OVERVIEW
Veld is a team communication platform operated by WonderKiln, Inc. ("WonderKiln," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our native applications (macOS, iOS, Windows, Android), web dashboard, and related services (collectively, the "Service").
Veld is invite-only. You can only create an account when invited by an existing organization administrator. We do not offer open self-service registration.
SECTION_01
INFORMATION_WE_COLLECT
ACCOUNT_DATA
When you accept an invitation and create an account, we collect your name, email address, profile image (optional), and display preferences such as avatar gradient color. Authentication is handled via magic link — we do not collect or store passwords.
MESSAGES_AND_CONTENT
We store the messages, files, images, and other content you send through Veld. This includes message text, attachments (stored on S3-compatible infrastructure), reactions, link previews, and read receipts.
ORGANIZATION_DATA
Organization names, membership rosters, channel structures, roles, and invitation records are stored to operate multi-team workspaces.
DEVICE_AND_SESSION_DATA
We collect IP addresses, user agent strings, and session tokens for authentication and security. If you enable push notifications, we store device tokens (APNs for Apple devices, FCM for Android) and remove stale tokens when delivery fails.
USAGE_ANALYTICS
We record first-party analytics events (such as notification delivery status and feature usage) in our own database. We do not use third-party analytics, advertising SDKs, or tracking pixels.
BILLING_DATA
If your organization subscribes to a paid plan, payment information is collected and processed by Stripe. We store only your Stripe customer ID and subscription status — never your card number or bank details.
WAITLIST
If you join our waitlist, we collect your email address and referral source to notify you when access is available.
SECTION_02
HOW_WE_USE_YOUR_INFORMATION
We use the information we collect to:
- Operate, deliver, and maintain the Service
- Authenticate your identity and manage sessions
- Deliver messages, notifications, and push alerts in real time
- Send transactional emails (magic links, invitation emails, unread reminders)
- Process billing and manage subscriptions through Stripe
- Generate AI-powered conversation recaps when enabled by your organization
- Render link previews by fetching metadata from URLs shared in conversations
- Monitor service health and debug issues using internal analytics
- Improve the Service based on aggregated, non-identifying usage patterns
SECTION_03
AI_FEATURES
Veld offers optional AI-generated conversation recaps powered by Google Gemini. When this feature is enabled by an organization administrator, message content and channel context from the relevant time period is sent to Google's API to produce summaries.
Google processes this data under their API terms and does not use it to train their models. AI recaps are stored in our database for your team to reference. Organizations can choose not to use this feature.
SECTION_04
THIRD_PARTY_SERVICES
We rely on the following third-party service providers to operate Veld:
Each provider processes data only as necessary to provide their respective service and under their own privacy policies.
SECTION_05
DATA_RETENTION
We retain your account data and message history for as long as your organization's account is active. Messages and attachments persist until explicitly deleted by a user or organization administrator.
If an organization is deleted or an account is removed, associated data is permanently erased from our primary database. Backups containing that data are rotated and purged within 30 days.
Waitlist email addresses are retained until you are invited or request removal.
SECTION_06
DATA_SECURITY
We implement industry-standard safeguards to protect your data, including encrypted connections (TLS) for all data in transit, encrypted storage at rest for our database and file storage, and secure session management with httpOnly cookies and token-based authentication for native clients.
Veld is invite-only with no open registration, which limits the attack surface. Magic link authentication eliminates password-related vulnerabilities entirely.
While we take security seriously and follow best practices, no system is perfectly secure. If you discover a vulnerability, please contact us at [email protected].
SECTION_07
YOUR_RIGHTS
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Request deletion of your personal data
- Export your data in a portable format
- Object to or restrict certain processing
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
SECTION_08
CHILDRENS_PRIVACY
Veld is designed for use by businesses and teams. We do not knowingly collect information from anyone under the age of 16. If we learn that we have collected data from a child under 16, we will delete that data promptly.
SECTION_09
CHANGES_TO_THIS_POLICY
We may update this Privacy Policy from time to time. When we make material changes, we will notify active users via email or an in-app notice. The "Last Updated" date at the top of this page reflects the most recent revision.
SECTION_10
CONTACT
For questions about this Privacy Policy or your personal data, contact us:
WonderKiln, Inc.
Email: [email protected]