Vellora.

Privacy Policy

Effective June 12, 2026

Vellora ("we", "us") is a travel planning app available on iOS and at velloratravel.com. This policy explains what data we collect, why, and the choices you have. The short version: we collect what the product needs to work, we don't sell your data, and we don't track you across other apps or websites.

What we collect

• Account. Your email address, display name and a unique account ID, created when you sign up (including through Sign in with Apple).
• Your travel content. The trips, itineraries, saved places, lists, notes, checklists, budgets and documents you create or upload, and the people you invite to your trips.
• Forwarded booking emails. If you choose to forward a confirmation email to your private import address (trips@inbound.velloratravel.com), we process that email and its attachments to extract bookings (flights, stays, transport) for your review. We only ever process emails you forward to us.
• Purchases. Your subscription or Trip Pass status and purchase history, so we can unlock what you paid for. Payments are processed by Apple (on iOS) or Stripe (on the web); we never see or store your card number.
• Crash and error reports. Technical diagnostics (via Sentry) when something breaks, so we can fix it. These are not used to identify you.

What we don't collect

• Your location. The app can show your position on the trip map; those coordinates stay on your device and are not sent to our servers.
• Advertising data. There are no ads in Vellora, no data brokers, and no cross-app or cross-site tracking.

How we use your data

• To run the product: store your trips, sync them across your devices, and share them with people you invite.
• To generate planning content: when you use AI features (trip shaping, itineraries, guides, chat), the relevant trip context (destinations, dates, preferences, saved place names) is processed by our AI providers to produce your content. It is not used to train their models.
• To show place information: searches and place lookups are served through Google's Places services on our servers.
• To manage your plan or purchases, and to answer support requests.

Service providers

We use a small set of processors to operate Vellora: Supabase (database, authentication, file storage), Vercel (web hosting), Apple and Stripe (payments), RevenueCat (purchase management), Google (Maps and Places data, AI generation via Gemini), Sentry (crash reporting) and an email relay for the import feature. Each receives only what it needs to do its job.

Retention and deletion

Your content is kept while your account exists. You can delete your account at any time in the app (Account → Danger Zone → Delete account); this permanently removes your account and the content you own. Residual copies in encrypted backups expire on a rolling basis. Note that deleting your account does not cancel an active subscription — manage subscriptions through your Apple ID settings (iOS) or the billing portal (web).

Your rights

Depending on where you live (including under the LGPD and GDPR), you may have rights to access, correct, export or delete your personal data, and to object to certain processing. Most of these you can exercise directly in the app; for anything else, email us and we'll help.

Children

Vellora is not directed at children under 13 (or the equivalent minimum age in your country), and we don't knowingly collect their data.

Changes

If we change this policy in a meaningful way, we'll update this page and the effective date, and for significant changes we'll tell you in the app.

Contact

Questions or requests: support@velloratravel.com