Privacy Policy
Last updated: January 1, 2026
Veloflo LLC (“Veloflo,” “we,” “us,” or “our”) is committed to protecting the privacy of our customers and users. This Privacy Policy describes how we collect, use, disclose, and protect information when you visit our website at veloflo.com, use our cloud-based financial reporting platform, or otherwise interact with us (collectively, the “Service”).
By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you are using the Service on behalf of an organization, you are agreeing to this Privacy Policy on behalf of that organization.
1. Information We Collect
1.1 Information You Provide to Us
Account Information. When you create an account, we collect your name, email address, company name, job title, phone number, and billing information.
Financial Data. When you connect your ERP system (such as QuickBooks, NetSuite, or Xero) to the Service, we access and process financial data including general ledger transactions, chart of accounts data, account balances, journal entries, and related financial information (“Financial Data”). We access this data through authorized API integrations and OAuth-based authentication that you initiate and control.
Communications. When you contact us for support or otherwise communicate with us, we collect the content of those communications, including email addresses and any information you choose to provide.
Payment Information. When you purchase a subscription, payment information (such as credit card numbers) is collected and processed by our third-party payment processor. We do not store full payment card numbers on our systems.
1.2 Information Collected Automatically
Usage Data. We automatically collect information about how you interact with the Service, including pages visited, features used, actions taken, timestamps, and session duration.
Device and Browser Information. We collect device type, operating system, browser type and version, IP address, and general location (city/region level derived from IP address).
Cookies and Similar Technologies. We use cookies, local storage, and similar technologies to maintain your session, remember your preferences, and understand how the Service is used. See Section 6 for more information.
1.3 Information from Third Parties
ERP System Providers. When you authorize an integration, we receive financial data and account information from your ERP system provider as described above.
Analytics Providers. We may receive aggregated analytics data from third-party services we use to understand usage patterns.
2. How We Use Your Information
We use the information we collect for the following purposes:
| Purpose | Description |
|---|---|
| Provide the Service | Process and consolidate your financial data, generate reports, maintain your account, and deliver the features of the platform. |
| Billing and Payments | Process subscription payments, send invoices, and manage your billing relationship. |
| Customer Support | Respond to your requests, troubleshoot issues, and provide technical assistance. |
| Product Improvement | Analyze usage patterns and feedback to improve the Service, develop new features, and enhance user experience. |
| Aggregated Analytics | Create aggregated, anonymized, and de-identified datasets for benchmarking, analytics, and product development. Such data does not identify you or any individual. |
| Communications | Send transactional emails (account confirmations, billing notifications, security alerts) and, with your consent, product updates and marketing communications. |
| Security and Compliance | Detect and prevent fraud, unauthorized access, and other security threats. Comply with legal obligations and enforce our Terms of Service. |
3. How We Share Your Information
We do not sell your personal information or Financial Data. We share information only in the following circumstances:
Service Providers. We share information with third-party service providers who perform services on our behalf, such as cloud hosting, payment processing, analytics, email delivery, and customer support tools. These providers are contractually obligated to use your information only to provide services to us and in accordance with this Privacy Policy.
ERP System Providers. We exchange data with your connected ERP systems as necessary to provide the integration features of the Service, as authorized by you.
Professional Advisors. We may share information with our attorneys, accountants, auditors, and other professional advisors as necessary for legitimate business purposes.
Legal Requirements. We may disclose information if required to do so by law, regulation, legal process, or enforceable governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
Business Transfers. In connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website of any change in ownership or uses of your personal information.
With Your Consent. We may share your information with third parties when you have given us explicit consent to do so.
4. Data Security
We implement commercially reasonable administrative, technical, and physical safeguards designed to protect your information from unauthorized access, use, alteration, and disclosure. These measures include:
Encryption: Data is encrypted in transit using TLS 1.2 or higher and at rest using AES-256 encryption or equivalent.
Access Controls: Access to customer data is restricted to authorized personnel on a need-to-know basis and protected by multi-factor authentication.
Infrastructure: Our Service is hosted on industry-leading cloud infrastructure providers that maintain SOC 2 and ISO 27001 certifications.
Monitoring: We maintain logging and monitoring systems to detect and respond to security incidents.
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly notifying you of any confirmed security breach affecting your data.
5. Data Retention
We retain your information for as long as your account is active or as needed to provide the Service. After termination or expiration of your subscription:
Customer Data: We will retain your Financial Data and other customer data for thirty (30) days to allow for data export, after which it will be deleted in accordance with our standard data retention practices.
Account Information: We may retain basic account information (name, email, company name, billing history) for a reasonable period as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
Anonymized Data: Aggregated, anonymized, and de-identified data may be retained indefinitely, as it does not identify you or any individual.
6. Cookies and Tracking Technologies
We use cookies and similar technologies for the following purposes:
Essential Cookies: Required for the Service to function, including session management, authentication, and security. These cannot be disabled.
Analytics Cookies: Help us understand how users interact with the Service so we can improve it. We may use third-party analytics services such as Google Analytics or similar tools.
Preference Cookies: Remember your settings and preferences to provide a personalized experience.
We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.
7. Your Rights and Choices
7.1 Access and Portability
You may request a copy of the personal information we hold about you. For Financial Data, you may request an export in a standard machine-readable format as described in our Terms of Service.
7.2 Correction
You may update or correct your account information at any time by logging into your account or by contacting us.
7.3 Deletion
You may request deletion of your personal information by contacting us. We will comply with your request subject to any legal obligations that require us to retain certain information. Deletion of Financial Data is governed by Section 3.7 of our Terms of Service.
7.4 Marketing Communications
You may opt out of marketing communications at any time by clicking the “unsubscribe” link in any marketing email or by contacting us. Transactional communications (such as billing notifications and security alerts) are not subject to opt-out.
7.5 California Residents
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at hello@veloflo.com.
7.6 International Users
The Service is operated from the United States. If you are accessing the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. By using the Service, you consent to such transfer and processing.
8. Children’s Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information promptly.
9. Third-Party Links and Services
The Service may contain links to third-party websites or services that are not owned or controlled by Veloflo. We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party website or service that you visit.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting the updated policy on our website with a new effective date and, where appropriate, by sending you an email notification. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Veloflo LLC
2193 Fillmore Street
San Francisco, CA 94115
Email: hello@veloflo.com