crash reporting services — we have audited our analytics and error monitoring providers to confirm zero health data leakage
- We never sell, share, or disclose your health condition data to third parties -- not to advertisers, data brokers, insurance companies, or anyone else
Sharing your health status
You may choose to share your health conditions with a match by granting them access through the app. When you do:
- Your conditions are decrypted locally on your device
- You are shown a confirmation dialog listing the conditions that will be shared
- Only after you explicitly confirm is the information stored as encrypted ciphertext in a dedicated access grant, with the decryption key delivered separately
- The shared information is visible only to you and that specific match
- You can revoke access at any time, which immediately removes the grant
- This is entirely voluntary. You are never required to share your health status with anyone.
- Important distinction: When you voluntarily share your health status with a match, the shared information is encrypted with a per-grant key using the same xsalsa20-poly1305 algorithm. The ciphertext is stored separately from the decryption key for defense in depth. While this provides strong encryption, it differs from the zero-knowledge model used for your stored conditions, as both the ciphertext and key reside on our infrastructure.
Key management
- Your encryption key is stored in your device's hardware-backed secure storage
- If you log out or delete your account, your encryption key is permanently erased from your device
- If you switch devices, you will need to re-enter your conditions (they are re-encrypted with a new key on the new device)
- There is no key recovery mechanism -- this is by design, to ensure maximum privacy
4. Sensitive personal information
Under the California Consumer Privacy Act (CCPA/CPRA), Washington My Health My Data Act (MHMDA), and other privacy laws, certain categories of data are considered "sensitive personal information" (SPI). Vela collects the following SPI:
| SPI category |
How we handle it |
| Health information |
Encrypted client-side; server stores only ciphertext; never used for advertising, analytics, or sharing with third parties |
| Sexual orientation |
Used only for matching preferences within the app; never shared with third parties |
| Precise geolocation |
Used only for distance-based matching; stored as coordinates on your profile; never shared with third parties or used for advertising |
| Biometric data (face verification) |
Used for identity verification at sign-up; temporarily uploaded to secure storage for verification and permanently deleted immediately after the verification check completes, or after manual review if additional verification is required; never retained |
You have the right to limit the use and disclosure of your sensitive personal information. To exercise this right, contact us at [email protected].
5. Photos and face verification
- Profile photos are stored in our database and shown to other users based on your privacy settings. All uploads are compressed to reduce file size.
- Private album photos are only visible to users you explicitly grant access to. You can revoke access at any time.
- Face verification selfies are temporarily uploaded to secure storage for verification and permanently deleted immediately after the verification check completes, or after manual review if additional verification is required. They are not retained or used for any other purpose. During the brief verification process, AI checks for liveness (ensuring you are a real person). Face verification photos are never shown to other users.
- Chat photos are stored for message history and are visible only to conversation participants.
6. AI features
We use AI for content moderation. Photos and messages may be scanned by AI to detect policy violations (harassment, illegal content, etc.). Moderation is automated and no human reviews your content unless a violation is flagged. Health condition data is never sent to AI moderation systems.
7. Third-party services
We use the following third-party services to operate Vela. None of these services receive your health condition data.
| Service |
Purpose |
Data shared |
Health data shared? |
| Cloud infrastructure provider |
Database, authentication, file storage |
Account data, profile data, encrypted health conditions (ciphertext only), photos, messages |
No (encrypted ciphertext only) |
| AI moderation service |
Content moderation |
Photos and text submitted for moderation review |
No |
| AI image generation service |
AI avatar generation |
Profile photos (for style transfer). Photos are sent to the processing service and generated results are downloaded to our servers immediately. Photos may be temporarily cached by the processing service for up to 60 seconds before automatic deletion. |
No |
| Analytics provider |
Product analytics |
Anonymized usage events (no health data, no PII beyond hashed user ID) |
No |
| Error monitoring service |
Error tracking and crash reporting |
Crash reports, device info, hashed user ID (no email or other PII) |
No |
| SMS delivery provider |
Phone number verification |
Phone number (one-time verification code during signup) |
No |
| Email delivery provider |
Transactional email delivery |
Email address (invitations, account notifications) |
No |
| Geolocation service |
City/location autocomplete |
Search query text, IP address |
No |
| Push notification services |
Push notification delivery |
Device push token |
No |
We do not sell your data. We do not share your data with advertisers. We do not use advertising SDKs, tracking pixels, or data brokers. Vela's revenue comes exclusively from subscription fees.
