LEGAL
Last updated: March 1, 2026
Your process data is yours. We store it so you can access it across devices and sessions. We never share it, sell it, or use it to train AI models.
We collect standard usage analytics — pages viewed, features used — to understand how to improve the product. Your IP address appears in standard server security logs, as it does with every web service. We do not use IP addresses to identify your operations, track your processes, or profile your company.
You can export your data and delete your account at any time. The full policy is below.
Account information: Name, email address, and password when you register.
Process data: Value stream maps, kaizen boards, step data, and other content you create in VeSiMy. This data is private to your account.
Usage data: Log data including IP address, browser type, pages visited, and time spent. Used to improve the product.
Payment information: Handled entirely by Stripe. We never see or store your full card number.
We use your information to: provide and operate the VeSiMy service; send transactional emails (password reset, billing receipts); improve and develop the product; communicate product updates and new features; respond to support requests; comply with legal obligations.
We do not sell your personal data or process data to any third party, ever.
Your data is stored on Supabase-managed PostgreSQL infrastructure with encryption at rest. All data in transit is encrypted using TLS. We use Supabase Row Level Security to ensure users can only access their own data. We perform regular backups and have disaster recovery procedures in place.
We use essential cookies for authentication (keeping you logged in) and session management. We do not use advertising cookies or third-party tracking cookies. You can disable cookies in your browser but this will prevent you from logging in.
We use the following third-party services: Supabase (database and authentication), Stripe (payment processing), Vercel (hosting), Anthropic (AI features via Claude API — step names, timing data, and process classifications are sent to generate AI analysis; avoid including confidential identifiers in step names). Each of these providers has their own privacy policy.
You have the right to: access all data we hold about you; export your process data at any time from the dashboard; correct inaccurate personal information; delete your account and associated data; opt out of marketing emails (unsubscribe link in every email). To exercise any of these rights, email founder@vesimy.com.
We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days and your process data within 90 days. Some data may be retained longer for legal compliance purposes.
If you are in the European Union, you have additional rights under GDPR including the right to data portability and the right to lodge a complaint with a supervisory authority. Our legal basis for processing your data is contract performance (to provide the service you signed up for). Contact founder@vesimy.com for GDPR requests.
VeSiMy is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us personal data, contact us immediately.
We may update this Privacy Policy from time to time. We will notify you of significant changes via email. Continued use after changes constitutes acceptance.
For privacy questions or requests: founder@vesimy.com
VeSiMy Ltd, United Kingdom.