1. Introduction
Venril ("we", "our", "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and the choices you have regarding your information. By using the Service, you agree to the practices described here.
2. Information We Collect
Information you provide directly:
- Account information: email address, display name, and password (stored hashed) when you register.
- Profile information: optional display name and avatar image.
- Project data: initiatives, tasks, comments, and other content you create within the Service.
- Payment information: processed directly by Stripe; we receive only a customer reference ID and subscription status — never card numbers.
- Communications: messages sent through our contact form.
Information collected automatically:
- Usage data: pages visited, features used, and actions taken within the Service.
- Technical data: IP address, browser type, device information, and timestamps.
- Cookies and local storage: used for session management and preference storage (e.g. dark mode).
3. How We Use Your Information
- To provide, maintain, and improve the Service.
- To authenticate your identity and manage your account.
- To process billing and subscription management via Stripe.
- To send transactional emails (account confirmation, password reset, team invitations).
- To respond to your support requests and contact form submissions.
- To detect and prevent fraud, abuse, and security incidents.
- To comply with legal obligations.
We do not sell your personal data to third parties.
4. Third-Party Services
We use the following third-party providers to operate the Service:
- Supabase — database, authentication, and file storage.
- Vercel — hosting and deployment.
- Stripe — payment processing. Governed by Stripe's Privacy Policy.
- Resend — transactional email delivery.
- GitHub — optional OAuth integration. Only connected at your explicit request. Governed by GitHub's Privacy Statement.
- AI providers — when you use AI-powered features (such as sprint planning suggestions or task auto-fill), content you have entered into the Service (such as item titles and descriptions) may be sent to third-party AI API providers. Content processed by AI features is subject to the privacy policies of the respective AI service providers.
5. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data at any time by contacting us. Certain records may be retained longer where required by law or for legitimate business purposes (e.g. billing records).
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: request a copy of the data we hold about you.
- Correction: request correction of inaccurate data.
- Deletion: request deletion of your account and personal data.
- Portability: request an export of your project data.
- Objection: object to certain uses of your data.
To exercise any of these rights, contact us through our contact page.
7. Security
We implement industry-standard security measures including encrypted data transmission (TLS), hashed passwords, encrypted OAuth tokens, and row-level security policies on our database. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.
8. Children's Privacy
The Service is not directed to children under 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected such data, we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice within the Service. The "last updated" date at the top of this page reflects the most recent revision.
10. Contact
If you have questions or concerns about this Privacy Policy, please contact us through our contact page.