8. Data storage and security
- Your data is stored on secure cloud infrastructure hosted in the United States
- All data is encrypted in transit (TLS/SSL) and at rest (AES-256)
- Health condition data has an additional layer of client-side encryption (xsalsa20-poly1305) -- even if server-side encryption is compromised, health data remains protected
- Database access is protected by Row Level Security (RLS) policies -- users can only access their own data and data explicitly shared with them
- Chat messages are stored on our servers and are not end-to-end encrypted. While messages are protected by Row-Level Security (only conversation participants can access them) and TLS encryption in transit, they are stored in readable form on our infrastructure.
- Authentication uses one-time passwords (OTP) sent to your email -- we do not store passwords
- File storage enforces ownership policies -- users can only upload to and access their own storage folders
- File uploads are limited by size (10MB) and type (images only) to prevent abuse
- We conduct regular security audits of our database policies, access controls, and edge functions
- Android users are protected by screenshot blocking (FLAG_SECURE) to prevent unauthorized screen capture within the app
9. Data retention and deletion
Retention periods
| Data type |
Retention period |
| Profile data (name, bio, preferences) |
Duration of account; permanently deleted immediately upon account deletion |
| Health conditions (encrypted) |
Duration of account; encryption key cleared on logout/deletion |
| Profile photos |
Duration of account; permanently deleted immediately upon account deletion |
| Face verification photos |
Not retained; temporarily uploaded to secure storage for verification and permanently deleted immediately after the verification check completes, or after manual review if additional verification is required |
| Chat messages |
Duration of account; permanently deleted immediately upon account deletion |
| Analytics data |
Anonymized; retained per our analytics provider's retention policy |
| Crash reports |
90 days |
| Moderation logs |
Retained during your account lifetime for safety and compliance; deleted when your account is deleted |
Account deletion
You can delete your account at any time from the Settings screen in the app. Here is what happens:
- Immediately: your profile, personally identifiable information (name, email, bio), photos, messages, matches, likes, and all other associated data are permanently and irreversibly deleted from our systems.
- Encryption key erased: your encryption key is erased from your device, rendering any residual encrypted data permanently unreadable.
- Storage cleanup: all files you uploaded (profile photos, chat photos, face verification photos) are permanently deleted from storage.
- Authentication removed: your authentication record is deleted from our identity provider.
Reports filed against your account by other users may be retained for community safety purposes even after your account is deleted.
Account deletion is immediate and permanent. There is no recovery window. Once you confirm deletion, your data cannot be restored.
10. Your rights
All users
- Access: you can view all your data in the app (profile, messages, photos)
- Correction: you can edit your profile information at any time
- Deletion: you can delete your account from Settings
- Data export: you can request a copy of all your data by emailing [email protected]. We will provide your data in a machine-readable format within 30 days.
- Withdraw consent: you can withdraw consent for data collection by deleting your account
CCPA/CPRA (California residents)
If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:
- Right to know: you can request what personal information we have collected, the categories of sources, the business purpose for collection, and the categories of third parties with whom we share it
- Right to delete: you can request deletion of your personal information
- Right to correct: you can request correction of inaccurate personal information
- Right to opt out of sale or sharing: we do not sell or share your personal information for cross-context behavioral advertising. We never have and never will.
- Right to limit use of sensitive personal information: you can request that we limit the use of your SPI (health data, sexual orientation, precise geolocation, biometric data) to what is necessary to provide the service
- Right to non-discrimination: we will not discriminate against you for exercising any of these rights
To exercise your CCPA/CPRA rights, email [email protected] or use the in-app Settings. We will respond within 45 days. You may designate an authorized agent to make requests on your behalf.
In the preceding 12 months, we have not sold any personal information and have not shared personal information for cross-context behavioral advertising.
