Privacy Policy

Last updated · 14 May 2026 (added SMS Communications section) · Effective immediately

Contents

Who we are
What data we collect
Google Workspace integrations (HELM)
How we use your data
Who we share data with
Where data is stored and how we protect it
How long we keep your data
Your rights and how to exercise them
How to revoke HELM's access
Changes to this policy
SMS Communications
Contact

1. Who we are

Veloxe AI is an autonomous AI systems studio. We build production AI Employees — including HELM (personal executive AI), Vera (sales agent), the Sage suite (therapy AI), DeployX (infrastructure AI), and ViralStrike (content automation). This Privacy Policy covers all products at veloxe.ai and any subdomain we operate.

In this policy, "we", "us", or "Veloxe AI" refers to the operator. "You" refers to anyone who uses one of our products or visits our website. "HELM customer" specifically refers to a person who has connected their Google account to HELM via our onboarding flow.

2. What data we collect

Marketing site visitors

When you visit veloxe.ai or its product pages (HELM, Vera, Sage, etc.) without signing up:

Standard server logs (IP address, browser user-agent, requested URL, timestamp) for security and uptime.
Privacy-friendly analytics via Umami, which does NOT use third-party cookies and does NOT track you across sites.
Cloudflare-managed network telemetry for DDoS protection.

HELM customers (provisioned)

When you complete HELM onboarding by connecting your Google account, we additionally collect and store:

Your customer_id (a short identifier we assigned when you received your invite link, e.g. alex or taylor).
Your Google account email address as returned by Google's OpenID Connect.
A Google OAuth refresh token (encrypted at rest with AES-128 + HMAC-SHA256, key held on a private server we operate).
The most recent Google OAuth access token (short-lived, refreshed automatically).
The OAuth scopes you granted us.
Timestamps for record creation, last access, and last update.

HELM session telemetry

HELM voice session metadata (start time, duration, model used, tool calls fired) — used for cost tracking and debugging. We do NOT store voice audio.
Generated video metadata for the HELM Video tool (your prompt, the resulting video URL, cost, generation time). Videos are stored on a private Veloxe AI server and accessible by URL; we may delete them after 30 days.

What we do NOT collect

We do NOT store your Gmail message bodies, attachments, or thread history on our servers. When HELM reads recent Gmail, it queries Google's API in real time for that single response and does not write the message content to our database.
We do NOT store your Calendar events or attendees on our servers. Same pattern as Gmail — read on demand, return, do not persist.
We do NOT use your Google data to train AI models — neither ours nor any third party's.
We do NOT sell, rent, or share your data with advertisers or data brokers, ever.

3. Google Workspace integrations (HELM)

HELM uses the following Google OAuth scopes. These are the ONLY scopes we request, and we will never silently expand them. If we add a new capability that needs more scope, we will require you to re-consent.

OAuth scope	What HELM does with it
openid email profile	Identify which Google account you connected. Used solely to associate your HELM customer_id with your email address. We do NOT pull your profile photo or contact list.
https://www.googleapis.com/auth/gmail.readonly	Read recent inbox messages when you ask HELM to "check my email." Read-only — HELM cannot send, draft, delete, or modify any email with this scope.
https://www.googleapis.com/auth/gmail.compose	Create draft emails when you ask HELM to "draft an email to X" or "write a reply." Drafts go to your Gmail Drafts folder for your review and manual sending. HELM does NOT send email autonomously — every draft requires you to open Gmail, review, and click Send yourself.
https://www.googleapis.com/auth/calendar.events	Read events on your primary calendar (so HELM can answer "what's on my calendar today") and create new events when you ask HELM to schedule something. Limited to your primary calendar.

Google API Services User Data Policy compliance: Veloxe AI's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use your Google data for serving advertisements, do not sell it, do not transfer it to third parties except as needed to provide HELM features (which currently means Google itself, our private server, and the AI model providers we use to process your requests in real time without persisting the data).

4. How we use your data

For HELM customers specifically, we use your data only to:

Operate the product you signed up for. Read recent email when you ask. Read or create calendar events when you ask. Generate videos when you ask.
Maintain the connection. Refresh your Google access token when it expires (every ~1 hour) using the encrypted refresh token, so you don't have to re-authenticate constantly.
Track costs. Log how many tool calls and AI generations your account uses, for billing and rate-limiting purposes.
Debug failures. Server-side logs include error traces with your customer_id but NOT your email body content or full token strings.

We do NOT use your data to:

Train AI models
Build advertising profiles
Sell to data brokers
Cross-reference with other Veloxe AI products without your explicit consent

We share specific pieces of your data with these third-party processors, and only to the extent needed to deliver the feature you requested:

Google LLC — your OAuth access token is sent to Google's Gmail API and Calendar API for the queries you initiate via HELM. Governed by Google's privacy policy.
xAI (Grok) — when you use HELM voice, the audio + your conversation transcript flows through the xAI Realtime API. When you use the HELM video tool, your text prompt flows through the xAI Grok Imagine API. xAI's data handling is governed by their privacy policy. We do NOT include your Google data in prompts to xAI unless you explicitly asked HELM to summarize or act on it.
Cloudflare — provides DDoS protection and TLS termination for veloxe.ai. They see request metadata (IP, URL, timing) but not the content of your authenticated sessions.
Resend — used for transactional email (welcome, support replies). Receives your email address only when we email you directly.

We do NOT share your data with any other party. We have not been served any government data request as of the "Last updated" date above; we will surface the existence of any such request in this policy unless legally prohibited from doing so (warrant canary).

6. Where data is stored and how we protect it

HELM customer rows (customer_id, email, encrypted refresh token, access token, scopes, timestamps) live in a PostgreSQL database on a private server we operate, located in Custer County, South Dakota, USA. Database is not publicly accessible — only the Veloxe AI infrastructure (Sentinel) can reach it.
HELM tasks you ask the assistant to remember (task title, optional details, due date, status) live in a separate table in the same database, scoped to your customer_id. Foreign-key cascade ensures these are deleted automatically if you revoke your account.
HELM context items (key/value facts you asked HELM to "remember") live in another table in the same database, also scoped to your customer_id with cascade-on-revoke. These are NOT encrypted at rest — the threat model assumes you wouldn't store secrets in your AI assistant's memory. If you would, don't.
HELM video feedback (your thumbs up/down rating + any text notes you provide on a generated video, plus the prompt and video URL it referenced) live in a separate table for product improvement. Cascade-deleted with your customer row on revoke.
Refresh tokens are encrypted at rest using Fernet (AES-128-CBC with HMAC-SHA256 authentication). The encryption key is stored in an environment file readable only by the root user on our server. A database leak alone would NOT expose your refresh tokens — the attacker would need access to both the database AND the server's filesystem.
Generated videos are stored on a private Veloxe AI media server, accessible by URL only to those who have the URL. We may purge videos older than 30 days.
Server logs are kept for up to 30 days for debugging and security forensics, then rotated.
All connections from your browser to Veloxe AI services use TLS 1.3.

7. How long we keep your data

HELM customer row — kept until you revoke access (see section 9) or we close your account. We do NOT auto-delete inactive accounts.
HELM tasks + HELM context — kept until you revoke access (cascade-deleted with your customer row) OR until any per-item expiration timestamp you set. You can ask HELM to "forget X" to delete a specific context item at any time.
Generated videos — up to 30 days after generation, then deleted.
Server logs — up to 30 days, then rotated.
Cost ledger entries — kept indefinitely for billing reconciliation, but contain only customer_id + cost + timestamp, NOT the underlying prompts or content.

8. Your rights and how to exercise them

If you are a HELM customer, you have the right to:

Access the data we hold about you. Email [email protected] and we will provide a copy within 30 days.
Correct any inaccurate data we hold about you.
Delete your data — see section 9 for the self-serve revocation, or email us.
Export a portable copy of your data on request.
Object to specific processing — though note that revoking access generally means HELM stops working for you.
Lodge a complaint with your local data protection authority. We are based in the USA and operate primarily under US law, but we honor GDPR and CCPA equivalents on request.

9. How to revoke HELM's access

You have two equivalent ways to FULLY revoke HELM (deletes everything). To delete a SINGLE remembered item without revoking the whole account, just ask HELM in conversation: "forget [thing]" — it will call its forget tool and delete that specific entry from its memory.

To fully revoke:

Self-serve via Veloxe AI. Email [email protected] from the address connected to HELM and ask us to revoke. We will (a) call Google's token revocation endpoint with your refresh token, and (b) delete your row from our database, including any pending video job state. We will reply to confirm within 1 business day.
Direct via Google. Visit myaccount.google.com/permissions, find "HELM by Veloxe AI", and click Remove Access. This invalidates the refresh token immediately on Google's side. Email us afterward to also remove your row from our database.

Important: Revocation is irreversible from our side. To use HELM again afterward you would need a new invite link and would need to re-consent to all OAuth scopes through Google. Revocation does not affect any past videos generated for you that may have been downloaded outside Veloxe AI's systems.

10. Changes to this policy

We may update this policy when we add new products, integrations, or change how data flows. Material changes — especially anything that expands what data we collect or who we share it with — will be surfaced to active HELM customers via email at the address we have on file at least 14 days before taking effect. The "Last updated" date at the top of this page always reflects the current version.

Prior versions of this policy are kept in our internal archive and available on request via [email protected].

11. SMS Communications

By providing your phone number to Veloxe Ai through the HELM service, you consent to receive SMS messages from us related to your HELM account. This includes one-time verification codes during signup, sign-in alerts when a new device accesses your account, account recovery codes, and personal messages you instruct HELM to send on your behalf to contacts you specify (for example, “HELM, text my wife I'm running late”).

Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes, ever. All other categories of personal data may be shared as described in this Privacy Policy.

Message frequency varies based on your usage of HELM. Customers typically receive 1–3 messages per active session for verification and sign-in flows, plus the personal messages you explicitly direct HELM to send. We do not send unsolicited or marketing SMS.

Message and data rates may apply. Reply HELP for help. Reply STOP at any time to opt out of all SMS communications from HELM. After replying STOP, you will receive one final confirmation message and no further SMS until you opt back in by replying START.

All HELM-initiated SMS is sent via Twilio (a US-based licensed CPaaS provider). Carriers may retain transit metadata per their own policies; Veloxe Ai retains the message content, recipient number, and timestamp in helm_messages on krakendb (encrypted at rest) so HELM can show you what it sent on your behalf and so you can audit your own outbound communication.

12. Contact

Privacy questions, data requests, revocations: [email protected]
General contact: [email protected]
Operator: Veloxe AI
Mailing address available on request.