Privacy Policy

Effective date: May 10, 2026

Plain English summary: Your detailed health log stays on your phone. Ask Vela and Daily Brief use an anonymized summary only: counts and averages, no notes, no custom-symptom names, no exact dates, no name, no email, and no advertising identifier. We use privacy-scoped product analytics with no advertising and no session recording. If you join the waitlist, we collect your email and nothing else.

Vela ("we", "our", "us", or "the app") is a perimenopause and menopause symptom tracking companion operated by Vela Health ("Vela Health"). This policy covers both the Vela iOS app and this website, velahealth.health.

1. Data We Collect

In the Vela app

The app stores the following information that you voluntarily enter:

Onboarding answers (menopause stage, concerns, goals, guidance preferences)
Daily logs: mood, energy, symptoms, severity ratings, sleep/stress/trigger context, free-text notes
Experiment progress (active and completed)
Ask Vela conversation history
Thumbs-up / thumbs-down feedback on patterns Vela detects

All of this is stored locally on your device only, in the app's sandboxed storage. We have no ability to read, access, copy, or recover it.

When Ask Vela uses a summary: when you use Ask Vela, the app sends an anonymized summary to Anthropic's Claude API via our own server to answer your question. The same kind of summary powers the optional Daily Brief if you turn it on. The summary contains aggregated counts and averages over the last 30 days, plus a per-day breakdown of the last week. It does not contain your free-text notes, the names of any custom symptoms you created, your exact dates, your name, email, or advertising identifier. You can review the exact disclosure in the app at Settings → Privacy & Data → "What Ask Vela sends."

On this website

If you submit your email on the waitlist form at velahealth.health, we collect:

Your email address
The time you submitted
Your browser's user agent string and referring URL (where you came from)
Your IP address

This information is stored on Netlify's infrastructure (our hosting provider) and is used only to notify you when Vela launches and to understand where our audience is coming from. We do not sell, rent, or share this information.

Community features (future)

The app includes a community feature that is currently offline (posts stored on-device only). When we enable the live community in the future:

Posts and replies you publish will be stored on Google Firebase servers
Published posts will be visible to other Vela users (but posted under anonymous aliases, not your real identity)
An anonymous user ID (not tied to your email or real name) will be associated with your posts so you can edit or delete them

We will update this policy and notify users before enabling live community features.

2. Data We Do NOT Collect

We do not collect your real name, phone number, address, or government ID
We do not use advertising networks or ad-tracking pixels (no Google Ads, Meta Pixel, etc.)
We do not collect advertising IDs (IDFA) or device fingerprints
We do not access your contacts, photos, location, calendar, or other device data
We do not sell data to anyone, ever

For the analytics we do use on this website (and only on this website), see Section 4 below.

3. In-App Purchases

Subscription purchases in the iOS app are processed entirely by Apple through the App Store. We use RevenueCat to manage subscription status. RevenueCat receives an anonymous app user ID and your Apple purchase receipt. No personal health data is shared.

4. Cookies and Analytics on This Website

The velahealth.health website uses two third-party services:

Google Fonts (fonts.googleapis.com) for the typography. May set cookies per Google's policy.
PostHog for product analytics, so we can see how many people visit, what they click, and where they come from. We have configured PostHog with: no autocapture, no session recording, identified-only profiles, and pageview/pageleave events only. PostHog sets a first-party cookie to count repeat visits. We do not link any analytics to your waitlist email.

The iOS app uses the same PostHog SDK (with autocapture and session recording disabled) and is wired to capture limited product events around onboarding completion, daily logging, paywall views, purchase status, and premium feature usage or failures. The only metadata sent with these events is small counts, booleans, plan names, trigger names, and status labels. No symptom names, no log contents, no Ask Vela questions or answers, no Apple Health values, and no notes are ever sent to PostHog. You can turn off product analytics entirely at any time from Settings → Privacy & Data → Product analytics. When the toggle is off, the SDK is not initialized and nothing is sent.

If you use the admin dashboard at /admin.html, your authentication token is stored in your browser's sessionStorage (cleared when you close the tab) and never sent to us.

5. Children's Privacy

Vela is not intended for children under 13. In accordance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, please contact us and we will delete it.

6. Your Rights (Under GDPR, CCPA, and Similar Laws)

Because health data is stored on your device, you always have full control over it. You can view, edit, or delete any entry from within the app, or delete everything at once by uninstalling.

For waitlist data collected on this website, you have the right to:

Access your data (we'll email you what we have)
Correct inaccurate data
Delete your data (we'll remove your email from the waitlist)
Object to processing or withdraw consent at any time
Portability: we'll send you a copy of your data in a common format

To exercise any of these rights, email support@velahealth.health. We respond within 30 days.

California residents have additional rights under the California Consumer Privacy Act (CCPA). EU/UK residents have rights under GDPR. We honor all applicable rights. The above list is not exhaustive.

7. Data Retention

App data: stored on your device until you delete it. We never have a copy.
Waitlist email: retained until you request deletion or until we send you a launch notification (whichever comes first). After launch, we may keep your email as a subscriber unless you unsubscribe.

8. Data Security

Waitlist data is stored in Netlify Blobs behind authentication. The admin export endpoint requires a secret token. We use HTTPS for all connections to this website. No system is perfectly secure; if we learn of a breach affecting your data, we will notify you as required by law.

9. International Users

Vela Health is based in the United States. If you access Vela from outside the U.S., be aware that waitlist data is stored in the United States. By using the website, you consent to this transfer.

10. Changes to This Policy

We may update this policy from time to time. The "Effective date" above reflects the most recent change. For material changes (e.g., enabling live community features), we will notify existing waitlist subscribers by email.

11. Contact

Questions, requests, or complaints? Contact us at support@velahealth.health.

Support page: velahealth.health/support.html.

Vela Health - velahealth.health