Washington My Health My Data Act (Washington residents)
If you are a Washington state resident, you have additional rights regarding your health data under the My Health My Data Act:
- Right to confirm and access: you can confirm whether we collect, share, or sell your consumer health data, and access that data
- Right to withdraw consent: you can withdraw your consent to the collection and sharing of your health data at any time
- Right to delete: you can request deletion of your consumer health data
- No sale of health data: we do not sell consumer health data and will never do so
Your health conditions are encrypted on your device. We store only encrypted ciphertext. When you delete your account or withdraw consent, the encryption key is destroyed, rendering any stored ciphertext permanently unreadable.
PIPEDA (Canadian residents)
If you are a Canadian resident, you have rights under the Personal Information Protection and Electronic Documents Act:
- Right to access: you can request access to your personal information held by Vela
- Right to correction: you can request correction of inaccurate or incomplete personal information
- Right to withdraw consent: you can withdraw consent for the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions
- Right to complaint: you can file a complaint with the Office of the Privacy Commissioner of Canada
We collect, use, and disclose your personal information only for purposes that a reasonable person would consider appropriate in the circumstances, and only with your consent. Your health condition data receives the highest level of protection through client-side encryption.
To exercise your rights under PIPEDA, contact us at [email protected]. We will respond within 30 days.
BC PIPA (British Columbia residents)
If you are a British Columbia resident, you have rights under the Personal Information Protection Act (PIPA), including the right to access, correct, and request deletion of your personal information. Contact us at [email protected] to exercise these rights.
GDPR (European Economic Area residents)
If you are located in the EEA, you have additional rights under the General Data Protection Regulation:
- Right to access, rectify, or erase your personal data
- Right to restrict or object to processing
- Right to data portability
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
Our legal bases for processing are: consent (you choose to create an account and share data), contract performance (operating the dating service you signed up for), and legitimate interest (safety, content moderation, and service improvement).
11. Data breach notification
In the event of a data breach that affects your personal information, we will:
- Notify affected users as promptly as possible, and in any event within the timeframes required by applicable law
- Notify relevant regulatory authorities as required (FTC, state attorneys general, Privacy Commissioner of Canada, or other applicable authorities)
- Describe what data was affected and what steps we are taking to address the breach
- Provide guidance on steps you can take to protect yourself
Important: Because your health conditions are encrypted with a key that exists only on your device and is never transmitted to our servers, a breach of our database would NOT expose your health condition data. The encrypted ciphertext is unintelligible without your personal device key.
12. Cookies
The Vela mobile app does not use cookies. Our website (veladate.app) may use minimal cookies for analytics purposes. You can disable cookies in your browser settings.
13. Children's privacy
Vela is strictly for users aged 18 and older. We do not knowingly collect information from anyone under 18. Age is self-reported during account creation. If we discover that a user is under 18, their account will be immediately terminated and their data deleted.
14. International data transfers
Vela's infrastructure is hosted in the United States. If you access Vela from outside the United States, your data will be transferred to and processed in the United States. By using Vela, you consent to this transfer. We ensure that your data is protected in accordance with this Privacy Policy regardless of where it is processed.
15. Do not sell or share my personal information
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We have never done so and have no plans to do so. Vela's revenue model is based exclusively on subscription fees, not advertising or data monetization.
If you are a California resident and wish to exercise your right to opt out, or if you have questions about our data practices, contact us at [email protected].
16. Law enforcement and legal requests
We are committed to protecting your privacy, including from government overreach. Our approach to law enforcement requests:
- Valid legal process required: We require a valid subpoena, court order, or warrant before disclosing any user data to law enforcement or government agencies. We do not voluntarily disclose user data.
- User notification: We will notify affected users of law enforcement requests unless we are legally prohibited from doing so (e.g., by a court-issued gag order).
- Health data cannot be produced: Your health conditions are encrypted with a key stored only on your device. We cannot decrypt this data and therefore cannot produce it in plaintext, even under compulsion by court order or warrant.
- Sensitive nature of account existence: We recognize that account existence on a health-focused dating platform may itself be considered sensitive information. We will advocate to limit disclosure scope and challenge overly broad requests.
17. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will post the updated Privacy Policy on this page and update the "Last updated" date. For significant changes, we will make reasonable efforts to notify you through the app or by email.
Your continued use of Vela after any changes constitutes acceptance of the updated policy. If you do not agree to the updated policy, you should stop using the Service and delete your account.
18. Contact us
If you have questions about this Privacy Policy, your data, or your rights, contact us: